Example 1 with SetViewAuthorization
use of io.trino.sql.tree.SetViewAuthorization in project trino by trinodb.
the class SetViewAuthorizationTask method execute.
@Override
public ListenableFuture<Void> execute(SetViewAuthorization statement, QueryStateMachine stateMachine, List<Expression> parameters, WarningCollector warningCollector) {
Session session = stateMachine.getSession();
QualifiedObjectName viewName = createQualifiedObjectName(session, statement, statement.getSource());
getRequiredCatalogHandle(metadata, session, statement, viewName.getCatalogName());
ViewDefinition view = metadata.getView(session, viewName).orElseThrow(() -> semanticException(TABLE_NOT_FOUND, statement, "View '%s' does not exist", viewName));
TrinoPrincipal principal = createPrincipal(statement.getPrincipal());
checkRoleExists(session, statement, metadata, principal, Optional.of(viewName.getCatalogName()).filter(catalog -> metadata.isCatalogManagedSecurity(session, catalog)));
if (!view.isRunAsInvoker() && !isAllowSetViewAuthorization) {
throw new TrinoException(NOT_SUPPORTED, format("Cannot set authorization for view %s to %s: this feature is disabled", viewName.getCatalogName() + '.' + viewName.getSchemaName() + '.' + viewName.getObjectName(), principal));
}
accessControl.checkCanSetViewAuthorization(session.toSecurityContext(), viewName, principal);
metadata.setViewAuthorization(session, viewName.asCatalogSchemaTableName(), principal);
return immediateVoidFuture();
}
Also used :
ListenableFuture(com.google.common.util.concurrent.ListenableFuture)
MetadataUtil.checkRoleExists(io.trino.metadata.MetadataUtil.checkRoleExists)
Inject(javax.inject.Inject)
NOT_SUPPORTED(io.trino.spi.StandardErrorCode.NOT_SUPPORTED)
MetadataUtil.createQualifiedObjectName(io.trino.metadata.MetadataUtil.createQualifiedObjectName)
TABLE_NOT_FOUND(io.trino.spi.StandardErrorCode.TABLE_NOT_FOUND)
Objects.requireNonNull(java.util.Objects.requireNonNull)
SemanticExceptions.semanticException(io.trino.sql.analyzer.SemanticExceptions.semanticException)
Futures.immediateVoidFuture(com.google.common.util.concurrent.Futures.immediateVoidFuture)
SetViewAuthorization(io.trino.sql.tree.SetViewAuthorization)
ViewDefinition(io.trino.metadata.ViewDefinition)
TrinoException(io.trino.spi.TrinoException)
MetadataUtil.getRequiredCatalogHandle(io.trino.metadata.MetadataUtil.getRequiredCatalogHandle)
String.format(java.lang.String.format)
List(java.util.List)
FeaturesConfig(io.trino.FeaturesConfig)
QualifiedObjectName(io.trino.metadata.QualifiedObjectName)
AccessControl(io.trino.security.AccessControl)
TrinoPrincipal(io.trino.spi.security.TrinoPrincipal)
MetadataUtil.createPrincipal(io.trino.metadata.MetadataUtil.createPrincipal)
WarningCollector(io.trino.execution.warnings.WarningCollector)
Metadata(io.trino.metadata.Metadata)
Optional(java.util.Optional)
Expression(io.trino.sql.tree.Expression)
Session(io.trino.Session)
ViewDefinition(io.trino.metadata.ViewDefinition)
TrinoException(io.trino.spi.TrinoException)
TrinoPrincipal(io.trino.spi.security.TrinoPrincipal)
MetadataUtil.createQualifiedObjectName(io.trino.metadata.MetadataUtil.createQualifiedObjectName)
QualifiedObjectName(io.trino.metadata.QualifiedObjectName)
Session(io.trino.Session)
Example 2 with SetViewAuthorization
use of io.trino.sql.tree.SetViewAuthorization in project trino by trinodb.
the class TestSqlParser method testAlterViewSetAuthorization.
@Test
public void testAlterViewSetAuthorization() {
assertStatement("ALTER VIEW foo.bar.baz SET AUTHORIZATION qux", new SetViewAuthorization(QualifiedName.of("foo", "bar", "baz"), new PrincipalSpecification(PrincipalSpecification.Type.UNSPECIFIED, new Identifier("qux"))));
assertStatement("ALTER VIEW foo.bar.baz SET AUTHORIZATION USER qux", new SetViewAuthorization(QualifiedName.of("foo", "bar", "baz"), new PrincipalSpecification(PrincipalSpecification.Type.USER, new Identifier("qux"))));
assertStatement("ALTER VIEW foo.bar.baz SET AUTHORIZATION ROLE qux", new SetViewAuthorization(QualifiedName.of("foo", "bar", "baz"), new PrincipalSpecification(PrincipalSpecification.Type.ROLE, new Identifier("qux"))));
}
Also used :
SetViewAuthorization(io.trino.sql.tree.SetViewAuthorization)
QueryUtil.quotedIdentifier(io.trino.sql.QueryUtil.quotedIdentifier)
Identifier(io.trino.sql.tree.Identifier)
PrincipalSpecification(io.trino.sql.tree.PrincipalSpecification)
Test(org.junit.jupiter.api.Test)
Aggregations
SetViewAuthorization (io.trino.sql.tree.SetViewAuthorization)2
Futures.immediateVoidFuture (com.google.common.util.concurrent.Futures.immediateVoidFuture)1
ListenableFuture (com.google.common.util.concurrent.ListenableFuture)1
FeaturesConfig (io.trino.FeaturesConfig)1
Session (io.trino.Session)1
WarningCollector (io.trino.execution.warnings.WarningCollector)1
Metadata (io.trino.metadata.Metadata)1
MetadataUtil.checkRoleExists (io.trino.metadata.MetadataUtil.checkRoleExists)1
MetadataUtil.createPrincipal (io.trino.metadata.MetadataUtil.createPrincipal)1
MetadataUtil.createQualifiedObjectName (io.trino.metadata.MetadataUtil.createQualifiedObjectName)1
MetadataUtil.getRequiredCatalogHandle (io.trino.metadata.MetadataUtil.getRequiredCatalogHandle)1
QualifiedObjectName (io.trino.metadata.QualifiedObjectName)1
ViewDefinition (io.trino.metadata.ViewDefinition)1
AccessControl (io.trino.security.AccessControl)1
NOT_SUPPORTED (io.trino.spi.StandardErrorCode.NOT_SUPPORTED)1
TABLE_NOT_FOUND (io.trino.spi.StandardErrorCode.TABLE_NOT_FOUND)1
TrinoException (io.trino.spi.TrinoException)1
TrinoPrincipal (io.trino.spi.security.TrinoPrincipal)1
QueryUtil.quotedIdentifier (io.trino.sql.QueryUtil.quotedIdentifier)1
SemanticExceptions.semanticException (io.trino.sql.analyzer.SemanticExceptions.semanticException)1
