public Object getFieldValue(_Fields field) { switch (field) { case USER_PRIVILEGES: return getUserPrivileges(); case GROUP_PRIVILEGES: return getGroupPrivileges(); case ROLE_PRIVILEGES: return getRolePrivileges(); } throw new IllegalStateException(); }
private static RequiredPrivileges getRequiredPrivsFromThrift(PrincipalPrivilegeSet thrifPrivs) throws HiveAuthzPluginException { RequiredPrivileges reqPrivs = new RequiredPrivileges(); // add user privileges Map<String, List<PrivilegeGrantInfo>> userPrivs = thrifPrivs.getUserPrivileges(); if (userPrivs != null && userPrivs.size() != 1) { throw new HiveAuthzPluginException("Invalid number of user privilege objects: " + userPrivs.size()); } addRequiredPrivs(reqPrivs, userPrivs); // add role privileges Map<String, List<PrivilegeGrantInfo>> rolePrivs = thrifPrivs.getRolePrivileges(); addRequiredPrivs(reqPrivs, rolePrivs); return reqPrivs; }
private static RequiredPrivileges getRequiredPrivsFromThrift(PrincipalPrivilegeSet thrifPrivs) throws HiveAuthzPluginException { RequiredPrivileges reqPrivs = new RequiredPrivileges(); // add user privileges Map<String, List<PrivilegeGrantInfo>> userPrivs = thrifPrivs.getUserPrivileges(); if (userPrivs != null && userPrivs.size() != 1) { throw new HiveAuthzPluginException("Invalid number of user privilege objects: " + userPrivs.size()); } addRequiredPrivs(reqPrivs, userPrivs); // add role privileges Map<String, List<PrivilegeGrantInfo>> rolePrivs = thrifPrivs.getRolePrivileges(); addRequiredPrivs(reqPrivs, rolePrivs); return reqPrivs; }
if (privileges.getUserPrivileges() != null && privileges.getUserPrivileges().size() > 0) { Collection<List<PrivilegeGrantInfo>> privCollection = privileges.getUserPrivileges().values();
PrincipalPrivilegeSet privilegeSet = client.getPrivilegeSet(objectReference, principalName, null); if (privilegeSet != null) { Map<String, List<PrivilegeGrantInfo>> userPrivileges = privilegeSet.getUserPrivileges(); if (userPrivileges != null) { privileges.addAll(toGrants(userPrivileges.get(principalName)));
if (privileges.getUserPrivileges() != null && privileges.getUserPrivileges().size() > 0) { Collection<List<PrivilegeGrantInfo>> privCollection = privileges.getUserPrivileges().values();
private static void assertAuthInfoReturned(String user, String group, Partition partition) { assertNotNull(partition.getPrivileges()); assertEquals(Lists.newArrayList(), partition.getPrivileges().getUserPrivileges().get(user)); assertEquals(Lists.newArrayList(), partition.getPrivileges().getGroupPrivileges().get(group)); assertEquals(Lists.newArrayList(), partition.getPrivileges().getRolePrivileges().get("public")); }
for (Entry<String, List<PrivilegeGrantInfo>> entry : privileges.getUserPrivileges().entrySet()) { String user = entry.getKey(); Set<HivePrivilegeInfo> userPrivileges = entry.getValue().stream()
private static void assertAuthInfoReturned(String user, String group, Partition partition) { assertNotNull(partition.getPrivileges()); assertEquals(Lists.newArrayList(), partition.getPrivileges().getUserPrivileges().get(user)); assertEquals(Lists.newArrayList(), partition.getPrivileges().getGroupPrivileges().get(group)); assertEquals(Lists.newArrayList(), partition.getPrivileges().getRolePrivileges().get("public")); }
int now = (int)(System.currentTimeMillis()/1000); Map<String, List<PrivilegeGrantInfo>> userPrivs = principalPrivs.getUserPrivileges(); putPersistentPrivObjects(mtbl, toPersistPrivObjs, now, userPrivs, PrincipalType.USER, "SQL");
public Object getFieldValue(_Fields field) { switch (field) { case USER_PRIVILEGES: return getUserPrivileges(); case GROUP_PRIVILEGES: return getGroupPrivileges(); case ROLE_PRIVILEGES: return getRolePrivileges(); } throw new IllegalStateException(); }
public Object getFieldValue(_Fields field) { switch (field) { case USER_PRIVILEGES: return getUserPrivileges(); case GROUP_PRIVILEGES: return getGroupPrivileges(); case ROLE_PRIVILEGES: return getRolePrivileges(); } throw new IllegalStateException(); }
public Object getFieldValue(_Fields field) { switch (field) { case USER_PRIVILEGES: return getUserPrivileges(); case GROUP_PRIVILEGES: return getGroupPrivileges(); case ROLE_PRIVILEGES: return getRolePrivileges(); } throw new IllegalStateException(); }
public Object getFieldValue(_Fields field) { switch (field) { case USER_PRIVILEGES: return getUserPrivileges(); case GROUP_PRIVILEGES: return getGroupPrivileges(); case ROLE_PRIVILEGES: return getRolePrivileges(); } throw new IllegalStateException(); }
private Set<HivePrivilege> getPrivileges(String user, HiveObjectRef objectReference) { ImmutableSet.Builder<HivePrivilege> privileges = ImmutableSet.builder(); try (HiveMetastoreClient client = clientProvider.createMetastoreClient()) { PrincipalPrivilegeSet privilegeSet = client.getPrivilegeSet(objectReference, user, null); if (privilegeSet != null) { Map<String, List<PrivilegeGrantInfo>> userPrivileges = privilegeSet.getUserPrivileges(); if (userPrivileges != null) { privileges.addAll(toGrants(userPrivileges.get(user))); } for (List<PrivilegeGrantInfo> rolePrivileges : privilegeSet.getRolePrivileges().values()) { privileges.addAll(toGrants(rolePrivileges)); } // We do not add the group permissions as Hive does not seem to process these } } catch (TException e) { throw new PrestoException(HIVE_METASTORE_ERROR, e); } return privileges.build(); }
private static RequiredPrivileges getRequiredPrivsFromThrift(PrincipalPrivilegeSet thrifPrivs) throws HiveAuthzPluginException { RequiredPrivileges reqPrivs = new RequiredPrivileges(); // add user privileges Map<String, List<PrivilegeGrantInfo>> userPrivs = thrifPrivs.getUserPrivileges(); if (userPrivs != null && userPrivs.size() != 1) { throw new HiveAuthzPluginException("Invalid number of user privilege objects: " + userPrivs.size()); } addRequiredPrivs(reqPrivs, userPrivs); // add role privileges Map<String, List<PrivilegeGrantInfo>> rolePrivs = thrifPrivs.getRolePrivileges(); addRequiredPrivs(reqPrivs, rolePrivs); return reqPrivs; }
@Override public boolean hasPrivilegeWithGrantOptionOnTable(String user, String databaseName, String tableName, HivePrivilege hivePrivilege) { try (HiveMetastoreClient metastoreClient = clientProvider.createMetastoreClient()) { PrincipalPrivilegeSet principalPrivilegeSet = metastoreClient.getPrivilegeSet(new HiveObjectRef(HiveObjectType.TABLE, databaseName, tableName, null, null), user, null); for (PrivilegeGrantInfo privilegeGrantInfo : principalPrivilegeSet.getUserPrivileges().get(user)) { if (privilegeGrantInfo.getPrivilege().equalsIgnoreCase(hivePrivilege.name()) && privilegeGrantInfo.isGrantOption()) { return true; } } return false; } catch (TException e) { throw new PrestoException(HIVE_METASTORE_ERROR, e); } }
@Override public void createTable(Table tbl) throws InvalidObjectException, MetaException { boolean commited = false; try { openTransaction(); MTable mtbl = convertToMTable(tbl); pm.makePersistent(mtbl); PrincipalPrivilegeSet principalPrivs = tbl.getPrivileges(); List<Object> toPersistPrivObjs = new ArrayList<Object>(); if (principalPrivs != null) { int now = (int)(System.currentTimeMillis()/1000); Map<String, List<PrivilegeGrantInfo>> userPrivs = principalPrivs.getUserPrivileges(); putPersistentPrivObjects(mtbl, toPersistPrivObjs, now, userPrivs, PrincipalType.USER); Map<String, List<PrivilegeGrantInfo>> groupPrivs = principalPrivs.getGroupPrivileges(); putPersistentPrivObjects(mtbl, toPersistPrivObjs, now, groupPrivs, PrincipalType.GROUP); Map<String, List<PrivilegeGrantInfo>> rolePrivs = principalPrivs.getRolePrivileges(); putPersistentPrivObjects(mtbl, toPersistPrivObjs, now, rolePrivs, PrincipalType.ROLE); } pm.makePersistentAll(toPersistPrivObjs); commited = commitTransaction(); } finally { if (!commited) { rollbackTransaction(); } } }
public void createTable(Table tbl) throws InvalidObjectException, MetaException { boolean commited = false; try { openTransaction(); MTable mtbl = convertToMTable(tbl); pm.makePersistent(mtbl); PrincipalPrivilegeSet principalPrivs = tbl.getPrivileges(); List<Object> toPersistPrivObjs = new ArrayList<Object>(); if (principalPrivs != null) { int now = (int)(System.currentTimeMillis()/1000); Map<String, List<PrivilegeGrantInfo>> userPrivs = principalPrivs.getUserPrivileges(); putPersistentPrivObjects(mtbl, toPersistPrivObjs, now, userPrivs, PrincipalType.USER); Map<String, List<PrivilegeGrantInfo>> groupPrivs = principalPrivs.getGroupPrivileges(); putPersistentPrivObjects(mtbl, toPersistPrivObjs, now, groupPrivs, PrincipalType.GROUP); Map<String, List<PrivilegeGrantInfo>> rolePrivs = principalPrivs.getRolePrivileges(); putPersistentPrivObjects(mtbl, toPersistPrivObjs, now, rolePrivs, PrincipalType.ROLE); } pm.makePersistentAll(toPersistPrivObjs); commited = commitTransaction(); } finally { if (!commited) { rollbackTransaction(); } } }
public void createTable(Table tbl) throws InvalidObjectException, MetaException { boolean commited = false; try { openTransaction(); MTable mtbl = convertToMTable(tbl); pm.makePersistent(mtbl); PrincipalPrivilegeSet principalPrivs = tbl.getPrivileges(); List<Object> toPersistPrivObjs = new ArrayList<Object>(); if (principalPrivs != null) { int now = (int)(System.currentTimeMillis()/1000); Map<String, List<PrivilegeGrantInfo>> userPrivs = principalPrivs.getUserPrivileges(); putPersistentPrivObjects(mtbl, toPersistPrivObjs, now, userPrivs, PrincipalType.USER); Map<String, List<PrivilegeGrantInfo>> groupPrivs = principalPrivs.getGroupPrivileges(); putPersistentPrivObjects(mtbl, toPersistPrivObjs, now, groupPrivs, PrincipalType.GROUP); Map<String, List<PrivilegeGrantInfo>> rolePrivs = principalPrivs.getRolePrivileges(); putPersistentPrivObjects(mtbl, toPersistPrivObjs, now, rolePrivs, PrincipalType.ROLE); } pm.makePersistentAll(toPersistPrivObjs); commited = commitTransaction(); } finally { if (!commited) { rollbackTransaction(); } } }