Example 26 with PrincipalPrivilegeSet
use of org.apache.hadoop.hive.metastore.api.PrincipalPrivilegeSet in project hive by apache.
the class Hive method createTable.
/**
* Creates the table with the given objects. It takes additional arguments for
* primary keys and foreign keys associated with the table.
*
* @param tbl
* a table object
* @param ifNotExists
* if true, ignore AlreadyExistsException
* @param primaryKeys
* primary key columns associated with the table
* @param foreignKeys
* foreign key columns associated with the table
* @throws HiveException
*/
public void createTable(Table tbl, boolean ifNotExists, List<SQLPrimaryKey> primaryKeys, List<SQLForeignKey> foreignKeys) throws HiveException {
try {
if (tbl.getDbName() == null || "".equals(tbl.getDbName().trim())) {
tbl.setDbName(SessionState.get().getCurrentDatabase());
}
if (tbl.getCols().size() == 0 || tbl.getSd().getColsSize() == 0) {
tbl.setFields(MetaStoreUtils.getFieldsFromDeserializer(tbl.getTableName(), tbl.getDeserializer()));
}
tbl.checkValidity(conf);
if (tbl.getParameters() != null) {
tbl.getParameters().remove(hive_metastoreConstants.DDL_TIME);
}
org.apache.hadoop.hive.metastore.api.Table tTbl = tbl.getTTable();
PrincipalPrivilegeSet principalPrivs = new PrincipalPrivilegeSet();
SessionState ss = SessionState.get();
if (ss != null) {
CreateTableAutomaticGrant grants = ss.getCreateTableGrants();
if (grants != null) {
principalPrivs.setUserPrivileges(grants.getUserGrants());
principalPrivs.setGroupPrivileges(grants.getGroupGrants());
principalPrivs.setRolePrivileges(grants.getRoleGrants());
tTbl.setPrivileges(principalPrivs);
}
}
if (primaryKeys == null && foreignKeys == null) {
getMSC().createTable(tTbl);
} else {
getMSC().createTableWithConstraints(tTbl, primaryKeys, foreignKeys);
}
} catch (AlreadyExistsException e) {
if (!ifNotExists) {
throw new HiveException(e);
}
} catch (Exception e) {
throw new HiveException(e);
}
}
Also used :
SessionState(org.apache.hadoop.hive.ql.session.SessionState)
AlreadyExistsException(org.apache.hadoop.hive.metastore.api.AlreadyExistsException)
PrincipalPrivilegeSet(org.apache.hadoop.hive.metastore.api.PrincipalPrivilegeSet)
CreateTableAutomaticGrant(org.apache.hadoop.hive.ql.session.CreateTableAutomaticGrant)
AlreadyExistsException(org.apache.hadoop.hive.metastore.api.AlreadyExistsException)
InvalidOperationException(org.apache.hadoop.hive.metastore.api.InvalidOperationException)
TException(org.apache.thrift.TException)
IOException(java.io.IOException)
ExecutionException(java.util.concurrent.ExecutionException)
SerDeException(org.apache.hadoop.hive.serde2.SerDeException)
NoSuchObjectException(org.apache.hadoop.hive.metastore.api.NoSuchObjectException)
MetaException(org.apache.hadoop.hive.metastore.api.MetaException)
HiveMetaException(org.apache.hadoop.hive.metastore.HiveMetaException)
FileNotFoundException(java.io.FileNotFoundException)
JDODataStoreException(javax.jdo.JDODataStoreException)
Example 27 with PrincipalPrivilegeSet
use of org.apache.hadoop.hive.metastore.api.PrincipalPrivilegeSet in project hive by apache.
the class BitSetCheckedAuthorizationProvider method authorize.
@Override
public void authorize(Table table, Partition part, List<String> columns, Privilege[] inputRequiredPriv, Privilege[] outputRequiredPriv) throws HiveException {
BitSetChecker checker = BitSetChecker.getBitSetChecker(inputRequiredPriv, outputRequiredPriv);
boolean[] inputCheck = checker.inputCheck;
boolean[] outputCheck = checker.outputCheck;
String partName = null;
List<String> partValues = null;
if (part != null && (table.getParameters().get("PARTITION_LEVEL_PRIVILEGE") != null && ("TRUE".equalsIgnoreCase(table.getParameters().get("PARTITION_LEVEL_PRIVILEGE"))))) {
partName = part.getName();
partValues = part.getValues();
}
if (partValues == null) {
if (authorizeUserDBAndTable(table, inputRequiredPriv, outputRequiredPriv, inputCheck, outputCheck)) {
return;
}
} else {
if (authorizeUserDbAndPartition(part, inputRequiredPriv, outputRequiredPriv, inputCheck, outputCheck)) {
return;
}
}
for (String col : columns) {
BitSetChecker checker2 = BitSetChecker.getBitSetChecker(inputRequiredPriv, outputRequiredPriv);
boolean[] inputCheck2 = checker2.inputCheck;
boolean[] outputCheck2 = checker2.outputCheck;
PrincipalPrivilegeSet partColumnPrivileges = hive_db.get_privilege_set(HiveObjectType.COLUMN, table.getDbName(), table.getTableName(), partValues, col, this.getAuthenticator().getUserName(), this.getAuthenticator().getGroupNames());
authorizePrivileges(partColumnPrivileges, inputRequiredPriv, inputCheck2, outputRequiredPriv, outputCheck2);
if (inputCheck2 != null) {
booleanArrayOr(inputCheck2, inputCheck);
}
if (outputCheck2 != null) {
booleanArrayOr(inputCheck2, inputCheck);
}
checkAndThrowAuthorizationException(inputRequiredPriv, outputRequiredPriv, inputCheck2, outputCheck2, table.getDbName(), table.getTableName(), partName, col);
}
}
Also used :
PrincipalPrivilegeSet(org.apache.hadoop.hive.metastore.api.PrincipalPrivilegeSet)
Aggregations
PrincipalPrivilegeSet (org.apache.hadoop.hive.metastore.api.PrincipalPrivilegeSet)27
ArrayList (java.util.ArrayList)19
PrivilegeGrantInfo (org.apache.hadoop.hive.metastore.api.PrivilegeGrantInfo)17
List (java.util.List)15
LinkedList (java.util.LinkedList)14
IOException (java.io.IOException)13
HiveObjectRef (org.apache.hadoop.hive.metastore.api.HiveObjectRef)10
HashMap (java.util.HashMap)9
HiveObjectPrivilege (org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege)9
MetaException (org.apache.hadoop.hive.metastore.api.MetaException)6
Table (org.apache.hadoop.hive.metastore.api.Table)6
MStringList (org.apache.hadoop.hive.metastore.model.MStringList)6
Database (org.apache.hadoop.hive.metastore.api.Database)5
Map (java.util.Map)4
MTable (org.apache.hadoop.hive.metastore.model.MTable)4
NoSuchObjectException (org.apache.hadoop.hive.metastore.api.NoSuchObjectException)3
Partition (org.apache.hadoop.hive.metastore.api.Partition)3
MPartition (org.apache.hadoop.hive.metastore.model.MPartition)3
TException (org.apache.thrift.TException)3
FileNotFoundException (java.io.FileNotFoundException)2
