@Override public HivePolicyProvider getHivePolicyProvider() throws HiveAuthzPluginException { return new HDFSPermissionPolicyProvider(getConf()); }
private HiveResourceACLs getResourceACLs(Path path) throws IOException { if (path == null) { throw new IllegalArgumentException("path is null"); } final FileSystem fs = path.getFileSystem(conf); FileStatus pathStatus = FileUtils.getFileStatusOrNull(fs, path); if (pathStatus != null) { return getResourceACLs(fs, pathStatus); } else if (path.getParent() != null) { // find the ancestor which exists to check its permissions Path par = path.getParent(); FileStatus parStatus = null; while (par != null) { parStatus = FileUtils.getFileStatusOrNull(fs, par); if (parStatus != null) { break; } par = par.getParent(); } return getResourceACLs(fs, parStatus); } return null; }
@Override public HiveResourceACLs getResourceACLs(HivePrivilegeObject hiveObject) { HiveResourceACLs acls = null; try { switch (hiveObject.getType()) { case DATABASE: Database db = Hive.get().getDatabase(hiveObject.getDbname()); acls = getResourceACLs(new Path(db.getLocationUri())); break; case TABLE_OR_VIEW: case COLUMN: Table table = Hive.get().getTable(hiveObject.getDbname(), hiveObject.getObjectName()); acls = getResourceACLs(new Path(table.getTTable().getSd().getLocation())); break; default: // Shall never happen throw new RuntimeException("Unknown request type:" + hiveObject.getType()); } } catch (Exception e) { } return acls; }