public static List<HiveRoleGrant> getHiveRoleGrants(IMetaStoreClient client, String roleName) throws Exception { GetPrincipalsInRoleRequest request = new GetPrincipalsInRoleRequest(roleName); GetPrincipalsInRoleResponse princGrantInfo = client.get_principals_in_role(request); List<HiveRoleGrant> hiveRoleGrants = new ArrayList<HiveRoleGrant>(); for(RolePrincipalGrant thriftRoleGrant : princGrantInfo.getPrincipalGrants()){ hiveRoleGrants.add(new HiveRoleGrant(thriftRoleGrant)); } return hiveRoleGrants; }
public static List<HiveRoleGrant> getHiveRoleGrants(IMetaStoreClient client, String roleName) throws Exception { GetPrincipalsInRoleRequest request = new GetPrincipalsInRoleRequest(roleName); GetPrincipalsInRoleResponse princGrantInfo = client.get_principals_in_role(request); List<HiveRoleGrant> hiveRoleGrants = new ArrayList<HiveRoleGrant>(); for(RolePrincipalGrant thriftRoleGrant : princGrantInfo.getPrincipalGrants()){ hiveRoleGrants.add(new HiveRoleGrant(thriftRoleGrant)); } return hiveRoleGrants; }
/** * Add role names of parentRoles and its parents to processedRolesMap * * @param processedRolesMap * @param roleGrants * @throws TException * @throws HiveAuthzPluginException * @throws MetaException */ private void getAllRoleAncestors(Map<String, HiveRoleGrant> processedRolesMap, List<RolePrincipalGrant> roleGrants) throws MetaException, HiveAuthzPluginException, TException { for (RolePrincipalGrant parentRoleGrant : roleGrants) { String parentRoleName = parentRoleGrant.getRoleName(); if (processedRolesMap.get(parentRoleName) == null) { // unprocessed role: get its parents, add it to processed, and call this // function recursively List<RolePrincipalGrant> nextParentRoles = getRoleGrants(parentRoleName, PrincipalType.ROLE); processedRolesMap.put(parentRoleName, new HiveRoleGrant(parentRoleGrant)); getAllRoleAncestors(processedRolesMap, nextParentRoles); } } }
/** * Add role names of parentRoles and its parents to processedRolesMap * * @param processedRolesMap * @param roleGrants * @throws TException * @throws HiveAuthzPluginException * @throws MetaException */ private void getAllRoleAncestors(Map<String, HiveRoleGrant> processedRolesMap, List<RolePrincipalGrant> roleGrants) throws MetaException, HiveAuthzPluginException, TException { for (RolePrincipalGrant parentRoleGrant : roleGrants) { String parentRoleName = parentRoleGrant.getRoleName(); if (processedRolesMap.get(parentRoleName) == null) { // unprocessed role: get its parents, add it to processed, and call this // function recursively List<RolePrincipalGrant> nextParentRoles = getRoleGrants(parentRoleName, PrincipalType.ROLE); processedRolesMap.put(parentRoleName, new HiveRoleGrant(parentRoleGrant)); getAllRoleAncestors(processedRolesMap, nextParentRoles); } } }
@Override public List<HiveRoleGrant> getRoleGrantInfoForPrincipal(HivePrincipal principal) throws HiveAuthzPluginException, HiveAccessControlException { PrincipalType type = AuthorizationUtils.getThriftPrincipalType(principal.getType()); try { List<HiveRoleGrant> grants = new ArrayList<HiveRoleGrant>(); Hive hive = Hive.getWithFastCheck(this.conf); for (RolePrincipalGrant grant : hive.getRoleGrantInfoForPrincipal(principal.getName(), type)) { grants.add(new HiveRoleGrant(grant)); } return grants; } catch (HiveException e) { throw new HiveAuthzPluginException(e); } }
@Override public List<HiveRoleGrant> getRoleGrantInfoForPrincipal(HivePrincipal principal) throws HiveAuthzPluginException, HiveAccessControlException { PrincipalType type = AuthorizationUtils.getThriftPrincipalType(principal.getType()); try { List<HiveRoleGrant> grants = new ArrayList<HiveRoleGrant>(); Hive hive = Hive.getWithFastCheck(this.conf); for (RolePrincipalGrant grant : hive.getRoleGrantInfoForPrincipal(principal.getName(), type)) { grants.add(new HiveRoleGrant(grant)); } return grants; } catch (HiveException e) { throw new HiveAuthzPluginException(e); } }
@Override public List<HiveRoleGrant> getRoleGrantInfoForPrincipal(HivePrincipal principal) throws HiveAuthzPluginException, HiveAccessControlException { try { // first authorize the call if (!isUserAdmin()) { ensureShowGrantAllowed(principal); } List<RolePrincipalGrant> roleGrants = getRoleGrants(principal.getName(), AuthorizationUtils.getThriftPrincipalType(principal.getType())); List<HiveRoleGrant> hiveRoleGrants = new ArrayList<HiveRoleGrant>(roleGrants.size()); for (RolePrincipalGrant roleGrant : roleGrants) { hiveRoleGrants.add(new HiveRoleGrant(roleGrant)); } return hiveRoleGrants; } catch (Exception e) { throw SQLAuthorizationUtils.getPluginException("Error getting role grant information for user " + principal.getName(), e); } }
@Override public List<HiveRoleGrant> getRoleGrantInfoForPrincipal(HivePrincipal principal) throws HiveAuthzPluginException, HiveAccessControlException { try { // first authorize the call if (!isUserAdmin()) { ensureShowGrantAllowed(principal); } List<RolePrincipalGrant> roleGrants = getRoleGrants(principal.getName(), AuthorizationUtils.getThriftPrincipalType(principal.getType())); List<HiveRoleGrant> hiveRoleGrants = new ArrayList<HiveRoleGrant>(roleGrants.size()); for (RolePrincipalGrant roleGrant : roleGrants) { hiveRoleGrants.add(new HiveRoleGrant(roleGrant)); } return hiveRoleGrants; } catch (Exception e) { throw SQLAuthorizationUtils.getPluginException("Error getting role grant information for user " + principal.getName(), e); } }
public static List<HiveRoleGrant> getHiveRoleGrants(IMetaStoreClient client, String roleName) throws Exception { GetPrincipalsInRoleRequest request = new GetPrincipalsInRoleRequest(roleName); GetPrincipalsInRoleResponse princGrantInfo = client.get_principals_in_role(request); List<HiveRoleGrant> hiveRoleGrants = new ArrayList<HiveRoleGrant>(); for(RolePrincipalGrant thriftRoleGrant : princGrantInfo.getPrincipalGrants()){ hiveRoleGrants.add(new HiveRoleGrant(thriftRoleGrant)); } return hiveRoleGrants; }
/** * Add role names of parentRoles and its parents to processedRolesMap * * @param processedRolesMap * @param roleGrants * @throws TException * @throws HiveAuthzPluginException * @throws MetaException */ private void getAllRoleAncestors(Map<String, HiveRoleGrant> processedRolesMap, List<RolePrincipalGrant> roleGrants) throws MetaException, HiveAuthzPluginException, TException { for (RolePrincipalGrant parentRoleGrant : roleGrants) { String parentRoleName = parentRoleGrant.getRoleName(); if (processedRolesMap.get(parentRoleName) == null) { // unprocessed role: get its parents, add it to processed, and call this // function recursively List<RolePrincipalGrant> nextParentRoles = getRoleGrants(parentRoleName, PrincipalType.ROLE); processedRolesMap.put(parentRoleName, new HiveRoleGrant(parentRoleGrant)); getAllRoleAncestors(processedRolesMap, nextParentRoles); } } }
@Override public List<HiveRoleGrant> getRoleGrantInfoForPrincipal(HivePrincipal principal) throws HiveAuthzPluginException, HiveAccessControlException { PrincipalType type = AuthorizationUtils.getThriftPrincipalType(principal.getType()); try { List<HiveRoleGrant> grants = new ArrayList<HiveRoleGrant>(); for (RolePrincipalGrant grant : hive.getRoleGrantInfoForPrincipal(principal.getName(), type)) { grants.add(new HiveRoleGrant(grant)); } return grants; } catch (HiveException e) { throw new HiveAuthzPluginException(e); } }
@Override public List<HiveRoleGrant> getRoleGrantInfoForPrincipal(HivePrincipal principal) throws HiveAuthzPluginException, HiveAccessControlException { try { // first authorize the call if (!isUserAdmin()) { ensureShowGrantAllowed(principal); } List<RolePrincipalGrant> roleGrants = getRoleGrants(principal.getName(), AuthorizationUtils.getThriftPrincipalType(principal.getType())); List<HiveRoleGrant> hiveRoleGrants = new ArrayList<HiveRoleGrant>(roleGrants.size()); for (RolePrincipalGrant roleGrant : roleGrants) { hiveRoleGrants.add(new HiveRoleGrant(roleGrant)); } return hiveRoleGrants; } catch (Exception e) { throw SQLAuthorizationUtils.getPluginException("Error getting role grant information for user " + principal.getName(), e); } }