Examples with PrincipalDesc org.apache.hadoop.hive.ql.plan.PrincipalDesc used on opensource projects

Example 11 with PrincipalDesc

use of org.apache.hadoop.hive.ql.plan.PrincipalDesc in project hive by apache.

the class AuthorizationParseUtils method getPrincipalDesc.

public static PrincipalDesc getPrincipalDesc(ASTNode principal) {
    PrincipalType type = getPrincipalType(principal);
    if (type != null) {
        String text = principal.getChild(0).getText();
        String principalName = BaseSemanticAnalyzer.unescapeIdentifier(text);
        return new PrincipalDesc(principalName, type);
    }
    return null;
}

Example 12 with PrincipalDesc

use of org.apache.hadoop.hive.ql.plan.PrincipalDesc in project hive by apache.

the class HiveAuthorizationTaskFactoryImpl method createShowGrantTask.

@Override
public Task<? extends Serializable> createShowGrantTask(ASTNode ast, Path resultFile, HashSet<ReadEntity> inputs, HashSet<WriteEntity> outputs) throws SemanticException {
    PrincipalDesc principalDesc = null;
    PrivilegeObjectDesc privHiveObj = null;
    ASTNode param = null;
    if (ast.getChildCount() > 0) {
        param = (ASTNode) ast.getChild(0);
        principalDesc = AuthorizationParseUtils.getPrincipalDesc(param);
        if (principalDesc != null) {
            // shift one
            param = (ASTNode) ast.getChild(1);
        }
    }
    if (param != null) {
        if (param.getType() == HiveParser.TOK_RESOURCE_ALL) {
            privHiveObj = new PrivilegeObjectDesc();
        } else if (param.getType() == HiveParser.TOK_PRIV_OBJECT_COL) {
            privHiveObj = parsePrivObject(param);
        }
    }
    ShowGrantDesc showGrant = new ShowGrantDesc(resultFile.toString(), principalDesc, privHiveObj);
    return TaskFactory.get(new DDLWork(inputs, outputs, showGrant), conf);
}

Example 13 with PrincipalDesc

use of org.apache.hadoop.hive.ql.plan.PrincipalDesc in project hive by apache.

the class HiveAuthorizationTaskFactoryImpl method createRevokeTask.

@Override
public Task<? extends Serializable> createRevokeTask(ASTNode ast, HashSet<ReadEntity> inputs, HashSet<WriteEntity> outputs) throws SemanticException {
    List<PrivilegeDesc> privilegeDesc = analyzePrivilegeListDef((ASTNode) ast.getChild(0));
    List<PrincipalDesc> principalDesc = AuthorizationParseUtils.analyzePrincipalListDef((ASTNode) ast.getChild(1));
    PrivilegeObjectDesc hiveObj = null;
    boolean grantOption = false;
    if (ast.getChildCount() > 2) {
        ASTNode astChild = (ASTNode) ast.getChild(2);
        hiveObj = analyzePrivilegeObject(astChild, outputs);
        if (null != ast.getFirstChildWithType(HiveParser.TOK_GRANT_OPTION_FOR)) {
            grantOption = true;
        }
    }
    RevokeDesc revokeDesc = new RevokeDesc(privilegeDesc, principalDesc, hiveObj, grantOption);
    return TaskFactory.get(new DDLWork(inputs, outputs, revokeDesc), conf);
}

Example 14 with PrincipalDesc

use of org.apache.hadoop.hive.ql.plan.PrincipalDesc in project hive by apache.

the class PrivilegesTestBase method grantUserTable.

public static void grantUserTable(String privStr, PrivilegeType privType, QueryState queryState, Hive db) throws Exception {
    DDLWork work = AuthorizationTestUtil.analyze("GRANT " + privStr + " ON TABLE " + TABLE + " TO USER " + USER, queryState, db);
    GrantDesc grantDesc = work.getGrantDesc();
    Assert.assertNotNull("Grant should not be null", grantDesc);
    //check privileges
    for (PrivilegeDesc privilege : ListSizeMatcher.inList(grantDesc.getPrivileges()).ofSize(1)) {
        Assert.assertEquals(privType, privilege.getPrivilege().getPriv());
    }
    //check other parts
    for (PrincipalDesc principal : ListSizeMatcher.inList(grantDesc.getPrincipals()).ofSize(1)) {
        Assert.assertEquals(PrincipalType.USER, principal.getType());
        Assert.assertEquals(USER, principal.getName());
    }
    Assert.assertTrue("Expected table", grantDesc.getPrivilegeSubjectDesc().getTable());
    Assert.assertEquals(TABLE_QNAME, grantDesc.getPrivilegeSubjectDesc().getObject());
}

Example 15 with PrincipalDesc

use of org.apache.hadoop.hive.ql.plan.PrincipalDesc in project hive by apache.

the class TestHiveAuthorizationTaskFactory method testRevokeRoleGroup.

/**
   * REVOKE ROLE ... FROM GROUP ...
   */
@Test
public void testRevokeRoleGroup() throws Exception {
    DDLWork work = analyze("REVOKE ROLE " + ROLE + " FROM GROUP " + GROUP);
    GrantRevokeRoleDDL grantDesc = work.getGrantRevokeRoleDDL();
    Assert.assertNotNull("Grant should not be null", grantDesc);
    Assert.assertFalse("Did not expect grant ", grantDesc.getGrant());
    Assert.assertFalse("With admin option is not specified", grantDesc.isGrantOption());
    Assert.assertEquals(currentUser, grantDesc.getGrantor());
    Assert.assertEquals(PrincipalType.USER, grantDesc.getGrantorType());
    for (String role : ListSizeMatcher.inList(grantDesc.getRoles()).ofSize(1)) {
        Assert.assertEquals(ROLE, role);
    }
    for (PrincipalDesc principal : ListSizeMatcher.inList(grantDesc.getPrincipalDesc()).ofSize(1)) {
        Assert.assertEquals(PrincipalType.GROUP, principal.getType());
        Assert.assertEquals(GROUP, principal.getName());
    }
}