Examples with RevokeDesc - org.apache.hadoop.hive.ql.ddl.privilege.revoke.RevokeDesc

Example 1 with RevokeDesc

use of org.apache.hadoop.hive.ql.ddl.privilege.revoke.RevokeDesc in project hive by apache.

the class TestHiveAuthorizationTaskFactory method testRevokeRoleTable.

/**
 * REVOKE ... ON TABLE ... FROM ROLE ...
 */
@Test
public void testRevokeRoleTable() throws Exception {
    DDLWork work = analyze("REVOKE " + SELECT + " ON TABLE " + TABLE + " FROM ROLE " + ROLE);
    RevokeDesc grantDesc = (RevokeDesc) work.getDDLDesc();
    Assert.assertNotNull("Revoke should not be null", grantDesc);
    for (PrincipalDesc principal : ListSizeMatcher.inList(grantDesc.getPrincipals()).ofSize(1)) {
        Assert.assertEquals(PrincipalType.ROLE, principal.getType());
        Assert.assertEquals(ROLE, principal.getName());
    }
    for (PrivilegeDesc privilege : ListSizeMatcher.inList(grantDesc.getPrivileges()).ofSize(1)) {
        Assert.assertEquals(Privilege.SELECT, privilege.getPrivilege());
    }
    Assert.assertTrue("Expected table", grantDesc.getPrivilegeSubject().getTable());
    Assert.assertEquals(TABLE_QNAME, grantDesc.getPrivilegeSubject().getObject());
}

Also used : PrincipalDesc(org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc) DDLWork(org.apache.hadoop.hive.ql.ddl.DDLWork) RevokeDesc(org.apache.hadoop.hive.ql.ddl.privilege.revoke.RevokeDesc) PrivilegeDesc(org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeDesc) Test(org.junit.Test)

Example 2 with RevokeDesc

use of org.apache.hadoop.hive.ql.ddl.privilege.revoke.RevokeDesc in project hive by apache.

the class TestHiveAuthorizationTaskFactory method testRevokeUserTable.

/**
 * REVOKE ... ON TABLE ... FROM USER ...
 */
@Test
public void testRevokeUserTable() throws Exception {
    DDLWork work = analyze("REVOKE " + SELECT + " ON TABLE " + TABLE + " FROM USER " + USER);
    RevokeDesc grantDesc = (RevokeDesc) work.getDDLDesc();
    Assert.assertNotNull("Revoke should not be null", grantDesc);
    for (PrincipalDesc principal : ListSizeMatcher.inList(grantDesc.getPrincipals()).ofSize(1)) {
        Assert.assertEquals(PrincipalType.USER, principal.getType());
        Assert.assertEquals(USER, principal.getName());
    }
    for (PrivilegeDesc privilege : ListSizeMatcher.inList(grantDesc.getPrivileges()).ofSize(1)) {
        Assert.assertEquals(Privilege.SELECT, privilege.getPrivilege());
    }
    Assert.assertTrue("Expected table", grantDesc.getPrivilegeSubject().getTable());
    Assert.assertEquals(TABLE_QNAME, grantDesc.getPrivilegeSubject().getObject());
}

Example 3 with RevokeDesc

use of org.apache.hadoop.hive.ql.ddl.privilege.revoke.RevokeDesc in project hive by apache.

the class HiveAuthorizationTaskFactoryImpl method createRevokeTask.

@Override
public Task<?> createRevokeTask(ASTNode ast, Set<ReadEntity> inputs, Set<WriteEntity> outputs) throws SemanticException {
    List<PrivilegeDesc> privilegeDesc = analyzePrivilegeListDef((ASTNode) ast.getChild(0));
    List<PrincipalDesc> principalDesc = AuthorizationParseUtils.analyzePrincipalListDef((ASTNode) ast.getChild(1));
    PrivilegeObjectDesc hiveObj = null;
    boolean grantOption = false;
    if (ast.getChildCount() > 2) {
        ASTNode astChild = (ASTNode) ast.getChild(2);
        hiveObj = analyzePrivilegeObject(astChild, outputs);
        if (null != ast.getFirstChildWithType(HiveParser.TOK_GRANT_OPTION_FOR)) {
            grantOption = true;
        }
    }
    RevokeDesc revokeDesc = new RevokeDesc(privilegeDesc, principalDesc, hiveObj, grantOption);
    return TaskFactory.get(new DDLWork(inputs, outputs, revokeDesc));
}

Also used : PrincipalDesc(org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc) DDLWork(org.apache.hadoop.hive.ql.ddl.DDLWork) PrivilegeObjectDesc(org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeObjectDesc) ASTNode(org.apache.hadoop.hive.ql.parse.ASTNode) RevokeDesc(org.apache.hadoop.hive.ql.ddl.privilege.revoke.RevokeDesc) PrivilegeDesc(org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeDesc)

Example 4 with RevokeDesc

use of org.apache.hadoop.hive.ql.ddl.privilege.revoke.RevokeDesc in project hive by apache.

the class TestHiveAuthorizationTaskFactory method testRevokeGroupTable.

/**
 * REVOKE ... ON TABLE ... FROM GROUP ...
 */
@Test
public void testRevokeGroupTable() throws Exception {
    DDLWork work = analyze("REVOKE " + SELECT + " ON TABLE " + TABLE + " FROM GROUP " + GROUP);
    RevokeDesc grantDesc = (RevokeDesc) work.getDDLDesc();
    Assert.assertNotNull("Revoke should not be null", grantDesc);
    for (PrincipalDesc principal : ListSizeMatcher.inList(grantDesc.getPrincipals()).ofSize(1)) {
        Assert.assertEquals(PrincipalType.GROUP, principal.getType());
        Assert.assertEquals(GROUP, principal.getName());
    }
    for (PrivilegeDesc privilege : ListSizeMatcher.inList(grantDesc.getPrivileges()).ofSize(1)) {
        Assert.assertEquals(Privilege.SELECT, privilege.getPrivilege());
    }
    Assert.assertTrue("Expected table", grantDesc.getPrivilegeSubject().getTable());
    Assert.assertEquals(TABLE_QNAME, grantDesc.getPrivilegeSubject().getObject());
}

Aggregations

DDLWork (org.apache.hadoop.hive.ql.ddl.DDLWork)4 PrincipalDesc (org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc)4 PrivilegeDesc (org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeDesc)4 RevokeDesc (org.apache.hadoop.hive.ql.ddl.privilege.revoke.RevokeDesc)4 Test (org.junit.Test)3 PrivilegeObjectDesc (org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeObjectDesc)1 ASTNode (org.apache.hadoop.hive.ql.parse.ASTNode)1