use of org.apache.hadoop.hive.metastore.model.MRoleMap in project hive by apache.
the class ObjectStore method grantRole.
@Override
public boolean grantRole(Role role, String userName, PrincipalType principalType, String grantor, PrincipalType grantorType, boolean grantOption) throws MetaException, NoSuchObjectException, InvalidObjectException {
boolean success = false;
boolean commited = false;
try {
openTransaction();
MRoleMap roleMap = null;
try {
roleMap = this.getMSecurityUserRoleMap(userName, principalType, role.getRoleName());
} catch (Exception e) {
}
if (roleMap != null) {
throw new InvalidObjectException("Principal " + userName + " already has the role " + role.getRoleName());
}
if (principalType == PrincipalType.ROLE) {
validateRole(userName);
}
MRole mRole = getMRole(role.getRoleName());
long now = System.currentTimeMillis() / 1000;
MRoleMap roleMember = new MRoleMap(userName, principalType.toString(), mRole, (int) now, grantor, grantorType.toString(), grantOption);
pm.makePersistent(roleMember);
commited = commitTransaction();
success = true;
} finally {
if (!commited) {
rollbackTransaction();
}
}
return success;
}
use of org.apache.hadoop.hive.metastore.model.MRoleMap in project hive by apache.
the class ObjectStore method getAllRoleAncestors.
/**
* Add role names of parentRoles and its parents to processedRoles
*
* @param processedRoleNames
* @param parentRoles
*/
private void getAllRoleAncestors(Set<String> processedRoleNames, List<MRoleMap> parentRoles) {
for (MRoleMap parentRole : parentRoles) {
String parentRoleName = parentRole.getRole().getRoleName();
if (!processedRoleNames.contains(parentRoleName)) {
// unprocessed role: get its parents, add it to processed, and call this
// function recursively
List<MRoleMap> nextParentRoles = listMRoles(parentRoleName, PrincipalType.ROLE);
processedRoleNames.add(parentRoleName);
getAllRoleAncestors(processedRoleNames, nextParentRoles);
}
}
}
use of org.apache.hadoop.hive.metastore.model.MRoleMap in project hive by apache.
the class ObjectStore method listRolesWithGrants.
@Override
public List<RolePrincipalGrant> listRolesWithGrants(String principalName, PrincipalType principalType) {
List<RolePrincipalGrant> result = new ArrayList<RolePrincipalGrant>();
List<MRoleMap> roleMaps = listMRoles(principalName, principalType);
if (roleMaps != null) {
for (MRoleMap roleMap : roleMaps) {
RolePrincipalGrant rolePrinGrant = new RolePrincipalGrant(roleMap.getRole().getRoleName(), roleMap.getPrincipalName(), PrincipalType.valueOf(roleMap.getPrincipalType()), roleMap.getGrantOption(), roleMap.getAddTime(), roleMap.getGrantor(), // no grantor type for public role, hence the null check
roleMap.getGrantorType() == null ? null : PrincipalType.valueOf(roleMap.getGrantorType()));
result.add(rolePrinGrant);
}
}
return result;
}
use of org.apache.hadoop.hive.metastore.model.MRoleMap in project hive by apache.
the class ObjectStore method listMRoles.
@SuppressWarnings("unchecked")
public List<MRoleMap> listMRoles(String principalName, PrincipalType principalType) {
boolean success = false;
Query query = null;
List<MRoleMap> mRoleMember = new ArrayList<MRoleMap>();
try {
LOG.debug("Executing listRoles");
openTransaction();
query = pm.newQuery(MRoleMap.class, "principalName == t1 && principalType == t2");
query.declareParameters("java.lang.String t1, java.lang.String t2");
query.setUnique(false);
List<MRoleMap> mRoles = (List<MRoleMap>) query.executeWithArray(principalName, principalType.toString());
pm.retrieveAll(mRoles);
success = commitTransaction();
mRoleMember.addAll(mRoles);
LOG.debug("Done retrieving all objects for listRoles");
} finally {
if (!success) {
rollbackTransaction();
}
if (query != null) {
query.closeAll();
}
}
if (principalType == PrincipalType.USER) {
// All users belong to public role implicitly, add that role
MRole publicRole = new MRole(HiveMetaStore.PUBLIC, 0, HiveMetaStore.PUBLIC);
mRoleMember.add(new MRoleMap(principalName, principalType.toString(), publicRole, 0, null, null, false));
}
return mRoleMember;
}
use of org.apache.hadoop.hive.metastore.model.MRoleMap in project hive by apache.
the class ObjectStore method listMSecurityPrincipalMembershipRole.
@SuppressWarnings("unchecked")
private List<MRoleMap> listMSecurityPrincipalMembershipRole(final String roleName, final PrincipalType principalType, QueryWrapper queryWrapper) {
boolean success = false;
List<MRoleMap> mRoleMemebership = null;
try {
LOG.debug("Executing listMSecurityPrincipalMembershipRole");
openTransaction();
Query query = queryWrapper.query = pm.newQuery(MRoleMap.class, "principalName == t1 && principalType == t2");
query.declareParameters("java.lang.String t1, java.lang.String t2");
mRoleMemebership = (List<MRoleMap>) query.execute(roleName, principalType.toString());
pm.retrieveAll(mRoleMemebership);
success = commitTransaction();
LOG.debug("Done retrieving all objects for listMSecurityPrincipalMembershipRole");
} finally {
if (!success) {
rollbackTransaction();
}
}
return mRoleMemebership;
}
Aggregations