static void authorize(List<HivePrincipal> hivePrincipals, List<HivePrivilege> hivePrivileges, HivePrivilegeObject hivePrivObject, boolean grantOption, IMetaStoreClient metastoreClient, String userName, List<String> curRoles, boolean isAdmin) throws HiveAuthzPluginException, HiveAccessControlException { // check if this user has grant privileges for this privileges on this // object // map priv being granted to required privileges RequiredPrivileges reqPrivs = getGrantRequiredPrivileges(hivePrivileges); // check if this user has necessary privileges (reqPrivs) on this object checkRequiredPrivileges(reqPrivs, hivePrivObject, metastoreClient, userName, curRoles, isAdmin, HiveOperationType.GRANT_PRIVILEGE); }
@Override public void grantPrivileges(List<HivePrincipal> hivePrincipals, List<HivePrivilege> hivePrivileges, HivePrivilegeObject hivePrivObject, HivePrincipal grantorPrincipal, boolean grantOption) throws HiveAuthzPluginException, HiveAccessControlException { hivePrivileges = expandAndValidatePrivileges(hivePrivileges); IMetaStoreClient metastoreClient = metastoreClientFactory.getHiveMetastoreClient(); // authorize the grant GrantPrivAuthUtils.authorize(hivePrincipals, hivePrivileges, hivePrivObject, grantOption, metastoreClient, authenticator.getUserName(), getCurrentRoleNames(), isUserAdmin()); // grant PrivilegeBag privBag = SQLAuthorizationUtils.getThriftPrivilegesBag(hivePrincipals, hivePrivileges, hivePrivObject, grantorPrincipal, grantOption); try { metastoreClient.grant_privileges(privBag); } catch (Exception e) { throw SQLAuthorizationUtils.getPluginException("Error granting privileges", e); } }
@Override public void grantPrivileges(List<HivePrincipal> hivePrincipals, List<HivePrivilege> hivePrivileges, HivePrivilegeObject hivePrivObject, HivePrincipal grantorPrincipal, boolean grantOption) throws HiveAuthzPluginException, HiveAccessControlException { hivePrivileges = expandAndValidatePrivileges(hivePrivileges); IMetaStoreClient metastoreClient = metastoreClientFactory.getHiveMetastoreClient(); // authorize the grant GrantPrivAuthUtils.authorize(hivePrincipals, hivePrivileges, hivePrivObject, grantOption, metastoreClient, authenticator.getUserName(), getCurrentRoleNames(), isUserAdmin()); // grant PrivilegeBag privBag = SQLAuthorizationUtils.getThriftPrivilegesBag(hivePrincipals, hivePrivileges, hivePrivObject, grantorPrincipal, grantOption); try { metastoreClient.grant_privileges(privBag); } catch (Exception e) { throw SQLAuthorizationUtils.getPluginException("Error granting privileges", e); } }
static void authorize(List<HivePrincipal> hivePrincipals, List<HivePrivilege> hivePrivileges, HivePrivilegeObject hivePrivObject, boolean grantOption, IMetaStoreClient metastoreClient, String userName, List<String> curRoles, boolean isAdmin) throws HiveAuthzPluginException, HiveAccessControlException { // check if this user has grant privileges for this privileges on this // object // map priv being granted to required privileges RequiredPrivileges reqPrivs = getGrantRequiredPrivileges(hivePrivileges); // check if this user has necessary privileges (reqPrivs) on this object checkRequiredPrivileges(reqPrivs, hivePrivObject, metastoreClient, userName, curRoles, isAdmin, HiveOperationType.GRANT_PRIVILEGE); }
@Override public void grantPrivileges(List<HivePrincipal> hivePrincipals, List<HivePrivilege> hivePrivileges, HivePrivilegeObject hivePrivObject, HivePrincipal grantorPrincipal, boolean grantOption) throws HiveAuthzPluginException, HiveAccessControlException { hivePrivileges = expandAndValidatePrivileges(hivePrivileges); IMetaStoreClient metastoreClient = metastoreClientFactory.getHiveMetastoreClient(); // authorize the grant GrantPrivAuthUtils.authorize(hivePrincipals, hivePrivileges, hivePrivObject, grantOption, metastoreClient, authenticator.getUserName(), getCurrentRoleNames(), isUserAdmin()); // grant PrivilegeBag privBag = SQLAuthorizationUtils.getThriftPrivilegesBag(hivePrincipals, hivePrivileges, hivePrivObject, grantorPrincipal, grantOption); try { metastoreClient.grant_privileges(privBag); } catch (Exception e) { throw SQLAuthorizationUtils.getPluginException("Error granting privileges", e); } }
static void authorize(List<HivePrincipal> hivePrincipals, List<HivePrivilege> hivePrivileges, HivePrivilegeObject hivePrivObject, boolean grantOption, IMetaStoreClient metastoreClient, String userName, List<String> curRoles, boolean isAdmin) throws HiveAuthzPluginException, HiveAccessControlException { // check if this user has grant privileges for this privileges on this // object // map priv being granted to required privileges RequiredPrivileges reqPrivs = getGrantRequiredPrivileges(hivePrivileges); // check if this user has necessary privileges (reqPrivs) on this object checkRequiredPrivileges(reqPrivs, hivePrivObject, metastoreClient, userName, curRoles, isAdmin, HiveOperationType.GRANT_PRIVILEGE); }