private void authorize(Table table, Partition part, Privilege[] readRequiredPriv, Privilege[] writeRequiredPriv) throws HiveException, AuthorizationException { // extract drop privileges DropPrivilegeExtractor privExtractor = new DropPrivilegeExtractor(readRequiredPriv, writeRequiredPriv); readRequiredPriv = privExtractor.getReadReqPriv(); writeRequiredPriv = privExtractor.getWriteReqPriv(); // authorize drops if there was a drop privilege requirement if(privExtractor.hasDropPrivilege()) { checkDeletePermission(part.getDataLocation(), getConf(), authenticator.getUserName()); } // Partition path can be null in the case of a new create partition - in this case, // we try to default to checking the permissions of the parent table. // Partition itself can also be null, in cases where this gets called as a generic // catch-all call in cases like those with CTAS onto an unpartitioned table (see HIVE-1887) if ((part == null) || (part.getLocation() == null)) { if (requireCreatePrivilege(readRequiredPriv) || requireCreatePrivilege(writeRequiredPriv)) { // this should be the case only if this is a create partition. // The privilege needed on the table should be ALTER_DATA, and not CREATE authorize(table, new Privilege[]{}, new Privilege[]{Privilege.ALTER_DATA}); } else { authorize(table, readRequiredPriv, writeRequiredPriv); } } else { authorize(part.getDataLocation(), readRequiredPriv, writeRequiredPriv); } }
if (privExtractor.hasDropPrivilege || requireCreatePrivilege(readRequiredPriv) || requireCreatePrivilege(writeRequiredPriv)) { authorize(hive_db.getDatabase(table.getCatName(), table.getDbName()), new Privilege[] {}, new Privilege[] { Privilege.ALTER_DATA });
private void authorize(Table table, Partition part, Privilege[] readRequiredPriv, Privilege[] writeRequiredPriv) throws HiveException, AuthorizationException { // extract drop privileges DropPrivilegeExtractor privExtractor = new DropPrivilegeExtractor(readRequiredPriv, writeRequiredPriv); readRequiredPriv = privExtractor.getReadReqPriv(); writeRequiredPriv = privExtractor.getWriteReqPriv(); // authorize drops if there was a drop privilege requirement if(privExtractor.hasDropPrivilege()) { checkDeletePermission(part.getDataLocation(), getConf(), authenticator.getUserName()); } // Partition path can be null in the case of a new create partition - in this case, // we try to default to checking the permissions of the parent table. // Partition itself can also be null, in cases where this gets called as a generic // catch-all call in cases like those with CTAS onto an unpartitioned table (see HIVE-1887) if ((part == null) || (part.getLocation() == null)) { if (requireCreatePrivilege(readRequiredPriv) || requireCreatePrivilege(writeRequiredPriv)) { // this should be the case only if this is a create partition. // The privilege needed on the table should be ALTER_DATA, and not CREATE authorize(table, new Privilege[]{}, new Privilege[]{Privilege.ALTER_DATA}); } else { authorize(table, readRequiredPriv, writeRequiredPriv); } } else { authorize(part.getDataLocation(), readRequiredPriv, writeRequiredPriv); } }
if (privExtractor.hasDropPrivilege || requireCreatePrivilege(readRequiredPriv) || requireCreatePrivilege(writeRequiredPriv)) { authorize(hive_db.getDatabase(table.getDbName()), new Privilege[] {}, new Privilege[] { Privilege.ALTER_DATA });
if (privExtractor.hasDropPrivilege || requireCreatePrivilege(readRequiredPriv) || requireCreatePrivilege(writeRequiredPriv)) { authorize(hive_db.getDatabase(table.getDbName()), new Privilege[] {}, new Privilege[] { Privilege.ALTER_DATA });