org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege Java Examples

The following examples show how to use org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: FederatedHMSHandlerTest.java    From waggle-dance with Apache License 2.0 6 votes vote down vote up
@Test
public void grant_revoke_privileges() throws TException {
  HiveObjectRef hiveObjectRef = new HiveObjectRef();
  hiveObjectRef.setDbName(DB_P);
  HiveObjectPrivilege hiveObjectPrivilege = new HiveObjectPrivilege();
  hiveObjectPrivilege.setHiveObject(hiveObjectRef);
  PrivilegeBag privileges = new PrivilegeBag(Collections.singletonList((hiveObjectPrivilege)));

  GrantRevokeType grantRevokeType = GrantRevokeType.GRANT;

  GrantRevokePrivilegeRequest request = new GrantRevokePrivilegeRequest(grantRevokeType, privileges);
  GrantRevokePrivilegeRequest inboundRequest = new GrantRevokePrivilegeRequest();
  GrantRevokePrivilegeResponse expected = new GrantRevokePrivilegeResponse();
  when(primaryMapping.transformInboundGrantRevokePrivilegesRequest(request)).thenReturn(inboundRequest);
  when(primaryClient.grant_revoke_privileges(inboundRequest)).thenReturn(expected);
  GrantRevokePrivilegeResponse response = handler.grant_revoke_privileges(request);
  assertThat(response, is(expected));
  verify(primaryMapping).checkWritePermissions(DB_P);
}
 
Example #2
Source File: ThriftHiveMetastore.java    From presto with Apache License 2.0 6 votes vote down vote up
private PrivilegeBag buildPrivilegeBag(
        String databaseName,
        String tableName,
        HivePrincipal grantee,
        Set<PrivilegeGrantInfo> privilegeGrantInfos)
{
    ImmutableList.Builder<HiveObjectPrivilege> privilegeBagBuilder = ImmutableList.builder();
    for (PrivilegeGrantInfo privilegeGrantInfo : privilegeGrantInfos) {
        privilegeBagBuilder.add(
                new HiveObjectPrivilege(
                        new HiveObjectRef(TABLE, databaseName, tableName, null, null),
                        grantee.getName(),
                        fromPrestoPrincipalType(grantee.getType()),
                        privilegeGrantInfo));
    }
    return new PrivilegeBag(privilegeBagBuilder.build());
}
 
Example #3
Source File: HiveTableManagerTest.java    From data-highway with Apache License 2.0 5 votes vote down vote up
@Test
public void grantPublicSelect() throws Exception {
  underTest.grantPublicSelect(TABLE, "grantor");

  ArgumentCaptor<PrivilegeBag> privilegeBagCaptor = ArgumentCaptor.forClass(PrivilegeBag.class);
  verify(metaStoreClient).grant_privileges(privilegeBagCaptor.capture());

  PrivilegeBag privilegeBag = privilegeBagCaptor.getValue();
  assertThat(privilegeBag.getPrivilegesSize(), is(1));
  HiveObjectPrivilege privilege = privilegeBag.getPrivileges().get(0);

  HiveObjectRef hiveObject = privilege.getHiveObject();
  assertThat(hiveObject.getObjectType(), is(HiveObjectType.TABLE));
  assertThat(hiveObject.getDbName(), is(DATABASE));
  assertThat(hiveObject.getObjectName(), is(TABLE));
  assertThat(hiveObject.getPartValues(), is(nullValue()));
  assertThat(hiveObject.getColumnName(), is(nullValue()));

  assertThat(privilege.getPrincipalName(), is("public"));
  assertThat(privilege.getPrincipalType(), is(ROLE));

  PrivilegeGrantInfo grantInfo = privilege.getGrantInfo();
  assertThat(grantInfo.getPrivilege(), is("SELECT"));
  assertThat(grantInfo.getCreateTime(), is(0));
  assertThat(grantInfo.getGrantor(), is("grantor"));
  assertThat(grantInfo.getGrantorType(), is(ROLE));
  assertThat(grantInfo.isGrantOption(), is(false));
}
 
Example #4
Source File: HiveHelper.java    From Hue-Ctrip-DI with MIT License 5 votes vote down vote up
public boolean hasPrivilegeToSetCleanAlert(String database, String table,
		String user) {
	HiveMetaStoreClient hiveClient = getHiveMetaStoreClient();
	HiveObjectRef hiveObject = new HiveObjectRef();
	hiveObject.setDbName(database);
	hiveObject.setObjectName(table);
	hiveObject.setObjectType(HiveObjectType.TABLE);
	List<HiveObjectPrivilege> privileges = new ArrayList<HiveObjectPrivilege>();
	try {
		privileges = hiveClient.list_privileges(user, PrincipalType.USER,
				hiveObject);
	} catch (Exception e) {
		logger.error("Error to get privileges:", e);
		return false;
	}
	for (HiveObjectPrivilege privilege : privileges) {
		String privilegeName = privilege.getGrantInfo().getPrivilege();
		if (privilegeName != null
				&& ("all".equalsIgnoreCase(privilegeName)
						|| "create".equalsIgnoreCase(privilegeName) || "ALTER"
							.equalsIgnoreCase(privilegeName))) {
			return true;
		}
	}

	return false;
}
 
Example #5
Source File: FederatedHMSHandlerTest.java    From waggle-dance with Apache License 2.0 5 votes vote down vote up
@Test
public void revoke_privileges() throws TException {
  HiveObjectRef hiveObjectRef = new HiveObjectRef();
  hiveObjectRef.setDbName(DB_P);
  HiveObjectPrivilege hiveObjectPrivilege = new HiveObjectPrivilege();
  hiveObjectPrivilege.setHiveObject(hiveObjectRef);
  PrivilegeBag privileges = new PrivilegeBag(Collections.singletonList((hiveObjectPrivilege)));
  PrivilegeBag inboundPrivileges = new PrivilegeBag();
  when(primaryMapping.transformInboundPrivilegeBag(privileges)).thenReturn(inboundPrivileges);
  handler.revoke_privileges(privileges);
  verify(primaryMapping).checkWritePermissions(DB_P);
  verify(primaryClient).revoke_privileges(inboundPrivileges);
}
 
Example #6
Source File: FederatedHMSHandlerTest.java    From waggle-dance with Apache License 2.0 5 votes vote down vote up
@Test
public void grant_privileges() throws TException {
  HiveObjectRef hiveObjectRef = new HiveObjectRef();
  hiveObjectRef.setDbName(DB_P);
  HiveObjectPrivilege hiveObjectPrivilege = new HiveObjectPrivilege();
  hiveObjectPrivilege.setHiveObject(hiveObjectRef);
  PrivilegeBag privileges = new PrivilegeBag(Collections.singletonList((hiveObjectPrivilege)));
  PrivilegeBag inboundPrivileges = new PrivilegeBag();
  when(primaryMapping.transformInboundPrivilegeBag(privileges)).thenReturn(inboundPrivileges);
  handler.grant_privileges(privileges);
  verify(primaryMapping).checkWritePermissions(DB_P);
  verify(primaryClient).grant_privileges(inboundPrivileges);
}
 
Example #7
Source File: DatabaseMappingImplTest.java    From waggle-dance with Apache License 2.0 5 votes vote down vote up
private void assertHiveObjectPrivileges(List<HiveObjectPrivilege> result, String expectedDatabaseName) {
  assertThat(result, is(sameInstance(hiveObjectPrivileges)));
  HiveObjectPrivilege resultPrivilege = result.get(0);
  assertThat(resultPrivilege, is(sameInstance(hiveObjectPrivileges.get(0))));
  HiveObjectRef resultHiveObjectRef = resultPrivilege.getHiveObject();
  assertThat(resultHiveObjectRef, is(sameInstance(hiveObjectRef)));
  assertThat(resultHiveObjectRef.getDbName(), is(expectedDatabaseName));
  assertThat(resultHiveObjectRef.getObjectName(), is(expectedDatabaseName));
}
 
Example #8
Source File: DatabaseMappingImplTest.java    From waggle-dance with Apache License 2.0 5 votes vote down vote up
@Before
public void setUp() {
  databaseMapping = new DatabaseMappingImpl(metastoreMapping, queryMapping);
  database = new Database();
  database.setName(DB_NAME);
  partition = new Partition();
  partition.setDbName(DB_NAME);
  partitions = Lists.newArrayList(partition);
  index = new Index();
  index.setDbName(DB_NAME);
  hiveObjectRef = new HiveObjectRef();
  hiveObjectRef.setDbName(DB_NAME);
  hiveObjectRef.setObjectType(HiveObjectType.DATABASE);
  hiveObjectRef.setObjectName(DB_NAME);
  hiveObjectPrivileges = new ArrayList<>();
  HiveObjectPrivilege hiveObjectPrivilege = new HiveObjectPrivilege();
  hiveObjectPrivilege.setHiveObject(hiveObjectRef);
  hiveObjectPrivileges.add(hiveObjectPrivilege);
  partitionSpec = new PartitionSpec();
  partitionSpec.setDbName(DB_NAME);
  when(metastoreMapping.transformInboundDatabaseName(anyString())).thenReturn(IN_DB_NAME);
  when(metastoreMapping.transformOutboundDatabaseName(anyString())).thenReturn(OUT_DB_NAME);
  when(queryMapping.transformOutboundDatabaseName(metastoreMapping, VIEW_EXPANDED_TEXT))
      .thenReturn(VIEW_EXPANDED_TEXT_TRANSFORMED);
  when(queryMapping.transformOutboundDatabaseName(metastoreMapping, VIEW_ORIGINAL_TEXT))
      .thenReturn(VIEW_ORIGINAL_TEXT_TRANSFORMED);
}
 
Example #9
Source File: FederatedHMSHandler.java    From waggle-dance with Apache License 2.0 5 votes vote down vote up
private DatabaseMapping checkWritePermissionsForPrivileges(PrivilegeBag privileges) throws NoSuchObjectException {
  DatabaseMapping mapping = databaseMappingService
      .databaseMapping(privileges.getPrivileges().get(0).getHiveObject().getDbName());
  for (HiveObjectPrivilege privilege : privileges.getPrivileges()) {
    HiveObjectRef obj = privilege.getHiveObject();
    mapping.checkWritePermissions(obj.getDbName());
    if (obj.getObjectType() == HiveObjectType.DATABASE) {
      mapping.checkWritePermissions(obj.getObjectName());
    }
  }
  return mapping;
}
 
Example #10
Source File: FederatedHMSHandler.java    From waggle-dance with Apache License 2.0 5 votes vote down vote up
@Override
@Loggable(value = Loggable.DEBUG, skipResult = true, name = INVOCATION_LOG_NAME)
public List<HiveObjectPrivilege> list_privileges(
    String principal_name,
    PrincipalType principal_type,
    HiveObjectRef hiveObject)
    throws MetaException, TException {
  DatabaseMapping mapping = databaseMappingService.databaseMapping(hiveObject.getDbName());
  List<HiveObjectPrivilege> privileges = mapping
      .getClient()
      .list_privileges(principal_name, principal_type, mapping.transformInboundHiveObjectRef(hiveObject));
  return mapping.transformOutboundHiveObjectPrivileges(privileges);
}
 
Example #11
Source File: DatabaseMappingImpl.java    From waggle-dance with Apache License 2.0 5 votes vote down vote up
@Override
public PrivilegeBag transformInboundPrivilegeBag(PrivilegeBag privilegeBag) {
  if (privilegeBag.isSetPrivileges()) {
    for (HiveObjectPrivilege privilege : privilegeBag.getPrivileges()) {
      privilege.setHiveObject(transformInboundHiveObjectRef(privilege.getHiveObject()));
    }
  }
  return privilegeBag;
}
 
Example #12
Source File: DatabaseMappingImpl.java    From waggle-dance with Apache License 2.0 5 votes vote down vote up
@Override
public List<HiveObjectPrivilege> transformOutboundHiveObjectPrivileges(List<HiveObjectPrivilege> privileges) {
  for (HiveObjectPrivilege privilege : privileges) {
    privilege.setHiveObject(transformOutboundHiveObjectRef(privilege.getHiveObject()));
  }
  return privileges;
}
 
Example #13
Source File: AWSCatalogMetastoreClient.java    From aws-glue-data-catalog-client-for-apache-hive-metastore with Apache License 2.0 5 votes vote down vote up
@Override
public List<HiveObjectPrivilege> list_privileges(
    String principal,
    org.apache.hadoop.hive.metastore.api.PrincipalType principalType,
    HiveObjectRef objectRef
) throws MetaException, TException {
  return glueMetastoreClientDelegate.listPrivileges(principal, principalType, objectRef);
}
 
Example #14
Source File: AWSCatalogMetastoreClient.java    From aws-glue-data-catalog-client-for-apache-hive-metastore with Apache License 2.0 5 votes vote down vote up
@Override
public List<HiveObjectPrivilege> list_privileges(
    String principal,
    org.apache.hadoop.hive.metastore.api.PrincipalType principalType,
    HiveObjectRef objectRef
) throws MetaException, TException {
  return glueMetastoreClientDelegate.listPrivileges(principal, principalType, objectRef);
}
 
Example #15
Source File: TestObjects.java    From aws-glue-data-catalog-client-for-apache-hive-metastore with Apache License 2.0 5 votes vote down vote up
public static PrivilegeBag getPrivilegeBag() {
  PrivilegeBag bag = new PrivilegeBag();
  HiveObjectPrivilege hivePrivilege = new HiveObjectPrivilege();
  hivePrivilege.setPrincipalName("user1");
  hivePrivilege.setPrincipalType(org.apache.hadoop.hive.metastore.api.PrincipalType.USER);
  org.apache.hadoop.hive.metastore.api.PrivilegeGrantInfo grantInfo = new org.apache.hadoop.hive.metastore.api.PrivilegeGrantInfo();
  grantInfo.setGrantor("user2");
  grantInfo.setGrantorType(org.apache.hadoop.hive.metastore.api.PrincipalType.USER);
  hivePrivilege.setGrantInfo(grantInfo);
  bag.setPrivileges(Lists.newArrayList(hivePrivilege));
  return bag;
}
 
Example #16
Source File: GlueMetastoreClientDelegate.java    From aws-glue-data-catalog-client-for-apache-hive-metastore with Apache License 2.0 5 votes vote down vote up
public List<HiveObjectPrivilege> listPrivileges(
  String principal,
  org.apache.hadoop.hive.metastore.api.PrincipalType principalType,
  HiveObjectRef objectRef
) throws TException {
  throw new UnsupportedOperationException("listPrivileges is not supported");
}
 
Example #17
Source File: HiveTableManager.java    From data-highway with Apache License 2.0 5 votes vote down vote up
public void grantPublicSelect(String tableName, String grantor) {
  HiveObjectRef hiveObject = new HiveObjectRef(TABLE, databaseName, tableName, null, null);
  PrivilegeGrantInfo grantInfo = new PrivilegeGrantInfo("SELECT", 0, grantor, ROLE, false);
  HiveObjectPrivilege privilege = new HiveObjectPrivilege(hiveObject, "public", ROLE, grantInfo);
  PrivilegeBag privilegeBag = new PrivilegeBag(singletonList(privilege));
  try {
    metaStoreClient.grant_privileges(privilegeBag);
  } catch (TException e) {
    throw new MetaStoreException(e);
  }
}
 
Example #18
Source File: MockThriftMetastoreClient.java    From presto with Apache License 2.0 4 votes vote down vote up
@Override
public List<HiveObjectPrivilege> listPrivileges(String principalName, PrincipalType principalType, HiveObjectRef hiveObjectRef)
{
    throw new UnsupportedOperationException();
}
 
Example #19
Source File: IdentityMapping.java    From waggle-dance with Apache License 2.0 4 votes vote down vote up
@Override
public List<HiveObjectPrivilege> transformOutboundHiveObjectPrivileges(List<HiveObjectPrivilege> privileges) {
  return privileges;
}
 
Example #20
Source File: ThriftMetastoreClient.java    From presto with Apache License 2.0 4 votes vote down vote up
List<HiveObjectPrivilege> listPrivileges(String principalName, PrincipalType principalType, HiveObjectRef hiveObjectRef)
throws TException;
 
Example #21
Source File: ThriftHiveMetastoreClient.java    From presto with Apache License 2.0 4 votes vote down vote up
@Override
public List<HiveObjectPrivilege> listPrivileges(String principalName, PrincipalType principalType, HiveObjectRef hiveObjectRef)
        throws TException
{
    return client.list_privileges(principalName, principalType, hiveObjectRef);
}
 
Example #22
Source File: IdentityMappingTest.java    From waggle-dance with Apache License 2.0 4 votes vote down vote up
@Test
public void transformOutboundHiveObjectPrivileges() throws Exception {
  List<HiveObjectPrivilege> hiveObjectPrivileges = new ArrayList<>();
  List<HiveObjectPrivilege> result = databaseMapping.transformOutboundHiveObjectPrivileges(hiveObjectPrivileges);
  assertThat(result, is(sameInstance(hiveObjectPrivileges)));
}
 
Example #23
Source File: FailureAwareThriftMetastoreClient.java    From presto with Apache License 2.0 4 votes vote down vote up
@Override
public List<HiveObjectPrivilege> listPrivileges(String principalName, PrincipalType principalType, HiveObjectRef hiveObjectRef)
        throws TException
{
    return runWithHandle(() -> delegate.listPrivileges(principalName, principalType, hiveObjectRef));
}
 
Example #24
Source File: DatabaseMappingImplTest.java    From waggle-dance with Apache License 2.0 4 votes vote down vote up
@Test
public void transformOutboundHiveObjectPrivileges() throws Exception {
  List<HiveObjectPrivilege> result = databaseMapping.transformOutboundHiveObjectPrivileges(hiveObjectPrivileges);
  assertHiveObjectPrivileges(result, OUT_DB_NAME);
}
 
Example #25
Source File: CatalogThriftHiveMetastore.java    From metacat with Apache License 2.0 4 votes vote down vote up
/**
 * {@inheritDoc}
 */
@Override
public List<HiveObjectPrivilege> list_privileges(final String principalName, final PrincipalType principalType,
                                                 final HiveObjectRef hiveObject) throws TException {
    throw unimplemented("list_privileges", new Object[]{principalName, principalType, hiveObject});
}
 
Example #26
Source File: DatabaseMapping.java    From waggle-dance with Apache License 2.0 votes vote down vote up
List<HiveObjectPrivilege> transformOutboundHiveObjectPrivileges(List<HiveObjectPrivilege> privileges);