Examples with PrincipalDesc - org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc

Example 11 with PrincipalDesc

use of org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc in project hive by apache.

the class TestHiveAuthorizationTaskFactory method testGrantRoleUser.

/**
 * GRANT ROLE ... TO USER ...
 */
@Test
public void testGrantRoleUser() throws Exception {
    DDLWork work = analyze("GRANT ROLE " + ROLE + " TO USER " + USER);
    GrantRoleDesc grantDesc = (GrantRoleDesc) work.getDDLDesc();
    Assert.assertNotNull("Grant should not be null", grantDesc);
    Assert.assertFalse("With admin option is not specified", grantDesc.isGrantOption());
    Assert.assertEquals(currentUser, grantDesc.getGrantor());
    for (String role : ListSizeMatcher.inList(grantDesc.getRoles()).ofSize(1)) {
        Assert.assertEquals(ROLE, role);
    }
    for (PrincipalDesc principal : ListSizeMatcher.inList(grantDesc.getPrincipals()).ofSize(1)) {
        Assert.assertEquals(PrincipalType.USER, principal.getType());
        Assert.assertEquals(USER, principal.getName());
    }
}

Also used : PrincipalDesc(org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc) DDLWork(org.apache.hadoop.hive.ql.ddl.DDLWork) GrantRoleDesc(org.apache.hadoop.hive.ql.ddl.privilege.role.grant.GrantRoleDesc) Test(org.junit.Test)

Example 12 with PrincipalDesc

use of org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc in project hive by apache.

the class TestHiveAuthorizationTaskFactory method testGrantRoleTable.

/**
 * GRANT ... ON TABLE ... TO ROLE ...
 */
@Test
public void testGrantRoleTable() throws Exception {
    DDLWork work = analyze("GRANT " + SELECT + " ON TABLE " + TABLE + " TO ROLE " + ROLE);
    GrantDesc grantDesc = (GrantDesc) work.getDDLDesc();
    Assert.assertNotNull("Grant should not be null", grantDesc);
    for (PrincipalDesc principal : ListSizeMatcher.inList(grantDesc.getPrincipals()).ofSize(1)) {
        Assert.assertEquals(PrincipalType.ROLE, principal.getType());
        Assert.assertEquals(ROLE, principal.getName());
    }
    for (PrivilegeDesc privilege : ListSizeMatcher.inList(grantDesc.getPrivileges()).ofSize(1)) {
        Assert.assertEquals(Privilege.SELECT, privilege.getPrivilege());
    }
    Assert.assertTrue("Expected table", grantDesc.getPrivilegeSubject().getTable());
    Assert.assertEquals(TABLE_QNAME, grantDesc.getPrivilegeSubject().getObject());
}

Also used : PrincipalDesc(org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc) DDLWork(org.apache.hadoop.hive.ql.ddl.DDLWork) GrantDesc(org.apache.hadoop.hive.ql.ddl.privilege.grant.GrantDesc) ShowRoleGrantDesc(org.apache.hadoop.hive.ql.ddl.privilege.show.rolegrant.ShowRoleGrantDesc) ShowGrantDesc(org.apache.hadoop.hive.ql.ddl.privilege.show.grant.ShowGrantDesc) PrivilegeDesc(org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeDesc) Test(org.junit.Test)

Example 13 with PrincipalDesc

use of org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc in project hive by apache.

the class TestHiveAuthorizationTaskFactory method testRevokeUserTable.

/**
 * REVOKE ... ON TABLE ... FROM USER ...
 */
@Test
public void testRevokeUserTable() throws Exception {
    DDLWork work = analyze("REVOKE " + SELECT + " ON TABLE " + TABLE + " FROM USER " + USER);
    RevokeDesc grantDesc = (RevokeDesc) work.getDDLDesc();
    Assert.assertNotNull("Revoke should not be null", grantDesc);
    for (PrincipalDesc principal : ListSizeMatcher.inList(grantDesc.getPrincipals()).ofSize(1)) {
        Assert.assertEquals(PrincipalType.USER, principal.getType());
        Assert.assertEquals(USER, principal.getName());
    }
    for (PrivilegeDesc privilege : ListSizeMatcher.inList(grantDesc.getPrivileges()).ofSize(1)) {
        Assert.assertEquals(Privilege.SELECT, privilege.getPrivilege());
    }
    Assert.assertTrue("Expected table", grantDesc.getPrivilegeSubject().getTable());
    Assert.assertEquals(TABLE_QNAME, grantDesc.getPrivilegeSubject().getObject());
}

Also used : PrincipalDesc(org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc) DDLWork(org.apache.hadoop.hive.ql.ddl.DDLWork) RevokeDesc(org.apache.hadoop.hive.ql.ddl.privilege.revoke.RevokeDesc) PrivilegeDesc(org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeDesc) Test(org.junit.Test)

Example 14 with PrincipalDesc

use of org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc in project hive by apache.

the class HiveAuthorizationTaskFactoryImpl method createRevokeTask.

@Override
public Task<?> createRevokeTask(ASTNode ast, Set<ReadEntity> inputs, Set<WriteEntity> outputs) throws SemanticException {
    List<PrivilegeDesc> privilegeDesc = analyzePrivilegeListDef((ASTNode) ast.getChild(0));
    List<PrincipalDesc> principalDesc = AuthorizationParseUtils.analyzePrincipalListDef((ASTNode) ast.getChild(1));
    PrivilegeObjectDesc hiveObj = null;
    boolean grantOption = false;
    if (ast.getChildCount() > 2) {
        ASTNode astChild = (ASTNode) ast.getChild(2);
        hiveObj = analyzePrivilegeObject(astChild, outputs);
        if (null != ast.getFirstChildWithType(HiveParser.TOK_GRANT_OPTION_FOR)) {
            grantOption = true;
        }
    }
    RevokeDesc revokeDesc = new RevokeDesc(privilegeDesc, principalDesc, hiveObj, grantOption);
    return TaskFactory.get(new DDLWork(inputs, outputs, revokeDesc));
}

Also used : PrincipalDesc(org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc) DDLWork(org.apache.hadoop.hive.ql.ddl.DDLWork) PrivilegeObjectDesc(org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeObjectDesc) ASTNode(org.apache.hadoop.hive.ql.parse.ASTNode) RevokeDesc(org.apache.hadoop.hive.ql.ddl.privilege.revoke.RevokeDesc) PrivilegeDesc(org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeDesc)

Example 15 with PrincipalDesc

use of org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc in project hive by apache.

the class AuthorizationParseUtils method getPrincipalDesc.

public static PrincipalDesc getPrincipalDesc(ASTNode principal) {
    PrincipalType type = getPrincipalType(principal);
    if (type != null) {
        String text = principal.getChild(0).getText();
        String principalName = BaseSemanticAnalyzer.unescapeIdentifier(text);
        return new PrincipalDesc(principalName, type);
    }
    return null;
}

Also used : PrincipalDesc(org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc) PrincipalType(org.apache.hadoop.hive.metastore.api.PrincipalType)

Aggregations

PrincipalDesc (org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc)24 DDLWork (org.apache.hadoop.hive.ql.ddl.DDLWork)21 Test (org.junit.Test)12 PrivilegeDesc (org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeDesc)9 GrantDesc (org.apache.hadoop.hive.ql.ddl.privilege.grant.GrantDesc)5 ShowGrantDesc (org.apache.hadoop.hive.ql.ddl.privilege.show.grant.ShowGrantDesc)5 SemanticException (org.apache.hadoop.hive.ql.parse.SemanticException)5 RevokeDesc (org.apache.hadoop.hive.ql.ddl.privilege.revoke.RevokeDesc)4 GrantRoleDesc (org.apache.hadoop.hive.ql.ddl.privilege.role.grant.GrantRoleDesc)4 RevokeRoleDesc (org.apache.hadoop.hive.ql.ddl.privilege.role.revoke.RevokeRoleDesc)4 ShowRoleGrantDesc (org.apache.hadoop.hive.ql.ddl.privilege.show.rolegrant.ShowRoleGrantDesc)4 ASTNode (org.apache.hadoop.hive.ql.parse.ASTNode)4 AlterDatabaseSetOwnerDesc (org.apache.hadoop.hive.ql.ddl.database.alter.owner.AlterDatabaseSetOwnerDesc)3 PrivilegeObjectDesc (org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeObjectDesc)3 Path (org.apache.hadoop.fs.Path)2 Database (org.apache.hadoop.hive.metastore.api.Database)2 AlterDatabaseSetPropertiesDesc (org.apache.hadoop.hive.ql.ddl.database.alter.poperties.AlterDatabaseSetPropertiesDesc)2 IOException (java.io.IOException)1 ArrayList (java.util.ArrayList)1 HashMap (java.util.HashMap)1