Examples with SchemaTableName io.trino.spi.connector.SchemaTableName used on opensource projects

Search in sources :

Example 76 with SchemaTableName

use of io.trino.spi.connector.SchemaTableName in project trino by trinodb.

the class TestPushJoinIntoTableScan method testPushJoinIntoTableScanDoesNotFireForDifferentCatalogs.

@Test
public void testPushJoinIntoTableScanDoesNotFireForDifferentCatalogs() {
    try (RuleTester ruleTester = defaultRuleTester()) {
        MockConnectorFactory connectorFactory = createMockConnectorFactory((session, applyJoinType, left, right, joinConditions, leftAssignments, rightAssignments) -> {
            throw new IllegalStateException("applyJoin should not be called!");
        });
        ruleTester.getQueryRunner().createCatalog(MOCK_CATALOG, connectorFactory, ImmutableMap.of());
        ruleTester.getQueryRunner().createCatalog("another_catalog", "mock", ImmutableMap.of());
        TableHandle tableBHandleAnotherCatalog = createTableHandle(new MockConnectorTableHandle(new SchemaTableName(SCHEMA, TABLE_B)), "another_catalog");
        ruleTester.assertThat(new PushJoinIntoTableScan(ruleTester.getMetadata())).on(p -> {
            Symbol columnA1Symbol = p.symbol(COLUMN_A1);
            Symbol columnA2Symbol = p.symbol(COLUMN_A2);
            Symbol columnB1Symbol = p.symbol(COLUMN_B1);
            TableScanNode left = p.tableScan(TABLE_A_HANDLE, ImmutableList.of(columnA1Symbol, columnA2Symbol), ImmutableMap.of(columnA1Symbol, COLUMN_A1_HANDLE, columnA2Symbol, COLUMN_A2_HANDLE));
            TableScanNode right = p.tableScan(tableBHandleAnotherCatalog, ImmutableList.of(columnB1Symbol), ImmutableMap.of(columnB1Symbol, COLUMN_B1_HANDLE));
            return p.join(INNER, left, right, new JoinNode.EquiJoinClause(columnA1Symbol, columnB1Symbol));
        }).withSession(MOCK_SESSION).doesNotFire();
    }
}
Also used : MockConnectorFactory(io.trino.connector.MockConnectorFactory) TableScanNode(io.trino.sql.planner.plan.TableScanNode) RuleTester.defaultRuleTester(io.trino.sql.planner.iterative.rule.test.RuleTester.defaultRuleTester) RuleTester(io.trino.sql.planner.iterative.rule.test.RuleTester) MockConnectorTableHandle(io.trino.connector.MockConnectorTableHandle) Symbol(io.trino.sql.planner.Symbol) JoinNode(io.trino.sql.planner.plan.JoinNode) ConnectorTableHandle(io.trino.spi.connector.ConnectorTableHandle) MockConnectorTableHandle(io.trino.connector.MockConnectorTableHandle) TableHandle(io.trino.metadata.TableHandle) SchemaTableName(io.trino.spi.connector.SchemaTableName) Test(org.testng.annotations.Test)

Example 77 with SchemaTableName

use of io.trino.spi.connector.SchemaTableName in project trino by trinodb.

the class FileBasedAccessControl method checkCanSelectFromColumns.

@Override
public void checkCanSelectFromColumns(ConnectorSecurityContext context, SchemaTableName tableName, Set<String> columnNames) {
    if (INFORMATION_SCHEMA_NAME.equals(tableName.getSchemaName())) {
        return;
    }
    ConnectorIdentity identity = context.getIdentity();
    boolean allowed = tableRules.stream().filter(rule -> rule.matches(identity.getUser(), identity.getEnabledSystemRoles(), identity.getGroups(), tableName)).map(rule -> rule.canSelectColumns(columnNames)).findFirst().orElse(false);
    if (!allowed) {
        denySelectTable(tableName.toString());
    }
}
Also used : AccessDeniedException.denyAddColumn(io.trino.spi.security.AccessDeniedException.denyAddColumn) SchemaRoutineName(io.trino.spi.connector.SchemaRoutineName) AccessDeniedException.denySetCatalogSessionProperty(io.trino.spi.security.AccessDeniedException.denySetCatalogSessionProperty) AccessDeniedException.denyDropTable(io.trino.spi.security.AccessDeniedException.denyDropTable) AccessDeniedException.denySetTableProperties(io.trino.spi.security.AccessDeniedException.denySetTableProperties) AccessDeniedException.denyGrantSchemaPrivilege(io.trino.spi.security.AccessDeniedException.denyGrantSchemaPrivilege) AccessDeniedException.denySetMaterializedViewProperties(io.trino.spi.security.AccessDeniedException.denySetMaterializedViewProperties) AccessDeniedException.denyInsertTable(io.trino.spi.security.AccessDeniedException.denyInsertTable) AccessDeniedException.denyShowCreateTable(io.trino.spi.security.AccessDeniedException.denyShowCreateTable) AccessDeniedException.denyRevokeTablePrivilege(io.trino.spi.security.AccessDeniedException.denyRevokeTablePrivilege) INSERT(io.trino.plugin.base.security.TableAccessControlRule.TablePrivilege.INSERT) Preconditions.checkArgument(com.google.common.base.Preconditions.checkArgument) DELETE(io.trino.plugin.base.security.TableAccessControlRule.TablePrivilege.DELETE) JsonUtils.parseJson(io.trino.plugin.base.util.JsonUtils.parseJson) AccessDeniedException.denyUpdateTableColumns(io.trino.spi.security.AccessDeniedException.denyUpdateTableColumns) Map(java.util.Map) AccessDeniedException.denyCreateSchema(io.trino.spi.security.AccessDeniedException.denyCreateSchema) AccessDeniedException.denyCreateMaterializedView(io.trino.spi.security.AccessDeniedException.denyCreateMaterializedView) AccessDeniedException.denyCreateTable(io.trino.spi.security.AccessDeniedException.denyCreateTable) AccessDeniedException.denyDeleteTable(io.trino.spi.security.AccessDeniedException.denyDeleteTable) AccessDeniedException.denyDropView(io.trino.spi.security.AccessDeniedException.denyDropView) AccessDeniedException.denyRenameSchema(io.trino.spi.security.AccessDeniedException.denyRenameSchema) AccessDeniedException.denyShowColumns(io.trino.spi.security.AccessDeniedException.denyShowColumns) AccessDeniedException.denyRenameMaterializedView(io.trino.spi.security.AccessDeniedException.denyRenameMaterializedView) ImmutableSet(com.google.common.collect.ImmutableSet) ConnectorIdentity(io.trino.spi.security.ConnectorIdentity) AccessDeniedException.denySetTableAuthorization(io.trino.spi.security.AccessDeniedException.denySetTableAuthorization) OWNERSHIP(io.trino.plugin.base.security.TableAccessControlRule.TablePrivilege.OWNERSHIP) AccessDeniedException.denyDropSchema(io.trino.spi.security.AccessDeniedException.denyDropSchema) Predicate(java.util.function.Predicate) AccessDeniedException.denyTruncateTable(io.trino.spi.security.AccessDeniedException.denyTruncateTable) ViewExpression(io.trino.spi.security.ViewExpression) ConnectorAccessControl(io.trino.spi.connector.ConnectorAccessControl) Set(java.util.Set) SchemaTableName(io.trino.spi.connector.SchemaTableName) AccessDeniedException.denySetRole(io.trino.spi.security.AccessDeniedException.denySetRole) AccessDeniedException.denyShowCreateSchema(io.trino.spi.security.AccessDeniedException.denyShowCreateSchema) TablePrivilege(io.trino.plugin.base.security.TableAccessControlRule.TablePrivilege) List(java.util.List) TrinoPrincipal(io.trino.spi.security.TrinoPrincipal) AccessDeniedException.denyRefreshMaterializedView(io.trino.spi.security.AccessDeniedException.denyRefreshMaterializedView) AccessDeniedException.denyCreateRole(io.trino.spi.security.AccessDeniedException.denyCreateRole) Optional(java.util.Optional) SELECT(io.trino.plugin.base.security.TableAccessControlRule.TablePrivilege.SELECT) AccessDeniedException.denyDenySchemaPrivilege(io.trino.spi.security.AccessDeniedException.denyDenySchemaPrivilege) GRANT_SELECT(io.trino.plugin.base.security.TableAccessControlRule.TablePrivilege.GRANT_SELECT) AccessDeniedException.denyDenyTablePrivilege(io.trino.spi.security.AccessDeniedException.denyDenyTablePrivilege) AccessDeniedException.denyDropColumn(io.trino.spi.security.AccessDeniedException.denyDropColumn) AccessDeniedException.denyRevokeSchemaPrivilege(io.trino.spi.security.AccessDeniedException.denyRevokeSchemaPrivilege) Type(io.trino.spi.type.Type) AccessDeniedException.denyDropRole(io.trino.spi.security.AccessDeniedException.denyDropRole) Function(java.util.function.Function) AccessDeniedException.denySetViewAuthorization(io.trino.spi.security.AccessDeniedException.denySetViewAuthorization) AccessDeniedException.denyCommentColumn(io.trino.spi.security.AccessDeniedException.denyCommentColumn) AccessDeniedException.denySetSchemaAuthorization(io.trino.spi.security.AccessDeniedException.denySetSchemaAuthorization) AccessDeniedException.denyCreateViewWithSelect(io.trino.spi.security.AccessDeniedException.denyCreateViewWithSelect) AccessDeniedException.denyDropMaterializedView(io.trino.spi.security.AccessDeniedException.denyDropMaterializedView) AccessDeniedException.denyShowTables(io.trino.spi.security.AccessDeniedException.denyShowTables) Objects.requireNonNull(java.util.Objects.requireNonNull) ImmutableSet.toImmutableSet(com.google.common.collect.ImmutableSet.toImmutableSet) AccessDeniedException.denyRevokeRoles(io.trino.spi.security.AccessDeniedException.denyRevokeRoles) Privilege(io.trino.spi.security.Privilege) AccessDeniedException.denyRenameTable(io.trino.spi.security.AccessDeniedException.denyRenameTable) ConnectorSecurityContext(io.trino.spi.connector.ConnectorSecurityContext) AccessDeniedException.denySelectTable(io.trino.spi.security.AccessDeniedException.denySelectTable) AccessDeniedException.denyCreateView(io.trino.spi.security.AccessDeniedException.denyCreateView) AccessDeniedException.denyCommentTable(io.trino.spi.security.AccessDeniedException.denyCommentTable) CatalogName(io.trino.plugin.base.CatalogName) File(java.io.File) UPDATE(io.trino.plugin.base.security.TableAccessControlRule.TablePrivilege.UPDATE) AccessDeniedException.denyRenameColumn(io.trino.spi.security.AccessDeniedException.denyRenameColumn) AccessDeniedException.denyGrantRoles(io.trino.spi.security.AccessDeniedException.denyGrantRoles) AccessDeniedException.denyRenameView(io.trino.spi.security.AccessDeniedException.denyRenameView) AccessDeniedException.denyGrantTablePrivilege(io.trino.spi.security.AccessDeniedException.denyGrantTablePrivilege) ConnectorIdentity(io.trino.spi.security.ConnectorIdentity)

Example 78 with SchemaTableName

use of io.trino.spi.connector.SchemaTableName in project trino by trinodb.

the class FileBasedAccessControl method filterColumns.

@Override
public Set<String> filterColumns(ConnectorSecurityContext context, SchemaTableName tableName, Set<String> columns) {
    if (INFORMATION_SCHEMA_NAME.equals(tableName.getSchemaName())) {
        return columns;
    }
    ConnectorIdentity identity = context.getIdentity();
    TableAccessControlRule rule = tableRules.stream().filter(tableRule -> tableRule.matches(identity.getUser(), identity.getEnabledSystemRoles(), identity.getGroups(), tableName)).findFirst().orElse(null);
    if (rule == null || rule.getPrivileges().isEmpty()) {
        return ImmutableSet.of();
    }
    // if user has privileges other than select, show all columns
    if (rule.getPrivileges().stream().anyMatch(privilege -> SELECT != privilege)) {
        return columns;
    }
    Set<String> restrictedColumns = rule.getRestrictedColumns();
    return columns.stream().filter(column -> !restrictedColumns.contains(column)).collect(toImmutableSet());
}
Also used : AccessDeniedException.denyAddColumn(io.trino.spi.security.AccessDeniedException.denyAddColumn) SchemaRoutineName(io.trino.spi.connector.SchemaRoutineName) AccessDeniedException.denySetCatalogSessionProperty(io.trino.spi.security.AccessDeniedException.denySetCatalogSessionProperty) AccessDeniedException.denyDropTable(io.trino.spi.security.AccessDeniedException.denyDropTable) AccessDeniedException.denySetTableProperties(io.trino.spi.security.AccessDeniedException.denySetTableProperties) AccessDeniedException.denyGrantSchemaPrivilege(io.trino.spi.security.AccessDeniedException.denyGrantSchemaPrivilege) AccessDeniedException.denySetMaterializedViewProperties(io.trino.spi.security.AccessDeniedException.denySetMaterializedViewProperties) AccessDeniedException.denyInsertTable(io.trino.spi.security.AccessDeniedException.denyInsertTable) AccessDeniedException.denyShowCreateTable(io.trino.spi.security.AccessDeniedException.denyShowCreateTable) AccessDeniedException.denyRevokeTablePrivilege(io.trino.spi.security.AccessDeniedException.denyRevokeTablePrivilege) INSERT(io.trino.plugin.base.security.TableAccessControlRule.TablePrivilege.INSERT) Preconditions.checkArgument(com.google.common.base.Preconditions.checkArgument) DELETE(io.trino.plugin.base.security.TableAccessControlRule.TablePrivilege.DELETE) JsonUtils.parseJson(io.trino.plugin.base.util.JsonUtils.parseJson) AccessDeniedException.denyUpdateTableColumns(io.trino.spi.security.AccessDeniedException.denyUpdateTableColumns) Map(java.util.Map) AccessDeniedException.denyCreateSchema(io.trino.spi.security.AccessDeniedException.denyCreateSchema) AccessDeniedException.denyCreateMaterializedView(io.trino.spi.security.AccessDeniedException.denyCreateMaterializedView) AccessDeniedException.denyCreateTable(io.trino.spi.security.AccessDeniedException.denyCreateTable) AccessDeniedException.denyDeleteTable(io.trino.spi.security.AccessDeniedException.denyDeleteTable) AccessDeniedException.denyDropView(io.trino.spi.security.AccessDeniedException.denyDropView) AccessDeniedException.denyRenameSchema(io.trino.spi.security.AccessDeniedException.denyRenameSchema) AccessDeniedException.denyShowColumns(io.trino.spi.security.AccessDeniedException.denyShowColumns) AccessDeniedException.denyRenameMaterializedView(io.trino.spi.security.AccessDeniedException.denyRenameMaterializedView) ImmutableSet(com.google.common.collect.ImmutableSet) ConnectorIdentity(io.trino.spi.security.ConnectorIdentity) AccessDeniedException.denySetTableAuthorization(io.trino.spi.security.AccessDeniedException.denySetTableAuthorization) OWNERSHIP(io.trino.plugin.base.security.TableAccessControlRule.TablePrivilege.OWNERSHIP) AccessDeniedException.denyDropSchema(io.trino.spi.security.AccessDeniedException.denyDropSchema) Predicate(java.util.function.Predicate) AccessDeniedException.denyTruncateTable(io.trino.spi.security.AccessDeniedException.denyTruncateTable) ViewExpression(io.trino.spi.security.ViewExpression) ConnectorAccessControl(io.trino.spi.connector.ConnectorAccessControl) Set(java.util.Set) SchemaTableName(io.trino.spi.connector.SchemaTableName) AccessDeniedException.denySetRole(io.trino.spi.security.AccessDeniedException.denySetRole) AccessDeniedException.denyShowCreateSchema(io.trino.spi.security.AccessDeniedException.denyShowCreateSchema) TablePrivilege(io.trino.plugin.base.security.TableAccessControlRule.TablePrivilege) List(java.util.List) TrinoPrincipal(io.trino.spi.security.TrinoPrincipal) AccessDeniedException.denyRefreshMaterializedView(io.trino.spi.security.AccessDeniedException.denyRefreshMaterializedView) AccessDeniedException.denyCreateRole(io.trino.spi.security.AccessDeniedException.denyCreateRole) Optional(java.util.Optional) SELECT(io.trino.plugin.base.security.TableAccessControlRule.TablePrivilege.SELECT) AccessDeniedException.denyDenySchemaPrivilege(io.trino.spi.security.AccessDeniedException.denyDenySchemaPrivilege) GRANT_SELECT(io.trino.plugin.base.security.TableAccessControlRule.TablePrivilege.GRANT_SELECT) AccessDeniedException.denyDenyTablePrivilege(io.trino.spi.security.AccessDeniedException.denyDenyTablePrivilege) AccessDeniedException.denyDropColumn(io.trino.spi.security.AccessDeniedException.denyDropColumn) AccessDeniedException.denyRevokeSchemaPrivilege(io.trino.spi.security.AccessDeniedException.denyRevokeSchemaPrivilege) Type(io.trino.spi.type.Type) AccessDeniedException.denyDropRole(io.trino.spi.security.AccessDeniedException.denyDropRole) Function(java.util.function.Function) AccessDeniedException.denySetViewAuthorization(io.trino.spi.security.AccessDeniedException.denySetViewAuthorization) AccessDeniedException.denyCommentColumn(io.trino.spi.security.AccessDeniedException.denyCommentColumn) AccessDeniedException.denySetSchemaAuthorization(io.trino.spi.security.AccessDeniedException.denySetSchemaAuthorization) AccessDeniedException.denyCreateViewWithSelect(io.trino.spi.security.AccessDeniedException.denyCreateViewWithSelect) AccessDeniedException.denyDropMaterializedView(io.trino.spi.security.AccessDeniedException.denyDropMaterializedView) AccessDeniedException.denyShowTables(io.trino.spi.security.AccessDeniedException.denyShowTables) Objects.requireNonNull(java.util.Objects.requireNonNull) ImmutableSet.toImmutableSet(com.google.common.collect.ImmutableSet.toImmutableSet) AccessDeniedException.denyRevokeRoles(io.trino.spi.security.AccessDeniedException.denyRevokeRoles) Privilege(io.trino.spi.security.Privilege) AccessDeniedException.denyRenameTable(io.trino.spi.security.AccessDeniedException.denyRenameTable) ConnectorSecurityContext(io.trino.spi.connector.ConnectorSecurityContext) AccessDeniedException.denySelectTable(io.trino.spi.security.AccessDeniedException.denySelectTable) AccessDeniedException.denyCreateView(io.trino.spi.security.AccessDeniedException.denyCreateView) AccessDeniedException.denyCommentTable(io.trino.spi.security.AccessDeniedException.denyCommentTable) CatalogName(io.trino.plugin.base.CatalogName) File(java.io.File) UPDATE(io.trino.plugin.base.security.TableAccessControlRule.TablePrivilege.UPDATE) AccessDeniedException.denyRenameColumn(io.trino.spi.security.AccessDeniedException.denyRenameColumn) AccessDeniedException.denyGrantRoles(io.trino.spi.security.AccessDeniedException.denyGrantRoles) AccessDeniedException.denyRenameView(io.trino.spi.security.AccessDeniedException.denyRenameView) AccessDeniedException.denyGrantTablePrivilege(io.trino.spi.security.AccessDeniedException.denyGrantTablePrivilege) ConnectorIdentity(io.trino.spi.security.ConnectorIdentity)

Example 79 with SchemaTableName

use of io.trino.spi.connector.SchemaTableName in project trino by trinodb.

the class FileBasedSystemAccessControl method getColumnMask.

@Override
public Optional<ViewExpression> getColumnMask(SystemSecurityContext context, CatalogSchemaTableName table, String columnName, Type type) {
    SchemaTableName tableName = table.getSchemaTableName();
    if (INFORMATION_SCHEMA_NAME.equals(tableName.getSchemaName())) {
        return Optional.empty();
    }
    Identity identity = context.getIdentity();
    return tableRules.stream().filter(rule -> rule.matches(identity.getUser(), identity.getEnabledRoles(), identity.getGroups(), table)).map(rule -> rule.getColumnMask(identity.getUser(), table.getCatalogName(), table.getSchemaTableName().getSchemaName(), columnName)).findFirst().flatMap(Function.identity());
}
Also used : AccessDeniedException.denyReadSystemInformationAccess(io.trino.spi.security.AccessDeniedException.denyReadSystemInformationAccess) AccessDeniedException.denyDropTable(io.trino.spi.security.AccessDeniedException.denyDropTable) AccessDeniedException.denyGrantSchemaPrivilege(io.trino.spi.security.AccessDeniedException.denyGrantSchemaPrivilege) AccessDeniedException.denySetMaterializedViewProperties(io.trino.spi.security.AccessDeniedException.denySetMaterializedViewProperties) Suppliers.memoizeWithExpiration(com.google.common.base.Suppliers.memoizeWithExpiration) AccessDeniedException.denyInsertTable(io.trino.spi.security.AccessDeniedException.denyInsertTable) AccessDeniedException.denyShowCreateTable(io.trino.spi.security.AccessDeniedException.denyShowCreateTable) SystemSecurityContext(io.trino.spi.security.SystemSecurityContext) ALL(io.trino.plugin.base.security.CatalogAccessControlRule.AccessMode.ALL) AccessDeniedException.denySetSystemSessionProperty(io.trino.spi.security.AccessDeniedException.denySetSystemSessionProperty) AccessDeniedException.denyUpdateTableColumns(io.trino.spi.security.AccessDeniedException.denyUpdateTableColumns) Map(java.util.Map) AccessDeniedException.denyCreateTable(io.trino.spi.security.AccessDeniedException.denyCreateTable) AccessDeniedException.denyDeleteTable(io.trino.spi.security.AccessDeniedException.denyDeleteTable) AccessDeniedException.denyRenameSchema(io.trino.spi.security.AccessDeniedException.denyRenameSchema) AccessDeniedException.denyShowColumns(io.trino.spi.security.AccessDeniedException.denyShowColumns) AccessDeniedException.denyRenameMaterializedView(io.trino.spi.security.AccessDeniedException.denyRenameMaterializedView) OWNERSHIP(io.trino.plugin.base.security.TableAccessControlRule.TablePrivilege.OWNERSHIP) AccessDeniedException.denyDropSchema(io.trino.spi.security.AccessDeniedException.denyDropSchema) Set(java.util.Set) MILLISECONDS(java.util.concurrent.TimeUnit.MILLISECONDS) SchemaTableName(io.trino.spi.connector.SchemaTableName) AccessDeniedException.denyShowCreateSchema(io.trino.spi.security.AccessDeniedException.denyShowCreateSchema) TablePrivilege(io.trino.plugin.base.security.TableAccessControlRule.TablePrivilege) TrinoPrincipal(io.trino.spi.security.TrinoPrincipal) AccessDeniedException.denyRefreshMaterializedView(io.trino.spi.security.AccessDeniedException.denyRefreshMaterializedView) CatalogSchemaTableName(io.trino.spi.connector.CatalogSchemaTableName) AccessDeniedException.denyCreateRole(io.trino.spi.security.AccessDeniedException.denyCreateRole) Bootstrap(io.airlift.bootstrap.Bootstrap) ConfigBinder.configBinder(io.airlift.configuration.ConfigBinder.configBinder) AccessDeniedException.denyDenySchemaPrivilege(io.trino.spi.security.AccessDeniedException.denyDenySchemaPrivilege) AccessDeniedException.denySetUser(io.trino.spi.security.AccessDeniedException.denySetUser) AccessDeniedException.denyDenyTablePrivilege(io.trino.spi.security.AccessDeniedException.denyDenyTablePrivilege) AccessDeniedException.denyDropColumn(io.trino.spi.security.AccessDeniedException.denyDropColumn) SystemAccessControl(io.trino.spi.security.SystemAccessControl) AccessDeniedException.denySetViewAuthorization(io.trino.spi.security.AccessDeniedException.denySetViewAuthorization) AccessDeniedException.denySetSchemaAuthorization(io.trino.spi.security.AccessDeniedException.denySetSchemaAuthorization) AccessDeniedException.denyDropMaterializedView(io.trino.spi.security.AccessDeniedException.denyDropMaterializedView) Identity(io.trino.spi.security.Identity) ImmutableSet.toImmutableSet(com.google.common.collect.ImmutableSet.toImmutableSet) AccessDeniedException.denyViewQuery(io.trino.spi.security.AccessDeniedException.denyViewQuery) AccessDeniedException.denySelectTable(io.trino.spi.security.AccessDeniedException.denySelectTable) AccessDeniedException.denyCreateView(io.trino.spi.security.AccessDeniedException.denyCreateView) AccessDeniedException.denyCommentTable(io.trino.spi.security.AccessDeniedException.denyCommentTable) READ_ONLY(io.trino.plugin.base.security.CatalogAccessControlRule.AccessMode.READ_ONLY) UPDATE(io.trino.plugin.base.security.TableAccessControlRule.TablePrivilege.UPDATE) AccessDeniedException.denyRenameColumn(io.trino.spi.security.AccessDeniedException.denyRenameColumn) Paths(java.nio.file.Paths) AccessDeniedException.denyCatalogAccess(io.trino.spi.security.AccessDeniedException.denyCatalogAccess) AccessDeniedException.denyRenameView(io.trino.spi.security.AccessDeniedException.denyRenameView) AccessMode(io.trino.plugin.base.security.CatalogAccessControlRule.AccessMode) EventListener(io.trino.spi.eventlistener.EventListener) AccessDeniedException.denyAddColumn(io.trino.spi.security.AccessDeniedException.denyAddColumn) AccessDeniedException.denySetCatalogSessionProperty(io.trino.spi.security.AccessDeniedException.denySetCatalogSessionProperty) AccessDeniedException.denySetTableProperties(io.trino.spi.security.AccessDeniedException.denySetTableProperties) Duration(io.airlift.units.Duration) AccessDeniedException.denyRevokeTablePrivilege(io.trino.spi.security.AccessDeniedException.denyRevokeTablePrivilege) INSERT(io.trino.plugin.base.security.TableAccessControlRule.TablePrivilege.INSERT) DELETE(io.trino.plugin.base.security.TableAccessControlRule.TablePrivilege.DELETE) JsonUtils.parseJson(io.trino.plugin.base.util.JsonUtils.parseJson) AccessDeniedException.denyCreateSchema(io.trino.spi.security.AccessDeniedException.denyCreateSchema) CatalogSchemaName(io.trino.spi.connector.CatalogSchemaName) CatalogSchemaRoutineName(io.trino.spi.connector.CatalogSchemaRoutineName) AccessDeniedException.denyCreateMaterializedView(io.trino.spi.security.AccessDeniedException.denyCreateMaterializedView) AccessDeniedException.denyDropView(io.trino.spi.security.AccessDeniedException.denyDropView) AccessDeniedException.denyShowSchemas(io.trino.spi.security.AccessDeniedException.denyShowSchemas) ImmutableSet(com.google.common.collect.ImmutableSet) AccessDeniedException.denySetTableAuthorization(io.trino.spi.security.AccessDeniedException.denySetTableAuthorization) Predicate(java.util.function.Predicate) AccessDeniedException.denyTruncateTable(io.trino.spi.security.AccessDeniedException.denyTruncateTable) ViewExpression(io.trino.spi.security.ViewExpression) TrinoException(io.trino.spi.TrinoException) String.format(java.lang.String.format) List(java.util.List) Principal(java.security.Principal) Optional(java.util.Optional) SystemAccessControlFactory(io.trino.spi.security.SystemAccessControlFactory) Pattern(java.util.regex.Pattern) SELECT(io.trino.plugin.base.security.TableAccessControlRule.TablePrivilege.SELECT) GRANT_SELECT(io.trino.plugin.base.security.TableAccessControlRule.TablePrivilege.GRANT_SELECT) Logger(io.airlift.log.Logger) AccessDeniedException.denyRevokeSchemaPrivilege(io.trino.spi.security.AccessDeniedException.denyRevokeSchemaPrivilege) AccessDeniedException.denyWriteSystemInformationAccess(io.trino.spi.security.AccessDeniedException.denyWriteSystemInformationAccess) Type(io.trino.spi.type.Type) AccessDeniedException.denyDropRole(io.trino.spi.security.AccessDeniedException.denyDropRole) Function(java.util.function.Function) AccessDeniedException.denyCommentColumn(io.trino.spi.security.AccessDeniedException.denyCommentColumn) AccessDeniedException.denyCreateViewWithSelect(io.trino.spi.security.AccessDeniedException.denyCreateViewWithSelect) CONFIGURATION_INVALID(io.trino.spi.StandardErrorCode.CONFIGURATION_INVALID) ImmutableList(com.google.common.collect.ImmutableList) AccessDeniedException.denyShowTables(io.trino.spi.security.AccessDeniedException.denyShowTables) Objects.requireNonNull(java.util.Objects.requireNonNull) AccessDeniedException.denyRevokeRoles(io.trino.spi.security.AccessDeniedException.denyRevokeRoles) Privilege(io.trino.spi.security.Privilege) AccessDeniedException.denyRenameTable(io.trino.spi.security.AccessDeniedException.denyRenameTable) AccessDeniedException.denyShowRoleAuthorizationDescriptors(io.trino.spi.security.AccessDeniedException.denyShowRoleAuthorizationDescriptors) AccessDeniedException.denyImpersonateUser(io.trino.spi.security.AccessDeniedException.denyImpersonateUser) Injector(com.google.inject.Injector) AccessDeniedException.denyGrantRoles(io.trino.spi.security.AccessDeniedException.denyGrantRoles) SECURITY_REFRESH_PERIOD(io.trino.plugin.base.security.FileBasedAccessControlConfig.SECURITY_REFRESH_PERIOD) AccessDeniedException.denyGrantTablePrivilege(io.trino.spi.security.AccessDeniedException.denyGrantTablePrivilege) Identity(io.trino.spi.security.Identity) SchemaTableName(io.trino.spi.connector.SchemaTableName) CatalogSchemaTableName(io.trino.spi.connector.CatalogSchemaTableName)

Example 80 with SchemaTableName

use of io.trino.spi.connector.SchemaTableName in project trino by trinodb.

the class FileBasedSystemAccessControl method getRowFilter.

@Override
public Optional<ViewExpression> getRowFilter(SystemSecurityContext context, CatalogSchemaTableName table) {
    SchemaTableName tableName = table.getSchemaTableName();
    if (INFORMATION_SCHEMA_NAME.equals(tableName.getSchemaName())) {
        return Optional.empty();
    }
    Identity identity = context.getIdentity();
    return tableRules.stream().filter(rule -> rule.matches(identity.getUser(), identity.getEnabledRoles(), identity.getGroups(), table)).map(rule -> rule.getFilter(identity.getUser(), table.getCatalogName(), tableName.getSchemaName())).findFirst().flatMap(Function.identity());
}
Also used : AccessDeniedException.denyReadSystemInformationAccess(io.trino.spi.security.AccessDeniedException.denyReadSystemInformationAccess) AccessDeniedException.denyDropTable(io.trino.spi.security.AccessDeniedException.denyDropTable) AccessDeniedException.denyGrantSchemaPrivilege(io.trino.spi.security.AccessDeniedException.denyGrantSchemaPrivilege) AccessDeniedException.denySetMaterializedViewProperties(io.trino.spi.security.AccessDeniedException.denySetMaterializedViewProperties) Suppliers.memoizeWithExpiration(com.google.common.base.Suppliers.memoizeWithExpiration) AccessDeniedException.denyInsertTable(io.trino.spi.security.AccessDeniedException.denyInsertTable) AccessDeniedException.denyShowCreateTable(io.trino.spi.security.AccessDeniedException.denyShowCreateTable) SystemSecurityContext(io.trino.spi.security.SystemSecurityContext) ALL(io.trino.plugin.base.security.CatalogAccessControlRule.AccessMode.ALL) AccessDeniedException.denySetSystemSessionProperty(io.trino.spi.security.AccessDeniedException.denySetSystemSessionProperty) AccessDeniedException.denyUpdateTableColumns(io.trino.spi.security.AccessDeniedException.denyUpdateTableColumns) Map(java.util.Map) AccessDeniedException.denyCreateTable(io.trino.spi.security.AccessDeniedException.denyCreateTable) AccessDeniedException.denyDeleteTable(io.trino.spi.security.AccessDeniedException.denyDeleteTable) AccessDeniedException.denyRenameSchema(io.trino.spi.security.AccessDeniedException.denyRenameSchema) AccessDeniedException.denyShowColumns(io.trino.spi.security.AccessDeniedException.denyShowColumns) AccessDeniedException.denyRenameMaterializedView(io.trino.spi.security.AccessDeniedException.denyRenameMaterializedView) OWNERSHIP(io.trino.plugin.base.security.TableAccessControlRule.TablePrivilege.OWNERSHIP) AccessDeniedException.denyDropSchema(io.trino.spi.security.AccessDeniedException.denyDropSchema) Set(java.util.Set) MILLISECONDS(java.util.concurrent.TimeUnit.MILLISECONDS) SchemaTableName(io.trino.spi.connector.SchemaTableName) AccessDeniedException.denyShowCreateSchema(io.trino.spi.security.AccessDeniedException.denyShowCreateSchema) TablePrivilege(io.trino.plugin.base.security.TableAccessControlRule.TablePrivilege) TrinoPrincipal(io.trino.spi.security.TrinoPrincipal) AccessDeniedException.denyRefreshMaterializedView(io.trino.spi.security.AccessDeniedException.denyRefreshMaterializedView) CatalogSchemaTableName(io.trino.spi.connector.CatalogSchemaTableName) AccessDeniedException.denyCreateRole(io.trino.spi.security.AccessDeniedException.denyCreateRole) Bootstrap(io.airlift.bootstrap.Bootstrap) ConfigBinder.configBinder(io.airlift.configuration.ConfigBinder.configBinder) AccessDeniedException.denyDenySchemaPrivilege(io.trino.spi.security.AccessDeniedException.denyDenySchemaPrivilege) AccessDeniedException.denySetUser(io.trino.spi.security.AccessDeniedException.denySetUser) AccessDeniedException.denyDenyTablePrivilege(io.trino.spi.security.AccessDeniedException.denyDenyTablePrivilege) AccessDeniedException.denyDropColumn(io.trino.spi.security.AccessDeniedException.denyDropColumn) SystemAccessControl(io.trino.spi.security.SystemAccessControl) AccessDeniedException.denySetViewAuthorization(io.trino.spi.security.AccessDeniedException.denySetViewAuthorization) AccessDeniedException.denySetSchemaAuthorization(io.trino.spi.security.AccessDeniedException.denySetSchemaAuthorization) AccessDeniedException.denyDropMaterializedView(io.trino.spi.security.AccessDeniedException.denyDropMaterializedView) Identity(io.trino.spi.security.Identity) ImmutableSet.toImmutableSet(com.google.common.collect.ImmutableSet.toImmutableSet) AccessDeniedException.denyViewQuery(io.trino.spi.security.AccessDeniedException.denyViewQuery) AccessDeniedException.denySelectTable(io.trino.spi.security.AccessDeniedException.denySelectTable) AccessDeniedException.denyCreateView(io.trino.spi.security.AccessDeniedException.denyCreateView) AccessDeniedException.denyCommentTable(io.trino.spi.security.AccessDeniedException.denyCommentTable) READ_ONLY(io.trino.plugin.base.security.CatalogAccessControlRule.AccessMode.READ_ONLY) UPDATE(io.trino.plugin.base.security.TableAccessControlRule.TablePrivilege.UPDATE) AccessDeniedException.denyRenameColumn(io.trino.spi.security.AccessDeniedException.denyRenameColumn) Paths(java.nio.file.Paths) AccessDeniedException.denyCatalogAccess(io.trino.spi.security.AccessDeniedException.denyCatalogAccess) AccessDeniedException.denyRenameView(io.trino.spi.security.AccessDeniedException.denyRenameView) AccessMode(io.trino.plugin.base.security.CatalogAccessControlRule.AccessMode) EventListener(io.trino.spi.eventlistener.EventListener) AccessDeniedException.denyAddColumn(io.trino.spi.security.AccessDeniedException.denyAddColumn) AccessDeniedException.denySetCatalogSessionProperty(io.trino.spi.security.AccessDeniedException.denySetCatalogSessionProperty) AccessDeniedException.denySetTableProperties(io.trino.spi.security.AccessDeniedException.denySetTableProperties) Duration(io.airlift.units.Duration) AccessDeniedException.denyRevokeTablePrivilege(io.trino.spi.security.AccessDeniedException.denyRevokeTablePrivilege) INSERT(io.trino.plugin.base.security.TableAccessControlRule.TablePrivilege.INSERT) DELETE(io.trino.plugin.base.security.TableAccessControlRule.TablePrivilege.DELETE) JsonUtils.parseJson(io.trino.plugin.base.util.JsonUtils.parseJson) AccessDeniedException.denyCreateSchema(io.trino.spi.security.AccessDeniedException.denyCreateSchema) CatalogSchemaName(io.trino.spi.connector.CatalogSchemaName) CatalogSchemaRoutineName(io.trino.spi.connector.CatalogSchemaRoutineName) AccessDeniedException.denyCreateMaterializedView(io.trino.spi.security.AccessDeniedException.denyCreateMaterializedView) AccessDeniedException.denyDropView(io.trino.spi.security.AccessDeniedException.denyDropView) AccessDeniedException.denyShowSchemas(io.trino.spi.security.AccessDeniedException.denyShowSchemas) ImmutableSet(com.google.common.collect.ImmutableSet) AccessDeniedException.denySetTableAuthorization(io.trino.spi.security.AccessDeniedException.denySetTableAuthorization) Predicate(java.util.function.Predicate) AccessDeniedException.denyTruncateTable(io.trino.spi.security.AccessDeniedException.denyTruncateTable) ViewExpression(io.trino.spi.security.ViewExpression) TrinoException(io.trino.spi.TrinoException) String.format(java.lang.String.format) List(java.util.List) Principal(java.security.Principal) Optional(java.util.Optional) SystemAccessControlFactory(io.trino.spi.security.SystemAccessControlFactory) Pattern(java.util.regex.Pattern) SELECT(io.trino.plugin.base.security.TableAccessControlRule.TablePrivilege.SELECT) GRANT_SELECT(io.trino.plugin.base.security.TableAccessControlRule.TablePrivilege.GRANT_SELECT) Logger(io.airlift.log.Logger) AccessDeniedException.denyRevokeSchemaPrivilege(io.trino.spi.security.AccessDeniedException.denyRevokeSchemaPrivilege) AccessDeniedException.denyWriteSystemInformationAccess(io.trino.spi.security.AccessDeniedException.denyWriteSystemInformationAccess) Type(io.trino.spi.type.Type) AccessDeniedException.denyDropRole(io.trino.spi.security.AccessDeniedException.denyDropRole) Function(java.util.function.Function) AccessDeniedException.denyCommentColumn(io.trino.spi.security.AccessDeniedException.denyCommentColumn) AccessDeniedException.denyCreateViewWithSelect(io.trino.spi.security.AccessDeniedException.denyCreateViewWithSelect) CONFIGURATION_INVALID(io.trino.spi.StandardErrorCode.CONFIGURATION_INVALID) ImmutableList(com.google.common.collect.ImmutableList) AccessDeniedException.denyShowTables(io.trino.spi.security.AccessDeniedException.denyShowTables) Objects.requireNonNull(java.util.Objects.requireNonNull) AccessDeniedException.denyRevokeRoles(io.trino.spi.security.AccessDeniedException.denyRevokeRoles) Privilege(io.trino.spi.security.Privilege) AccessDeniedException.denyRenameTable(io.trino.spi.security.AccessDeniedException.denyRenameTable) AccessDeniedException.denyShowRoleAuthorizationDescriptors(io.trino.spi.security.AccessDeniedException.denyShowRoleAuthorizationDescriptors) AccessDeniedException.denyImpersonateUser(io.trino.spi.security.AccessDeniedException.denyImpersonateUser) Injector(com.google.inject.Injector) AccessDeniedException.denyGrantRoles(io.trino.spi.security.AccessDeniedException.denyGrantRoles) SECURITY_REFRESH_PERIOD(io.trino.plugin.base.security.FileBasedAccessControlConfig.SECURITY_REFRESH_PERIOD) AccessDeniedException.denyGrantTablePrivilege(io.trino.spi.security.AccessDeniedException.denyGrantTablePrivilege) Identity(io.trino.spi.security.Identity) SchemaTableName(io.trino.spi.connector.SchemaTableName) CatalogSchemaTableName(io.trino.spi.connector.CatalogSchemaTableName)

Aggregations

SchemaTableName (io.trino.spi.connector.SchemaTableName)446 Test (org.testng.annotations.Test)212 ImmutableList (com.google.common.collect.ImmutableList)131 ImmutableMap (com.google.common.collect.ImmutableMap)106 List (java.util.List)102 TrinoException (io.trino.spi.TrinoException)100 ImmutableList.toImmutableList (com.google.common.collect.ImmutableList.toImmutableList)98 ConnectorSession (io.trino.spi.connector.ConnectorSession)98 CatalogSchemaTableName (io.trino.spi.connector.CatalogSchemaTableName)92 TableNotFoundException (io.trino.spi.connector.TableNotFoundException)89 ColumnMetadata (io.trino.spi.connector.ColumnMetadata)86 ConnectorTableMetadata (io.trino.spi.connector.ConnectorTableMetadata)86 Optional (java.util.Optional)78 Map (java.util.Map)67 ColumnHandle (io.trino.spi.connector.ColumnHandle)66 TupleDomain (io.trino.spi.predicate.TupleDomain)59 ConnectorMetadata (io.trino.spi.connector.ConnectorMetadata)58 Path (org.apache.hadoop.fs.Path)55 ConnectorTableHandle (io.trino.spi.connector.ConnectorTableHandle)53 ImmutableSet (com.google.common.collect.ImmutableSet)52
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial