Search in sources :

Example 21 with HiveObjectPrivilege

use of org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege in project hive by apache.

the class HiveV1Authorizer method showPrivileges.

@Override
public List<HivePrivilegeInfo> showPrivileges(HivePrincipal principal, HivePrivilegeObject privObj) throws HiveAuthzPluginException, HiveAccessControlException {
    String name = principal == null ? null : principal.getName();
    PrincipalType type = AuthorizationUtils.getThriftPrincipalType(principal == null ? null : principal.getType());
    List<HiveObjectPrivilege> privs = new ArrayList<HiveObjectPrivilege>();
    try {
        Hive hive = Hive.getWithFastCheck(this.conf);
        if (privObj == null) {
            // show user level privileges
            privs.addAll(hive.showPrivilegeGrant(HiveObjectType.GLOBAL, name, type, null, null, null, null));
        } else if (privObj.getDbname() == null) {
            // show all privileges
            privs.addAll(hive.showPrivilegeGrant(null, name, type, null, null, null, null));
        } else {
            Database dbObj = hive.getDatabase(privObj.getDbname());
            ;
            if (dbObj == null) {
                throw new HiveException("Database " + privObj.getDbname() + " does not exists");
            }
            Table tableObj = null;
            if (privObj.getObjectName() != null) {
                tableObj = hive.getTable(dbObj.getName(), privObj.getObjectName());
            }
            List<String> partValues = privObj.getPartKeys();
            if (tableObj == null) {
                // show database level privileges
                privs.addAll(hive.showPrivilegeGrant(HiveObjectType.DATABASE, name, type, dbObj.getName(), null, null, null));
            } else {
                List<String> columns = privObj.getColumns();
                if (columns != null && !columns.isEmpty()) {
                    // show column level privileges
                    for (String columnName : columns) {
                        privs.addAll(hive.showPrivilegeGrant(HiveObjectType.COLUMN, name, type, dbObj.getName(), tableObj.getTableName(), partValues, columnName));
                    }
                } else if (partValues == null) {
                    // show table level privileges
                    privs.addAll(hive.showPrivilegeGrant(HiveObjectType.TABLE, name, type, dbObj.getName(), tableObj.getTableName(), null, null));
                } else {
                    // show partition level privileges
                    privs.addAll(hive.showPrivilegeGrant(HiveObjectType.PARTITION, name, type, dbObj.getName(), tableObj.getTableName(), partValues, null));
                }
            }
        }
        return AuthorizationUtils.getPrivilegeInfos(privs);
    } catch (Exception ex) {
        throw new HiveAuthzPluginException(ex);
    }
}
Also used : HiveObjectPrivilege(org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege) Hive(org.apache.hadoop.hive.ql.metadata.Hive) HiveException(org.apache.hadoop.hive.ql.metadata.HiveException) Table(org.apache.hadoop.hive.ql.metadata.Table) ArrayList(java.util.ArrayList) Database(org.apache.hadoop.hive.metastore.api.Database) ArrayList(java.util.ArrayList) List(java.util.List) PrincipalType(org.apache.hadoop.hive.metastore.api.PrincipalType) SemanticException(org.apache.hadoop.hive.ql.parse.SemanticException) HiveException(org.apache.hadoop.hive.ql.metadata.HiveException)

Example 22 with HiveObjectPrivilege

use of org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege in project hive by apache.

the class HBaseStore method listDBGrantsAll.

@Override
public List<HiveObjectPrivilege> listDBGrantsAll(String dbName) {
    List<HiveObjectPrivilege> privileges = new ArrayList<HiveObjectPrivilege>();
    boolean commit = false;
    openTransaction();
    try {
        Database db = getHBase().getDb(dbName);
        PrincipalPrivilegeSet pps = db.getPrivileges();
        if (pps != null) {
            for (Map.Entry<String, List<PrivilegeGrantInfo>> e : pps.getUserPrivileges().entrySet()) {
                for (PrivilegeGrantInfo pgi : e.getValue()) {
                    privileges.add(new HiveObjectPrivilege(new HiveObjectRef(HiveObjectType.DATABASE, dbName, null, null, null), e.getKey(), PrincipalType.USER, pgi));
                }
            }
            for (Map.Entry<String, List<PrivilegeGrantInfo>> e : pps.getRolePrivileges().entrySet()) {
                for (PrivilegeGrantInfo pgi : e.getValue()) {
                    privileges.add(new HiveObjectPrivilege(new HiveObjectRef(HiveObjectType.DATABASE, dbName, null, null, null), e.getKey(), PrincipalType.ROLE, pgi));
                }
            }
        }
        commit = true;
        return privileges;
    } catch (IOException e) {
        throw new RuntimeException(e);
    } finally {
        commitOrRoleBack(commit);
    }
}
Also used : PrivilegeGrantInfo(org.apache.hadoop.hive.metastore.api.PrivilegeGrantInfo) PrincipalPrivilegeSet(org.apache.hadoop.hive.metastore.api.PrincipalPrivilegeSet) HiveObjectRef(org.apache.hadoop.hive.metastore.api.HiveObjectRef) ArrayList(java.util.ArrayList) IOException(java.io.IOException) HiveObjectPrivilege(org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege) Database(org.apache.hadoop.hive.metastore.api.Database) List(java.util.List) ArrayList(java.util.ArrayList) LinkedList(java.util.LinkedList) Map(java.util.Map) HashMap(java.util.HashMap)

Example 23 with HiveObjectPrivilege

use of org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege in project hive by apache.

the class HBaseStore method listPrincipalGlobalGrants.

@Override
public List<HiveObjectPrivilege> listPrincipalGlobalGrants(String principalName, PrincipalType principalType) {
    List<PrivilegeGrantInfo> grants;
    List<HiveObjectPrivilege> privileges = new ArrayList<HiveObjectPrivilege>();
    boolean commit = false;
    openTransaction();
    try {
        PrincipalPrivilegeSet pps = getHBase().getGlobalPrivs();
        if (pps == null)
            return privileges;
        Map<String, List<PrivilegeGrantInfo>> map;
        switch(principalType) {
            case USER:
                map = pps.getUserPrivileges();
                break;
            case ROLE:
                map = pps.getRolePrivileges();
                break;
            default:
                throw new RuntimeException("Unknown or unsupported principal type " + principalType.toString());
        }
        if (map == null)
            return privileges;
        grants = map.get(principalName);
        if (grants == null || grants.size() == 0)
            return privileges;
        for (PrivilegeGrantInfo pgi : grants) {
            privileges.add(new HiveObjectPrivilege(new HiveObjectRef(HiveObjectType.GLOBAL, null, null, null, null), principalName, principalType, pgi));
        }
        commit = true;
        return privileges;
    } catch (IOException e) {
        throw new RuntimeException(e);
    } finally {
        commitOrRoleBack(commit);
    }
}
Also used : PrivilegeGrantInfo(org.apache.hadoop.hive.metastore.api.PrivilegeGrantInfo) PrincipalPrivilegeSet(org.apache.hadoop.hive.metastore.api.PrincipalPrivilegeSet) HiveObjectRef(org.apache.hadoop.hive.metastore.api.HiveObjectRef) ArrayList(java.util.ArrayList) IOException(java.io.IOException) HiveObjectPrivilege(org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege) List(java.util.List) ArrayList(java.util.ArrayList) LinkedList(java.util.LinkedList)

Example 24 with HiveObjectPrivilege

use of org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege in project hive by apache.

the class HBaseStore method listTableGrantsAll.

@Override
public List<HiveObjectPrivilege> listTableGrantsAll(String dbName, String tableName) {
    List<HiveObjectPrivilege> privileges = new ArrayList<HiveObjectPrivilege>();
    boolean commit = false;
    openTransaction();
    try {
        Table table = getHBase().getTable(dbName, tableName);
        PrincipalPrivilegeSet pps = table.getPrivileges();
        if (pps != null) {
            for (Map.Entry<String, List<PrivilegeGrantInfo>> e : pps.getUserPrivileges().entrySet()) {
                for (PrivilegeGrantInfo pgi : e.getValue()) {
                    privileges.add(new HiveObjectPrivilege(new HiveObjectRef(HiveObjectType.TABLE, dbName, tableName, null, null), e.getKey(), PrincipalType.USER, pgi));
                }
            }
            for (Map.Entry<String, List<PrivilegeGrantInfo>> e : pps.getRolePrivileges().entrySet()) {
                for (PrivilegeGrantInfo pgi : e.getValue()) {
                    privileges.add(new HiveObjectPrivilege(new HiveObjectRef(HiveObjectType.TABLE, dbName, tableName, null, null), e.getKey(), PrincipalType.ROLE, pgi));
                }
            }
        }
        commit = true;
        return privileges;
    } catch (IOException e) {
        throw new RuntimeException(e);
    } finally {
        commitOrRoleBack(commit);
    }
}
Also used : Table(org.apache.hadoop.hive.metastore.api.Table) PrivilegeGrantInfo(org.apache.hadoop.hive.metastore.api.PrivilegeGrantInfo) PrincipalPrivilegeSet(org.apache.hadoop.hive.metastore.api.PrincipalPrivilegeSet) HiveObjectRef(org.apache.hadoop.hive.metastore.api.HiveObjectRef) ArrayList(java.util.ArrayList) IOException(java.io.IOException) HiveObjectPrivilege(org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege) List(java.util.List) ArrayList(java.util.ArrayList) LinkedList(java.util.LinkedList) Map(java.util.Map) HashMap(java.util.HashMap)

Example 25 with HiveObjectPrivilege

use of org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege in project hive by apache.

the class HBaseStore method listPrincipalDBGrants.

@Override
public List<HiveObjectPrivilege> listPrincipalDBGrants(String principalName, PrincipalType principalType, String dbName) {
    List<PrivilegeGrantInfo> grants;
    List<HiveObjectPrivilege> privileges = new ArrayList<HiveObjectPrivilege>();
    boolean commit = false;
    openTransaction();
    try {
        Database db = getHBase().getDb(dbName);
        if (db == null)
            return privileges;
        PrincipalPrivilegeSet pps = db.getPrivileges();
        if (pps == null)
            return privileges;
        Map<String, List<PrivilegeGrantInfo>> map;
        switch(principalType) {
            case USER:
                map = pps.getUserPrivileges();
                break;
            case ROLE:
                map = pps.getRolePrivileges();
                break;
            default:
                throw new RuntimeException("Unknown or unsupported principal type " + principalType.toString());
        }
        if (map == null)
            return privileges;
        grants = map.get(principalName);
        if (grants == null || grants.size() == 0)
            return privileges;
        for (PrivilegeGrantInfo pgi : grants) {
            privileges.add(new HiveObjectPrivilege(new HiveObjectRef(HiveObjectType.DATABASE, dbName, null, null, null), principalName, principalType, pgi));
        }
        commit = true;
        return privileges;
    } catch (IOException e) {
        throw new RuntimeException(e);
    } finally {
        commitOrRoleBack(commit);
    }
}
Also used : PrivilegeGrantInfo(org.apache.hadoop.hive.metastore.api.PrivilegeGrantInfo) PrincipalPrivilegeSet(org.apache.hadoop.hive.metastore.api.PrincipalPrivilegeSet) HiveObjectRef(org.apache.hadoop.hive.metastore.api.HiveObjectRef) ArrayList(java.util.ArrayList) IOException(java.io.IOException) HiveObjectPrivilege(org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege) Database(org.apache.hadoop.hive.metastore.api.Database) List(java.util.List) ArrayList(java.util.ArrayList) LinkedList(java.util.LinkedList)

Aggregations

HiveObjectPrivilege (org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege)45 ArrayList (java.util.ArrayList)35 HiveObjectRef (org.apache.hadoop.hive.metastore.api.HiveObjectRef)31 PrivilegeGrantInfo (org.apache.hadoop.hive.metastore.api.PrivilegeGrantInfo)31 List (java.util.List)16 LinkedList (java.util.LinkedList)14 PrincipalType (org.apache.hadoop.hive.metastore.api.PrincipalType)12 PrincipalPrivilegeSet (org.apache.hadoop.hive.metastore.api.PrincipalPrivilegeSet)9 IOException (java.io.IOException)8 Query (javax.jdo.Query)8 Database (org.apache.hadoop.hive.metastore.api.Database)8 PrivilegeBag (org.apache.hadoop.hive.metastore.api.PrivilegeBag)8 SQLCheckConstraint (org.apache.hadoop.hive.metastore.api.SQLCheckConstraint)7 SQLDefaultConstraint (org.apache.hadoop.hive.metastore.api.SQLDefaultConstraint)7 SQLNotNullConstraint (org.apache.hadoop.hive.metastore.api.SQLNotNullConstraint)7 SQLUniqueConstraint (org.apache.hadoop.hive.metastore.api.SQLUniqueConstraint)7 MConstraint (org.apache.hadoop.hive.metastore.model.MConstraint)7 Table (org.apache.hadoop.hive.metastore.api.Table)6 MPartitionColumnPrivilege (org.apache.hadoop.hive.metastore.model.MPartitionColumnPrivilege)6 MPartitionPrivilege (org.apache.hadoop.hive.metastore.model.MPartitionPrivilege)6