Package | Description |
---|---|
org.apache.hadoop.hive.ql.security.authorization | |
org.apache.hadoop.hive.ql.security.authorization.plugin |
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements.
|
org.apache.hadoop.hive.ql.security.authorization.plugin.fallback | |
org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd |
Modifier and Type | Method and Description |
---|---|
void |
AuthorizationFactory.AuthorizationExceptionHandler.exception(Exception exception) |
void |
AuthorizationFactory.DefaultAuthorizationExceptionHandler.exception(Exception exception) |
Modifier and Type | Method and Description |
---|---|
void |
HiveAccessController.applyAuthorizationConfigPolicy(HiveConf hiveConf) |
void |
HiveAuthorizerImpl.applyAuthorizationConfigPolicy(HiveConf hiveConf) |
void |
HiveAuthorizer.applyAuthorizationConfigPolicy(HiveConf hiveConf)
Modify the given HiveConf object to configure authorization related parameters
or other parameters related to hive security
|
void |
HiveAuthorizationValidator.checkPrivileges(HiveOperationType hiveOpType,
List<HivePrivilegeObject> inputHObjs,
List<HivePrivilegeObject> outputHObjs,
HiveAuthzContext context)
see HiveAuthorizer.checkPrivileges
|
void |
HiveV1Authorizer.checkPrivileges(HiveOperationType hiveOpType,
List<HivePrivilegeObject> inputsHObjs,
List<HivePrivilegeObject> outputHObjs,
HiveAuthzContext context) |
void |
HiveAuthorizerImpl.checkPrivileges(HiveOperationType hiveOpType,
List<HivePrivilegeObject> inputHObjs,
List<HivePrivilegeObject> outputHObjs,
HiveAuthzContext context) |
void |
HiveAuthorizer.checkPrivileges(HiveOperationType hiveOpType,
List<HivePrivilegeObject> inputsHObjs,
List<HivePrivilegeObject> outputHObjs,
HiveAuthzContext context)
Check if user has privileges to do this action on these objects
|
HiveAuthorizer |
HiveAuthorizerFactory.createHiveAuthorizer(HiveMetastoreClientFactory metastoreClientFactory,
HiveConf conf,
HiveAuthenticationProvider hiveAuthenticator,
HiveAuthzSessionContext ctx)
Create a new instance of HiveAuthorizer, initialized with the given objects.
|
void |
HiveV1Authorizer.createRole(String roleName,
HivePrincipal adminGrantor) |
void |
HiveAccessController.createRole(String roleName,
HivePrincipal adminGrantor) |
void |
HiveAuthorizerImpl.createRole(String roleName,
HivePrincipal adminGrantor) |
void |
HiveAuthorizer.createRole(String roleName,
HivePrincipal adminGrantor)
Create role
|
void |
HiveV1Authorizer.dropRole(String roleName) |
void |
HiveAccessController.dropRole(String roleName) |
void |
HiveAuthorizerImpl.dropRole(String roleName) |
void |
HiveAuthorizer.dropRole(String roleName)
Drop role
|
List<HivePrivilegeObject> |
HiveV1Authorizer.filterListCmdObjects(List<HivePrivilegeObject> listObjs,
HiveAuthzContext context) |
List<HivePrivilegeObject> |
HiveAuthorizerImpl.filterListCmdObjects(List<HivePrivilegeObject> listObjs,
HiveAuthzContext context) |
List<HivePrivilegeObject> |
HiveAuthorizer.filterListCmdObjects(List<HivePrivilegeObject> listObjs,
HiveAuthzContext context)
Filter out any objects that should not be shown to the user, from the list of
tables or databases coming from a 'show tables' or 'show databases' command
|
List<String> |
HiveV1Authorizer.getAllRoles() |
List<String> |
HiveAccessController.getAllRoles() |
List<String> |
HiveAuthorizerImpl.getAllRoles() |
List<String> |
HiveAuthorizer.getAllRoles() |
List<String> |
HiveV1Authorizer.getCurrentRoleNames() |
List<String> |
HiveAccessController.getCurrentRoleNames() |
List<String> |
HiveAuthorizerImpl.getCurrentRoleNames() |
List<String> |
HiveAuthorizer.getCurrentRoleNames() |
Object |
HiveAuthorizer.getHiveAuthorizationTranslator()
Get a
HiveAuthorizationTranslator implementation. |
HiveAuthorizationTranslator |
AbstractHiveAuthorizer.getHiveAuthorizationTranslator() |
IMetaStoreClient |
HiveMetastoreClientFactoryImpl.getHiveMetastoreClient() |
IMetaStoreClient |
HiveMetastoreClientFactory.getHiveMetastoreClient() |
List<HiveRoleGrant> |
HiveV1Authorizer.getPrincipalGrantInfoForRole(String roleName) |
List<HiveRoleGrant> |
HiveAccessController.getPrincipalGrantInfoForRole(String roleName) |
List<HiveRoleGrant> |
HiveAuthorizerImpl.getPrincipalGrantInfoForRole(String roleName) |
List<HiveRoleGrant> |
HiveAuthorizer.getPrincipalGrantInfoForRole(String roleName)
Get the grant information for principals granted the given role
|
List<HiveRoleGrant> |
HiveV1Authorizer.getRoleGrantInfoForPrincipal(HivePrincipal principal) |
List<HiveRoleGrant> |
HiveAccessController.getRoleGrantInfoForPrincipal(HivePrincipal principal) |
List<HiveRoleGrant> |
HiveAuthorizerImpl.getRoleGrantInfoForPrincipal(HivePrincipal principal) |
List<HiveRoleGrant> |
HiveAuthorizer.getRoleGrantInfoForPrincipal(HivePrincipal principal)
Get the grant information of roles the given principal belongs to
|
void |
HiveV1Authorizer.grantPrivileges(List<HivePrincipal> principals,
List<HivePrivilege> privileges,
HivePrivilegeObject privObject,
HivePrincipal grantor,
boolean grantOption) |
void |
HiveAccessController.grantPrivileges(List<HivePrincipal> hivePrincipals,
List<HivePrivilege> hivePrivileges,
HivePrivilegeObject hivePrivObject,
HivePrincipal grantorPrincipal,
boolean grantOption) |
void |
HiveAuthorizerImpl.grantPrivileges(List<HivePrincipal> hivePrincipals,
List<HivePrivilege> hivePrivileges,
HivePrivilegeObject hivePrivObject,
HivePrincipal grantorPrincipal,
boolean grantOption) |
void |
HiveAuthorizer.grantPrivileges(List<HivePrincipal> hivePrincipals,
List<HivePrivilege> hivePrivileges,
HivePrivilegeObject hivePrivObject,
HivePrincipal grantorPrincipal,
boolean grantOption)
Grant privileges for principals on the object
|
void |
HiveV1Authorizer.grantRole(List<HivePrincipal> principals,
List<String> roles,
boolean grantOption,
HivePrincipal grantor) |
void |
HiveAccessController.grantRole(List<HivePrincipal> hivePrincipals,
List<String> roles,
boolean grantOption,
HivePrincipal grantorPrinc) |
void |
HiveAuthorizerImpl.grantRole(List<HivePrincipal> hivePrincipals,
List<String> roles,
boolean grantOption,
HivePrincipal grantorPrinc) |
void |
HiveAuthorizer.grantRole(List<HivePrincipal> hivePrincipals,
List<String> roles,
boolean grantOption,
HivePrincipal grantorPrinc)
Grant roles in given roles list to principals in given hivePrincipals list
|
void |
HiveV1Authorizer.revokePrivileges(List<HivePrincipal> principals,
List<HivePrivilege> privileges,
HivePrivilegeObject privObject,
HivePrincipal grantor,
boolean grantOption) |
void |
HiveAccessController.revokePrivileges(List<HivePrincipal> hivePrincipals,
List<HivePrivilege> hivePrivileges,
HivePrivilegeObject hivePrivObject,
HivePrincipal grantorPrincipal,
boolean grantOption) |
void |
HiveAuthorizerImpl.revokePrivileges(List<HivePrincipal> hivePrincipals,
List<HivePrivilege> hivePrivileges,
HivePrivilegeObject hivePrivObject,
HivePrincipal grantorPrincipal,
boolean grantOption) |
void |
HiveAuthorizer.revokePrivileges(List<HivePrincipal> hivePrincipals,
List<HivePrivilege> hivePrivileges,
HivePrivilegeObject hivePrivObject,
HivePrincipal grantorPrincipal,
boolean grantOption)
Revoke privileges for principals on the object
|
void |
HiveV1Authorizer.revokeRole(List<HivePrincipal> principals,
List<String> roles,
boolean grantOption,
HivePrincipal grantor) |
void |
HiveAccessController.revokeRole(List<HivePrincipal> hivePrincipals,
List<String> roles,
boolean grantOption,
HivePrincipal grantorPrinc) |
void |
HiveAuthorizerImpl.revokeRole(List<HivePrincipal> hivePrincipals,
List<String> roles,
boolean grantOption,
HivePrincipal grantorPrinc) |
void |
HiveAuthorizer.revokeRole(List<HivePrincipal> hivePrincipals,
List<String> roles,
boolean grantOption,
HivePrincipal grantorPrinc)
Revoke roles in given roles list to principals in given hivePrincipals list
|
void |
HiveV1Authorizer.setCurrentRole(String roleName) |
void |
HiveAccessController.setCurrentRole(String roleName) |
void |
HiveAuthorizerImpl.setCurrentRole(String roleName) |
void |
HiveAuthorizer.setCurrentRole(String roleName)
Set the current role to roleName argument
|
static void |
SettableConfigUpdater.setHiveConfWhiteList(HiveConf hiveConf) |
List<HivePrivilegeInfo> |
HiveV1Authorizer.showPrivileges(HivePrincipal principal,
HivePrivilegeObject privObj) |
List<HivePrivilegeInfo> |
HiveAccessController.showPrivileges(HivePrincipal principal,
HivePrivilegeObject privObj) |
List<HivePrivilegeInfo> |
HiveAuthorizerImpl.showPrivileges(HivePrincipal principal,
HivePrivilegeObject privObj) |
List<HivePrivilegeInfo> |
HiveAuthorizer.showPrivileges(HivePrincipal principal,
HivePrivilegeObject privObj)
Show privileges for given principal on given object
|
Modifier and Type | Method and Description |
---|---|
void |
FallbackHiveAuthorizer.applyAuthorizationConfigPolicy(HiveConf hiveConf) |
void |
FallbackHiveAuthorizer.checkPrivileges(HiveOperationType hiveOpType,
List<HivePrivilegeObject> inputHObjs,
List<HivePrivilegeObject> outputHObjs,
HiveAuthzContext context) |
void |
FallbackHiveAuthorizer.createRole(String roleName,
HivePrincipal adminGrantor) |
void |
FallbackHiveAuthorizer.dropRole(String roleName) |
List<String> |
FallbackHiveAuthorizer.getAllRoles() |
List<String> |
FallbackHiveAuthorizer.getCurrentRoleNames() |
List<HiveRoleGrant> |
FallbackHiveAuthorizer.getPrincipalGrantInfoForRole(String roleName) |
List<HiveRoleGrant> |
FallbackHiveAuthorizer.getRoleGrantInfoForPrincipal(HivePrincipal principal) |
void |
FallbackHiveAuthorizer.grantPrivileges(List<HivePrincipal> hivePrincipals,
List<HivePrivilege> hivePrivileges,
HivePrivilegeObject hivePrivObject,
HivePrincipal grantorPrincipal,
boolean grantOption) |
void |
FallbackHiveAuthorizer.grantRole(List<HivePrincipal> hivePrincipals,
List<String> roles,
boolean grantOption,
HivePrincipal grantorPrinc) |
void |
FallbackHiveAuthorizer.revokePrivileges(List<HivePrincipal> hivePrincipals,
List<HivePrivilege> hivePrivileges,
HivePrivilegeObject hivePrivObject,
HivePrincipal grantorPrincipal,
boolean grantOption) |
void |
FallbackHiveAuthorizer.revokeRole(List<HivePrincipal> hivePrincipals,
List<String> roles,
boolean grantOption,
HivePrincipal grantorPrinc) |
void |
FallbackHiveAuthorizer.setCurrentRole(String roleName) |
List<HivePrivilegeInfo> |
FallbackHiveAuthorizer.showPrivileges(HivePrincipal principal,
HivePrivilegeObject privObj) |
Modifier and Type | Method and Description |
---|---|
void |
RequiredPrivileges.addPrivilege(String priv,
boolean withGrant) |
void |
SQLStdHiveAccessController.applyAuthorizationConfigPolicy(HiveConf hiveConf) |
void |
SQLStdHiveAccessControllerWrapper.applyAuthorizationConfigPolicy(HiveConf hiveConf) |
static List<HiveObjectPrivilege> |
RevokePrivAuthUtils.authorizeAndGetRevokePrivileges(List<HivePrincipal> principals,
List<HivePrivilege> hivePrivileges,
HivePrivilegeObject hivePrivObject,
boolean grantOption,
IMetaStoreClient mClient,
String userName) |
void |
DummyHiveAuthorizationValidator.checkPrivileges(HiveOperationType hiveOpType,
List<HivePrivilegeObject> inputHObjs,
List<HivePrivilegeObject> outputHObjs,
HiveAuthzContext context) |
void |
SQLStdHiveAuthorizationValidator.checkPrivileges(HiveOperationType hiveOpType,
List<HivePrivilegeObject> inputHObjs,
List<HivePrivilegeObject> outputHObjs,
HiveAuthzContext context) |
HiveAuthorizer |
SQLStdHiveAuthorizerFactory.createHiveAuthorizer(HiveMetastoreClientFactory metastoreClientFactory,
HiveConf conf,
HiveAuthenticationProvider authenticator,
HiveAuthzSessionContext ctx) |
HiveAuthorizer |
SQLStdConfOnlyAuthorizerFactory.createHiveAuthorizer(HiveMetastoreClientFactory metastoreClientFactory,
HiveConf conf,
HiveAuthenticationProvider authenticator,
HiveAuthzSessionContext ctx) |
void |
SQLStdHiveAccessController.createRole(String roleName,
HivePrincipal adminGrantor) |
void |
SQLStdHiveAccessControllerWrapper.createRole(String roleName,
HivePrincipal adminGrantor) |
void |
SQLStdHiveAccessController.dropRole(String roleName) |
void |
SQLStdHiveAccessControllerWrapper.dropRole(String roleName) |
List<String> |
SQLStdHiveAccessController.getAllRoles() |
List<String> |
SQLStdHiveAccessControllerWrapper.getAllRoles() |
List<String> |
SQLStdHiveAccessController.getCurrentRoleNames() |
List<String> |
SQLStdHiveAccessControllerWrapper.getCurrentRoleNames() |
List<HiveRoleGrant> |
SQLStdHiveAccessController.getPrincipalGrantInfoForRole(String roleName) |
List<HiveRoleGrant> |
SQLStdHiveAccessControllerWrapper.getPrincipalGrantInfoForRole(String roleName) |
static RequiredPrivileges |
SQLAuthorizationUtils.getPrivilegesFromFS(org.apache.hadoop.fs.Path filePath,
HiveConf conf,
String userName)
Map permissions for this uri to SQL Standard privileges
|
static SQLPrivilegeType |
SQLPrivilegeType.getRequirePrivilege(String priv) |
List<HiveRoleGrant> |
SQLStdHiveAccessController.getRoleGrantInfoForPrincipal(HivePrincipal principal) |
List<HiveRoleGrant> |
SQLStdHiveAccessControllerWrapper.getRoleGrantInfoForPrincipal(HivePrincipal principal) |
static SQLPrivTypeGrant |
SQLPrivTypeGrant.getSQLPrivTypeGrant(String privTypeStr,
boolean isGrant)
Find matching enum
|
static HivePrincipal |
SQLAuthorizationUtils.getValidatedPrincipal(HivePrincipal hPrincipal)
Validate the principal type, and convert role name to lower case
|
static List<HivePrincipal> |
SQLAuthorizationUtils.getValidatedPrincipals(List<HivePrincipal> hivePrincipals)
Calls getValidatedPrincipal on each principal in list and updates the list
|
void |
SQLStdHiveAccessController.grantPrivileges(List<HivePrincipal> hivePrincipals,
List<HivePrivilege> hivePrivileges,
HivePrivilegeObject hivePrivObject,
HivePrincipal grantorPrincipal,
boolean grantOption) |
void |
SQLStdHiveAccessControllerWrapper.grantPrivileges(List<HivePrincipal> hivePrincipals,
List<HivePrivilege> hivePrivileges,
HivePrivilegeObject hivePrivObject,
HivePrincipal grantorPrincipal,
boolean grantOption) |
void |
SQLStdHiveAccessController.grantRole(List<HivePrincipal> hivePrincipals,
List<String> roleNames,
boolean grantOption,
HivePrincipal grantorPrinc) |
void |
SQLStdHiveAccessControllerWrapper.grantRole(List<HivePrincipal> hivePrincipals,
List<String> roles,
boolean grantOption,
HivePrincipal grantorPrinc) |
boolean |
SQLStdHiveAccessControllerWrapper.isUserAdmin() |
void |
SQLStdHiveAccessController.revokePrivileges(List<HivePrincipal> hivePrincipals,
List<HivePrivilege> hivePrivileges,
HivePrivilegeObject hivePrivObject,
HivePrincipal grantorPrincipal,
boolean grantOption) |
void |
SQLStdHiveAccessControllerWrapper.revokePrivileges(List<HivePrincipal> hivePrincipals,
List<HivePrivilege> hivePrivileges,
HivePrivilegeObject hivePrivObject,
HivePrincipal grantorPrincipal,
boolean grantOption) |
void |
SQLStdHiveAccessController.revokeRole(List<HivePrincipal> hivePrincipals,
List<String> roleNames,
boolean grantOption,
HivePrincipal grantorPrinc) |
void |
SQLStdHiveAccessControllerWrapper.revokeRole(List<HivePrincipal> hivePrincipals,
List<String> roles,
boolean grantOption,
HivePrincipal grantorPrinc) |
void |
SQLStdHiveAccessController.setCurrentRole(String roleName) |
void |
SQLStdHiveAccessControllerWrapper.setCurrentRole(String roleName) |
List<HivePrivilegeInfo> |
SQLStdHiveAccessController.showPrivileges(HivePrincipal principal,
HivePrivilegeObject privObj) |
List<HivePrivilegeInfo> |
SQLStdHiveAccessControllerWrapper.showPrivileges(HivePrincipal principal,
HivePrivilegeObject privObj) |
static void |
SQLAuthorizationUtils.validatePrivileges(List<HivePrivilege> hivePrivileges)
Check if the privileges are acceptable for SQL Standard authorization implementation
|
Constructor and Description |
---|
SQLStdHiveAccessController(HiveMetastoreClientFactory metastoreClientFactory,
HiveConf conf,
HiveAuthenticationProvider authenticator,
HiveAuthzSessionContext ctx) |
SQLStdHiveAccessControllerWrapper(HiveMetastoreClientFactory metastoreClientFactory,
HiveConf conf,
HiveAuthenticationProvider authenticator,
HiveAuthzSessionContext ctx) |
SQLStdHiveAuthorizationValidator(HiveMetastoreClientFactory metastoreClientFactory,
HiveConf conf,
HiveAuthenticationProvider authenticator,
SQLStdHiveAccessControllerWrapper privilegeManager,
HiveAuthzSessionContext ctx) |
Copyright © 2021 The Apache Software Foundation. All rights reserved.