public class StorageBasedAuthorizationProvider extends HiveAuthorizationProviderBase implements HiveMetastoreAuthorizationProvider
Modifier and Type | Class and Description |
---|---|
class |
StorageBasedAuthorizationProvider.DropPrivilegeExtractor |
HiveAuthorizationProviderBase.HiveProxy
authenticator, hive_db
Constructor and Description |
---|
StorageBasedAuthorizationProvider() |
Modifier and Type | Method and Description |
---|---|
void |
authorize(Database db,
Privilege[] readRequiredPriv,
Privilege[] writeRequiredPriv)
Authorization privileges against a database object.
|
void |
authorize(Partition part,
Privilege[] readRequiredPriv,
Privilege[] writeRequiredPriv)
Authorization privileges against a hive partition object.
|
void |
authorize(org.apache.hadoop.fs.Path path,
Privilege[] readRequiredPriv,
Privilege[] writeRequiredPriv)
Authorization privileges against a path.
|
void |
authorize(Privilege[] readRequiredPriv,
Privilege[] writeRequiredPriv)
Authorization user level privileges.
|
void |
authorize(Table table,
Partition part,
List<String> columns,
Privilege[] readRequiredPriv,
Privilege[] writeRequiredPriv)
Authorization privileges against a list of columns.
|
void |
authorize(Table table,
Privilege[] readRequiredPriv,
Privilege[] writeRequiredPriv)
Authorization privileges against a hive table object.
|
void |
authorizeAuthorizationApiInvocation()
Authorize metastore authorization api call.
|
protected void |
checkPermissions(org.apache.hadoop.conf.Configuration conf,
org.apache.hadoop.fs.Path path,
EnumSet<org.apache.hadoop.fs.permission.FsAction> actions)
Checks the permissions for the given path and current user on Hadoop FS.
|
protected static void |
checkPermissions(org.apache.hadoop.fs.FileSystem fs,
org.apache.hadoop.fs.FileStatus stat,
EnumSet<org.apache.hadoop.fs.permission.FsAction> actions,
String user)
Checks the permissions for the given path and current user on Hadoop FS.
|
protected org.apache.hadoop.fs.Path |
getDbLocation(Database db) |
protected org.apache.hadoop.fs.permission.FsAction |
getFsAction(Privilege priv)
Given a privilege, return what FsActions are required
|
protected EnumSet<org.apache.hadoop.fs.permission.FsAction> |
getFsActions(Privilege[] privs)
Given a Privilege[], find out what all FsActions are required
|
void |
init(org.apache.hadoop.conf.Configuration conf) |
void |
setMetaStoreHandler(HiveMetaStore.HMSHandler handler)
Allows invoker of HiveMetaStoreAuthorizationProvider to send in a
hive metastore handler that can be used to make calls to test
whether or not authorizations can/will succeed.
|
getAuthenticator, getConf, setAuthenticator, setConf
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
getAuthenticator, setAuthenticator
public void init(org.apache.hadoop.conf.Configuration conf) throws HiveException
init
in interface HiveAuthorizationProvider
HiveException
public void authorize(Privilege[] readRequiredPriv, Privilege[] writeRequiredPriv) throws HiveException, AuthorizationException
HiveAuthorizationProvider
authorize
in interface HiveAuthorizationProvider
readRequiredPriv
- a list of privileges needed for inputs.writeRequiredPriv
- a list of privileges needed for outputs.HiveException
AuthorizationException
public void authorize(Database db, Privilege[] readRequiredPriv, Privilege[] writeRequiredPriv) throws HiveException, AuthorizationException
HiveAuthorizationProvider
authorize
in interface HiveAuthorizationProvider
db
- databasereadRequiredPriv
- a list of privileges needed for inputs.writeRequiredPriv
- a list of privileges needed for outputs.HiveException
AuthorizationException
public void authorize(Table table, Privilege[] readRequiredPriv, Privilege[] writeRequiredPriv) throws HiveException, AuthorizationException
HiveAuthorizationProvider
authorize
in interface HiveAuthorizationProvider
table
- table objectreadRequiredPriv
- a list of privileges needed for inputs.writeRequiredPriv
- a list of privileges needed for outputs.HiveException
AuthorizationException
public void authorize(Partition part, Privilege[] readRequiredPriv, Privilege[] writeRequiredPriv) throws HiveException, AuthorizationException
HiveAuthorizationProvider
authorize
in interface HiveAuthorizationProvider
part
- partition objectreadRequiredPriv
- a list of privileges needed for inputs.writeRequiredPriv
- a list of privileges needed for outputs.HiveException
AuthorizationException
public void authorize(Table table, Partition part, List<String> columns, Privilege[] readRequiredPriv, Privilege[] writeRequiredPriv) throws HiveException, AuthorizationException
HiveAuthorizationProvider
authorize
in interface HiveAuthorizationProvider
table
- table objectpart
- partition objectcolumns
- a list of columnsreadRequiredPriv
- a list of privileges needed for inputs.writeRequiredPriv
- a list of privileges needed for outputs.HiveException
AuthorizationException
public void setMetaStoreHandler(HiveMetaStore.HMSHandler handler)
HiveMetastoreAuthorizationProvider
setMetaStoreHandler
in interface HiveMetastoreAuthorizationProvider
protected org.apache.hadoop.fs.permission.FsAction getFsAction(Privilege priv)
protected EnumSet<org.apache.hadoop.fs.permission.FsAction> getFsActions(Privilege[] privs)
public void authorize(org.apache.hadoop.fs.Path path, Privilege[] readRequiredPriv, Privilege[] writeRequiredPriv) throws HiveException, AuthorizationException
path
- a filesystem pathreadRequiredPriv
- a list of privileges needed for inputs.writeRequiredPriv
- a list of privileges needed for outputs.HiveException
AuthorizationException
protected void checkPermissions(org.apache.hadoop.conf.Configuration conf, org.apache.hadoop.fs.Path path, EnumSet<org.apache.hadoop.fs.permission.FsAction> actions) throws IOException, LoginException, HiveException
IOException
LoginException
HiveException
protected static void checkPermissions(org.apache.hadoop.fs.FileSystem fs, org.apache.hadoop.fs.FileStatus stat, EnumSet<org.apache.hadoop.fs.permission.FsAction> actions, String user) throws IOException, AccessControlException, HiveException
protected org.apache.hadoop.fs.Path getDbLocation(Database db) throws HiveException
HiveException
public void authorizeAuthorizationApiInvocation() throws HiveException, AuthorizationException
HiveMetastoreAuthorizationProvider
authorizeAuthorizationApiInvocation
in interface HiveMetastoreAuthorizationProvider
HiveException
AuthorizationException
Copyright © 2017 The Apache Software Foundation. All rights reserved.