use of io.trino.sql.tree.SetViewAuthorization in project trino by trinodb.
the class SetViewAuthorizationTask method execute.
@Override
public ListenableFuture<Void> execute(SetViewAuthorization statement, QueryStateMachine stateMachine, List<Expression> parameters, WarningCollector warningCollector) {
Session session = stateMachine.getSession();
QualifiedObjectName viewName = createQualifiedObjectName(session, statement, statement.getSource());
getRequiredCatalogHandle(metadata, session, statement, viewName.getCatalogName());
ViewDefinition view = metadata.getView(session, viewName).orElseThrow(() -> semanticException(TABLE_NOT_FOUND, statement, "View '%s' does not exist", viewName));
TrinoPrincipal principal = createPrincipal(statement.getPrincipal());
checkRoleExists(session, statement, metadata, principal, Optional.of(viewName.getCatalogName()).filter(catalog -> metadata.isCatalogManagedSecurity(session, catalog)));
if (!view.isRunAsInvoker() && !isAllowSetViewAuthorization) {
throw new TrinoException(NOT_SUPPORTED, format("Cannot set authorization for view %s to %s: this feature is disabled", viewName.getCatalogName() + '.' + viewName.getSchemaName() + '.' + viewName.getObjectName(), principal));
}
accessControl.checkCanSetViewAuthorization(session.toSecurityContext(), viewName, principal);
metadata.setViewAuthorization(session, viewName.asCatalogSchemaTableName(), principal);
return immediateVoidFuture();
}
use of io.trino.sql.tree.SetViewAuthorization in project trino by trinodb.
the class TestSqlParser method testAlterViewSetAuthorization.
@Test
public void testAlterViewSetAuthorization() {
assertStatement("ALTER VIEW foo.bar.baz SET AUTHORIZATION qux", new SetViewAuthorization(QualifiedName.of("foo", "bar", "baz"), new PrincipalSpecification(PrincipalSpecification.Type.UNSPECIFIED, new Identifier("qux"))));
assertStatement("ALTER VIEW foo.bar.baz SET AUTHORIZATION USER qux", new SetViewAuthorization(QualifiedName.of("foo", "bar", "baz"), new PrincipalSpecification(PrincipalSpecification.Type.USER, new Identifier("qux"))));
assertStatement("ALTER VIEW foo.bar.baz SET AUTHORIZATION ROLE qux", new SetViewAuthorization(QualifiedName.of("foo", "bar", "baz"), new PrincipalSpecification(PrincipalSpecification.Type.ROLE, new Identifier("qux"))));
}
Aggregations