private void authorizeAlterTable(PreAlterTableEvent context) throws InvalidOperationException, MetaException { try { org.apache.hadoop.hive.ql.metadata.Table wrappedTable = new TableWrapper(context.getOldTable()); for (HiveMetastoreAuthorizationProvider authorizer : tAuthorizers.get()) { authorizer.authorize(wrappedTable, null, new Privilege[]{Privilege.ALTER_METADATA}); } } catch (AuthorizationException e) { throw invalidOperationException(e); } catch (HiveException e) { throw metaException(e); } }
private void authorizeAuthorizationAPICall() throws InvalidOperationException, MetaException { for (HiveMetastoreAuthorizationProvider authorizer : tAuthorizers.get()) { try { authorizer.authorizeAuthorizationApiInvocation(); } catch (AuthorizationException e) { throw invalidOperationException(e); } catch (HiveException e) { throw metaException(e); } } }
@Override public HivePolicyProvider next() { try { if (currentAuthorizerPosition < authorizers.size()) { return authorizers.get(currentAuthorizerPosition++).getHivePolicyProvider(); } else { return authorizationProviders.get(authorizationProviderPosition++).getHivePolicyProvider(); } } catch (HiveAuthzPluginException e) { throw new RuntimeException(e); } } }
authorizer.setConf(tConfig.get()); authorizer.setMetaStoreHandler(context.getHandler());
authorizer.setConf(tConfig.get()); authorizer.setMetaStoreHandler(context.getHandler());
private void authorizeAlterPartition(PreAlterPartitionEvent context) throws InvalidOperationException, MetaException { try { org.apache.hadoop.hive.metastore.api.Partition mapiPart = context.getNewPartition(); org.apache.hadoop.hive.ql.metadata.Partition wrappedPartition = new PartitionWrapper( mapiPart, context); for (HiveMetastoreAuthorizationProvider authorizer : tAuthorizers.get()) { authorizer.authorize(wrappedPartition, null, new Privilege[]{Privilege.ALTER_METADATA}); } } catch (AuthorizationException | NoSuchObjectException e) { throw invalidOperationException(e); } catch (HiveException e) { throw metaException(e); } }
authorizer.setConf(tConfig.get()); authorizer.setMetaStoreHandler(context.getHandler());
private void authorizeAuthorizationAPICall() throws InvalidOperationException, MetaException { for (HiveMetastoreAuthorizationProvider authorizer : tAuthorizers.get()) { try { authorizer.authorizeAuthorizationApiInvocation(); } catch (AuthorizationException e) { throw invalidOperationException(e); } catch (HiveException e) { throw metaException(e); } } }
SessionState.get().getAuthenticator()); for (HiveMetastoreAuthorizationProvider authProvider : authorizerProviders) { if (authProvider.getHivePolicyProvider() != null) { authorizer = new Text(authProvider.getHivePolicyProvider().getClass().getSimpleName()); break;
private void authorizeAlterTable(PreAlterTableEvent context) throws InvalidOperationException, MetaException { try { org.apache.hadoop.hive.ql.metadata.Table wrappedTable = new TableWrapper(context.getOldTable()); for (HiveMetastoreAuthorizationProvider authorizer : tAuthorizers.get()) { authorizer.authorize(wrappedTable, null, new Privilege[]{Privilege.ALTER_METADATA}); } } catch (AuthorizationException e) { throw invalidOperationException(e); } catch (HiveException e) { throw metaException(e); } }
private void authorizeAuthorizationAPICall() throws InvalidOperationException, MetaException { for (HiveMetastoreAuthorizationProvider authorizer : tAuthorizers.get()) { try { authorizer.authorizeAuthorizationApiInvocation(); } catch (AuthorizationException e) { throw invalidOperationException(e); } catch (HiveException e) { throw metaException(e); } } }
SessionState.get().getAuthenticator()); for (HiveMetastoreAuthorizationProvider authProvider : authorizerProviders) { if (authProvider.getHivePolicyProvider() != null) { enableMetastorePolicyProvider = true; break;
private void authorizeReadDatabase(PreReadDatabaseEvent context) throws InvalidOperationException, MetaException { if (!isReadAuthzEnabled()) { return; } try { for (HiveMetastoreAuthorizationProvider authorizer : tAuthorizers.get()) { authorizer.authorize(new Database(context.getDatabase()), new Privilege[] { Privilege.SELECT }, null); } } catch (AuthorizationException e) { throw invalidOperationException(e); } catch (HiveException e) { throw metaException(e); } }
hiveConf, HiveConf.ConfVars.HIVE_METASTORE_AUTHORIZATION_MANAGER, SessionState.get().getAuthenticator()); for (HiveMetastoreAuthorizationProvider provider : providers) { if (provider.getHivePolicyProvider() != null) { policyContainer.addAuthorizationProvider(provider);
private void authorizeReadTable(PreReadTableEvent context) throws InvalidOperationException, MetaException { if (!isReadAuthzEnabled()) { return; } try { org.apache.hadoop.hive.ql.metadata.Table wrappedTable = new TableWrapper(context.getTable()); for (HiveMetastoreAuthorizationProvider authorizer : tAuthorizers.get()) { authorizer.authorize(wrappedTable, new Privilege[] { Privilege.SELECT }, null); } } catch (AuthorizationException e) { throw invalidOperationException(e); } catch (HiveException e) { throw metaException(e); } }
hiveConf, HiveConf.ConfVars.HIVE_METASTORE_AUTHORIZATION_MANAGER, SessionState.get().getAuthenticator()); for (HiveMetastoreAuthorizationProvider provider : providers) { if (provider.getHivePolicyProvider() != null) { policyContainer.addAuthorizationProvider(provider);
private void authorizeAlterPartition(PreAlterPartitionEvent context) throws InvalidOperationException, MetaException { try { org.apache.hadoop.hive.metastore.api.Partition mapiPart = context.getNewPartition(); org.apache.hadoop.hive.ql.metadata.Partition wrappedPartition = new PartitionWrapper( mapiPart, context); for (HiveMetastoreAuthorizationProvider authorizer : tAuthorizers.get()) { authorizer.authorize(wrappedPartition, null, new Privilege[]{Privilege.ALTER_METADATA}); } } catch (AuthorizationException | NoSuchObjectException e) { throw invalidOperationException(e); } catch (HiveException e) { throw metaException(e); } }
private void authorizeDropDatabase(PreDropDatabaseEvent context) throws InvalidOperationException, MetaException { try { for (HiveMetastoreAuthorizationProvider authorizer : tAuthorizers.get()) { authorizer.authorize(new Database(context.getDatabase()), HiveOperation.DROPDATABASE.getInputRequiredPrivileges(), HiveOperation.DROPDATABASE.getOutputRequiredPrivileges()); } } catch (AuthorizationException e) { throw invalidOperationException(e); } catch (HiveException e) { throw metaException(e); } }
private void authorizeCreateDatabase(PreCreateDatabaseEvent context) throws InvalidOperationException, MetaException { try { for (HiveMetastoreAuthorizationProvider authorizer : tAuthorizers.get()) { authorizer.authorize(new Database(context.getDatabase()), HiveOperation.CREATEDATABASE.getInputRequiredPrivileges(), HiveOperation.CREATEDATABASE.getOutputRequiredPrivileges()); } } catch (AuthorizationException e) { throw invalidOperationException(e); } catch (HiveException e) { throw metaException(e); } }
private void authorizeReadTable(PreReadTableEvent context) throws InvalidOperationException, MetaException { if (!isReadAuthzEnabled()) { return; } try { org.apache.hadoop.hive.ql.metadata.Table wrappedTable = new TableWrapper(context.getTable()); for (HiveMetastoreAuthorizationProvider authorizer : tAuthorizers.get()) { authorizer.authorize(wrappedTable, new Privilege[] { Privilege.SELECT }, null); } } catch (AuthorizationException e) { throw invalidOperationException(e); } catch (HiveException e) { throw metaException(e); } }