use of org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege in project hive by apache.
the class HiveV1Authorizer method showPrivileges.
@Override
public List<HivePrivilegeInfo> showPrivileges(HivePrincipal principal, HivePrivilegeObject privObj) throws HiveAuthzPluginException, HiveAccessControlException {
String name = principal == null ? null : principal.getName();
PrincipalType type = AuthorizationUtils.getThriftPrincipalType(principal == null ? null : principal.getType());
List<HiveObjectPrivilege> privs = new ArrayList<HiveObjectPrivilege>();
try {
Hive hive = Hive.getWithFastCheck(this.conf);
if (privObj == null) {
// show user level privileges
privs.addAll(hive.showPrivilegeGrant(HiveObjectType.GLOBAL, name, type, null, null, null, null));
} else if (privObj.getDbname() == null) {
// show all privileges
privs.addAll(hive.showPrivilegeGrant(null, name, type, null, null, null, null));
} else {
Database dbObj = hive.getDatabase(privObj.getDbname());
;
if (dbObj == null) {
throw new HiveException("Database " + privObj.getDbname() + " does not exists");
}
Table tableObj = null;
if (privObj.getObjectName() != null) {
tableObj = hive.getTable(dbObj.getName(), privObj.getObjectName());
}
List<String> partValues = privObj.getPartKeys();
if (tableObj == null) {
// show database level privileges
privs.addAll(hive.showPrivilegeGrant(HiveObjectType.DATABASE, name, type, dbObj.getName(), null, null, null));
} else {
List<String> columns = privObj.getColumns();
if (columns != null && !columns.isEmpty()) {
// show column level privileges
for (String columnName : columns) {
privs.addAll(hive.showPrivilegeGrant(HiveObjectType.COLUMN, name, type, dbObj.getName(), tableObj.getTableName(), partValues, columnName));
}
} else if (partValues == null) {
// show table level privileges
privs.addAll(hive.showPrivilegeGrant(HiveObjectType.TABLE, name, type, dbObj.getName(), tableObj.getTableName(), null, null));
} else {
// show partition level privileges
privs.addAll(hive.showPrivilegeGrant(HiveObjectType.PARTITION, name, type, dbObj.getName(), tableObj.getTableName(), partValues, null));
}
}
}
return AuthorizationUtils.getPrivilegeInfos(privs);
} catch (Exception ex) {
throw new HiveAuthzPluginException(ex);
}
}
use of org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege in project hive by apache.
the class HBaseStore method listDBGrantsAll.
@Override
public List<HiveObjectPrivilege> listDBGrantsAll(String dbName) {
List<HiveObjectPrivilege> privileges = new ArrayList<HiveObjectPrivilege>();
boolean commit = false;
openTransaction();
try {
Database db = getHBase().getDb(dbName);
PrincipalPrivilegeSet pps = db.getPrivileges();
if (pps != null) {
for (Map.Entry<String, List<PrivilegeGrantInfo>> e : pps.getUserPrivileges().entrySet()) {
for (PrivilegeGrantInfo pgi : e.getValue()) {
privileges.add(new HiveObjectPrivilege(new HiveObjectRef(HiveObjectType.DATABASE, dbName, null, null, null), e.getKey(), PrincipalType.USER, pgi));
}
}
for (Map.Entry<String, List<PrivilegeGrantInfo>> e : pps.getRolePrivileges().entrySet()) {
for (PrivilegeGrantInfo pgi : e.getValue()) {
privileges.add(new HiveObjectPrivilege(new HiveObjectRef(HiveObjectType.DATABASE, dbName, null, null, null), e.getKey(), PrincipalType.ROLE, pgi));
}
}
}
commit = true;
return privileges;
} catch (IOException e) {
throw new RuntimeException(e);
} finally {
commitOrRoleBack(commit);
}
}
use of org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege in project hive by apache.
the class HBaseStore method listPrincipalGlobalGrants.
@Override
public List<HiveObjectPrivilege> listPrincipalGlobalGrants(String principalName, PrincipalType principalType) {
List<PrivilegeGrantInfo> grants;
List<HiveObjectPrivilege> privileges = new ArrayList<HiveObjectPrivilege>();
boolean commit = false;
openTransaction();
try {
PrincipalPrivilegeSet pps = getHBase().getGlobalPrivs();
if (pps == null)
return privileges;
Map<String, List<PrivilegeGrantInfo>> map;
switch(principalType) {
case USER:
map = pps.getUserPrivileges();
break;
case ROLE:
map = pps.getRolePrivileges();
break;
default:
throw new RuntimeException("Unknown or unsupported principal type " + principalType.toString());
}
if (map == null)
return privileges;
grants = map.get(principalName);
if (grants == null || grants.size() == 0)
return privileges;
for (PrivilegeGrantInfo pgi : grants) {
privileges.add(new HiveObjectPrivilege(new HiveObjectRef(HiveObjectType.GLOBAL, null, null, null, null), principalName, principalType, pgi));
}
commit = true;
return privileges;
} catch (IOException e) {
throw new RuntimeException(e);
} finally {
commitOrRoleBack(commit);
}
}
use of org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege in project hive by apache.
the class HBaseStore method listTableGrantsAll.
@Override
public List<HiveObjectPrivilege> listTableGrantsAll(String dbName, String tableName) {
List<HiveObjectPrivilege> privileges = new ArrayList<HiveObjectPrivilege>();
boolean commit = false;
openTransaction();
try {
Table table = getHBase().getTable(dbName, tableName);
PrincipalPrivilegeSet pps = table.getPrivileges();
if (pps != null) {
for (Map.Entry<String, List<PrivilegeGrantInfo>> e : pps.getUserPrivileges().entrySet()) {
for (PrivilegeGrantInfo pgi : e.getValue()) {
privileges.add(new HiveObjectPrivilege(new HiveObjectRef(HiveObjectType.TABLE, dbName, tableName, null, null), e.getKey(), PrincipalType.USER, pgi));
}
}
for (Map.Entry<String, List<PrivilegeGrantInfo>> e : pps.getRolePrivileges().entrySet()) {
for (PrivilegeGrantInfo pgi : e.getValue()) {
privileges.add(new HiveObjectPrivilege(new HiveObjectRef(HiveObjectType.TABLE, dbName, tableName, null, null), e.getKey(), PrincipalType.ROLE, pgi));
}
}
}
commit = true;
return privileges;
} catch (IOException e) {
throw new RuntimeException(e);
} finally {
commitOrRoleBack(commit);
}
}
use of org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege in project hive by apache.
the class HBaseStore method listPrincipalDBGrants.
@Override
public List<HiveObjectPrivilege> listPrincipalDBGrants(String principalName, PrincipalType principalType, String dbName) {
List<PrivilegeGrantInfo> grants;
List<HiveObjectPrivilege> privileges = new ArrayList<HiveObjectPrivilege>();
boolean commit = false;
openTransaction();
try {
Database db = getHBase().getDb(dbName);
if (db == null)
return privileges;
PrincipalPrivilegeSet pps = db.getPrivileges();
if (pps == null)
return privileges;
Map<String, List<PrivilegeGrantInfo>> map;
switch(principalType) {
case USER:
map = pps.getUserPrivileges();
break;
case ROLE:
map = pps.getRolePrivileges();
break;
default:
throw new RuntimeException("Unknown or unsupported principal type " + principalType.toString());
}
if (map == null)
return privileges;
grants = map.get(principalName);
if (grants == null || grants.size() == 0)
return privileges;
for (PrivilegeGrantInfo pgi : grants) {
privileges.add(new HiveObjectPrivilege(new HiveObjectRef(HiveObjectType.DATABASE, dbName, null, null, null), principalName, principalType, pgi));
}
commit = true;
return privileges;
} catch (IOException e) {
throw new RuntimeException(e);
} finally {
commitOrRoleBack(commit);
}
}
Aggregations