Java Code Examples for org.apache.hadoop.hive.ql.security.authorization.plugin.HivePrivilegeObject.HivePrivilegeObjectType#TABLE_OR_VIEW
The following examples show how to use
org.apache.hadoop.hive.ql.security.authorization.plugin.HivePrivilegeObject.HivePrivilegeObjectType#TABLE_OR_VIEW .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: HiveAuthorizationHelper.java From dremio-oss with Apache License 2.0 | 5 votes |
|
/**
* Check authorization for "READ TABLE" for given db.table. A {@link HiveAccessControlException} is thrown
* for illegal access.
* @param dbName
* @param tableName
*/
public void authorizeReadTable(final String dbName, final String tableName) throws HiveAccessControlException {
if (!authzEnabled) {
return;
}
HivePrivilegeObject toRead = new HivePrivilegeObject(HivePrivilegeObjectType.TABLE_OR_VIEW, dbName, tableName);
authorize(HiveOperationType.QUERY, ImmutableList.of(toRead), Collections.<HivePrivilegeObject> emptyList(), "READ TABLE");
}
Example 2
| Source File: RangerHiveAuthorizer.java From ranger with Apache License 2.0 | 5 votes |
|
private HivePrivilegeObjectType getPluginPrivilegeObjType(
org.apache.hadoop.hive.metastore.api.HiveObjectType objectType) {
switch (objectType) {
case DATABASE:
return HivePrivilegeObjectType.DATABASE;
case TABLE:
return HivePrivilegeObjectType.TABLE_OR_VIEW;
default:
throw new AssertionError("Unexpected object type " + objectType);
}
}
Example 3
| Source File: SentryHiveAuthorizer.java From incubator-sentry with Apache License 2.0 | 5 votes |
|
protected static HivePrivilegeObjectType getPrivObjectType(
SentryHivePrivilegeObjectDesc privSubjectDesc) {
if (privSubjectDesc.getObject() == null) {
return null;
}
if (privSubjectDesc.getServer()) {
return HivePrivilegeObjectType.GLOBAL;
} else if (privSubjectDesc.getUri()) {
return HivePrivilegeObjectType.LOCAL_URI;
} else {
return privSubjectDesc.getTable() ? HivePrivilegeObjectType.TABLE_OR_VIEW
: HivePrivilegeObjectType.DATABASE;
}
}
Example 4
| Source File: RangerHiveAuthorizer.java From ranger with Apache License 2.0 | 4 votes |
|
@Override
public List<HivePrivilegeObject> applyRowFilterAndColumnMasking(HiveAuthzContext queryContext, List<HivePrivilegeObject> hiveObjs) throws SemanticException {
List<HivePrivilegeObject> ret = new ArrayList<HivePrivilegeObject>();
if(LOG.isDebugEnabled()) {
LOG.debug("==> applyRowFilterAndColumnMasking(" + queryContext + ", objCount=" + hiveObjs.size() + ")");
}
RangerPerfTracer perf = null;
if(RangerPerfTracer.isPerfTraceEnabled(PERF_HIVEAUTH_REQUEST_LOG)) {
perf = RangerPerfTracer.getPerfTracer(PERF_HIVEAUTH_REQUEST_LOG, "RangerHiveAuthorizer.applyRowFilterAndColumnMasking()");
}
if(CollectionUtils.isNotEmpty(hiveObjs)) {
for (HivePrivilegeObject hiveObj : hiveObjs) {
HivePrivilegeObjectType hiveObjType = hiveObj.getType();
if(hiveObjType == null) {
hiveObjType = HivePrivilegeObjectType.TABLE_OR_VIEW;
}
if(LOG.isDebugEnabled()) {
LOG.debug("applyRowFilterAndColumnMasking(hiveObjType=" + hiveObjType + ")");
}
boolean needToTransform = false;
if (hiveObjType == HivePrivilegeObjectType.TABLE_OR_VIEW) {
String database = hiveObj.getDbname();
String table = hiveObj.getObjectName();
String rowFilterExpr = getRowFilterExpression(queryContext, database, table);
if (StringUtils.isNotBlank(rowFilterExpr)) {
if(LOG.isDebugEnabled()) {
LOG.debug("rowFilter(database=" + database + ", table=" + table + "): " + rowFilterExpr);
}
hiveObj.setRowFilterExpression(rowFilterExpr);
needToTransform = true;
}
if (CollectionUtils.isNotEmpty(hiveObj.getColumns())) {
List<String> columnTransformers = new ArrayList<String>();
for (String column : hiveObj.getColumns()) {
boolean isColumnTransformed = addCellValueTransformerAndCheckIfTransformed(queryContext, database, table, column, columnTransformers);
if(LOG.isDebugEnabled()) {
LOG.debug("addCellValueTransformerAndCheckIfTransformed(database=" + database + ", table=" + table + ", column=" + column + "): " + isColumnTransformed);
}
needToTransform = needToTransform || isColumnTransformed;
}
hiveObj.setCellValueTransformers(columnTransformers);
}
}
if (needToTransform) {
ret.add(hiveObj);
}
}
}
RangerPerfTracer.log(perf);
if(LOG.isDebugEnabled()) {
LOG.debug("<== applyRowFilterAndColumnMasking(" + queryContext + ", objCount=" + hiveObjs.size() + "): retCount=" + ret.size());
}
return ret;
}
