@Override public String toString() { return this.getPriv().toString(); }
@Override public HivePrivilege getHivePrivilege(PrivilegeDesc privilege) { Privilege priv = privilege.getPrivilege(); return new HivePrivilege(priv.toString(), privilege.getColumns(), priv.getScopeList()); }
new PrivilegeGrantInfo(priv.toString(), 0, grantor, grantorType, grantOption))); Privilege priv = privDesc.getPrivilege(); if (columns != null && columns.size() > 0) { if (!priv.supportColumnLevel()) { throw new HiveException(priv.toString() + " does not support column level."); privBag.addToPrivileges(new HiveObjectPrivilege( new HiveObjectRef(HiveObjectType.COLUMN, dbName, tableName, partValues, columns.get(i)), null, null, new PrivilegeGrantInfo(priv.toString(), 0, grantor, grantorType, grantOption))); privBag.addToPrivileges(new HiveObjectPrivilege( new HiveObjectRef(HiveObjectType.PARTITION, dbName, tableName, partValues, null), null, null, new PrivilegeGrantInfo(priv.toString(), 0, grantor, grantorType, grantOption))); } else { privBag .addToPrivileges(new HiveObjectPrivilege( new HiveObjectRef(HiveObjectType.TABLE, dbName, tableName, null, null), null, null, new PrivilegeGrantInfo(priv.toString(), 0, grantor, grantorType, grantOption))); null, null), null, null, new PrivilegeGrantInfo(priv.toString(), 0, grantor, grantorType, grantOption)));
public static Privilege getPrivilege(String privilegeName) { return Registry.get(Privilege.getPrivTypeByName(privilegeName)); }
public static Privilege getPrivilege(int privilegeToken) { return Registry.get(Privilege.getPrivTypeByToken(privilegeToken)); }
@Override public String toString() { return this.getPriv().toString(); }
@Override public HivePrivilege getHivePrivilege(PrivilegeDesc privilege) { Privilege priv = privilege.getPrivilege(); return new HivePrivilege(priv.toString(), privilege.getColumns(), priv.getScopeList()); }
continue; if (priv.equalsIgnoreCase(Privilege.ALL.toString())) { setBooleanArray(check, true); return true; continue; if (priv.equalsIgnoreCase(Privilege.ALL.toString())) { setBooleanArray(check, true); return true; continue; if (priv.equalsIgnoreCase(Privilege.ALL.toString())) { setBooleanArray(check, true); return true; String toMatch = inputPriv[i].toString(); if (!check[i]) { check[i] = privSet.contains(toMatch.toLowerCase());
/** * Given a privilege, return what FsActions are required */ protected FsAction getFsAction(Privilege priv) { switch (priv.getPriv()) { case ALL: return FsAction.READ_WRITE; case ALTER_DATA: return FsAction.WRITE; case ALTER_METADATA: return FsAction.WRITE; case CREATE: return FsAction.WRITE; case DROP: return FsAction.WRITE; case LOCK: throw new AuthorizationException( "StorageBasedAuthorizationProvider cannot handle LOCK privilege"); case SELECT: return FsAction.READ; case SHOW_DATABASE: return FsAction.READ; case UNKNOWN: default: throw new AuthorizationException("Unknown privilege"); } }
public static List<HivePrivilege> getHivePrivileges(List<PrivilegeDesc> privileges) { List<HivePrivilege> hivePrivileges = new ArrayList<HivePrivilege>(); for(PrivilegeDesc privilege : privileges){ Privilege priv = privilege.getPrivilege(); hivePrivileges.add( new HivePrivilege(priv.toString(), privilege.getColumns(), priv.getScopeList())); } return hivePrivileges; }
continue; if (priv.equalsIgnoreCase(Privilege.ALL.toString())) { setBooleanArray(check, true); return true; continue; if (priv.equalsIgnoreCase(Privilege.ALL.toString())) { setBooleanArray(check, true); return true; continue; if (priv.equalsIgnoreCase(Privilege.ALL.toString())) { setBooleanArray(check, true); return true; String toMatch = inputPriv[i].toString(); if (!check[i]) { check[i] = privSet.contains(toMatch.toLowerCase());
/** * Given a privilege, return what FsActions are required */ protected FsAction getFsAction(Privilege priv) { switch (priv.getPriv()) { case ALL: return FsAction.READ_WRITE; case ALTER_DATA: return FsAction.WRITE; case ALTER_METADATA: return FsAction.WRITE; case CREATE: return FsAction.WRITE; case DROP: return FsAction.WRITE; case INDEX: throw new AuthorizationException( "StorageBasedAuthorizationProvider cannot handle INDEX privilege"); case LOCK: throw new AuthorizationException( "StorageBasedAuthorizationProvider cannot handle LOCK privilege"); case SELECT: return FsAction.READ; case SHOW_DATABASE: return FsAction.READ; case UNKNOWN: default: throw new AuthorizationException("Unknown privilege"); } }
public static void grantUserTable(String privStr, PrivilegeType privType, QueryState queryState, Hive db) throws Exception { DDLWork work = AuthorizationTestUtil.analyze("GRANT " + privStr + " ON TABLE " + TABLE + " TO USER " + USER, queryState, db); GrantDesc grantDesc = work.getGrantDesc(); Assert.assertNotNull("Grant should not be null", grantDesc); //check privileges for(PrivilegeDesc privilege : ListSizeMatcher.inList(grantDesc.getPrivileges()).ofSize(1)) { Assert.assertEquals(privType, privilege.getPrivilege().getPriv()); } //check other parts for(PrincipalDesc principal : ListSizeMatcher.inList(grantDesc.getPrincipals()).ofSize(1)) { Assert.assertEquals(PrincipalType.USER, principal.getType()); Assert.assertEquals(USER, principal.getName()); } Assert.assertTrue("Expected table", grantDesc.getPrivilegeSubjectDesc().getTable()); Assert.assertEquals(TABLE_QNAME, grantDesc.getPrivilegeSubjectDesc().getObject()); }
@Override public String toString() { return this.getPriv().toString(); }
if (priv == null || priv.trim().equals("")) continue; if (priv.equalsIgnoreCase(Privilege.ALL.toString())) { setBooleanArray(check, true); return true; if (priv == null || priv.trim().equals("")) continue; if (priv.equalsIgnoreCase(Privilege.ALL.toString())) { setBooleanArray(check, true); return true; if (priv == null || priv.trim().equals("")) continue; if (priv.equalsIgnoreCase(Privilege.ALL.toString())) { setBooleanArray(check, true); return true; String toMatch = inputPriv[i].toString(); if (!check[i]) { check[i] = privSet.contains(toMatch.toLowerCase());
private List<PrivilegeDesc> analyzePrivilegeListDef(ASTNode node) throws SemanticException { List<PrivilegeDesc> ret = new ArrayList<PrivilegeDesc>(); for (int i = 0; i < node.getChildCount(); i++) { ASTNode privilegeDef = (ASTNode) node.getChild(i); ASTNode privilegeType = (ASTNode) privilegeDef.getChild(0); Privilege privObj = PrivilegeRegistry.getPrivilege(privilegeType.getType()); if (privObj == null) { throw new SemanticException("undefined privilege " + privilegeType.getType()); } if (!SentryHiveConstants.ALLOWED_PRIVS.contains(privObj.getPriv())) { String msg = SentryHiveConstants.PRIVILEGE_NOT_SUPPORTED + privObj.getPriv(); throw new SemanticException(msg); } List<String> cols = null; if (privilegeDef.getChildCount() > 1) { cols = BaseSemanticAnalyzer.getColumnNames((ASTNode) privilegeDef.getChild(1)); } if (cols != null && (privObj.getPriv().equals(PrivilegeType.INSERT) || privObj.getPriv().equals(PrivilegeType.ALL))) { String msg = SentryHiveConstants.PRIVILEGE_NOT_SUPPORTED + privObj.getPriv() + " on Column"; throw new SemanticException(msg); } PrivilegeDesc privilegeDesc = new PrivilegeDesc(privObj, cols); ret.add(privilegeDesc); } return ret; }