private static void throwGetObjErr(Exception e, HivePrivilegeObject hivePrivObject) throws HiveAuthzPluginException { String msg = "Error getting object from metastore for " + hivePrivObject; throw new HiveAuthzPluginException(msg, e); }
private List<HivePrivilegeObject> getFilteredObjects(List<HivePrivilegeObject> listObjs) throws MetaException { SessionState ss = SessionState.get(); HiveAuthzContext.Builder authzContextBuilder = new HiveAuthzContext.Builder(); authzContextBuilder.setUserIpAddress(ss.getUserIpAddress()); authzContextBuilder.setForwardedAddresses(ss.getForwardedAddresses()); try { return ss.getAuthorizerV2().filterListCmdObjects(listObjs, authzContextBuilder.build()); } catch (HiveAuthzPluginException e) { LOG.error("Authorization error", e); throw new MetaException(e.getMessage()); } catch (HiveAccessControlException e) { // authorization error is not really expected in a filter call // the impl should have just filtered out everything. A checkPrivileges call // would have already been made to authorize this action LOG.error("AccessControlException", e); throw new MetaException(e.getMessage()); } }
private List<HivePrivilegeObject> getFilteredObjects(List<HivePrivilegeObject> listObjs) throws MetaException { SessionState ss = SessionState.get(); HiveAuthzContext.Builder authzContextBuilder = new HiveAuthzContext.Builder(); authzContextBuilder.setUserIpAddress(ss.getUserIpAddress()); authzContextBuilder.setForwardedAddresses(ss.getForwardedAddresses()); try { return ss.getAuthorizerV2().filterListCmdObjects(listObjs, authzContextBuilder.build()); } catch (HiveAuthzPluginException e) { LOG.error("Authorization error", e); throw new MetaException(e.getMessage()); } catch (HiveAccessControlException e) { // authorization error is not really expected in a filter call // the impl should have just filtered out everything. A checkPrivileges call // would have already been made to authorize this action LOG.error("AccessControlException", e); throw new MetaException(e.getMessage()); } }
@Override public void grantPrivileges(List<HivePrincipal> hivePrincipals, List<HivePrivilege> hivePrivileges, HivePrivilegeObject hivePrivObject, HivePrincipal grantorPrincipal, boolean grantOption) throws HiveAuthzPluginException { throw new HiveAuthzPluginException("grantPrivileges not implemented in FallbackHiveAuthorizer"); }
@Override public void grantRole(List<HivePrincipal> hivePrincipals, List<String> roles, boolean grantOption, HivePrincipal grantorPrinc) throws HiveAuthzPluginException, HiveAccessControlException { throw new HiveAuthzPluginException("grantRole not implemented in FallbackHiveAuthorizer"); }
@Override public List<HiveRoleGrant> getRoleGrantInfoForPrincipal(HivePrincipal principal) throws HiveAuthzPluginException, HiveAccessControlException { throw new HiveAuthzPluginException("getRoleGrantInfoForPrincipal not implemented in FallbackHiveAuthorizer"); }
@Override public void revokePrivileges(List<HivePrincipal> hivePrincipals, List<HivePrivilege> hivePrivileges, HivePrivilegeObject hivePrivObject, HivePrincipal grantorPrincipal, boolean grantOption) throws HiveAuthzPluginException { throw new HiveAuthzPluginException("revokePrivileges not implemented in FallbackHiveAuthorizer"); }
@Override public List<HiveRoleGrant> getPrincipalGrantInfoForRole(String roleName) throws HiveAuthzPluginException, HiveAccessControlException { throw new HiveAuthzPluginException("getPrincipalGrantInfoForRole not implemented in FallbackHiveAuthorizer"); }
@Override public void revokeRole(List<HivePrincipal> hivePrincipals, List<String> roles, boolean grantOption, HivePrincipal grantorPrinc) throws HiveAuthzPluginException, HiveAccessControlException { throw new HiveAuthzPluginException("revokeRole not implemented in FallbackHiveAuthorizer"); }
@Override public List<HivePrivilegeInfo> showPrivileges(HivePrincipal principal, HivePrivilegeObject privObj) throws HiveAuthzPluginException { throw new HiveAuthzPluginException("showPrivileges not implemented in FallbackHiveAuthorizer"); }
@Override public void setCurrentRole(String roleName) throws HiveAccessControlException, HiveAuthzPluginException { throw new HiveAuthzPluginException("Unsupported operation 'setCurrentRole' for V1 auth"); }
@Override public void setCurrentRole(String roleName) throws HiveAuthzPluginException { throw new HiveAuthzPluginException("setCurrentRole not implemented in FallbackHiveAuthorizer"); }
@Override public void dropRole(String roleName) throws HiveAuthzPluginException, HiveAccessControlException { throw new HiveAuthzPluginException("dropRole not implemented in FallbackHiveAuthorizer"); }
@Override public List<String> getAllRoles() throws HiveAuthzPluginException { throw new HiveAuthzPluginException("getAllRoles not implemented in FallbackHiveAuthorizer"); }
@Override public List<String> getCurrentRoleNames() throws HiveAuthzPluginException { throw new HiveAuthzPluginException("getCurrentRoleNames not implemented in FallbackHiveAuthorizer"); }
@Override public void createRole(String roleName, HivePrincipal adminGrantor) throws HiveAuthzPluginException { throw new HiveAuthzPluginException("createRole not implemented in FallbackHiveAuthorizer"); }
private static void throwGetObjErr(Exception e, HivePrivilegeObject hivePrivObject) throws HiveAuthzPluginException { String msg = "Error getting object from metastore for " + hivePrivObject; throw new HiveAuthzPluginException(msg, e); }
@Override public void setCurrentRole(String roleName) throws HiveAccessControlException, HiveAuthzPluginException { throw new HiveAuthzPluginException("Unsupported operation 'setCurrentRole' for V1 auth"); }
private static void throwGetPrivErr(Exception e, HivePrivilegeObject hivePrivObject, String userName) throws HiveAuthzPluginException { String msg = "Error getting privileges on " + hivePrivObject + " for " + userName + ": " + e.getMessage(); throw new HiveAuthzPluginException(msg, e); }
static HiveAuthzPluginException getPluginException(String prefix, Exception e) { return new HiveAuthzPluginException(prefix + ": " + e.getMessage(), e); }