Search in sources :

Example 1 with PrivilegeDesc

use of org.apache.hadoop.hive.ql.plan.PrivilegeDesc in project hive by apache.

the class TestHiveAuthorizationTaskFactory method testRevokeUserTable.

/**
   * REVOKE ... ON TABLE ... FROM USER ...
   */
@Test
public void testRevokeUserTable() throws Exception {
    DDLWork work = analyze("REVOKE " + SELECT + " ON TABLE " + TABLE + " FROM USER " + USER);
    RevokeDesc grantDesc = work.getRevokeDesc();
    Assert.assertNotNull("Revoke should not be null", grantDesc);
    for (PrincipalDesc principal : ListSizeMatcher.inList(grantDesc.getPrincipals()).ofSize(1)) {
        Assert.assertEquals(PrincipalType.USER, principal.getType());
        Assert.assertEquals(USER, principal.getName());
    }
    for (PrivilegeDesc privilege : ListSizeMatcher.inList(grantDesc.getPrivileges()).ofSize(1)) {
        Assert.assertEquals(Privilege.SELECT, privilege.getPrivilege());
    }
    Assert.assertTrue("Expected table", grantDesc.getPrivilegeSubjectDesc().getTable());
    Assert.assertEquals(TABLE_QNAME, grantDesc.getPrivilegeSubjectDesc().getObject());
}
Also used : PrincipalDesc(org.apache.hadoop.hive.ql.plan.PrincipalDesc) DDLWork(org.apache.hadoop.hive.ql.plan.DDLWork) RevokeDesc(org.apache.hadoop.hive.ql.plan.RevokeDesc) PrivilegeDesc(org.apache.hadoop.hive.ql.plan.PrivilegeDesc) Test(org.junit.Test)

Example 2 with PrivilegeDesc

use of org.apache.hadoop.hive.ql.plan.PrivilegeDesc in project hive by apache.

the class TestHiveAuthorizationTaskFactory method testGrantRoleTable.

/**
   * GRANT ... ON TABLE ... TO ROLE ...
   */
@Test
public void testGrantRoleTable() throws Exception {
    DDLWork work = analyze("GRANT " + SELECT + " ON TABLE " + TABLE + " TO ROLE " + ROLE);
    GrantDesc grantDesc = work.getGrantDesc();
    Assert.assertNotNull("Grant should not be null", grantDesc);
    for (PrincipalDesc principal : ListSizeMatcher.inList(grantDesc.getPrincipals()).ofSize(1)) {
        Assert.assertEquals(PrincipalType.ROLE, principal.getType());
        Assert.assertEquals(ROLE, principal.getName());
    }
    for (PrivilegeDesc privilege : ListSizeMatcher.inList(grantDesc.getPrivileges()).ofSize(1)) {
        Assert.assertEquals(Privilege.SELECT, privilege.getPrivilege());
    }
    Assert.assertTrue("Expected table", grantDesc.getPrivilegeSubjectDesc().getTable());
    Assert.assertEquals(TABLE_QNAME, grantDesc.getPrivilegeSubjectDesc().getObject());
}
Also used : PrincipalDesc(org.apache.hadoop.hive.ql.plan.PrincipalDesc) DDLWork(org.apache.hadoop.hive.ql.plan.DDLWork) GrantDesc(org.apache.hadoop.hive.ql.plan.GrantDesc) ShowGrantDesc(org.apache.hadoop.hive.ql.plan.ShowGrantDesc) PrivilegeDesc(org.apache.hadoop.hive.ql.plan.PrivilegeDesc) Test(org.junit.Test)

Example 3 with PrivilegeDesc

use of org.apache.hadoop.hive.ql.plan.PrivilegeDesc in project hive by apache.

the class TestHiveAuthorizationTaskFactory method testGrantUserTable.

/**
   * GRANT ... ON TABLE ... TO USER ...
   */
@Test
public void testGrantUserTable() throws Exception {
    DDLWork work = analyze("GRANT " + SELECT + " ON TABLE " + TABLE + " TO USER " + USER);
    GrantDesc grantDesc = work.getGrantDesc();
    Assert.assertNotNull("Grant should not be null", grantDesc);
    for (PrincipalDesc principal : ListSizeMatcher.inList(grantDesc.getPrincipals()).ofSize(1)) {
        Assert.assertEquals(PrincipalType.USER, principal.getType());
        Assert.assertEquals(USER, principal.getName());
    }
    for (PrivilegeDesc privilege : ListSizeMatcher.inList(grantDesc.getPrivileges()).ofSize(1)) {
        Assert.assertEquals(Privilege.SELECT, privilege.getPrivilege());
    }
    Assert.assertTrue("Expected table", grantDesc.getPrivilegeSubjectDesc().getTable());
    Assert.assertEquals(TABLE_QNAME, grantDesc.getPrivilegeSubjectDesc().getObject());
}
Also used : PrincipalDesc(org.apache.hadoop.hive.ql.plan.PrincipalDesc) DDLWork(org.apache.hadoop.hive.ql.plan.DDLWork) GrantDesc(org.apache.hadoop.hive.ql.plan.GrantDesc) ShowGrantDesc(org.apache.hadoop.hive.ql.plan.ShowGrantDesc) PrivilegeDesc(org.apache.hadoop.hive.ql.plan.PrivilegeDesc) Test(org.junit.Test)

Example 4 with PrivilegeDesc

use of org.apache.hadoop.hive.ql.plan.PrivilegeDesc in project hive by apache.

the class TestHiveAuthorizationTaskFactory method testGrantGroupTable.

/**
   * GRANT ... ON TABLE ... TO GROUP ...
   */
@Test
public void testGrantGroupTable() throws Exception {
    DDLWork work = analyze("GRANT " + SELECT + " ON TABLE " + TABLE + " TO GROUP " + GROUP);
    GrantDesc grantDesc = work.getGrantDesc();
    Assert.assertNotNull("Grant should not be null", grantDesc);
    for (PrincipalDesc principal : ListSizeMatcher.inList(grantDesc.getPrincipals()).ofSize(1)) {
        Assert.assertEquals(PrincipalType.GROUP, principal.getType());
        Assert.assertEquals(GROUP, principal.getName());
    }
    for (PrivilegeDesc privilege : ListSizeMatcher.inList(grantDesc.getPrivileges()).ofSize(1)) {
        Assert.assertEquals(Privilege.SELECT, privilege.getPrivilege());
    }
    Assert.assertTrue("Expected table", grantDesc.getPrivilegeSubjectDesc().getTable());
    Assert.assertEquals(TABLE_QNAME, grantDesc.getPrivilegeSubjectDesc().getObject());
}
Also used : PrincipalDesc(org.apache.hadoop.hive.ql.plan.PrincipalDesc) DDLWork(org.apache.hadoop.hive.ql.plan.DDLWork) GrantDesc(org.apache.hadoop.hive.ql.plan.GrantDesc) ShowGrantDesc(org.apache.hadoop.hive.ql.plan.ShowGrantDesc) PrivilegeDesc(org.apache.hadoop.hive.ql.plan.PrivilegeDesc) Test(org.junit.Test)

Example 5 with PrivilegeDesc

use of org.apache.hadoop.hive.ql.plan.PrivilegeDesc in project hive by apache.

the class TestHiveAuthorizationTaskFactory method testRevokeRoleTable.

/**
   * REVOKE ... ON TABLE ... FROM ROLE ...
   */
@Test
public void testRevokeRoleTable() throws Exception {
    DDLWork work = analyze("REVOKE " + SELECT + " ON TABLE " + TABLE + " FROM ROLE " + ROLE);
    RevokeDesc grantDesc = work.getRevokeDesc();
    Assert.assertNotNull("Revoke should not be null", grantDesc);
    for (PrincipalDesc principal : ListSizeMatcher.inList(grantDesc.getPrincipals()).ofSize(1)) {
        Assert.assertEquals(PrincipalType.ROLE, principal.getType());
        Assert.assertEquals(ROLE, principal.getName());
    }
    for (PrivilegeDesc privilege : ListSizeMatcher.inList(grantDesc.getPrivileges()).ofSize(1)) {
        Assert.assertEquals(Privilege.SELECT, privilege.getPrivilege());
    }
    Assert.assertTrue("Expected table", grantDesc.getPrivilegeSubjectDesc().getTable());
    Assert.assertEquals(TABLE_QNAME, grantDesc.getPrivilegeSubjectDesc().getObject());
}
Also used : PrincipalDesc(org.apache.hadoop.hive.ql.plan.PrincipalDesc) DDLWork(org.apache.hadoop.hive.ql.plan.DDLWork) RevokeDesc(org.apache.hadoop.hive.ql.plan.RevokeDesc) PrivilegeDesc(org.apache.hadoop.hive.ql.plan.PrivilegeDesc) Test(org.junit.Test)

Aggregations

PrivilegeDesc (org.apache.hadoop.hive.ql.plan.PrivilegeDesc)10 DDLWork (org.apache.hadoop.hive.ql.plan.DDLWork)9 PrincipalDesc (org.apache.hadoop.hive.ql.plan.PrincipalDesc)9 Test (org.junit.Test)6 GrantDesc (org.apache.hadoop.hive.ql.plan.GrantDesc)5 RevokeDesc (org.apache.hadoop.hive.ql.plan.RevokeDesc)4 ShowGrantDesc (org.apache.hadoop.hive.ql.plan.ShowGrantDesc)4 ASTNode (org.apache.hadoop.hive.ql.parse.ASTNode)3 PrivilegeObjectDesc (org.apache.hadoop.hive.ql.plan.PrivilegeObjectDesc)2 ArrayList (java.util.ArrayList)1 SemanticException (org.apache.hadoop.hive.ql.parse.SemanticException)1 Privilege (org.apache.hadoop.hive.ql.security.authorization.Privilege)1