Search in sources :

Example 1 with HivePrivilegeInfo

use of io.trino.plugin.hive.metastore.HivePrivilegeInfo in project trino by trinodb.

the class FileHiveMetastore method listTablePrivileges.

@Override
public synchronized Set<HivePrivilegeInfo> listTablePrivileges(String databaseName, String tableName, Optional<String> tableOwner, Optional<HivePrincipal> principal) {
    Table table = getRequiredTable(databaseName, tableName);
    Path permissionsDirectory = getPermissionsDirectory(table);
    if (principal.isEmpty()) {
        Builder<HivePrivilegeInfo> privileges = ImmutableSet.<HivePrivilegeInfo>builder().addAll(readAllPermissions(permissionsDirectory));
        tableOwner.ifPresent(owner -> privileges.add(new HivePrivilegeInfo(OWNERSHIP, true, new HivePrincipal(USER, owner), new HivePrincipal(USER, owner))));
        return privileges.build();
    }
    ImmutableSet.Builder<HivePrivilegeInfo> result = ImmutableSet.builder();
    if (principal.get().getType() == USER && table.getOwner().orElseThrow().equals(principal.get().getName())) {
        result.add(new HivePrivilegeInfo(OWNERSHIP, true, principal.get(), principal.get()));
    }
    result.addAll(readPermissionsFile(getPermissionsPath(permissionsDirectory, principal.get())));
    return result.build();
}
Also used : Path(org.apache.hadoop.fs.Path) HivePrivilegeInfo(io.trino.plugin.hive.metastore.HivePrivilegeInfo) Table(io.trino.plugin.hive.metastore.Table) HiveUtil.isIcebergTable(io.trino.plugin.hive.util.HiveUtil.isIcebergTable) ImmutableSet.toImmutableSet(com.google.common.collect.ImmutableSet.toImmutableSet) ImmutableSet(com.google.common.collect.ImmutableSet) HivePrincipal(io.trino.plugin.hive.metastore.HivePrincipal)

Example 2 with HivePrivilegeInfo

use of io.trino.plugin.hive.metastore.HivePrivilegeInfo in project trino by trinodb.

the class FileHiveMetastore method setTablePrivileges.

private synchronized void setTablePrivileges(HivePrincipal grantee, String databaseName, String tableName, Collection<HivePrivilegeInfo> privileges) {
    requireNonNull(grantee, "grantee is null");
    requireNonNull(databaseName, "databaseName is null");
    requireNonNull(tableName, "tableName is null");
    requireNonNull(privileges, "privileges is null");
    try {
        Table table = getRequiredTable(databaseName, tableName);
        Path permissionsDirectory = getPermissionsDirectory(table);
        boolean created = metadataFileSystem.mkdirs(permissionsDirectory);
        if (!created && !metadataFileSystem.isDirectory(permissionsDirectory)) {
            throw new TrinoException(HIVE_METASTORE_ERROR, "Could not create permissions directory");
        }
        Path permissionFilePath = getPermissionsPath(permissionsDirectory, grantee);
        List<PermissionMetadata> permissions = privileges.stream().map(hivePrivilegeInfo -> new PermissionMetadata(hivePrivilegeInfo.getHivePrivilege(), hivePrivilegeInfo.isGrantOption(), grantee)).collect(toList());
        writeFile("permissions", permissionFilePath, permissionsCodec, permissions, true);
    } catch (IOException e) {
        throw new TrinoException(HIVE_METASTORE_ERROR, e);
    }
}
Also used : Path(org.apache.hadoop.fs.Path) ThriftMetastoreUtil.updateStatisticsParameters(io.trino.plugin.hive.metastore.thrift.ThriftMetastoreUtil.updateStatisticsParameters) Arrays(java.util.Arrays) FileSystem(org.apache.hadoop.fs.FileSystem) USER(io.trino.spi.security.PrincipalType.USER) FileStatus(org.apache.hadoop.fs.FileStatus) ColumnStatisticType(io.trino.spi.statistics.ColumnStatisticType) NOT_SUPPORTED(io.trino.spi.StandardErrorCode.NOT_SUPPORTED) DATABASE(io.trino.plugin.hive.metastore.file.FileHiveMetastore.SchemaType.DATABASE) TableNotFoundException(io.trino.spi.connector.TableNotFoundException) Column(io.trino.plugin.hive.metastore.Column) Map(java.util.Map) PartitionWithStatistics(io.trino.plugin.hive.metastore.PartitionWithStatistics) FSDataInputStream(org.apache.hadoop.fs.FSDataInputStream) EnumSet(java.util.EnumSet) TABLE_COMMENT(io.trino.plugin.hive.HiveMetadata.TABLE_COMMENT) AcidTransaction(io.trino.plugin.hive.acid.AcidTransaction) HdfsEnvironment(io.trino.plugin.hive.HdfsEnvironment) Table(io.trino.plugin.hive.metastore.Table) ConnectorIdentity(io.trino.spi.security.ConnectorIdentity) ImmutableList.toImmutableList(com.google.common.collect.ImmutableList.toImmutableList) Set(java.util.Set) ThreadSafe(javax.annotation.concurrent.ThreadSafe) GuardedBy(javax.annotation.concurrent.GuardedBy) MANAGED_TABLE(org.apache.hadoop.hive.metastore.TableType.MANAGED_TABLE) SchemaTableName(io.trino.spi.connector.SchemaTableName) ImmutableMap.toImmutableMap(com.google.common.collect.ImmutableMap.toImmutableMap) OWNERSHIP(io.trino.plugin.hive.metastore.HivePrivilegeInfo.HivePrivilege.OWNERSHIP) HdfsConfig(io.trino.plugin.hive.HdfsConfig) ByteStreams(com.google.common.io.ByteStreams) HdfsConfigurationInitializer(io.trino.plugin.hive.HdfsConfigurationInitializer) Partition(io.trino.plugin.hive.metastore.Partition) MoreObjects.toStringHelper(com.google.common.base.MoreObjects.toStringHelper) PartitionStatistics(io.trino.plugin.hive.PartitionStatistics) HivePrincipal(io.trino.plugin.hive.metastore.HivePrincipal) PartitionNotFoundException(io.trino.plugin.hive.PartitionNotFoundException) ColumnNotFoundException(io.trino.spi.connector.ColumnNotFoundException) ArrayList(java.util.ArrayList) LinkedHashMap(java.util.LinkedHashMap) HiveType(io.trino.plugin.hive.HiveType) ThriftMetastoreUtil(io.trino.plugin.hive.metastore.thrift.ThriftMetastoreUtil) HiveMetastore(io.trino.plugin.hive.metastore.HiveMetastore) NodeVersion(io.trino.plugin.hive.NodeVersion) SchemaAlreadyExistsException(io.trino.plugin.hive.SchemaAlreadyExistsException) ImmutableSet.toImmutableSet(com.google.common.collect.ImmutableSet.toImmutableSet) LinkedHashSet(java.util.LinkedHashSet) HiveUtil.isIcebergTable(io.trino.plugin.hive.util.HiveUtil.isIcebergTable) SPARK_TABLE_PROVIDER_KEY(io.trino.plugin.hive.util.HiveUtil.SPARK_TABLE_PROVIDER_KEY) IOException(java.io.IOException) HdfsConfiguration(io.trino.plugin.hive.HdfsConfiguration) RoleGrant(io.trino.spi.security.RoleGrant) File(java.io.File) TableType(org.apache.hadoop.hive.metastore.TableType) ArrayDeque(java.util.ArrayDeque) HivePrivilege(io.trino.plugin.hive.metastore.HivePrivilegeInfo.HivePrivilege) HivePartitionManager.extractPartitionValues(io.trino.plugin.hive.HivePartitionManager.extractPartitionValues) ThriftMetastoreUtil.getHiveBasicStatistics(io.trino.plugin.hive.metastore.thrift.ThriftMetastoreUtil.getHiveBasicStatistics) MetastoreUtil.makePartitionName(io.trino.plugin.hive.metastore.MetastoreUtil.makePartitionName) HiveUtil.toPartitionValues(io.trino.plugin.hive.util.HiveUtil.toPartitionValues) EXTERNAL_TABLE(org.apache.hadoop.hive.metastore.TableType.EXTERNAL_TABLE) Database(io.trino.plugin.hive.metastore.Database) SchemaNotFoundException(io.trino.spi.connector.SchemaNotFoundException) NoHdfsAuthentication(io.trino.plugin.hive.authentication.NoHdfsAuthentication) Preconditions.checkArgument(com.google.common.base.Preconditions.checkArgument) MATERIALIZED_VIEW(org.apache.hadoop.hive.metastore.TableType.MATERIALIZED_VIEW) Locale(java.util.Locale) ALREADY_EXISTS(io.trino.spi.StandardErrorCode.ALREADY_EXISTS) Path(org.apache.hadoop.fs.Path) HiveHdfsConfiguration(io.trino.plugin.hive.HiveHdfsConfiguration) Collectors.toSet(java.util.stream.Collectors.toSet) HiveBasicStatistics(io.trino.plugin.hive.HiveBasicStatistics) ImmutableSet(com.google.common.collect.ImmutableSet) ImmutableMap(com.google.common.collect.ImmutableMap) Predicate(java.util.function.Predicate) Collection(java.util.Collection) TableAlreadyExistsException(io.trino.plugin.hive.TableAlreadyExistsException) TrinoException(io.trino.spi.TrinoException) Collectors(java.util.stream.Collectors) Sets(com.google.common.collect.Sets) String.format(java.lang.String.format) Objects(java.util.Objects) HdfsContext(io.trino.plugin.hive.HdfsEnvironment.HdfsContext) List(java.util.List) PARTITION(io.trino.plugin.hive.metastore.file.FileHiveMetastore.SchemaType.PARTITION) Entry(java.util.Map.Entry) Optional(java.util.Optional) HivePrivilegeInfo(io.trino.plugin.hive.metastore.HivePrivilegeInfo) FileUtils.unescapePathName(org.apache.hadoop.hive.common.FileUtils.unescapePathName) JsonCodec(io.airlift.json.JsonCodec) VERSION_COMPATIBILITY_CONFIG(io.trino.plugin.hive.metastore.file.FileHiveMetastoreConfig.VERSION_COMPATIBILITY_CONFIG) MetastoreConfig(io.trino.plugin.hive.metastore.MetastoreConfig) Type(io.trino.spi.type.Type) HashMap(java.util.HashMap) Function(java.util.function.Function) HashSet(java.util.HashSet) Builder(com.google.common.collect.ImmutableSet.Builder) HiveColumnStatistics(io.trino.plugin.hive.metastore.HiveColumnStatistics) ImmutableList(com.google.common.collect.ImmutableList) HIVE_METASTORE_ERROR(io.trino.plugin.hive.HiveErrorCode.HIVE_METASTORE_ERROR) UNSAFE_ASSUME_COMPATIBILITY(io.trino.plugin.hive.metastore.file.FileHiveMetastoreConfig.VersionCompatibility.UNSAFE_ASSUME_COMPATIBILITY) Objects.requireNonNull(java.util.Objects.requireNonNull) VIRTUAL_VIEW(org.apache.hadoop.hive.metastore.TableType.VIRTUAL_VIEW) VersionCompatibility(io.trino.plugin.hive.metastore.file.FileHiveMetastoreConfig.VersionCompatibility) OutputStream(java.io.OutputStream) DELTA_LAKE_PROVIDER(io.trino.plugin.hive.util.HiveUtil.DELTA_LAKE_PROVIDER) TupleDomain(io.trino.spi.predicate.TupleDomain) ROLE(io.trino.spi.security.PrincipalType.ROLE) Collectors.toList(java.util.stream.Collectors.toList) MetastoreUtil.verifyCanDropColumn(io.trino.plugin.hive.metastore.MetastoreUtil.verifyCanDropColumn) TABLE(io.trino.plugin.hive.metastore.file.FileHiveMetastore.SchemaType.TABLE) VisibleForTesting(com.google.common.annotations.VisibleForTesting) PrincipalPrivileges(io.trino.plugin.hive.metastore.PrincipalPrivileges) Table(io.trino.plugin.hive.metastore.Table) HiveUtil.isIcebergTable(io.trino.plugin.hive.util.HiveUtil.isIcebergTable) TrinoException(io.trino.spi.TrinoException) IOException(java.io.IOException)

Example 3 with HivePrivilegeInfo

use of io.trino.plugin.hive.metastore.HivePrivilegeInfo in project trino by trinodb.

the class ThriftMetastoreUtil method parsePrivilege.

public static Set<HivePrivilegeInfo> parsePrivilege(PrivilegeGrantInfo userGrant, Optional<HivePrincipal> grantee) {
    boolean grantOption = userGrant.isGrantOption();
    String name = userGrant.getPrivilege().toUpperCase(ENGLISH);
    HivePrincipal grantor = new HivePrincipal(fromMetastoreApiPrincipalType(userGrant.getGrantorType()), userGrant.getGrantor());
    switch(name) {
        case "ALL":
            return Arrays.stream(HivePrivilegeInfo.HivePrivilege.values()).map(hivePrivilege -> new HivePrivilegeInfo(hivePrivilege, grantOption, grantor, grantee.orElse(grantor))).collect(toImmutableSet());
        case "SELECT":
            return ImmutableSet.of(new HivePrivilegeInfo(SELECT, grantOption, grantor, grantee.orElse(grantor)));
        case "INSERT":
            return ImmutableSet.of(new HivePrivilegeInfo(INSERT, grantOption, grantor, grantee.orElse(grantor)));
        case "UPDATE":
            return ImmutableSet.of(new HivePrivilegeInfo(UPDATE, grantOption, grantor, grantee.orElse(grantor)));
        case "DELETE":
            return ImmutableSet.of(new HivePrivilegeInfo(DELETE, grantOption, grantor, grantee.orElse(grantor)));
        case "OWNERSHIP":
            return ImmutableSet.of(new HivePrivilegeInfo(OWNERSHIP, grantOption, grantor, grantee.orElse(grantor)));
        default:
            throw new IllegalArgumentException("Unsupported privilege name: " + name);
    }
}
Also used : Arrays(java.util.Arrays) USER(io.trino.spi.security.PrincipalType.USER) HiveColumnStatistics.createDecimalColumnStatistics(io.trino.plugin.hive.metastore.HiveColumnStatistics.createDecimalColumnStatistics) NUMBER_OF_DISTINCT_VALUES(io.trino.spi.statistics.ColumnStatisticType.NUMBER_OF_DISTINCT_VALUES) SerDeInfo(org.apache.hadoop.hive.metastore.api.SerDeInfo) ColumnStatisticType(io.trino.spi.statistics.ColumnStatisticType) BigDecimal(java.math.BigDecimal) HiveColumnStatistics.createDateColumnStatistics(io.trino.plugin.hive.metastore.HiveColumnStatistics.createDateColumnStatistics) Column(io.trino.plugin.hive.metastore.Column) BooleanColumnStatsData(org.apache.hadoop.hive.metastore.api.BooleanColumnStatsData) Math.round(java.lang.Math.round) Map(java.util.Map) DoubleColumnStatsData(org.apache.hadoop.hive.metastore.api.DoubleColumnStatsData) BigInteger(java.math.BigInteger) PartitionWithStatistics(io.trino.plugin.hive.metastore.PartitionWithStatistics) ENGLISH(java.util.Locale.ENGLISH) SMALLINT(io.trino.spi.type.SmallintType.SMALLINT) UPDATE(io.trino.plugin.hive.metastore.HivePrivilegeInfo.HivePrivilege.UPDATE) Longs(com.google.common.primitives.Longs) DecimalColumnStatsData(org.apache.hadoop.hive.metastore.api.DecimalColumnStatsData) Table(io.trino.plugin.hive.metastore.Table) ConnectorIdentity(io.trino.spi.security.ConnectorIdentity) ColumnStatisticsData.decimalStats(org.apache.hadoop.hive.metastore.api.ColumnStatisticsData.decimalStats) ImmutableList.toImmutableList(com.google.common.collect.ImmutableList.toImmutableList) Set(java.util.Set) Stream(java.util.stream.Stream) TrinoPrincipal(io.trino.spi.security.TrinoPrincipal) HiveColumnStatistics.createBooleanColumnStatistics(io.trino.plugin.hive.metastore.HiveColumnStatistics.createBooleanColumnStatistics) OWNERSHIP(io.trino.plugin.hive.metastore.HivePrivilegeInfo.HivePrivilege.OWNERSHIP) Date(org.apache.hadoop.hive.metastore.api.Date) DATE(io.trino.spi.type.DateType.DATE) REAL(io.trino.spi.type.RealType.REAL) Partition(io.trino.plugin.hive.metastore.Partition) HivePrincipal(io.trino.plugin.hive.metastore.HivePrincipal) BOOLEAN(io.trino.spi.type.BooleanType.BOOLEAN) TimestampType(io.trino.spi.type.TimestampType) HiveBucketProperty(io.trino.plugin.hive.HiveBucketProperty) HiveType(io.trino.plugin.hive.HiveType) OptionalLong(java.util.OptionalLong) HIVE_INVALID_METADATA(io.trino.plugin.hive.HiveErrorCode.HIVE_INVALID_METADATA) NUMBER_OF_TRUE_VALUES(io.trino.spi.statistics.ColumnStatisticType.NUMBER_OF_TRUE_VALUES) AVRO_SCHEMA_URL_KEY(io.trino.plugin.hive.HiveMetadata.AVRO_SCHEMA_URL_KEY) ImmutableSet.toImmutableSet(com.google.common.collect.ImmutableSet.toImmutableSet) VARBINARY(io.trino.spi.type.VarbinaryType.VARBINARY) NUMBER_OF_NON_NULL_VALUES(io.trino.spi.statistics.ColumnStatisticType.NUMBER_OF_NON_NULL_VALUES) LongColumnStatsData(org.apache.hadoop.hive.metastore.api.LongColumnStatsData) PrincipalPrivilegeSet(org.apache.hadoop.hive.metastore.api.PrincipalPrivilegeSet) PrivilegeGrantInfo(org.apache.hadoop.hive.metastore.api.PrivilegeGrantInfo) Nullable(javax.annotation.Nullable) ColumnStatisticsData.binaryStats(org.apache.hadoop.hive.metastore.api.ColumnStatisticsData.binaryStats) PrincipalType(io.trino.spi.security.PrincipalType) MapType(io.trino.spi.type.MapType) AbstractIterator(com.google.common.collect.AbstractIterator) Storage(io.trino.plugin.hive.metastore.Storage) RoleGrant(io.trino.spi.security.RoleGrant) DOUBLE(io.trino.spi.type.DoubleType.DOUBLE) StringColumnStatsData(org.apache.hadoop.hive.metastore.api.StringColumnStatsData) Strings.emptyToNull(com.google.common.base.Strings.emptyToNull) ColumnStatisticsData.longStats(org.apache.hadoop.hive.metastore.api.ColumnStatisticsData.longStats) CharType(io.trino.spi.type.CharType) DateColumnStatsData(org.apache.hadoop.hive.metastore.api.DateColumnStatsData) MAX_VALUE(io.trino.spi.statistics.ColumnStatisticType.MAX_VALUE) TINYINT(io.trino.spi.type.TinyintType.TINYINT) ArrayDeque(java.util.ArrayDeque) ColumnStatisticsData.stringStats(org.apache.hadoop.hive.metastore.api.ColumnStatisticsData.stringStats) TOTAL_SIZE_IN_BYTES(io.trino.spi.statistics.ColumnStatisticType.TOTAL_SIZE_IN_BYTES) HiveColumnStatistics.createStringColumnStatistics(io.trino.plugin.hive.metastore.HiveColumnStatistics.createStringColumnStatistics) ColumnStatisticsData.booleanStats(org.apache.hadoop.hive.metastore.api.ColumnStatisticsData.booleanStats) HiveColumnStatistics.createBinaryColumnStatistics(io.trino.plugin.hive.metastore.HiveColumnStatistics.createBinaryColumnStatistics) Database(io.trino.plugin.hive.metastore.Database) RolePrincipalGrant(org.apache.hadoop.hive.metastore.api.RolePrincipalGrant) ByteBuffer(java.nio.ByteBuffer) Preconditions.checkArgument(com.google.common.base.Preconditions.checkArgument) ColumnStatisticsData.doubleStats(org.apache.hadoop.hive.metastore.api.ColumnStatisticsData.doubleStats) MAX_VALUE_SIZE_IN_BYTES(io.trino.spi.statistics.ColumnStatisticType.MAX_VALUE_SIZE_IN_BYTES) PrimitiveTypeInfo(org.apache.hadoop.hive.serde2.typeinfo.PrimitiveTypeInfo) INTEGER(io.trino.spi.type.IntegerType.INTEGER) StorageDescriptor(org.apache.hadoop.hive.metastore.api.StorageDescriptor) AVRO(io.trino.plugin.hive.HiveStorageFormat.AVRO) StorageFormat(io.trino.plugin.hive.metastore.StorageFormat) HiveBasicStatistics(io.trino.plugin.hive.HiveBasicStatistics) RowType(io.trino.spi.type.RowType) INSERT(io.trino.plugin.hive.metastore.HivePrivilegeInfo.HivePrivilege.INSERT) ImmutableSet(com.google.common.collect.ImmutableSet) ImmutableMap(com.google.common.collect.ImmutableMap) Predicate(java.util.function.Predicate) ColumnStatisticsObj(org.apache.hadoop.hive.metastore.api.ColumnStatisticsObj) Collection(java.util.Collection) Decimal(org.apache.hadoop.hive.metastore.api.Decimal) Order(org.apache.hadoop.hive.metastore.api.Order) TrinoException(io.trino.spi.TrinoException) ArrayType(io.trino.spi.type.ArrayType) Streams(com.google.common.collect.Streams) String.format(java.lang.String.format) HiveColumnStatistics.createDoubleColumnStatistics(io.trino.plugin.hive.metastore.HiveColumnStatistics.createDoubleColumnStatistics) SelectedRole(io.trino.spi.security.SelectedRole) List(java.util.List) BIGINT(io.trino.spi.type.BigintType.BIGINT) LocalDate(java.time.LocalDate) Optional(java.util.Optional) Queue(java.util.Queue) HivePrivilegeInfo(io.trino.plugin.hive.metastore.HivePrivilegeInfo) DecimalType(io.trino.spi.type.DecimalType) Strings.nullToEmpty(com.google.common.base.Strings.nullToEmpty) Type(io.trino.spi.type.Type) OptionalDouble(java.util.OptionalDouble) Shorts(com.google.common.primitives.Shorts) CSV(io.trino.plugin.hive.HiveStorageFormat.CSV) Function(java.util.function.Function) HashSet(java.util.HashSet) VarcharType(io.trino.spi.type.VarcharType) HiveColumnStatistics(io.trino.plugin.hive.metastore.HiveColumnStatistics) ColumnStatisticsData.dateStats(org.apache.hadoop.hive.metastore.api.ColumnStatisticsData.dateStats) BinaryColumnStatsData(org.apache.hadoop.hive.metastore.api.BinaryColumnStatsData) Objects.requireNonNull(java.util.Objects.requireNonNull) HiveColumnStatistics.createIntegerColumnStatistics(io.trino.plugin.hive.metastore.HiveColumnStatistics.createIntegerColumnStatistics) DELETE(io.trino.plugin.hive.metastore.HivePrivilegeInfo.HivePrivilege.DELETE) ROLE(io.trino.spi.security.PrincipalType.ROLE) PRIMITIVE(org.apache.hadoop.hive.serde2.objectinspector.ObjectInspector.Category.PRIMITIVE) TypeInfo(org.apache.hadoop.hive.serde2.typeinfo.TypeInfo) FieldSchema(org.apache.hadoop.hive.metastore.api.FieldSchema) SELECT(io.trino.plugin.hive.metastore.HivePrivilegeInfo.HivePrivilege.SELECT) PrincipalPrivileges(io.trino.plugin.hive.metastore.PrincipalPrivileges) MIN_VALUE(io.trino.spi.statistics.ColumnStatisticType.MIN_VALUE) HivePrivilegeInfo(io.trino.plugin.hive.metastore.HivePrivilegeInfo) HivePrincipal(io.trino.plugin.hive.metastore.HivePrincipal)

Example 4 with HivePrivilegeInfo

use of io.trino.plugin.hive.metastore.HivePrivilegeInfo in project trino by trinodb.

the class ThriftHiveMetastore method grantTablePrivileges.

@Override
public void grantTablePrivileges(String databaseName, String tableName, String tableOwner, HivePrincipal grantee, HivePrincipal grantor, Set<HivePrivilege> privileges, boolean grantOption) {
    Set<PrivilegeGrantInfo> requestedPrivileges = privileges.stream().map(privilege -> new HivePrivilegeInfo(privilege, grantOption, grantor, grantee)).map(ThriftMetastoreUtil::toMetastoreApiPrivilegeGrantInfo).collect(toImmutableSet());
    checkArgument(!containsAllPrivilege(requestedPrivileges), "\"ALL\" not supported in PrivilegeGrantInfo.privilege");
    try {
        retry().stopOnIllegalExceptions().run("grantTablePrivileges", stats.getGrantTablePrivileges().wrap(() -> {
            try (ThriftMetastoreClient metastoreClient = createMetastoreClient()) {
                Set<HivePrivilegeInfo> existingPrivileges = listTablePrivileges(databaseName, tableName, Optional.of(tableOwner), Optional.of(grantee));
                Set<PrivilegeGrantInfo> privilegesToGrant = new HashSet<>(requestedPrivileges);
                Iterator<PrivilegeGrantInfo> iterator = privilegesToGrant.iterator();
                while (iterator.hasNext()) {
                    HivePrivilegeInfo requestedPrivilege = getOnlyElement(parsePrivilege(iterator.next(), Optional.empty()));
                    for (HivePrivilegeInfo existingPrivilege : existingPrivileges) {
                        if ((requestedPrivilege.isContainedIn(existingPrivilege))) {
                            iterator.remove();
                        } else if (existingPrivilege.isContainedIn(requestedPrivilege)) {
                            throw new TrinoException(NOT_SUPPORTED, format("Granting %s WITH GRANT OPTION is not supported while %s possesses %s", requestedPrivilege.getHivePrivilege().name(), grantee, requestedPrivilege.getHivePrivilege().name()));
                        }
                    }
                }
                if (privilegesToGrant.isEmpty()) {
                    return null;
                }
                metastoreClient.grantPrivileges(buildPrivilegeBag(databaseName, tableName, grantee, privilegesToGrant));
            }
            return null;
        }));
    } catch (TException e) {
        throw new TrinoException(HIVE_METASTORE_ERROR, e);
    } catch (Exception e) {
        throw propagate(e);
    }
}
Also used : TException(org.apache.thrift.TException) HivePrivilegeInfo(io.trino.plugin.hive.metastore.HivePrivilegeInfo) Set(java.util.Set) ThriftMetastoreUtil.isAvroTableWithSchemaSet(io.trino.plugin.hive.metastore.thrift.ThriftMetastoreUtil.isAvroTableWithSchemaSet) ImmutableSet.toImmutableSet(com.google.common.collect.ImmutableSet.toImmutableSet) ImmutableSet(com.google.common.collect.ImmutableSet) HashSet(java.util.HashSet) PrivilegeGrantInfo(org.apache.hadoop.hive.metastore.api.PrivilegeGrantInfo) Iterator(java.util.Iterator) TrinoException(io.trino.spi.TrinoException) NoSuchTxnException(org.apache.hadoop.hive.metastore.api.NoSuchTxnException) AlreadyExistsException(org.apache.hadoop.hive.metastore.api.AlreadyExistsException) TableNotFoundException(io.trino.spi.connector.TableNotFoundException) InvalidInputException(org.apache.hadoop.hive.metastore.api.InvalidInputException) InvalidOperationException(org.apache.hadoop.hive.metastore.api.InvalidOperationException) TxnAbortedException(org.apache.hadoop.hive.metastore.api.TxnAbortedException) ConfigValSecurityException(org.apache.hadoop.hive.metastore.api.ConfigValSecurityException) HiveViewNotSupportedException(io.trino.plugin.hive.HiveViewNotSupportedException) PartitionNotFoundException(io.trino.plugin.hive.PartitionNotFoundException) SchemaAlreadyExistsException(io.trino.plugin.hive.SchemaAlreadyExistsException) UnknownDBException(org.apache.hadoop.hive.metastore.api.UnknownDBException) TException(org.apache.thrift.TException) IOException(java.io.IOException) NoSuchObjectException(org.apache.hadoop.hive.metastore.api.NoSuchObjectException) MetaException(org.apache.hadoop.hive.metastore.api.MetaException) SchemaNotFoundException(io.trino.spi.connector.SchemaNotFoundException) NoSuchLockException(org.apache.hadoop.hive.metastore.api.NoSuchLockException) TableAlreadyExistsException(io.trino.plugin.hive.TableAlreadyExistsException) TrinoException(io.trino.spi.TrinoException) UncheckedExecutionException(com.google.common.util.concurrent.UncheckedExecutionException) TApplicationException(org.apache.thrift.TApplicationException) UnknownTableException(org.apache.hadoop.hive.metastore.api.UnknownTableException) InvalidObjectException(org.apache.hadoop.hive.metastore.api.InvalidObjectException)

Example 5 with HivePrivilegeInfo

use of io.trino.plugin.hive.metastore.HivePrivilegeInfo in project trino by trinodb.

the class ThriftHiveMetastore method revokeTablePrivileges.

@Override
public void revokeTablePrivileges(String databaseName, String tableName, String tableOwner, HivePrincipal grantee, HivePrincipal grantor, Set<HivePrivilege> privileges, boolean grantOption) {
    Set<PrivilegeGrantInfo> requestedPrivileges = privileges.stream().map(privilege -> new HivePrivilegeInfo(privilege, grantOption, grantor, grantee)).map(ThriftMetastoreUtil::toMetastoreApiPrivilegeGrantInfo).collect(toImmutableSet());
    checkArgument(!containsAllPrivilege(requestedPrivileges), "\"ALL\" not supported in PrivilegeGrantInfo.privilege");
    try {
        retry().stopOnIllegalExceptions().run("revokeTablePrivileges", stats.getRevokeTablePrivileges().wrap(() -> {
            try (ThriftMetastoreClient metastoreClient = createMetastoreClient()) {
                Set<HivePrivilege> existingHivePrivileges = listTablePrivileges(databaseName, tableName, Optional.of(tableOwner), Optional.of(grantee)).stream().map(HivePrivilegeInfo::getHivePrivilege).collect(toImmutableSet());
                Set<PrivilegeGrantInfo> privilegesToRevoke = requestedPrivileges.stream().filter(privilegeGrantInfo -> existingHivePrivileges.contains(getOnlyElement(parsePrivilege(privilegeGrantInfo, Optional.empty())).getHivePrivilege())).collect(toImmutableSet());
                if (privilegesToRevoke.isEmpty()) {
                    return null;
                }
                metastoreClient.revokePrivileges(buildPrivilegeBag(databaseName, tableName, grantee, privilegesToRevoke), grantOption);
            }
            return null;
        }));
    } catch (TException e) {
        throw new TrinoException(HIVE_METASTORE_ERROR, e);
    } catch (Exception e) {
        throw propagate(e);
    }
}
Also used : TException(org.apache.thrift.TException) HivePrivilegeInfo(io.trino.plugin.hive.metastore.HivePrivilegeInfo) Set(java.util.Set) ThriftMetastoreUtil.isAvroTableWithSchemaSet(io.trino.plugin.hive.metastore.thrift.ThriftMetastoreUtil.isAvroTableWithSchemaSet) ImmutableSet.toImmutableSet(com.google.common.collect.ImmutableSet.toImmutableSet) ImmutableSet(com.google.common.collect.ImmutableSet) HashSet(java.util.HashSet) PrivilegeGrantInfo(org.apache.hadoop.hive.metastore.api.PrivilegeGrantInfo) TrinoException(io.trino.spi.TrinoException) NoSuchTxnException(org.apache.hadoop.hive.metastore.api.NoSuchTxnException) AlreadyExistsException(org.apache.hadoop.hive.metastore.api.AlreadyExistsException) TableNotFoundException(io.trino.spi.connector.TableNotFoundException) InvalidInputException(org.apache.hadoop.hive.metastore.api.InvalidInputException) InvalidOperationException(org.apache.hadoop.hive.metastore.api.InvalidOperationException) TxnAbortedException(org.apache.hadoop.hive.metastore.api.TxnAbortedException) ConfigValSecurityException(org.apache.hadoop.hive.metastore.api.ConfigValSecurityException) HiveViewNotSupportedException(io.trino.plugin.hive.HiveViewNotSupportedException) PartitionNotFoundException(io.trino.plugin.hive.PartitionNotFoundException) SchemaAlreadyExistsException(io.trino.plugin.hive.SchemaAlreadyExistsException) UnknownDBException(org.apache.hadoop.hive.metastore.api.UnknownDBException) TException(org.apache.thrift.TException) IOException(java.io.IOException) NoSuchObjectException(org.apache.hadoop.hive.metastore.api.NoSuchObjectException) MetaException(org.apache.hadoop.hive.metastore.api.MetaException) SchemaNotFoundException(io.trino.spi.connector.SchemaNotFoundException) NoSuchLockException(org.apache.hadoop.hive.metastore.api.NoSuchLockException) TableAlreadyExistsException(io.trino.plugin.hive.TableAlreadyExistsException) TrinoException(io.trino.spi.TrinoException) UncheckedExecutionException(com.google.common.util.concurrent.UncheckedExecutionException) TApplicationException(org.apache.thrift.TApplicationException) UnknownTableException(org.apache.hadoop.hive.metastore.api.UnknownTableException) InvalidObjectException(org.apache.hadoop.hive.metastore.api.InvalidObjectException)

Aggregations

HivePrivilegeInfo (io.trino.plugin.hive.metastore.HivePrivilegeInfo)9 ImmutableSet (com.google.common.collect.ImmutableSet)6 ImmutableSet.toImmutableSet (com.google.common.collect.ImmutableSet.toImmutableSet)6 HivePrincipal (io.trino.plugin.hive.metastore.HivePrincipal)6 TrinoException (io.trino.spi.TrinoException)5 HashSet (java.util.HashSet)4 Set (java.util.Set)4 PartitionNotFoundException (io.trino.plugin.hive.PartitionNotFoundException)3 SchemaAlreadyExistsException (io.trino.plugin.hive.SchemaAlreadyExistsException)3 TableAlreadyExistsException (io.trino.plugin.hive.TableAlreadyExistsException)3 Database (io.trino.plugin.hive.metastore.Database)3 OWNERSHIP (io.trino.plugin.hive.metastore.HivePrivilegeInfo.HivePrivilege.OWNERSHIP)3 Table (io.trino.plugin.hive.metastore.Table)3 SchemaNotFoundException (io.trino.spi.connector.SchemaNotFoundException)3 TableNotFoundException (io.trino.spi.connector.TableNotFoundException)3 Privilege (io.trino.spi.security.Privilege)3 IOException (java.io.IOException)3 PrivilegeGrantInfo (org.apache.hadoop.hive.metastore.api.PrivilegeGrantInfo)3 Preconditions.checkArgument (com.google.common.base.Preconditions.checkArgument)2 ImmutableList (com.google.common.collect.ImmutableList)2