Example 31 with HiveObjectPrivilege
use of org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege in project hive by apache.
the class SQLAuthorizationUtils method getThriftPrivilegesBag.
/**
* Create thrift privileges bag
*
* @param hivePrincipals
* @param hivePrivileges
* @param hivePrivObject
* @param grantorPrincipal
* @param grantOption
* @return
* @throws HiveAuthzPluginException
*/
static PrivilegeBag getThriftPrivilegesBag(List<HivePrincipal> hivePrincipals, List<HivePrivilege> hivePrivileges, HivePrivilegeObject hivePrivObject, HivePrincipal grantorPrincipal, boolean grantOption) throws HiveAuthzPluginException {
HiveObjectRef privObj = getThriftHiveObjectRef(hivePrivObject);
PrivilegeBag privBag = new PrivilegeBag();
for (HivePrivilege privilege : hivePrivileges) {
if (privilege.getColumns() != null && privilege.getColumns().size() > 0) {
throw new HiveAuthzPluginException("Privileges on columns not supported currently" + " in sql standard authorization mode");
}
if (!SUPPORTED_PRIVS_SET.contains(privilege.getName().toUpperCase(Locale.US))) {
throw new HiveAuthzPluginException("Privilege: " + privilege.getName() + " is not supported in sql standard authorization mode");
}
PrivilegeGrantInfo grantInfo = getThriftPrivilegeGrantInfo(privilege, grantorPrincipal, grantOption, 0);
for (HivePrincipal principal : hivePrincipals) {
HiveObjectPrivilege objPriv = new HiveObjectPrivilege(privObj, principal.getName(), AuthorizationUtils.getThriftPrincipalType(principal.getType()), grantInfo);
privBag.addToPrivileges(objPriv);
}
}
return privBag;
}
Also used :
PrivilegeBag(org.apache.hadoop.hive.metastore.api.PrivilegeBag)
HiveObjectPrivilege(org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege)
PrivilegeGrantInfo(org.apache.hadoop.hive.metastore.api.PrivilegeGrantInfo)
HivePrincipal(org.apache.hadoop.hive.ql.security.authorization.plugin.HivePrincipal)
HivePrivilege(org.apache.hadoop.hive.ql.security.authorization.plugin.HivePrivilege)
HiveObjectRef(org.apache.hadoop.hive.metastore.api.HiveObjectRef)
HiveAuthzPluginException(org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException)
Example 32 with HiveObjectPrivilege
use of org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege in project hive by apache.
the class ObjectStore method listPartitionGrantsAll.
@Override
public List<HiveObjectPrivilege> listPartitionGrantsAll(String dbName, String tableName, String partitionName) {
boolean success = false;
Query query = null;
try {
openTransaction();
LOG.debug("Executing listPrincipalPartitionGrantsAll");
query = pm.newQuery(MPartitionPrivilege.class, "partition.table.tableName == t3 && partition.table.database.name == t4 && " + "partition.partitionName == t5");
query.declareParameters("java.lang.String t3, java.lang.String t4, java.lang.String t5");
List<MPartitionPrivilege> mSecurityTabPartList = (List<MPartitionPrivilege>) query.executeWithArray(tableName, dbName, partitionName);
LOG.debug("Done executing query for listPrincipalPartitionGrantsAll");
pm.retrieveAll(mSecurityTabPartList);
List<HiveObjectPrivilege> result = convertPartition(mSecurityTabPartList);
success = commitTransaction();
LOG.debug("Done retrieving all objects for listPrincipalPartitionGrantsAll");
return result;
} finally {
rollbackAndCleanup(success, query);
}
}
Also used :
HiveObjectPrivilege(org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege)
Query(javax.jdo.Query)
MPartitionPrivilege(org.apache.hadoop.hive.metastore.model.MPartitionPrivilege)
LinkedList(java.util.LinkedList)
MStringList(org.apache.hadoop.hive.metastore.model.MStringList)
ArrayList(java.util.ArrayList)
List(java.util.List)
Example 33 with HiveObjectPrivilege
use of org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege in project hive by apache.
the class ObjectStore method listPrincipalPartitionGrantsAll.
@Override
public List<HiveObjectPrivilege> listPrincipalPartitionGrantsAll(String principalName, PrincipalType principalType) {
boolean success = false;
Query query = null;
try {
openTransaction();
LOG.debug("Executing listPrincipalPartitionGrantsAll");
List<MPartitionPrivilege> mSecurityTabPartList;
if (principalName != null && principalType != null) {
query = pm.newQuery(MPartitionPrivilege.class, "principalName == t1 && principalType == t2");
query.declareParameters("java.lang.String t1, java.lang.String t2");
mSecurityTabPartList = (List<MPartitionPrivilege>) query.execute(principalName, principalType.toString());
} else {
query = pm.newQuery(MPartitionPrivilege.class);
mSecurityTabPartList = (List<MPartitionPrivilege>) query.execute();
}
LOG.debug("Done executing query for listPrincipalPartitionGrantsAll");
pm.retrieveAll(mSecurityTabPartList);
List<HiveObjectPrivilege> result = convertPartition(mSecurityTabPartList);
success = commitTransaction();
LOG.debug("Done retrieving all objects for listPrincipalPartitionGrantsAll");
return result;
} finally {
rollbackAndCleanup(success, query);
}
}
Also used :
HiveObjectPrivilege(org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege)
Query(javax.jdo.Query)
MPartitionPrivilege(org.apache.hadoop.hive.metastore.model.MPartitionPrivilege)
Example 34 with HiveObjectPrivilege
use of org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege in project hive by apache.
the class ObjectStore method listPrincipalDBGrants.
@Override
public List<HiveObjectPrivilege> listPrincipalDBGrants(String principalName, PrincipalType principalType, String dbName) {
List<MDBPrivilege> mDbs = listPrincipalMDBGrants(principalName, principalType, dbName);
if (mDbs.isEmpty()) {
return Collections.emptyList();
}
List<HiveObjectPrivilege> result = new ArrayList<>();
for (int i = 0; i < mDbs.size(); i++) {
MDBPrivilege sDB = mDbs.get(i);
HiveObjectRef objectRef = new HiveObjectRef(HiveObjectType.DATABASE, dbName, null, null, null);
HiveObjectPrivilege secObj = new HiveObjectPrivilege(objectRef, sDB.getPrincipalName(), principalType, new PrivilegeGrantInfo(sDB.getPrivilege(), sDB.getCreateTime(), sDB.getGrantor(), PrincipalType.valueOf(sDB.getGrantorType()), sDB.getGrantOption()));
result.add(secObj);
}
return result;
}
Also used :
HiveObjectPrivilege(org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege)
PrivilegeGrantInfo(org.apache.hadoop.hive.metastore.api.PrivilegeGrantInfo)
HiveObjectRef(org.apache.hadoop.hive.metastore.api.HiveObjectRef)
ArrayList(java.util.ArrayList)
MDBPrivilege(org.apache.hadoop.hive.metastore.model.MDBPrivilege)
MConstraint(org.apache.hadoop.hive.metastore.model.MConstraint)
SQLUniqueConstraint(org.apache.hadoop.hive.metastore.api.SQLUniqueConstraint)
SQLCheckConstraint(org.apache.hadoop.hive.metastore.api.SQLCheckConstraint)
SQLDefaultConstraint(org.apache.hadoop.hive.metastore.api.SQLDefaultConstraint)
SQLNotNullConstraint(org.apache.hadoop.hive.metastore.api.SQLNotNullConstraint)
Example 35 with HiveObjectPrivilege
use of org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege in project hive by apache.
the class ObjectStore method convertDB.
private List<HiveObjectPrivilege> convertDB(List<MDBPrivilege> privs) {
List<HiveObjectPrivilege> result = new ArrayList<>();
for (MDBPrivilege priv : privs) {
String pname = priv.getPrincipalName();
PrincipalType ptype = PrincipalType.valueOf(priv.getPrincipalType());
String database = priv.getDatabase().getName();
HiveObjectRef objectRef = new HiveObjectRef(HiveObjectType.DATABASE, database, null, null, null);
PrivilegeGrantInfo grantor = new PrivilegeGrantInfo(priv.getPrivilege(), priv.getCreateTime(), priv.getGrantor(), PrincipalType.valueOf(priv.getGrantorType()), priv.getGrantOption());
result.add(new HiveObjectPrivilege(objectRef, pname, ptype, grantor));
}
return result;
}
Also used :
HiveObjectPrivilege(org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege)
PrivilegeGrantInfo(org.apache.hadoop.hive.metastore.api.PrivilegeGrantInfo)
HiveObjectRef(org.apache.hadoop.hive.metastore.api.HiveObjectRef)
ArrayList(java.util.ArrayList)
MDBPrivilege(org.apache.hadoop.hive.metastore.model.MDBPrivilege)
PrincipalType(org.apache.hadoop.hive.metastore.api.PrincipalType)
Aggregations
HiveObjectPrivilege (org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege)45
ArrayList (java.util.ArrayList)35
HiveObjectRef (org.apache.hadoop.hive.metastore.api.HiveObjectRef)31
PrivilegeGrantInfo (org.apache.hadoop.hive.metastore.api.PrivilegeGrantInfo)31
List (java.util.List)16
LinkedList (java.util.LinkedList)14
PrincipalType (org.apache.hadoop.hive.metastore.api.PrincipalType)12
PrincipalPrivilegeSet (org.apache.hadoop.hive.metastore.api.PrincipalPrivilegeSet)9
IOException (java.io.IOException)8
Query (javax.jdo.Query)8
Database (org.apache.hadoop.hive.metastore.api.Database)8
PrivilegeBag (org.apache.hadoop.hive.metastore.api.PrivilegeBag)8
SQLCheckConstraint (org.apache.hadoop.hive.metastore.api.SQLCheckConstraint)7
SQLDefaultConstraint (org.apache.hadoop.hive.metastore.api.SQLDefaultConstraint)7
SQLNotNullConstraint (org.apache.hadoop.hive.metastore.api.SQLNotNullConstraint)7
SQLUniqueConstraint (org.apache.hadoop.hive.metastore.api.SQLUniqueConstraint)7
MConstraint (org.apache.hadoop.hive.metastore.model.MConstraint)7
Table (org.apache.hadoop.hive.metastore.api.Table)6
MPartitionColumnPrivilege (org.apache.hadoop.hive.metastore.model.MPartitionColumnPrivilege)6
MPartitionPrivilege (org.apache.hadoop.hive.metastore.model.MPartitionPrivilege)6
