private List<HivePrivilege> expandAllPrivileges(List<HivePrivilege> hivePrivileges) { Set<HivePrivilege> hivePrivSet = new HashSet<HivePrivilege>(); for (HivePrivilege hivePrivilege : hivePrivileges) { if (hivePrivilege.getName().equals(ALL)) { // expand to all supported privileges for (SQLPrivilegeType privType : SQLPrivilegeType.values()) { hivePrivSet.add(new HivePrivilege(privType.name(), hivePrivilege.getColumns())); } } else { hivePrivSet.add(hivePrivilege); } } return new ArrayList<HivePrivilege>(hivePrivSet); }
@Override public int compareTo(HivePrivilege privilege) { int compare = columns != null ? (privilege.columns != null ? compare(columns, privilege.columns) : 1) : (privilege.columns != null ? -1 : 0); if (compare == 0) { compare = name.compareTo(privilege.name); } return compare; }
/** * Check if the privileges are acceptable for SQL Standard authorization implementation * @param hivePrivileges * @throws HiveAuthzPluginException */ public static void validatePrivileges(List<HivePrivilege> hivePrivileges) throws HiveAuthzPluginException { for (HivePrivilege hivePrivilege : hivePrivileges) { if (hivePrivilege.getColumns() != null && hivePrivilege.getColumns().size() != 0) { throw new HiveAuthzPluginException( "Privilege with columns are not currently supported with sql standard authorization:" + hivePrivilege); } //try converting to the enum to verify that this is a valid privilege type SQLPrivilegeType.getRequirePrivilege(hivePrivilege.getName()); } }
privObject.getType() == HivePrivilegeObject.HivePrivilegeObjectType.GLOBAL) { for (HivePrivilege priv : privileges) { List<String> columns = priv.getColumns(); if (columns != null && !columns.isEmpty()) { throw new HiveException( new PrivilegeGrantInfo(priv.getName(), 0, grantor.getName(), grantorType, grantOption), authorizer)); List<String> columns = priv.getColumns(); if (columns != null && !columns.isEmpty()) { if (!priv.supportsScope(PrivilegeScope.COLUMN_LEVEL_SCOPE)) { throw new HiveException(priv.getName() + " does not support column level privilege."); new HiveObjectRef(HiveObjectType.COLUMN, dbObj.getName(), tableObj.getTableName(), partValues, columns.get(i)), null, null, new PrivilegeGrantInfo(priv.getName(), 0, grantorName, grantorType, grantOption), authorizer)); new HiveObjectRef(HiveObjectType.DATABASE, dbObj.getName(), null, null, null), null, null, new PrivilegeGrantInfo(priv.getName(), 0, grantorName, grantorType, grantOption), authorizer)); } else if (partValues == null) { privBag.addToPrivileges(new HiveObjectPrivilege( new HiveObjectRef(HiveObjectType.TABLE, dbObj.getName(), tableObj.getTableName(), null, null), null, null, new PrivilegeGrantInfo(priv.getName(), 0, grantorName, grantorType, grantOption), authorizer)); } else { privBag.addToPrivileges(new HiveObjectPrivilege( new HiveObjectRef(HiveObjectType.PARTITION, dbObj.getName(), tableObj.getTableName(),
private static RequiredPrivileges getGrantRequiredPrivileges(List<HivePrivilege> hivePrivileges) throws HiveAuthzPluginException { RequiredPrivileges reqPrivs = new RequiredPrivileges(); for (HivePrivilege hivePriv : hivePrivileges) { reqPrivs.addPrivilege(hivePriv.getName(), true /* grant priv required */); } return reqPrivs; }
@Override public HivePrivilege getHivePrivilege(PrivilegeDesc privilege) { Privilege priv = privilege.getPrivilege(); return new HivePrivilege(priv.toString(), privilege.getColumns(), priv.getScopeList()); }
@Override public int compare(HivePrivilegeInfo o1, HivePrivilegeInfo o2) { int compare = o1.getObject().compareTo(o2.getObject()); if (compare == 0) { compare = o1.getPrincipal().compareTo(o2.getPrincipal()); } if (compare == 0) { compare = o1.getPrivilege().compareTo(o2.getPrivilege()); } return compare; } });
privObject.getType() == HivePrivilegeObject.HivePrivilegeObjectType.GLOBAL) { for (HivePrivilege priv : privileges) { List<String> columns = priv.getColumns(); if (columns != null && !columns.isEmpty()) { throw new HiveException( new PrivilegeGrantInfo(priv.getName(), 0, grantor.getName(), grantorType, grantOption))); List<String> columns = priv.getColumns(); if (columns != null && !columns.isEmpty()) { if (!priv.supportsScope(PrivilegeScope.COLUMN_LEVEL_SCOPE)) { throw new HiveException(priv.getName() + " does not support column level privilege."); new HiveObjectRef(HiveObjectType.COLUMN, dbObj.getName(), tableObj.getTableName(), partValues, columns.get(i)), null, null, new PrivilegeGrantInfo(priv.getName(), 0, grantorName, grantorType, grantOption))); new HiveObjectRef(HiveObjectType.DATABASE, dbObj.getName(), null, null, null), null, null, new PrivilegeGrantInfo(priv.getName(), 0, grantorName, grantorType, grantOption))); } else if (partValues == null) { privBag.addToPrivileges(new HiveObjectPrivilege( new HiveObjectRef(HiveObjectType.TABLE, dbObj.getName(), tableObj.getTableName(), null, null), null, null, new PrivilegeGrantInfo(priv.getName(), 0, grantorName, grantorType, grantOption))); } else { privBag.addToPrivileges(new HiveObjectPrivilege( new HiveObjectRef(HiveObjectType.PARTITION, dbObj.getName(), tableObj.getTableName(),
/** * Check if the privileges are acceptable for SQL Standard authorization implementation * @param hivePrivileges * @throws HiveAuthzPluginException */ public static void validatePrivileges(List<HivePrivilege> hivePrivileges) throws HiveAuthzPluginException { for (HivePrivilege hivePrivilege : hivePrivileges) { if (hivePrivilege.getColumns() != null && hivePrivilege.getColumns().size() != 0) { throw new HiveAuthzPluginException( "Privilege with columns are not currently supported with sql standard authorization:" + hivePrivilege); } //try converting to the enum to verify that this is a valid privilege type SQLPrivilegeType.getRequirePrivilege(hivePrivilege.getName()); } }
private static RequiredPrivileges getGrantRequiredPrivileges(List<HivePrivilege> hivePrivileges) throws HiveAuthzPluginException { RequiredPrivileges reqPrivs = new RequiredPrivileges(); for (HivePrivilege hivePriv : hivePrivileges) { reqPrivs.addPrivilege(hivePriv.getName(), true /* grant priv required */); } return reqPrivs; }
@Override public HivePrivilege getHivePrivilege(PrivilegeDesc privilege) { Privilege priv = privilege.getPrivilege(); return new HivePrivilege(priv.toString(), privilege.getColumns(), priv.getScopeList()); }
@Override public int compare(HivePrivilegeInfo o1, HivePrivilegeInfo o2) { int compare = o1.getObject().compareTo(o2.getObject()); if (compare == 0) { compare = o1.getPrincipal().compareTo(o2.getPrincipal()); } if (compare == 0) { compare = o1.getPrivilege().compareTo(o2.getPrivilege()); } return compare; } });
private List<HivePrivilege> expandAllPrivileges(List<HivePrivilege> hivePrivileges) { Set<HivePrivilege> hivePrivSet = new HashSet<HivePrivilege>(); for (HivePrivilege hivePrivilege : hivePrivileges) { if (hivePrivilege.getName().equals(ALL)) { // expand to all supported privileges for (SQLPrivilegeType privType : SQLPrivilegeType.values()) { hivePrivSet.add(new HivePrivilege(privType.name(), hivePrivilege.getColumns())); } } else { hivePrivSet.add(hivePrivilege); } } return new ArrayList<HivePrivilege>(hivePrivSet); }
privObject.getType() == HivePrivilegeObject.HivePrivilegeObjectType.GLOBAL) { for (HivePrivilege priv : privileges) { List<String> columns = priv.getColumns(); if (columns != null && !columns.isEmpty()) { throw new HiveException( new PrivilegeGrantInfo(priv.getName(), 0, grantor.getName(), grantorType, grantOption))); List<String> columns = priv.getColumns(); if (columns != null && !columns.isEmpty()) { if (!priv.supportsScope(PrivilegeScope.COLUMN_LEVEL_SCOPE)) { throw new HiveException(priv.getName() + " does not support column level privilege."); new HiveObjectRef(HiveObjectType.COLUMN, dbObj.getName(), tableObj.getTableName(), partValues, columns.get(i)), null, null, new PrivilegeGrantInfo(priv.getName(), 0, grantorName, grantorType, grantOption))); new HiveObjectRef(HiveObjectType.DATABASE, dbObj.getName(), null, null, null), null, null, new PrivilegeGrantInfo(priv.getName(), 0, grantorName, grantorType, grantOption))); } else if (partValues == null) { privBag.addToPrivileges(new HiveObjectPrivilege( new HiveObjectRef(HiveObjectType.TABLE, dbObj.getName(), tableObj.getTableName(), null, null), null, null, new PrivilegeGrantInfo(priv.getName(), 0, grantorName, grantorType, grantOption))); } else { privBag.addToPrivileges(new HiveObjectPrivilege( new HiveObjectRef(HiveObjectType.PARTITION, dbObj.getName(), tableObj.getTableName(),
PrivilegeBag privBag = new PrivilegeBag(); for (HivePrivilege privilege : hivePrivileges) { if (privilege.getColumns() != null && privilege.getColumns().size() > 0) { throw new HiveAuthzPluginException("Privileges on columns not supported currently" + " in sql standard authorization mode"); if (!SUPPORTED_PRIVS_SET.contains(privilege.getName().toUpperCase(Locale.US))) { throw new HiveAuthzPluginException("Privilege: " + privilege.getName() + " is not supported in sql standard authorization mode");
/** * Get thrift privilege grant info * @param privilege * @param grantorPrincipal * @param grantOption * @param grantTime * @return * @throws HiveException */ public static PrivilegeGrantInfo getThriftPrivilegeGrantInfo(HivePrivilege privilege, HivePrincipal grantorPrincipal, boolean grantOption, int grantTime) throws HiveException { return new PrivilegeGrantInfo(privilege.getName(), grantTime, grantorPrincipal.getName(), getThriftPrincipalType(grantorPrincipal.getType()), grantOption); }
public static List<HivePrivilegeInfo> getPrivilegeInfos(List<HiveObjectPrivilege> privs) throws HiveException { List<HivePrivilegeInfo> hivePrivs = new ArrayList<HivePrivilegeInfo>(); for (HiveObjectPrivilege priv : privs) { PrivilegeGrantInfo grantorInfo = priv.getGrantInfo(); HiveObjectRef privObject = priv.getHiveObject(); HivePrincipal hivePrincipal = getHivePrincipal(priv.getPrincipalName(), priv.getPrincipalType()); HivePrincipal grantor = getHivePrincipal(grantorInfo.getGrantor(), grantorInfo.getGrantorType()); HivePrivilegeObject object = getHiveObjectRef(privObject); HivePrivilege privilege = new HivePrivilege(grantorInfo.getPrivilege(), null); hivePrivs.add(new HivePrivilegeInfo(hivePrincipal, privilege, object, grantor, grantorInfo.isGrantOption(), grantorInfo.getCreateTime())); } return hivePrivs; }
@Override public int compare(HivePrivilegeInfo o1, HivePrivilegeInfo o2) { int compare = o1.getObject().compareTo(o2.getObject()); if (compare == 0) { compare = o1.getPrincipal().compareTo(o2.getPrincipal()); } if (compare == 0) { compare = o1.getPrivilege().compareTo(o2.getPrivilege()); } return compare; } });
@Override public int compareTo(HivePrivilege privilege) { int compare = columns != null ? (privilege.columns != null ? compare(columns, privilege.columns) : 1) : (privilege.columns != null ? -1 : 0); if (compare == 0) { compare = name.compareTo(privilege.name); } return compare; }
private List<HivePrivilege> expandAllPrivileges(List<HivePrivilege> hivePrivileges) { Set<HivePrivilege> hivePrivSet = new HashSet<HivePrivilege>(); for (HivePrivilege hivePrivilege : hivePrivileges) { if (hivePrivilege.getName().equals(ALL)) { // expand to all supported privileges for (SQLPrivilegeType privType : SQLPrivilegeType.values()) { hivePrivSet.add(new HivePrivilege(privType.name(), hivePrivilege.getColumns())); } } else { hivePrivSet.add(hivePrivilege); } } return new ArrayList<HivePrivilege>(hivePrivSet); }