@InterfaceAudience.LimitedPrivate(value="") @InterfaceStability.Evolving public class HiveAuthorizerImpl extends Object implements HiveAuthorizer
HiveAccessController
and HiveAuthorizationValidator
to constructor.HiveAuthorizer.VERSION
Constructor and Description |
---|
HiveAuthorizerImpl(HiveAccessController accessController,
HiveAuthorizationValidator authValidator) |
Modifier and Type | Method and Description |
---|---|
void |
applyAuthorizationConfigPolicy(HiveConf hiveConf)
Modify the given HiveConf object to configure authorization related parameters
or other parameters related to hive security
|
void |
checkPrivileges(HiveOperationType hiveOpType,
List<HivePrivilegeObject> inputHObjs,
List<HivePrivilegeObject> outputHObjs,
HiveAuthzContext context)
Check if user has privileges to do this action on these objects
|
void |
createRole(String roleName,
HivePrincipal adminGrantor)
Create role
|
void |
dropRole(String roleName)
Drop role
|
List<HivePrivilegeObject> |
filterListCmdObjects(List<HivePrivilegeObject> listObjs,
HiveAuthzContext context)
Filter out any objects that should not be shown to the user, from the list of
tables or databases coming from a 'show tables' or 'show databases' command
|
List<String> |
getAllRoles() |
List<String> |
getCurrentRoleNames() |
List<HiveRoleGrant> |
getPrincipalGrantInfoForRole(String roleName)
Get the grant information for principals granted the given role
|
List<HiveRoleGrant> |
getRoleGrantInfoForPrincipal(HivePrincipal principal)
Get the grant information of roles the given principal belongs to
|
HiveAuthorizer.VERSION |
getVersion() |
void |
grantPrivileges(List<HivePrincipal> hivePrincipals,
List<HivePrivilege> hivePrivileges,
HivePrivilegeObject hivePrivObject,
HivePrincipal grantorPrincipal,
boolean grantOption)
Grant privileges for principals on the object
|
void |
grantRole(List<HivePrincipal> hivePrincipals,
List<String> roles,
boolean grantOption,
HivePrincipal grantorPrinc)
Grant roles in given roles list to principals in given hivePrincipals list
|
void |
revokePrivileges(List<HivePrincipal> hivePrincipals,
List<HivePrivilege> hivePrivileges,
HivePrivilegeObject hivePrivObject,
HivePrincipal grantorPrincipal,
boolean grantOption)
Revoke privileges for principals on the object
|
void |
revokeRole(List<HivePrincipal> hivePrincipals,
List<String> roles,
boolean grantOption,
HivePrincipal grantorPrinc)
Revoke roles in given roles list to principals in given hivePrincipals list
|
void |
setCurrentRole(String roleName)
Set the current role to roleName argument
|
List<HivePrivilegeInfo> |
showPrivileges(HivePrincipal principal,
HivePrivilegeObject privObj)
Show privileges for given principal on given object
|
public HiveAuthorizerImpl(HiveAccessController accessController, HiveAuthorizationValidator authValidator)
public void grantPrivileges(List<HivePrincipal> hivePrincipals, List<HivePrivilege> hivePrivileges, HivePrivilegeObject hivePrivObject, HivePrincipal grantorPrincipal, boolean grantOption) throws HiveAuthzPluginException, HiveAccessControlException
HiveAuthorizer
grantPrivileges
in interface HiveAuthorizer
HiveAuthzPluginException
HiveAccessControlException
public void revokePrivileges(List<HivePrincipal> hivePrincipals, List<HivePrivilege> hivePrivileges, HivePrivilegeObject hivePrivObject, HivePrincipal grantorPrincipal, boolean grantOption) throws HiveAuthzPluginException, HiveAccessControlException
HiveAuthorizer
revokePrivileges
in interface HiveAuthorizer
HiveAuthzPluginException
HiveAccessControlException
public void createRole(String roleName, HivePrincipal adminGrantor) throws HiveAuthzPluginException, HiveAccessControlException
HiveAuthorizer
createRole
in interface HiveAuthorizer
adminGrantor
- - The user in "[ WITH ADMIN HiveAuthzPluginException
HiveAccessControlException
public void dropRole(String roleName) throws HiveAuthzPluginException, HiveAccessControlException
HiveAuthorizer
dropRole
in interface HiveAuthorizer
HiveAuthzPluginException
HiveAccessControlException
public void grantRole(List<HivePrincipal> hivePrincipals, List<String> roles, boolean grantOption, HivePrincipal grantorPrinc) throws HiveAuthzPluginException, HiveAccessControlException
HiveAuthorizer
grantRole
in interface HiveAuthorizer
HiveAuthzPluginException
HiveAccessControlException
public void revokeRole(List<HivePrincipal> hivePrincipals, List<String> roles, boolean grantOption, HivePrincipal grantorPrinc) throws HiveAuthzPluginException, HiveAccessControlException
HiveAuthorizer
revokeRole
in interface HiveAuthorizer
HiveAuthzPluginException
HiveAccessControlException
public void checkPrivileges(HiveOperationType hiveOpType, List<HivePrivilegeObject> inputHObjs, List<HivePrivilegeObject> outputHObjs, HiveAuthzContext context) throws HiveAuthzPluginException, HiveAccessControlException
HiveAuthorizer
checkPrivileges
in interface HiveAuthorizer
HiveAuthzPluginException
HiveAccessControlException
public List<HivePrivilegeObject> filterListCmdObjects(List<HivePrivilegeObject> listObjs, HiveAuthzContext context) throws HiveAuthzPluginException, HiveAccessControlException
HiveAuthorizer
filterListCmdObjects
in interface HiveAuthorizer
listObjs
- List of all objects obtained as result of a show commandHiveAuthzPluginException
HiveAccessControlException
public List<String> getAllRoles() throws HiveAuthzPluginException, HiveAccessControlException
getAllRoles
in interface HiveAuthorizer
HiveAuthzPluginException
HiveAccessControlException
public List<HivePrivilegeInfo> showPrivileges(HivePrincipal principal, HivePrivilegeObject privObj) throws HiveAuthzPluginException, HiveAccessControlException
HiveAuthorizer
showPrivileges
in interface HiveAuthorizer
HiveAuthzPluginException
HiveAccessControlException
public HiveAuthorizer.VERSION getVersion()
getVersion
in interface HiveAuthorizer
public void setCurrentRole(String roleName) throws HiveAccessControlException, HiveAuthzPluginException
HiveAuthorizer
setCurrentRole
in interface HiveAuthorizer
HiveAccessControlException
HiveAuthzPluginException
public List<String> getCurrentRoleNames() throws HiveAuthzPluginException
getCurrentRoleNames
in interface HiveAuthorizer
HiveAuthzPluginException
public List<HiveRoleGrant> getPrincipalGrantInfoForRole(String roleName) throws HiveAuthzPluginException, HiveAccessControlException
HiveAuthorizer
getPrincipalGrantInfoForRole
in interface HiveAuthorizer
HiveAuthzPluginException
HiveAccessControlException
public List<HiveRoleGrant> getRoleGrantInfoForPrincipal(HivePrincipal principal) throws HiveAuthzPluginException, HiveAccessControlException
HiveAuthorizer
getRoleGrantInfoForPrincipal
in interface HiveAuthorizer
HiveAuthzPluginException
HiveAccessControlException
public void applyAuthorizationConfigPolicy(HiveConf hiveConf) throws HiveAuthzPluginException
HiveAuthorizer
applyAuthorizationConfigPolicy
in interface HiveAuthorizer
HiveAuthzPluginException
Copyright © 2017 The Apache Software Foundation. All rights reserved.