Examples with PrestoPrincipal com.facebook.presto.spi.security.PrestoPrincipal used on opensource projects

Search in sources :

Example 16 with PrestoPrincipal

use of com.facebook.presto.spi.security.PrestoPrincipal in project presto by prestodb.

the class ThriftMetastoreUtil method parsePrivilege.

public static Set<HivePrivilegeInfo> parsePrivilege(PrivilegeGrantInfo userGrant, Optional<PrestoPrincipal> grantee) {
    boolean withGrantOption = userGrant.isGrantOption();
    String name = userGrant.getPrivilege().toUpperCase(ENGLISH);
    PrestoPrincipal grantor = new PrestoPrincipal(fromMetastoreApiPrincipalType(userGrant.getGrantorType()), userGrant.getGrantor());
    switch(name) {
        case "ALL":
            return Arrays.stream(HivePrivilegeInfo.HivePrivilege.values()).map(hivePrivilege -> new HivePrivilegeInfo(hivePrivilege, withGrantOption, grantor, grantee.orElse(grantor))).collect(toImmutableSet());
        case "SELECT":
            return ImmutableSet.of(new HivePrivilegeInfo(SELECT, withGrantOption, grantor, grantee.orElse(grantor)));
        case "INSERT":
            return ImmutableSet.of(new HivePrivilegeInfo(INSERT, withGrantOption, grantor, grantee.orElse(grantor)));
        case "UPDATE":
            return ImmutableSet.of(new HivePrivilegeInfo(UPDATE, withGrantOption, grantor, grantee.orElse(grantor)));
        case "DELETE":
            return ImmutableSet.of(new HivePrivilegeInfo(DELETE, withGrantOption, grantor, grantee.orElse(grantor)));
        case "OWNERSHIP":
            return ImmutableSet.of(new HivePrivilegeInfo(OWNERSHIP, withGrantOption, grantor, grantee.orElse(grantor)));
        default:
            throw new IllegalArgumentException("Unsupported privilege name: " + name);
    }
}
Also used : Arrays(java.util.Arrays) PartitionWithStatistics(com.facebook.presto.hive.metastore.PartitionWithStatistics) PrestoPrincipal(com.facebook.presto.spi.security.PrestoPrincipal) MetastoreContext(com.facebook.presto.hive.metastore.MetastoreContext) MetastoreUtil.fromMetastoreDistinctValuesCount(com.facebook.presto.hive.metastore.MetastoreUtil.fromMetastoreDistinctValuesCount) SerDeInfo(org.apache.hadoop.hive.metastore.api.SerDeInfo) EXTERNAL_TABLE(com.facebook.presto.hive.metastore.PrestoTableType.EXTERNAL_TABLE) MATERIALIZED_VIEW(com.facebook.presto.hive.metastore.PrestoTableType.MATERIALIZED_VIEW) HiveColumnStatistics.createDoubleColumnStatistics(com.facebook.presto.hive.metastore.HiveColumnStatistics.createDoubleColumnStatistics) BigDecimal(java.math.BigDecimal) BooleanColumnStatsData(org.apache.hadoop.hive.metastore.api.BooleanColumnStatsData) Math.round(java.lang.Math.round) Map(java.util.Map) DoubleColumnStatsData(org.apache.hadoop.hive.metastore.api.DoubleColumnStatsData) BigInteger(java.math.BigInteger) ENGLISH(java.util.Locale.ENGLISH) EnumSet(java.util.EnumSet) DecimalColumnStatsData(org.apache.hadoop.hive.metastore.api.DecimalColumnStatsData) PartitionMutator(com.facebook.presto.hive.PartitionMutator) StorageFormat(com.facebook.presto.hive.metastore.StorageFormat) HIVE_INVALID_METADATA(com.facebook.presto.hive.HiveErrorCode.HIVE_INVALID_METADATA) ColumnStatisticsData.decimalStats(org.apache.hadoop.hive.metastore.api.ColumnStatisticsData.decimalStats) PrincipalPrivileges(com.facebook.presto.hive.metastore.PrincipalPrivileges) Set(java.util.Set) SemiTransactionalHiveMetastore(com.facebook.presto.hive.metastore.SemiTransactionalHiveMetastore) SELECT(com.facebook.presto.hive.metastore.HivePrivilegeInfo.HivePrivilege.SELECT) ColumnConverter(com.facebook.presto.hive.ColumnConverter) ROLE(com.facebook.presto.spi.security.PrincipalType.ROLE) Stream(java.util.stream.Stream) HiveColumnStatistics.createBinaryColumnStatistics(com.facebook.presto.hive.metastore.HiveColumnStatistics.createBinaryColumnStatistics) Date(org.apache.hadoop.hive.metastore.api.Date) HivePrivilegeInfo(com.facebook.presto.hive.metastore.HivePrivilegeInfo) Table(com.facebook.presto.hive.metastore.Table) Database(com.facebook.presto.hive.metastore.Database) HiveColumnStatistics(com.facebook.presto.hive.metastore.HiveColumnStatistics) OptionalLong(java.util.OptionalLong) MetastoreUtil(com.facebook.presto.hive.metastore.MetastoreUtil) CSV(com.facebook.presto.hive.HiveStorageFormat.CSV) ImmutableSet.toImmutableSet(com.google.common.collect.ImmutableSet.toImmutableSet) DELETE(com.facebook.presto.hive.metastore.HivePrivilegeInfo.HivePrivilege.DELETE) LongColumnStatsData(org.apache.hadoop.hive.metastore.api.LongColumnStatsData) PrincipalPrivilegeSet(org.apache.hadoop.hive.metastore.api.PrincipalPrivilegeSet) PrivilegeGrantInfo(org.apache.hadoop.hive.metastore.api.PrivilegeGrantInfo) Nullable(javax.annotation.Nullable) INSERT(com.facebook.presto.hive.metastore.HivePrivilegeInfo.HivePrivilege.INSERT) ColumnStatisticsData.binaryStats(org.apache.hadoop.hive.metastore.api.ColumnStatisticsData.binaryStats) AbstractIterator(com.google.common.collect.AbstractIterator) PrincipalType(com.facebook.presto.spi.security.PrincipalType) PRESTO_MATERIALIZED_VIEW_FLAG(com.facebook.presto.hive.metastore.MetastoreUtil.PRESTO_MATERIALIZED_VIEW_FLAG) StringColumnStatsData(org.apache.hadoop.hive.metastore.api.StringColumnStatsData) Strings.emptyToNull(com.google.common.base.Strings.emptyToNull) ColumnStatisticsData.longStats(org.apache.hadoop.hive.metastore.api.ColumnStatisticsData.longStats) DateColumnStatsData(org.apache.hadoop.hive.metastore.api.DateColumnStatsData) TableType(org.apache.hadoop.hive.metastore.TableType) HiveColumnStatistics.createDecimalColumnStatistics(com.facebook.presto.hive.metastore.HiveColumnStatistics.createDecimalColumnStatistics) ArrayDeque(java.util.ArrayDeque) HiveColumnStatistics.createDateColumnStatistics(com.facebook.presto.hive.metastore.HiveColumnStatistics.createDateColumnStatistics) ColumnStatisticsData.stringStats(org.apache.hadoop.hive.metastore.api.ColumnStatisticsData.stringStats) ColumnStatisticsData.booleanStats(org.apache.hadoop.hive.metastore.api.ColumnStatisticsData.booleanStats) RolePrincipalGrant(org.apache.hadoop.hive.metastore.api.RolePrincipalGrant) ByteBuffer(java.nio.ByteBuffer) Preconditions.checkArgument(com.google.common.base.Preconditions.checkArgument) Locale(java.util.Locale) ColumnStatisticsData.doubleStats(org.apache.hadoop.hive.metastore.api.ColumnStatisticsData.doubleStats) MANAGED_TABLE(com.facebook.presto.hive.metastore.PrestoTableType.MANAGED_TABLE) AVRO(com.facebook.presto.hive.HiveStorageFormat.AVRO) PrimitiveTypeInfo(org.apache.hadoop.hive.serde2.typeinfo.PrimitiveTypeInfo) StorageDescriptor(org.apache.hadoop.hive.metastore.api.StorageDescriptor) ImmutableSet(com.google.common.collect.ImmutableSet) ImmutableMap(com.google.common.collect.ImmutableMap) Predicate(java.util.function.Predicate) ColumnStatisticsObj(org.apache.hadoop.hive.metastore.api.ColumnStatisticsObj) Collection(java.util.Collection) Decimal(org.apache.hadoop.hive.metastore.api.Decimal) Order(org.apache.hadoop.hive.metastore.api.Order) Streams(com.google.common.collect.Streams) String.format(java.lang.String.format) Preconditions.checkState(com.google.common.base.Preconditions.checkState) List(java.util.List) PrestoTableType(com.facebook.presto.hive.metastore.PrestoTableType) RoleGrant(com.facebook.presto.spi.security.RoleGrant) LocalDate(java.time.LocalDate) Optional(java.util.Optional) HiveColumnStatistics.createBooleanColumnStatistics(com.facebook.presto.hive.metastore.HiveColumnStatistics.createBooleanColumnStatistics) OTHER(com.facebook.presto.hive.metastore.PrestoTableType.OTHER) Queue(java.util.Queue) HiveColumnStatistics.createIntegerColumnStatistics(com.facebook.presto.hive.metastore.HiveColumnStatistics.createIntegerColumnStatistics) Strings.nullToEmpty(com.google.common.base.Strings.nullToEmpty) Column(com.facebook.presto.hive.metastore.Column) HiveType(com.facebook.presto.hive.HiveType) OptionalDouble(java.util.OptionalDouble) Shorts(com.google.common.primitives.Shorts) PrestoException(com.facebook.presto.spi.PrestoException) Function(java.util.function.Function) Partition(com.facebook.presto.hive.metastore.Partition) OWNERSHIP(com.facebook.presto.hive.metastore.HivePrivilegeInfo.HivePrivilege.OWNERSHIP) HashSet(java.util.HashSet) ColumnStatisticsData.dateStats(org.apache.hadoop.hive.metastore.api.ColumnStatisticsData.dateStats) BinaryColumnStatsData(org.apache.hadoop.hive.metastore.api.BinaryColumnStatsData) Objects.requireNonNull(java.util.Objects.requireNonNull) USER(com.facebook.presto.spi.security.PrincipalType.USER) SelectedRole(com.facebook.presto.spi.security.SelectedRole) Storage(com.facebook.presto.hive.metastore.Storage) HiveColumnStatistics.createStringColumnStatistics(com.facebook.presto.hive.metastore.HiveColumnStatistics.createStringColumnStatistics) UPDATE(com.facebook.presto.hive.metastore.HivePrivilegeInfo.HivePrivilege.UPDATE) PRIMITIVE(org.apache.hadoop.hive.serde2.objectinspector.ObjectInspector.Category.PRIMITIVE) VIRTUAL_VIEW(com.facebook.presto.hive.metastore.PrestoTableType.VIRTUAL_VIEW) ConnectorIdentity(com.facebook.presto.spi.security.ConnectorIdentity) TypeInfo(org.apache.hadoop.hive.serde2.typeinfo.TypeInfo) FieldSchema(org.apache.hadoop.hive.metastore.api.FieldSchema) Collectors.toList(java.util.stream.Collectors.toList) AVRO_SCHEMA_URL_KEY(com.facebook.presto.hive.metastore.MetastoreUtil.AVRO_SCHEMA_URL_KEY) HiveBucketProperty(com.facebook.presto.hive.HiveBucketProperty) HivePrivilegeInfo(com.facebook.presto.hive.metastore.HivePrivilegeInfo) PrestoPrincipal(com.facebook.presto.spi.security.PrestoPrincipal)

Example 17 with PrestoPrincipal

use of com.facebook.presto.spi.security.PrestoPrincipal in project presto by prestodb.

the class ThriftHiveMetastore method listTablePrivileges.

@Override
public Set<HivePrivilegeInfo> listTablePrivileges(MetastoreContext metastoreContext, String databaseName, String tableName, PrestoPrincipal principal) {
    try {
        return retry().stopOnIllegalExceptions().run("getListPrivileges", stats.getListPrivileges().wrap(() -> getMetastoreClientThenCall(metastoreContext, client -> {
            Table table = client.getTable(databaseName, tableName);
            ImmutableSet.Builder<HivePrivilegeInfo> privileges = ImmutableSet.builder();
            List<HiveObjectPrivilege> hiveObjectPrivilegeList;
            // principal can be null when we want to list all privileges for admins
            if (principal == null) {
                hiveObjectPrivilegeList = client.listPrivileges(null, null, new HiveObjectRef(TABLE, databaseName, tableName, null, null));
            } else {
                if (principal.getType() == USER && table.getOwner().equals(principal.getName())) {
                    privileges.add(new HivePrivilegeInfo(OWNERSHIP, true, principal, principal));
                }
                hiveObjectPrivilegeList = client.listPrivileges(principal.getName(), fromPrestoPrincipalType(principal.getType()), new HiveObjectRef(TABLE, databaseName, tableName, null, null));
            }
            for (HiveObjectPrivilege hiveObjectPrivilege : hiveObjectPrivilegeList) {
                PrestoPrincipal grantee = new PrestoPrincipal(fromMetastoreApiPrincipalType(hiveObjectPrivilege.getPrincipalType()), hiveObjectPrivilege.getPrincipalName());
                privileges.addAll(parsePrivilege(hiveObjectPrivilege.getGrantInfo(), Optional.of(grantee)));
            }
            return privileges.build();
        })));
    } catch (TException e) {
        throw new PrestoException(HIVE_METASTORE_ERROR, e);
    } catch (Exception e) {
        throw propagate(e);
    }
}
Also used : TException(org.apache.thrift.TException) HivePrivilegeInfo(com.facebook.presto.hive.metastore.HivePrivilegeInfo) HiveObjectPrivilege(org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege) Table(org.apache.hadoop.hive.metastore.api.Table) ThriftMetastoreUtil.fromMetastoreApiTable(com.facebook.presto.hive.metastore.thrift.ThriftMetastoreUtil.fromMetastoreApiTable) ImmutableSet(com.google.common.collect.ImmutableSet) HiveObjectRef(org.apache.hadoop.hive.metastore.api.HiveObjectRef) PrestoException(com.facebook.presto.spi.PrestoException) PrestoPrincipal(com.facebook.presto.spi.security.PrestoPrincipal) SchemaAlreadyExistsException(com.facebook.presto.hive.SchemaAlreadyExistsException) AlreadyExistsException(org.apache.hadoop.hive.metastore.api.AlreadyExistsException) TableAlreadyExistsException(com.facebook.presto.hive.TableAlreadyExistsException) InvalidInputException(org.apache.hadoop.hive.metastore.api.InvalidInputException) InvalidOperationException(org.apache.hadoop.hive.metastore.api.InvalidOperationException) UnknownDBException(org.apache.hadoop.hive.metastore.api.UnknownDBException) TException(org.apache.thrift.TException) NoSuchObjectException(org.apache.hadoop.hive.metastore.api.NoSuchObjectException) MetaException(org.apache.hadoop.hive.metastore.api.MetaException) PartitionNotFoundException(com.facebook.presto.hive.PartitionNotFoundException) SchemaNotFoundException(com.facebook.presto.spi.SchemaNotFoundException) HiveViewNotSupportedException(com.facebook.presto.hive.HiveViewNotSupportedException) PrestoException(com.facebook.presto.spi.PrestoException) UnknownTableException(org.apache.hadoop.hive.metastore.api.UnknownTableException) InvalidObjectException(org.apache.hadoop.hive.metastore.api.InvalidObjectException) TableNotFoundException(com.facebook.presto.spi.TableNotFoundException)

Example 18 with PrestoPrincipal

use of com.facebook.presto.spi.security.PrestoPrincipal in project presto by prestodb.

the class ThriftMetastoreUtil method listEnabledRoles.

public static Stream<String> listEnabledRoles(ConnectorIdentity identity, Function<PrestoPrincipal, Set<RoleGrant>> listRoleGrants) {
    Optional<SelectedRole> role = identity.getRole();
    if (role.isPresent() && role.get().getType() == SelectedRole.Type.NONE) {
        return Stream.of(PUBLIC_ROLE_NAME);
    }
    PrestoPrincipal principal;
    if (!role.isPresent() || role.get().getType() == SelectedRole.Type.ALL) {
        principal = new PrestoPrincipal(USER, identity.getUser());
    } else {
        principal = new PrestoPrincipal(ROLE, role.get().getRole().get());
    }
    Stream<String> roles = Stream.of(PUBLIC_ROLE_NAME);
    if (principal.getType() == ROLE) {
        roles = Stream.concat(roles, Stream.of(principal.getName()));
    }
    return Stream.concat(roles, listApplicableRoles(principal, listRoleGrants).map(RoleGrant::getRoleName).filter(Predicate.isEqual(ADMIN_ROLE_NAME).negate()));
}
Also used : RoleGrant(com.facebook.presto.spi.security.RoleGrant) SelectedRole(com.facebook.presto.spi.security.SelectedRole) PrestoPrincipal(com.facebook.presto.spi.security.PrestoPrincipal)

Example 19 with PrestoPrincipal

use of com.facebook.presto.spi.security.PrestoPrincipal in project presto by prestodb.

the class FileHiveMetastore method removeNonExistingRoles.

private static Set<RoleGrant> removeNonExistingRoles(Set<RoleGrant> grants, Set<String> existingRoles) {
    ImmutableSet.Builder<RoleGrant> result = ImmutableSet.builder();
    for (RoleGrant grant : grants) {
        if (!existingRoles.contains(grant.getRoleName())) {
            continue;
        }
        PrestoPrincipal grantee = grant.getGrantee();
        if (grantee.getType() == ROLE && !existingRoles.contains(grantee.getName())) {
            continue;
        }
        result.add(grant);
    }
    return result.build();
}
Also used : RoleGrant(com.facebook.presto.spi.security.RoleGrant) ImmutableSet(com.google.common.collect.ImmutableSet) PrestoPrincipal(com.facebook.presto.spi.security.PrestoPrincipal)

Example 20 with PrestoPrincipal

use of com.facebook.presto.spi.security.PrestoPrincipal in project presto by prestodb.

the class SemiTransactionalHiveMetastore method listTablePrivileges.

public synchronized Set<HivePrivilegeInfo> listTablePrivileges(MetastoreContext metastoreContext, String databaseName, String tableName, PrestoPrincipal principal) {
    checkReadable();
    SchemaTableName schemaTableName = new SchemaTableName(databaseName, tableName);
    Action<TableAndMore> tableAction = tableActions.get(schemaTableName);
    if (tableAction == null) {
        return delegate.listTablePrivileges(metastoreContext, databaseName, tableName, principal);
    }
    switch(tableAction.getType()) {
        case ADD:
        case ALTER:
            {
                if (principal.getType() == PrincipalType.ROLE) {
                    return ImmutableSet.of();
                }
                if (!principal.getName().equals(tableAction.getData().getTable().getOwner())) {
                    return ImmutableSet.of();
                }
                Collection<HivePrivilegeInfo> privileges = tableAction.getData().getPrincipalPrivileges().getUserPrivileges().get(principal.getName());
                return ImmutableSet.<HivePrivilegeInfo>builder().addAll(privileges).add(new HivePrivilegeInfo(OWNERSHIP, true, new PrestoPrincipal(USER, principal.getName()), new PrestoPrincipal(USER, principal.getName()))).build();
            }
        case INSERT_EXISTING:
            return delegate.listTablePrivileges(metastoreContext, databaseName, tableName, principal);
        case DROP:
            throw new TableNotFoundException(schemaTableName);
        default:
            throw new IllegalStateException("Unknown action type");
    }
}
Also used : TableNotFoundException(com.facebook.presto.spi.TableNotFoundException) Collection(java.util.Collection) SchemaTableName(com.facebook.presto.spi.SchemaTableName) PrestoPrincipal(com.facebook.presto.spi.security.PrestoPrincipal)

Aggregations

PrestoPrincipal (com.facebook.presto.spi.security.PrestoPrincipal)23 RoleGrant (com.facebook.presto.spi.security.RoleGrant)11 MetastoreContext (com.facebook.presto.hive.metastore.MetastoreContext)10 PrestoException (com.facebook.presto.spi.PrestoException)9 ImmutableSet (com.google.common.collect.ImmutableSet)9 USER (com.facebook.presto.spi.security.PrincipalType.USER)8 Optional (java.util.Optional)8 HivePrivilegeInfo (com.facebook.presto.hive.metastore.HivePrivilegeInfo)7 ImmutableMap (com.google.common.collect.ImmutableMap)7 Collection (java.util.Collection)7 Set (java.util.Set)7 Column (com.facebook.presto.hive.metastore.Column)6 SchemaTableName (com.facebook.presto.spi.SchemaTableName)6 Database (com.facebook.presto.hive.metastore.Database)5 HiveColumnStatistics (com.facebook.presto.hive.metastore.HiveColumnStatistics)5 SemiTransactionalHiveMetastore (com.facebook.presto.hive.metastore.SemiTransactionalHiveMetastore)5 ImmutableList.toImmutableList (com.google.common.collect.ImmutableList.toImmutableList)5 HashSet (java.util.HashSet)5 Table (com.facebook.presto.hive.metastore.Table)4 TableNotFoundException (com.facebook.presto.spi.TableNotFoundException)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial