See: Description
Interface | Description |
---|---|
HiveAccessController |
Interface that is invoked by access control commands, including grant/revoke role/privileges,
create/drop roles, and commands to read the state of authorization rules.
|
HiveAuthorizationValidator |
Interface used to check if user has privileges to perform certain action.
|
HiveAuthorizer |
Interface for hive authorization plugins.
|
HiveAuthorizerFactory |
Implementation of this interface specified through hive configuration will be used to
create
HiveAuthorizer instance used for hive authorization. |
HiveMetastoreClientFactory |
Factory for getting current valid instance of IMetaStoreClient
Metastore client cannot be cached in authorization interface as that
can get invalidated between the calls with the logic in Hive class.
|
Class | Description |
---|---|
AuthorizationMetaStoreFilterHook |
Metastore filter hook for filtering out the list of objects that the current authorization
implementation does not allow user to see
|
DisallowTransformHook | |
HiveAuthorizerImpl |
Convenience implementation of HiveAuthorizer.
|
HiveAuthzContext |
Provides context information in authorization check call that can be used for
auditing and/or authorization.
|
HiveAuthzContext.Builder | |
HiveAuthzSessionContext |
Provides session context information.
|
HiveAuthzSessionContext.Builder | |
HiveMetastoreClientFactoryImpl |
Private implementaiton that returns instance of IMetaStoreClient
|
HivePrincipal |
Represents the user or role in grant/revoke statements
|
HivePrivilege |
Represents the hive privilege being granted/revoked
|
HivePrivilegeInfo |
Represents a privilege granted for an object to a principal
|
HivePrivilegeObject |
Represents the object on which privilege is being granted/revoked, and objects
being used in queries.
|
HivePrivilegeObjectUtils |
Utility functions for working with HivePrivilegeObject
|
HiveRoleGrant |
Represents a grant of a role to a principal
|
HiveV1Authorizer | |
SettableConfigUpdater |
Helper class that can be used by authorization implementations to set a
default list of 'safe' HiveConf parameters that can be edited by user.
|
Enum | Description |
---|---|
HiveAuthorizer.VERSION | |
HiveAuthzSessionContext.CLIENT_TYPE | |
HiveOperationType |
List of hive operations types.
|
HivePrincipal.HivePrincipalType | |
HivePrivilegeObject.HivePrivilegeObjectType |
Note that GLOBAL, PARTITION, COLUMN fields are populated only for Hive's old default
authorization mode.
|
HivePrivilegeObject.HivePrivObjectActionType |
When
HiveOperationType is QUERY, this action type is set so that it is possible
to determine if the action type on this object is an INSERT or INSERT_OVERWRITE |
Exception | Description |
---|---|
HiveAccessControlException |
Exception thrown by the Authorization plugin api (v2).
|
HiveAuthzPluginException |
Exception thrown by the Authorization plugin api (v2).
|
Copyright © 2017 The Apache Software Foundation. All rights reserved.