@Override public void checkCanSetUser(Optional<Principal> principal, String userName) { if (shouldDenyPrivilege(userName, userName, SET_USER)) { denySetUser(principal, userName); } if (denyPrivileges.isEmpty()) { super.checkCanSetUser(principal, userName); } }
@Override public void checkCanSetCatalogSessionProperty(TransactionId transactionId, Identity identity, String catalogName, String propertyName) { if (shouldDenyPrivilege(identity.getUser(), catalogName + "." + propertyName, SET_SESSION)) { denySetCatalogSessionProperty(catalogName, propertyName); } if (denyPrivileges.isEmpty()) { super.checkCanSetCatalogSessionProperty(transactionId, identity, catalogName, propertyName); } }
@Override public void checkCanSetSystemSessionProperty(Identity identity, String propertyName) { if (shouldDenyPrivilege(identity.getUser(), propertyName, SET_SESSION)) { denySetSystemSessionProperty(propertyName); } if (denyPrivileges.isEmpty()) { super.checkCanSetSystemSessionProperty(identity, propertyName); } }
@Override public void checkCanCreateView(TransactionId transactionId, Identity identity, QualifiedObjectName viewName) { if (shouldDenyPrivilege(identity.getUser(), viewName.getObjectName(), CREATE_VIEW)) { denyCreateView(viewName.toString()); } if (denyPrivileges.isEmpty()) { super.checkCanCreateView(transactionId, identity, viewName); } }
@Override public void checkCanCreateSchema(TransactionId transactionId, Identity identity, CatalogSchemaName schemaName) { if (shouldDenyPrivilege(identity.getUser(), schemaName.getSchemaName(), CREATE_SCHEMA)) { denyCreateSchema(schemaName.toString()); } if (denyPrivileges.isEmpty()) { super.checkCanCreateSchema(transactionId, identity, schemaName); } }
@Override public void checkCanDropTable(TransactionId transactionId, Identity identity, QualifiedObjectName tableName) { if (shouldDenyPrivilege(identity.getUser(), tableName.getObjectName(), DROP_TABLE)) { denyDropTable(tableName.toString()); } if (denyPrivileges.isEmpty()) { super.checkCanDropTable(transactionId, identity, tableName); } }
@Override public void checkCanDeleteFromTable(TransactionId transactionId, Identity identity, QualifiedObjectName tableName) { if (shouldDenyPrivilege(identity.getUser(), tableName.getObjectName(), DELETE_TABLE)) { denyDeleteTable(tableName.toString()); } if (denyPrivileges.isEmpty()) { super.checkCanDeleteFromTable(transactionId, identity, tableName); } }
@Override public void checkCanDropView(TransactionId transactionId, Identity identity, QualifiedObjectName viewName) { if (shouldDenyPrivilege(identity.getUser(), viewName.getObjectName(), DROP_VIEW)) { denyDropView(viewName.toString()); } if (denyPrivileges.isEmpty()) { super.checkCanDropView(transactionId, identity, viewName); } }
@Override public void checkCanDropSchema(TransactionId transactionId, Identity identity, CatalogSchemaName schemaName) { if (shouldDenyPrivilege(identity.getUser(), schemaName.getSchemaName(), DROP_SCHEMA)) { denyDropSchema(schemaName.toString()); } if (denyPrivileges.isEmpty()) { super.checkCanDropSchema(transactionId, identity, schemaName); } }
@Override public void checkCanCreateTable(TransactionId transactionId, Identity identity, QualifiedObjectName tableName) { if (shouldDenyPrivilege(identity.getUser(), tableName.getObjectName(), CREATE_TABLE)) { denyCreateTable(tableName.toString()); } if (denyPrivileges.isEmpty()) { super.checkCanCreateTable(transactionId, identity, tableName); } }
@Override public void checkCanCreateViewWithSelectFromColumns(TransactionId transactionId, Identity identity, QualifiedObjectName tableName, Set<String> columnNames) { if (shouldDenyPrivilege(identity.getUser(), tableName.getObjectName(), CREATE_VIEW_WITH_SELECT_COLUMNS)) { denyCreateViewWithSelect(tableName.toString(), identity); } if (denyPrivileges.isEmpty()) { super.checkCanCreateViewWithSelectFromColumns(transactionId, identity, tableName, columnNames); } }
@Override public void checkCanRenameSchema(TransactionId transactionId, Identity identity, CatalogSchemaName schemaName, String newSchemaName) { if (shouldDenyPrivilege(identity.getUser(), schemaName.getSchemaName(), RENAME_SCHEMA)) { denyRenameSchema(schemaName.toString(), newSchemaName); } if (denyPrivileges.isEmpty()) { super.checkCanRenameSchema(transactionId, identity, schemaName, newSchemaName); } }
@Override public void checkCanInsertIntoTable(TransactionId transactionId, Identity identity, QualifiedObjectName tableName) { if (shouldDenyPrivilege(identity.getUser(), tableName.getObjectName(), INSERT_TABLE)) { denyInsertTable(tableName.toString()); } if (denyPrivileges.isEmpty()) { super.checkCanInsertIntoTable(transactionId, identity, tableName); } }
@Override public void checkCanSelectFromColumns(TransactionId transactionId, Identity identity, QualifiedObjectName tableName, Set<String> columns) { if (shouldDenyPrivilege(identity.getUser(), tableName.getObjectName(), SELECT_COLUMN)) { denySelectColumns(tableName.toString(), columns); } for (String column : columns) { if (shouldDenyPrivilege(identity.getUser(), column, SELECT_COLUMN)) { denySelectColumns(tableName.toString(), columns); } } if (denyPrivileges.isEmpty()) { super.checkCanSelectFromColumns(transactionId, identity, tableName, columns); } }
@Override public void checkCanRenameTable(TransactionId transactionId, Identity identity, QualifiedObjectName tableName, QualifiedObjectName newTableName) { if (shouldDenyPrivilege(identity.getUser(), tableName.getObjectName(), RENAME_TABLE)) { denyRenameTable(tableName.toString(), newTableName.toString()); } if (denyPrivileges.isEmpty()) { super.checkCanRenameTable(transactionId, identity, tableName, newTableName); } }
@Override public void checkCanDropColumn(TransactionId transactionId, Identity identity, QualifiedObjectName tableName) { if (shouldDenyPrivilege(identity.getUser(), tableName.getObjectName(), DROP_COLUMN)) { denyDropColumn(tableName.toString()); } super.checkCanDropColumn(transactionId, identity, tableName); }
@Override public void checkCanAddColumns(TransactionId transactionId, Identity identity, QualifiedObjectName tableName) { if (shouldDenyPrivilege(identity.getUser(), tableName.getObjectName(), ADD_COLUMN)) { denyAddColumn(tableName.toString()); } super.checkCanAddColumns(transactionId, identity, tableName); }
@Override public void checkCanRenameColumn(TransactionId transactionId, Identity identity, QualifiedObjectName tableName) { if (shouldDenyPrivilege(identity.getUser(), tableName.getObjectName(), RENAME_COLUMN)) { denyRenameColumn(tableName.toString()); } super.checkCanRenameColumn(transactionId, identity, tableName); }
@Override public void checkCanSetUser(Principal principal, String userName) { if (shouldDenyPrivilege(userName, userName, SET_USER)) { denySetUser(principal, userName); } if (denyPrivileges.isEmpty()) { super.checkCanSetUser(principal, userName); } }
@Override public void checkCanSelectFromView(TransactionId transactionId, Identity identity, QualifiedObjectName viewName) { if (shouldDenyPrivilege(identity.getUser(), viewName.getObjectName(), SELECT_VIEW)) { denySelectView(viewName.toString()); } if (denyPrivileges.isEmpty()) { super.checkCanSelectFromView(transactionId, identity, viewName); } }