Search in sources :

Example 1 with GrantInfo

use of io.prestosql.spi.security.GrantInfo in project hetu-core by openlookeng.

the class MetadataManager method listTablePrivileges.

@Override
public List<GrantInfo> listTablePrivileges(Session session, QualifiedTablePrefix prefix) {
    requireNonNull(prefix, "prefix is null");
    Optional<CatalogMetadata> catalog = getOptionalCatalogMetadata(session, prefix.getCatalogName());
    ImmutableSet.Builder<GrantInfo> grantInfos = ImmutableSet.builder();
    if (catalog.isPresent()) {
        CatalogMetadata catalogMetadata = catalog.get();
        ConnectorSession connectorSession = session.toConnectorSession(catalogMetadata.getCatalogName());
        List<CatalogName> connectorIds = prefix.asQualifiedObjectName().map(qualifiedTableName -> singletonList(catalogMetadata.getConnectorId(session, qualifiedTableName))).orElseGet(catalogMetadata::listConnectorIds);
        for (CatalogName catalogName : connectorIds) {
            ConnectorMetadata metadata = catalogMetadata.getMetadataFor(catalogName);
            grantInfos.addAll(metadata.listTablePrivileges(connectorSession, prefix.asSchemaTablePrefix()));
        }
    }
    return ImmutableList.copyOf(grantInfos.build());
}
Also used : TableStatistics(io.prestosql.spi.statistics.TableStatistics) PartialAndFinalAggregationType(io.prestosql.spi.PartialAndFinalAggregationType) LongSupplier(java.util.function.LongSupplier) RoleGrant(io.prestosql.spi.security.RoleGrant) ConnectorVacuumTableHandle(io.prestosql.spi.connector.ConnectorVacuumTableHandle) LimitApplicationResult(io.prestosql.spi.connector.LimitApplicationResult) LESS_THAN(io.prestosql.spi.function.OperatorType.LESS_THAN) Collections.singletonList(java.util.Collections.singletonList) ConnectorDeleteAsInsertTableHandle(io.prestosql.spi.connector.ConnectorDeleteAsInsertTableHandle) ConnectorUpdateTableHandle(io.prestosql.spi.connector.ConnectorUpdateTableHandle) Map(java.util.Map) ENGLISH(java.util.Locale.ENGLISH) ConnectorTableLayoutHandle(io.prestosql.spi.connector.ConnectorTableLayoutHandle) EQUAL(io.prestosql.spi.function.OperatorType.EQUAL) ConstraintApplicationResult(io.prestosql.spi.connector.ConstraintApplicationResult) SystemTable(io.prestosql.spi.connector.SystemTable) GrantInfo(io.prestosql.spi.security.GrantInfo) TableStatisticsMetadata(io.prestosql.spi.statistics.TableStatisticsMetadata) Set(java.util.Set) GuardedBy(javax.annotation.concurrent.GuardedBy) Privilege(io.prestosql.spi.security.Privilege) BETWEEN(io.prestosql.spi.function.OperatorType.BETWEEN) LESS_THAN_OR_EQUAL(io.prestosql.spi.function.OperatorType.LESS_THAN_OR_EQUAL) SchemaTablePrefix(io.prestosql.spi.connector.SchemaTablePrefix) Joiner(com.google.common.base.Joiner) Slice(io.airlift.slice.Slice) TypeSignatureProvider(io.prestosql.sql.analyzer.TypeSignatureProvider) TransactionManager(io.prestosql.transaction.TransactionManager) ProjectionApplicationResult(io.prestosql.spi.connector.ProjectionApplicationResult) TypeNotFoundException(io.prestosql.spi.type.TypeNotFoundException) ComputedStatistics(io.prestosql.spi.statistics.ComputedStatistics) QualifiedObjectName(io.prestosql.spi.connector.QualifiedObjectName) ArrayList(java.util.ArrayList) GREATER_THAN_OR_EQUAL(io.prestosql.spi.function.OperatorType.GREATER_THAN_OR_EQUAL) LinkedHashMap(java.util.LinkedHashMap) OptionalLong(java.util.OptionalLong) Session(io.prestosql.Session) ConnectorPartitioningHandle(io.prestosql.spi.connector.ConnectorPartitioningHandle) ImmutableSet.toImmutableSet(com.google.common.collect.ImmutableSet.toImmutableSet) CatalogSchemaName(io.prestosql.spi.connector.CatalogSchemaName) LinkedHashSet(java.util.LinkedHashSet) ConnectorOutputTableHandle(io.prestosql.spi.connector.ConnectorOutputTableHandle) TypeSignatureProvider.fromTypes(io.prestosql.sql.analyzer.TypeSignatureProvider.fromTypes) ConnectorTableMetadata(io.prestosql.spi.connector.ConnectorTableMetadata) MetadataUtil.toSchemaTableName(io.prestosql.metadata.MetadataUtil.toSchemaTableName) PartitioningHandle(io.prestosql.sql.planner.PartitioningHandle) ColumnHandle(io.prestosql.spi.connector.ColumnHandle) PrestoPrincipal(io.prestosql.spi.security.PrestoPrincipal) SYNTAX_ERROR(io.prestosql.spi.StandardErrorCode.SYNTAX_ERROR) ConnectorMetadata(io.prestosql.spi.connector.ConnectorMetadata) DataCenterConnectorManager(io.prestosql.connector.DataCenterConnectorManager) Kryo(com.esotericsoftware.kryo.Kryo) MetadataUtil.convertFromSchemaTableName(io.prestosql.metadata.MetadataUtil.convertFromSchemaTableName) Preconditions.checkArgument(com.google.common.base.Preconditions.checkArgument) HashMultimap(com.google.common.collect.HashMultimap) ConnectorSession(io.prestosql.spi.connector.ConnectorSession) ConnectorTableProperties(io.prestosql.spi.connector.ConnectorTableProperties) Locale(java.util.Locale) OperatorType(io.prestosql.spi.function.OperatorType) Type(io.prestosql.spi.type.Type) SqlFunction(io.prestosql.spi.function.SqlFunction) ConnectorTableLayoutResult(io.prestosql.spi.connector.ConnectorTableLayoutResult) Constraint(io.prestosql.spi.connector.Constraint) PrestoException(io.prestosql.spi.PrestoException) ImmutableSet(com.google.common.collect.ImmutableSet) ImmutableMap(com.google.common.collect.ImmutableMap) Collection(java.util.Collection) CatalogName(io.prestosql.spi.connector.CatalogName) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) ConnectorResolvedIndex(io.prestosql.spi.connector.ConnectorResolvedIndex) SampleType(io.prestosql.spi.connector.SampleType) String.format(java.lang.String.format) Preconditions.checkState(com.google.common.base.Preconditions.checkState) List(java.util.List) Entry(java.util.Map.Entry) ConnectorTransactionHandle(io.prestosql.spi.connector.ConnectorTransactionHandle) Optional(java.util.Optional) NOT_SUPPORTED(io.prestosql.spi.StandardErrorCode.NOT_SUPPORTED) ConnectorExpression(io.prestosql.spi.expression.ConnectorExpression) TypeSignature(io.prestosql.spi.type.TypeSignature) HASH_CODE(io.prestosql.spi.function.OperatorType.HASH_CODE) ConnectorCapabilities(io.prestosql.spi.connector.ConnectorCapabilities) ConnectorOutputMetadata(io.prestosql.spi.connector.ConnectorOutputMetadata) NOT_EQUAL(io.prestosql.spi.function.OperatorType.NOT_EQUAL) ConnectorViewDefinition(io.prestosql.spi.connector.ConnectorViewDefinition) HashMap(java.util.HashMap) Multimap(com.google.common.collect.Multimap) NOT_FOUND(io.prestosql.spi.StandardErrorCode.NOT_FOUND) TableHandle(io.prestosql.spi.metadata.TableHandle) ConcurrentMap(java.util.concurrent.ConcurrentMap) Inject(javax.inject.Inject) SchemaTableName(io.prestosql.spi.connector.SchemaTableName) ImmutableList(com.google.common.collect.ImmutableList) Verify.verify(com.google.common.base.Verify.verify) ViewColumn(io.prestosql.spi.connector.ConnectorViewDefinition.ViewColumn) Objects.requireNonNull(java.util.Objects.requireNonNull) GREATER_THAN(io.prestosql.spi.function.OperatorType.GREATER_THAN) QueryId(io.prestosql.spi.QueryId) InMemoryTransactionManager.createTestTransactionManager(io.prestosql.transaction.InMemoryTransactionManager.createTestTransactionManager) ColumnMetadata(io.prestosql.spi.connector.ColumnMetadata) ConnectorTableHandle(io.prestosql.spi.connector.ConnectorTableHandle) TupleDomain(io.prestosql.spi.predicate.TupleDomain) ConnectorTableLayout(io.prestosql.spi.connector.ConnectorTableLayout) INVALID_VIEW(io.prestosql.spi.StandardErrorCode.INVALID_VIEW) Provider(com.google.inject.Provider) FeaturesConfig(io.prestosql.sql.analyzer.FeaturesConfig) VisibleForTesting(com.google.common.annotations.VisibleForTesting) ConnectorInsertTableHandle(io.prestosql.spi.connector.ConnectorInsertTableHandle) ImmutableSet.toImmutableSet(com.google.common.collect.ImmutableSet.toImmutableSet) ImmutableSet(com.google.common.collect.ImmutableSet) ConnectorSession(io.prestosql.spi.connector.ConnectorSession) CatalogName(io.prestosql.spi.connector.CatalogName) ConnectorMetadata(io.prestosql.spi.connector.ConnectorMetadata) GrantInfo(io.prestosql.spi.security.GrantInfo)

Example 2 with GrantInfo

use of io.prestosql.spi.security.GrantInfo in project hetu-core by openlookeng.

the class SqlStandardAccessControlMetadata method buildGrants.

private List<GrantInfo> buildGrants(SchemaTableName tableName, HivePrincipal principal) {
    ImmutableList.Builder<GrantInfo> result = ImmutableList.builder();
    Set<HivePrivilegeInfo> hivePrivileges = metastore.listTablePrivileges(tableName.getSchemaName(), tableName.getTableName(), principal);
    for (HivePrivilegeInfo hivePrivilege : hivePrivileges) {
        Set<PrivilegeInfo> prestoPrivileges = hivePrivilege.toPrivilegeInfo();
        for (PrivilegeInfo prestoPrivilege : prestoPrivileges) {
            GrantInfo grant = new GrantInfo(prestoPrivilege, hivePrivilege.getGrantee().toPrestoPrincipal(), tableName, Optional.of(hivePrivilege.getGrantor().toPrestoPrincipal()), Optional.empty());
            result.add(grant);
        }
    }
    return result.build();
}
Also used : HivePrivilegeInfo(io.prestosql.plugin.hive.metastore.HivePrivilegeInfo) ImmutableList(com.google.common.collect.ImmutableList) GrantInfo(io.prestosql.spi.security.GrantInfo) PrivilegeInfo(io.prestosql.spi.security.PrivilegeInfo) HivePrivilegeInfo(io.prestosql.plugin.hive.metastore.HivePrivilegeInfo)

Example 3 with GrantInfo

use of io.prestosql.spi.security.GrantInfo in project boostkit-bigdata by kunpengcompute.

the class SqlStandardAccessControlMetadata method listTablePrivileges.

@Override
public List<GrantInfo> listTablePrivileges(ConnectorSession session, List<SchemaTableName> tableNames) {
    Set<HivePrincipal> principals = listEnabledPrincipals(metastore, session.getIdentity()).collect(toImmutableSet());
    boolean isAdminRoleSet = hasAdminRole(principals);
    ImmutableList.Builder<GrantInfo> result = ImmutableList.builder();
    for (SchemaTableName tableName : tableNames) {
        if (isAdminRoleSet) {
            result.addAll(buildGrants(tableName, null));
        } else {
            for (HivePrincipal grantee : principals) {
                result.addAll(buildGrants(tableName, grantee));
            }
        }
    }
    return result.build();
}
Also used : HivePrincipal(io.prestosql.plugin.hive.metastore.HivePrincipal) ImmutableList(com.google.common.collect.ImmutableList) GrantInfo(io.prestosql.spi.security.GrantInfo) SchemaTableName(io.prestosql.spi.connector.SchemaTableName)

Example 4 with GrantInfo

use of io.prestosql.spi.security.GrantInfo in project hetu-core by openlookeng.

the class SqlStandardAccessControlMetadata method listTablePrivileges.

@Override
public List<GrantInfo> listTablePrivileges(ConnectorSession session, List<SchemaTableName> tableNames) {
    Set<HivePrincipal> principals = listEnabledPrincipals(metastore, session.getIdentity()).collect(toImmutableSet());
    boolean isAdminRoleSet = hasAdminRole(principals);
    ImmutableList.Builder<GrantInfo> result = ImmutableList.builder();
    for (SchemaTableName tableName : tableNames) {
        if (isAdminRoleSet) {
            result.addAll(buildGrants(tableName, null));
        } else {
            for (HivePrincipal grantee : principals) {
                result.addAll(buildGrants(tableName, grantee));
            }
        }
    }
    return result.build();
}
Also used : HivePrincipal(io.prestosql.plugin.hive.metastore.HivePrincipal) ImmutableList(com.google.common.collect.ImmutableList) GrantInfo(io.prestosql.spi.security.GrantInfo) SchemaTableName(io.prestosql.spi.connector.SchemaTableName)

Example 5 with GrantInfo

use of io.prestosql.spi.security.GrantInfo in project boostkit-bigdata by kunpengcompute.

the class SqlStandardAccessControlMetadata method buildGrants.

private List<GrantInfo> buildGrants(SchemaTableName tableName, HivePrincipal principal) {
    ImmutableList.Builder<GrantInfo> result = ImmutableList.builder();
    Set<HivePrivilegeInfo> hivePrivileges = metastore.listTablePrivileges(tableName.getSchemaName(), tableName.getTableName(), principal);
    for (HivePrivilegeInfo hivePrivilege : hivePrivileges) {
        Set<PrivilegeInfo> prestoPrivileges = hivePrivilege.toPrivilegeInfo();
        for (PrivilegeInfo prestoPrivilege : prestoPrivileges) {
            GrantInfo grant = new GrantInfo(prestoPrivilege, hivePrivilege.getGrantee().toPrestoPrincipal(), tableName, Optional.of(hivePrivilege.getGrantor().toPrestoPrincipal()), Optional.empty());
            result.add(grant);
        }
    }
    return result.build();
}
Also used : HivePrivilegeInfo(io.prestosql.plugin.hive.metastore.HivePrivilegeInfo) ImmutableList(com.google.common.collect.ImmutableList) GrantInfo(io.prestosql.spi.security.GrantInfo) PrivilegeInfo(io.prestosql.spi.security.PrivilegeInfo) HivePrivilegeInfo(io.prestosql.plugin.hive.metastore.HivePrivilegeInfo)

Aggregations

ImmutableList (com.google.common.collect.ImmutableList)5 GrantInfo (io.prestosql.spi.security.GrantInfo)5 SchemaTableName (io.prestosql.spi.connector.SchemaTableName)3 HivePrincipal (io.prestosql.plugin.hive.metastore.HivePrincipal)2 HivePrivilegeInfo (io.prestosql.plugin.hive.metastore.HivePrivilegeInfo)2 Kryo (com.esotericsoftware.kryo.Kryo)1 VisibleForTesting (com.google.common.annotations.VisibleForTesting)1 Joiner (com.google.common.base.Joiner)1 Preconditions.checkArgument (com.google.common.base.Preconditions.checkArgument)1 Preconditions.checkState (com.google.common.base.Preconditions.checkState)1 Verify.verify (com.google.common.base.Verify.verify)1 HashMultimap (com.google.common.collect.HashMultimap)1 ImmutableMap (com.google.common.collect.ImmutableMap)1 ImmutableSet (com.google.common.collect.ImmutableSet)1 ImmutableSet.toImmutableSet (com.google.common.collect.ImmutableSet.toImmutableSet)1 Multimap (com.google.common.collect.Multimap)1 Provider (com.google.inject.Provider)1 Slice (io.airlift.slice.Slice)1 Session (io.prestosql.Session)1 DataCenterConnectorManager (io.prestosql.connector.DataCenterConnectorManager)1