org.apache.hadoop.hive.metastore.api.PrivilegeBag Java Examples

The following examples show how to use org.apache.hadoop.hive.metastore.api.PrivilegeBag. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: FederatedHMSHandlerTest.java    From waggle-dance with Apache License 2.0 6 votes vote down vote up
@Test
public void grant_revoke_privileges() throws TException {
  HiveObjectRef hiveObjectRef = new HiveObjectRef();
  hiveObjectRef.setDbName(DB_P);
  HiveObjectPrivilege hiveObjectPrivilege = new HiveObjectPrivilege();
  hiveObjectPrivilege.setHiveObject(hiveObjectRef);
  PrivilegeBag privileges = new PrivilegeBag(Collections.singletonList((hiveObjectPrivilege)));

  GrantRevokeType grantRevokeType = GrantRevokeType.GRANT;

  GrantRevokePrivilegeRequest request = new GrantRevokePrivilegeRequest(grantRevokeType, privileges);
  GrantRevokePrivilegeRequest inboundRequest = new GrantRevokePrivilegeRequest();
  GrantRevokePrivilegeResponse expected = new GrantRevokePrivilegeResponse();
  when(primaryMapping.transformInboundGrantRevokePrivilegesRequest(request)).thenReturn(inboundRequest);
  when(primaryClient.grant_revoke_privileges(inboundRequest)).thenReturn(expected);
  GrantRevokePrivilegeResponse response = handler.grant_revoke_privileges(request);
  assertThat(response, is(expected));
  verify(primaryMapping).checkWritePermissions(DB_P);
}
 
Example #2
Source File: ThriftHiveMetastore.java    From presto with Apache License 2.0 6 votes vote down vote up
private PrivilegeBag buildPrivilegeBag(
        String databaseName,
        String tableName,
        HivePrincipal grantee,
        Set<PrivilegeGrantInfo> privilegeGrantInfos)
{
    ImmutableList.Builder<HiveObjectPrivilege> privilegeBagBuilder = ImmutableList.builder();
    for (PrivilegeGrantInfo privilegeGrantInfo : privilegeGrantInfos) {
        privilegeBagBuilder.add(
                new HiveObjectPrivilege(
                        new HiveObjectRef(TABLE, databaseName, tableName, null, null),
                        grantee.getName(),
                        fromPrestoPrincipalType(grantee.getType()),
                        privilegeGrantInfo));
    }
    return new PrivilegeBag(privilegeBagBuilder.build());
}
 
Example #3
Source File: DatabaseMappingImplTest.java    From waggle-dance with Apache License 2.0 5 votes vote down vote up
@Test
public void transformInboundGrantRevokePrivilegesRequest() throws Exception {
  GrantRevokePrivilegeRequest grantRevokePrivilegeRequest = new GrantRevokePrivilegeRequest();
  PrivilegeBag privilegeBag = new PrivilegeBag();
  privilegeBag.setPrivileges(hiveObjectPrivileges);
  grantRevokePrivilegeRequest.setPrivileges(privilegeBag);
  GrantRevokePrivilegeRequest result = databaseMapping
      .transformInboundGrantRevokePrivilegesRequest(grantRevokePrivilegeRequest);
  assertThat(result, is(sameInstance(grantRevokePrivilegeRequest)));
  PrivilegeBag resultPrivilegeBag = result.getPrivileges();
  assertThat(resultPrivilegeBag, is(sameInstance(privilegeBag)));
  assertHiveObjectPrivileges(resultPrivilegeBag.getPrivileges(), IN_DB_NAME);
}
 
Example #4
Source File: FederatedHMSHandler.java    From waggle-dance with Apache License 2.0 5 votes vote down vote up
@Override
@Loggable(value = Loggable.DEBUG, skipResult = true, name = INVOCATION_LOG_NAME)
public GrantRevokePrivilegeResponse grant_revoke_privileges(GrantRevokePrivilegeRequest request)
    throws MetaException, TException {
  PrivilegeBag privilegesBag = request.getPrivileges();
  if (privilegesBag.isSetPrivileges() && !privilegesBag.getPrivileges().isEmpty()) {
    DatabaseMapping mapping = checkWritePermissionsForPrivileges(privilegesBag);
    return mapping.getClient().grant_revoke_privileges(mapping.transformInboundGrantRevokePrivilegesRequest(request));
  }
  return getPrimaryClient().grant_revoke_privileges(request);
}
 
Example #5
Source File: FederatedHMSHandler.java    From waggle-dance with Apache License 2.0 5 votes vote down vote up
@Override
@Loggable(value = Loggable.DEBUG, skipResult = true, name = INVOCATION_LOG_NAME)
public boolean revoke_privileges(PrivilegeBag privileges) throws MetaException, TException {
  if (privileges.isSetPrivileges() && !privileges.getPrivileges().isEmpty()) {
    DatabaseMapping mapping = checkWritePermissionsForPrivileges(privileges);
    return mapping.getClient().revoke_privileges(mapping.transformInboundPrivilegeBag(privileges));
  }
  return false;
}
 
Example #6
Source File: FederatedHMSHandler.java    From waggle-dance with Apache License 2.0 5 votes vote down vote up
@Override
@Loggable(value = Loggable.DEBUG, skipResult = true, name = INVOCATION_LOG_NAME)
public boolean grant_privileges(PrivilegeBag privileges) throws MetaException, TException {
  if (privileges.isSetPrivileges() && !privileges.getPrivileges().isEmpty()) {
    DatabaseMapping mapping = checkWritePermissionsForPrivileges(privileges);
    return mapping.getClient().grant_privileges(mapping.transformInboundPrivilegeBag(privileges));
  }
  return false;
}
 
Example #7
Source File: FederatedHMSHandler.java    From waggle-dance with Apache License 2.0 5 votes vote down vote up
private DatabaseMapping checkWritePermissionsForPrivileges(PrivilegeBag privileges) throws NoSuchObjectException {
  DatabaseMapping mapping = databaseMappingService
      .databaseMapping(privileges.getPrivileges().get(0).getHiveObject().getDbName());
  for (HiveObjectPrivilege privilege : privileges.getPrivileges()) {
    HiveObjectRef obj = privilege.getHiveObject();
    mapping.checkWritePermissions(obj.getDbName());
    if (obj.getObjectType() == HiveObjectType.DATABASE) {
      mapping.checkWritePermissions(obj.getObjectName());
    }
  }
  return mapping;
}
 
Example #8
Source File: DatabaseMappingImpl.java    From waggle-dance with Apache License 2.0 5 votes vote down vote up
@Override
public PrivilegeBag transformInboundPrivilegeBag(PrivilegeBag privilegeBag) {
  if (privilegeBag.isSetPrivileges()) {
    for (HiveObjectPrivilege privilege : privilegeBag.getPrivileges()) {
      privilege.setHiveObject(transformInboundHiveObjectRef(privilege.getHiveObject()));
    }
  }
  return privilegeBag;
}
 
Example #9
Source File: DatabaseMappingImplTest.java    From waggle-dance with Apache License 2.0 5 votes vote down vote up
@Test
public void transformInboundPrivilegeBag() throws Exception {
  PrivilegeBag privilegeBag = new PrivilegeBag();
  privilegeBag.setPrivileges(hiveObjectPrivileges);
  PrivilegeBag result = databaseMapping.transformInboundPrivilegeBag(privilegeBag);
  assertThat(result, is(sameInstance(privilegeBag)));
  assertHiveObjectPrivileges(result.getPrivileges(), IN_DB_NAME);
}
 
Example #10
Source File: DatabaseMappingImplTest.java    From waggle-dance with Apache License 2.0 5 votes vote down vote up
@Test
public void transformInboundPrivilegeBagPriviligesNotSet() throws Exception {
  PrivilegeBag privilegeBag = new PrivilegeBag();
  PrivilegeBag result = databaseMapping.transformInboundPrivilegeBag(privilegeBag);
  assertThat(result, is(sameInstance(privilegeBag)));
  assertFalse(result.isSetPrivileges());
}
 
Example #11
Source File: FederatedHMSHandlerTest.java    From waggle-dance with Apache License 2.0 5 votes vote down vote up
@Test
public void grant_privileges() throws TException {
  HiveObjectRef hiveObjectRef = new HiveObjectRef();
  hiveObjectRef.setDbName(DB_P);
  HiveObjectPrivilege hiveObjectPrivilege = new HiveObjectPrivilege();
  hiveObjectPrivilege.setHiveObject(hiveObjectRef);
  PrivilegeBag privileges = new PrivilegeBag(Collections.singletonList((hiveObjectPrivilege)));
  PrivilegeBag inboundPrivileges = new PrivilegeBag();
  when(primaryMapping.transformInboundPrivilegeBag(privileges)).thenReturn(inboundPrivileges);
  handler.grant_privileges(privileges);
  verify(primaryMapping).checkWritePermissions(DB_P);
  verify(primaryClient).grant_privileges(inboundPrivileges);
}
 
Example #12
Source File: FederatedHMSHandlerTest.java    From waggle-dance with Apache License 2.0 5 votes vote down vote up
@Test
public void revoke_privileges() throws TException {
  HiveObjectRef hiveObjectRef = new HiveObjectRef();
  hiveObjectRef.setDbName(DB_P);
  HiveObjectPrivilege hiveObjectPrivilege = new HiveObjectPrivilege();
  hiveObjectPrivilege.setHiveObject(hiveObjectRef);
  PrivilegeBag privileges = new PrivilegeBag(Collections.singletonList((hiveObjectPrivilege)));
  PrivilegeBag inboundPrivileges = new PrivilegeBag();
  when(primaryMapping.transformInboundPrivilegeBag(privileges)).thenReturn(inboundPrivileges);
  handler.revoke_privileges(privileges);
  verify(primaryMapping).checkWritePermissions(DB_P);
  verify(primaryClient).revoke_privileges(inboundPrivileges);
}
 
Example #13
Source File: HiveTableManager.java    From data-highway with Apache License 2.0 5 votes vote down vote up
public void grantPublicSelect(String tableName, String grantor) {
  HiveObjectRef hiveObject = new HiveObjectRef(TABLE, databaseName, tableName, null, null);
  PrivilegeGrantInfo grantInfo = new PrivilegeGrantInfo("SELECT", 0, grantor, ROLE, false);
  HiveObjectPrivilege privilege = new HiveObjectPrivilege(hiveObject, "public", ROLE, grantInfo);
  PrivilegeBag privilegeBag = new PrivilegeBag(singletonList(privilege));
  try {
    metaStoreClient.grant_privileges(privilegeBag);
  } catch (TException e) {
    throw new MetaStoreException(e);
  }
}
 
Example #14
Source File: TestObjects.java    From aws-glue-data-catalog-client-for-apache-hive-metastore with Apache License 2.0 5 votes vote down vote up
public static PrivilegeBag getPrivilegeBag() {
  PrivilegeBag bag = new PrivilegeBag();
  HiveObjectPrivilege hivePrivilege = new HiveObjectPrivilege();
  hivePrivilege.setPrincipalName("user1");
  hivePrivilege.setPrincipalType(org.apache.hadoop.hive.metastore.api.PrincipalType.USER);
  org.apache.hadoop.hive.metastore.api.PrivilegeGrantInfo grantInfo = new org.apache.hadoop.hive.metastore.api.PrivilegeGrantInfo();
  grantInfo.setGrantor("user2");
  grantInfo.setGrantorType(org.apache.hadoop.hive.metastore.api.PrincipalType.USER);
  hivePrivilege.setGrantInfo(grantInfo);
  bag.setPrivileges(Lists.newArrayList(hivePrivilege));
  return bag;
}
 
Example #15
Source File: HiveTableManagerTest.java    From data-highway with Apache License 2.0 5 votes vote down vote up
@Test
public void grantPublicSelect() throws Exception {
  underTest.grantPublicSelect(TABLE, "grantor");

  ArgumentCaptor<PrivilegeBag> privilegeBagCaptor = ArgumentCaptor.forClass(PrivilegeBag.class);
  verify(metaStoreClient).grant_privileges(privilegeBagCaptor.capture());

  PrivilegeBag privilegeBag = privilegeBagCaptor.getValue();
  assertThat(privilegeBag.getPrivilegesSize(), is(1));
  HiveObjectPrivilege privilege = privilegeBag.getPrivileges().get(0);

  HiveObjectRef hiveObject = privilege.getHiveObject();
  assertThat(hiveObject.getObjectType(), is(HiveObjectType.TABLE));
  assertThat(hiveObject.getDbName(), is(DATABASE));
  assertThat(hiveObject.getObjectName(), is(TABLE));
  assertThat(hiveObject.getPartValues(), is(nullValue()));
  assertThat(hiveObject.getColumnName(), is(nullValue()));

  assertThat(privilege.getPrincipalName(), is("public"));
  assertThat(privilege.getPrincipalType(), is(ROLE));

  PrivilegeGrantInfo grantInfo = privilege.getGrantInfo();
  assertThat(grantInfo.getPrivilege(), is("SELECT"));
  assertThat(grantInfo.getCreateTime(), is(0));
  assertThat(grantInfo.getGrantor(), is("grantor"));
  assertThat(grantInfo.getGrantorType(), is(ROLE));
  assertThat(grantInfo.isGrantOption(), is(false));
}
 
Example #16
Source File: CatalogThriftHiveMetastore.java    From metacat with Apache License 2.0 4 votes vote down vote up
/**
 * {@inheritDoc}
 */
@Override
public boolean revoke_privileges(final PrivilegeBag privileges) throws TException {
    throw unimplemented("revoke_privileges", new Object[]{privileges});
}
 
Example #17
Source File: IdentityMappingTest.java    From waggle-dance with Apache License 2.0 4 votes vote down vote up
@Test
public void transformInboundPrivilegeBag() throws Exception {
  PrivilegeBag privilegeBag = new PrivilegeBag();
  PrivilegeBag result = databaseMapping.transformInboundPrivilegeBag(privilegeBag);
  assertThat(result, is(sameInstance(privilegeBag)));
}
 
Example #18
Source File: CatalogThriftHiveMetastore.java    From metacat with Apache License 2.0 4 votes vote down vote up
/**
 * {@inheritDoc}
 */
@Override
public boolean grant_privileges(final PrivilegeBag privileges) throws TException {
    throw unimplemented("grant_privileges", new Object[]{privileges});
}
 
Example #19
Source File: IdentityMapping.java    From waggle-dance with Apache License 2.0 4 votes vote down vote up
@Override
public PrivilegeBag transformInboundPrivilegeBag(PrivilegeBag privilegeBag) {
  return privilegeBag;
}
 
Example #20
Source File: MockThriftMetastoreClient.java    From presto with Apache License 2.0 4 votes vote down vote up
@Override
public boolean revokePrivileges(PrivilegeBag privilegeBag)
{
    throw new UnsupportedOperationException();
}
 
Example #21
Source File: MockThriftMetastoreClient.java    From presto with Apache License 2.0 4 votes vote down vote up
@Override
public boolean grantPrivileges(PrivilegeBag privilegeBag)
{
    throw new UnsupportedOperationException();
}
 
Example #22
Source File: ThriftMetastoreClient.java    From presto with Apache License 2.0 4 votes vote down vote up
boolean revokePrivileges(PrivilegeBag privilegeBag)
throws TException;
 
Example #23
Source File: ThriftMetastoreClient.java    From presto with Apache License 2.0 4 votes vote down vote up
boolean grantPrivileges(PrivilegeBag privilegeBag)
throws TException;
 
Example #24
Source File: ThriftHiveMetastoreClient.java    From presto with Apache License 2.0 4 votes vote down vote up
@Override
public boolean revokePrivileges(PrivilegeBag privilegeBag)
        throws TException
{
    return client.revoke_privileges(privilegeBag);
}
 
Example #25
Source File: ThriftHiveMetastoreClient.java    From presto with Apache License 2.0 4 votes vote down vote up
@Override
public boolean grantPrivileges(PrivilegeBag privilegeBag)
        throws TException
{
    return client.grant_privileges(privilegeBag);
}
 
Example #26
Source File: FailureAwareThriftMetastoreClient.java    From presto with Apache License 2.0 4 votes vote down vote up
@Override
public boolean revokePrivileges(PrivilegeBag privilegeBag)
        throws TException
{
    return runWithHandle(() -> delegate.revokePrivileges(privilegeBag));
}
 
Example #27
Source File: FailureAwareThriftMetastoreClient.java    From presto with Apache License 2.0 4 votes vote down vote up
@Override
public boolean grantPrivileges(PrivilegeBag privilegeBag)
        throws TException
{
    return runWithHandle(() -> delegate.grantPrivileges(privilegeBag));
}
 
Example #28
Source File: DatabaseMapping.java    From waggle-dance with Apache License 2.0 votes vote down vote up
PrivilegeBag transformInboundPrivilegeBag(PrivilegeBag privilegeBag);