Examples with Privilege io.trino.spi.security.Privilege used on opensource projects

Search in sources :

Example 6 with Privilege

use of io.trino.spi.security.Privilege in project trino by trinodb.

the class DenyTask method executeDenyOnSchema.

private static void executeDenyOnSchema(Session session, Deny statement, Metadata metadata, AccessControl accessControl) {
    CatalogSchemaName schemaName = createCatalogSchemaName(session, statement, Optional.of(statement.getName()));
    if (!metadata.schemaExists(session, schemaName)) {
        throw semanticException(SCHEMA_NOT_FOUND, statement, "Schema '%s' does not exist", schemaName);
    }
    Set<Privilege> privileges = parseStatementPrivileges(statement);
    for (Privilege privilege : privileges) {
        accessControl.checkCanDenySchemaPrivilege(session.toSecurityContext(), privilege, schemaName, createPrincipal(statement.getGrantee()));
    }
    metadata.denySchemaPrivileges(session, schemaName, privileges, createPrincipal(statement.getGrantee()));
}
Also used : CatalogSchemaName(io.trino.spi.connector.CatalogSchemaName) MetadataUtil.createCatalogSchemaName(io.trino.metadata.MetadataUtil.createCatalogSchemaName) Privilege(io.trino.spi.security.Privilege)

Example 7 with Privilege

use of io.trino.spi.security.Privilege in project trino by trinodb.

the class DenyTask method executeDenyOnTable.

private static void executeDenyOnTable(Session session, Deny statement, Metadata metadata, AccessControl accessControl) {
    QualifiedObjectName tableName = createQualifiedObjectName(session, statement, statement.getName());
    Optional<TableHandle> tableHandle = metadata.getTableHandle(session, tableName);
    if (tableHandle.isEmpty()) {
        throw semanticException(TABLE_NOT_FOUND, statement, "Table '%s' does not exist", tableName);
    }
    Set<Privilege> privileges = parseStatementPrivileges(statement);
    for (Privilege privilege : privileges) {
        accessControl.checkCanDenyTablePrivilege(session.toSecurityContext(), privilege, tableName, createPrincipal(statement.getGrantee()));
    }
    metadata.denyTablePrivileges(session, tableName, privileges, createPrincipal(statement.getGrantee()));
}
Also used : TableHandle(io.trino.metadata.TableHandle) Privilege(io.trino.spi.security.Privilege) MetadataUtil.createQualifiedObjectName(io.trino.metadata.MetadataUtil.createQualifiedObjectName) QualifiedObjectName(io.trino.metadata.QualifiedObjectName)

Example 8 with Privilege

use of io.trino.spi.security.Privilege in project trino by trinodb.

the class RevokeTask method executeRevokeOnSchema.

private void executeRevokeOnSchema(Session session, Revoke statement) {
    CatalogSchemaName schemaName = createCatalogSchemaName(session, statement, Optional.of(statement.getName()));
    if (!metadata.schemaExists(session, schemaName)) {
        throw semanticException(SCHEMA_NOT_FOUND, statement, "Schema '%s' does not exist", schemaName);
    }
    Set<Privilege> privileges = parseStatementPrivileges(statement);
    for (Privilege privilege : privileges) {
        accessControl.checkCanRevokeSchemaPrivilege(session.toSecurityContext(), privilege, schemaName, createPrincipal(statement.getGrantee()), statement.isGrantOptionFor());
    }
    metadata.revokeSchemaPrivileges(session, schemaName, privileges, createPrincipal(statement.getGrantee()), statement.isGrantOptionFor());
}
Also used : CatalogSchemaName(io.trino.spi.connector.CatalogSchemaName) MetadataUtil.createCatalogSchemaName(io.trino.metadata.MetadataUtil.createCatalogSchemaName) Privilege(io.trino.spi.security.Privilege)

Example 9 with Privilege

use of io.trino.spi.security.Privilege in project trino by trinodb.

the class RevokeTask method executeRevokeOnTable.

private void executeRevokeOnTable(Session session, Revoke statement) {
    QualifiedObjectName tableName = createQualifiedObjectName(session, statement, statement.getName());
    Optional<TableHandle> tableHandle = metadata.getTableHandle(session, tableName);
    if (tableHandle.isEmpty()) {
        throw semanticException(TABLE_NOT_FOUND, statement, "Table '%s' does not exist", tableName);
    }
    Set<Privilege> privileges = parseStatementPrivileges(statement);
    for (Privilege privilege : privileges) {
        accessControl.checkCanRevokeTablePrivilege(session.toSecurityContext(), privilege, tableName, createPrincipal(statement.getGrantee()), statement.isGrantOptionFor());
    }
    metadata.revokeTablePrivileges(session, tableName, privileges, createPrincipal(statement.getGrantee()), statement.isGrantOptionFor());
}
Also used : TableHandle(io.trino.metadata.TableHandle) Privilege(io.trino.spi.security.Privilege) MetadataUtil.createQualifiedObjectName(io.trino.metadata.MetadataUtil.createQualifiedObjectName) QualifiedObjectName(io.trino.metadata.QualifiedObjectName)

Example 10 with Privilege

use of io.trino.spi.security.Privilege in project trino by trinodb.

the class GrantTask method executeGrantOnSchema.

private void executeGrantOnSchema(Session session, Grant statement) {
    CatalogSchemaName schemaName = createCatalogSchemaName(session, statement, Optional.of(statement.getName()));
    if (!metadata.schemaExists(session, schemaName)) {
        throw semanticException(SCHEMA_NOT_FOUND, statement, "Schema '%s' does not exist", schemaName);
    }
    Set<Privilege> privileges = parseStatementPrivileges(statement);
    for (Privilege privilege : privileges) {
        accessControl.checkCanGrantSchemaPrivilege(session.toSecurityContext(), privilege, schemaName, createPrincipal(statement.getGrantee()), statement.isWithGrantOption());
    }
    metadata.grantSchemaPrivileges(session, schemaName, privileges, createPrincipal(statement.getGrantee()), statement.isWithGrantOption());
}
Also used : CatalogSchemaName(io.trino.spi.connector.CatalogSchemaName) MetadataUtil.createCatalogSchemaName(io.trino.metadata.MetadataUtil.createCatalogSchemaName) Privilege(io.trino.spi.security.Privilege)

Aggregations

Privilege (io.trino.spi.security.Privilege)12 CatalogSchemaName (io.trino.spi.connector.CatalogSchemaName)5 ImmutableSet (com.google.common.collect.ImmutableSet)4 QualifiedObjectName (io.trino.metadata.QualifiedObjectName)4 SchemaTableName (io.trino.spi.connector.SchemaTableName)4 ImmutableList (com.google.common.collect.ImmutableList)3 MetadataUtil.createCatalogSchemaName (io.trino.metadata.MetadataUtil.createCatalogSchemaName)3 MetadataUtil.createQualifiedObjectName (io.trino.metadata.MetadataUtil.createQualifiedObjectName)3 TableHandle (io.trino.metadata.TableHandle)3 Identity (io.trino.spi.security.Identity)3 TrinoPrincipal (io.trino.spi.security.TrinoPrincipal)3 String.format (java.lang.String.format)3 Set (java.util.Set)3 ImmutableSet.toImmutableSet (com.google.common.collect.ImmutableSet.toImmutableSet)2 OptionalBinder.newOptionalBinder (com.google.inject.multibindings.OptionalBinder.newOptionalBinder)2 Session (io.trino.Session)2 Randoms.randomUsername (io.trino.common.Randoms.randomUsername)2 Grants (io.trino.connector.Grants)2 MockConnectorFactory (io.trino.connector.MockConnectorFactory)2 MockConnectorPlugin (io.trino.connector.MockConnectorPlugin)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial