@InterfaceAudience.Private public class SQLStdHiveAccessControllerWrapper extends Object implements HiveAccessController
SQLStdHiveAccessController
that does validation of
arguments and then calls the real object. Doing the validation in this
separate class, so that the chances of missing any validation is small.
Validations/Conversions to be done
1. Call SQLAuthorizationUtils.getValidatedPrincipals on HivePrincipal to validate and
update
2. Convert roleName to lower caseConstructor and Description |
---|
SQLStdHiveAccessControllerWrapper(HiveMetastoreClientFactory metastoreClientFactory,
HiveConf conf,
HiveAuthenticationProvider authenticator,
HiveAuthzSessionContext ctx) |
public SQLStdHiveAccessControllerWrapper(HiveMetastoreClientFactory metastoreClientFactory, HiveConf conf, HiveAuthenticationProvider authenticator, HiveAuthzSessionContext ctx) throws HiveAuthzPluginException
HiveAuthzPluginException
public void grantPrivileges(List<HivePrincipal> hivePrincipals, List<HivePrivilege> hivePrivileges, HivePrivilegeObject hivePrivObject, HivePrincipal grantorPrincipal, boolean grantOption) throws HiveAuthzPluginException, HiveAccessControlException
grantPrivileges
in interface HiveAccessController
HiveAuthzPluginException
HiveAccessControlException
public void revokePrivileges(List<HivePrincipal> hivePrincipals, List<HivePrivilege> hivePrivileges, HivePrivilegeObject hivePrivObject, HivePrincipal grantorPrincipal, boolean grantOption) throws HiveAuthzPluginException, HiveAccessControlException
revokePrivileges
in interface HiveAccessController
HiveAuthzPluginException
HiveAccessControlException
public void createRole(String roleName, HivePrincipal adminGrantor) throws HiveAuthzPluginException, HiveAccessControlException
createRole
in interface HiveAccessController
HiveAuthzPluginException
HiveAccessControlException
public void dropRole(String roleName) throws HiveAuthzPluginException, HiveAccessControlException
dropRole
in interface HiveAccessController
HiveAuthzPluginException
HiveAccessControlException
public void grantRole(List<HivePrincipal> hivePrincipals, List<String> roles, boolean grantOption, HivePrincipal grantorPrinc) throws HiveAuthzPluginException, HiveAccessControlException
grantRole
in interface HiveAccessController
HiveAuthzPluginException
HiveAccessControlException
public void revokeRole(List<HivePrincipal> hivePrincipals, List<String> roles, boolean grantOption, HivePrincipal grantorPrinc) throws HiveAuthzPluginException, HiveAccessControlException
revokeRole
in interface HiveAccessController
HiveAuthzPluginException
HiveAccessControlException
public List<String> getAllRoles() throws HiveAuthzPluginException, HiveAccessControlException
getAllRoles
in interface HiveAccessController
HiveAuthzPluginException
HiveAccessControlException
public List<HivePrivilegeInfo> showPrivileges(HivePrincipal principal, HivePrivilegeObject privObj) throws HiveAuthzPluginException, HiveAccessControlException
showPrivileges
in interface HiveAccessController
HiveAuthzPluginException
HiveAccessControlException
public void setCurrentRole(String roleName) throws HiveAuthzPluginException, HiveAccessControlException
setCurrentRole
in interface HiveAccessController
HiveAuthzPluginException
HiveAccessControlException
public List<String> getCurrentRoleNames() throws HiveAuthzPluginException
getCurrentRoleNames
in interface HiveAccessController
HiveAuthzPluginException
public List<HiveRoleGrant> getPrincipalGrantInfoForRole(String roleName) throws HiveAuthzPluginException, HiveAccessControlException
getPrincipalGrantInfoForRole
in interface HiveAccessController
HiveAuthzPluginException
HiveAccessControlException
public List<HiveRoleGrant> getRoleGrantInfoForPrincipal(HivePrincipal principal) throws HiveAuthzPluginException, HiveAccessControlException
getRoleGrantInfoForPrincipal
in interface HiveAccessController
HiveAuthzPluginException
HiveAccessControlException
public void applyAuthorizationConfigPolicy(HiveConf hiveConf) throws HiveAuthzPluginException
applyAuthorizationConfigPolicy
in interface HiveAccessController
HiveAuthzPluginException
public boolean isUserAdmin() throws HiveAuthzPluginException
HiveAuthzPluginException
Copyright © 2017 The Apache Software Foundation. All rights reserved.