@InterfaceAudience.LimitedPrivate(value="") @InterfaceStability.Evolving public class HiveAuthorizerImpl extends Object implements HiveAuthorizer
HiveAccessController and HiveAuthorizationValidator to constructor.HiveAuthorizer.VERSION| Constructor and Description |
|---|
HiveAuthorizerImpl(HiveAccessController accessController,
HiveAuthorizationValidator authValidator) |
| Modifier and Type | Method and Description |
|---|---|
void |
applyAuthorizationConfigPolicy(HiveConf hiveConf)
Modify the given HiveConf object to configure authorization related parameters
or other parameters related to hive security
|
void |
checkPrivileges(HiveOperationType hiveOpType,
List<HivePrivilegeObject> inputHObjs,
List<HivePrivilegeObject> outputHObjs,
HiveAuthzContext context)
Check if user has privileges to do this action on these objects
|
void |
createRole(String roleName,
HivePrincipal adminGrantor)
Create role
|
void |
dropRole(String roleName)
Drop role
|
List<HivePrivilegeObject> |
filterListCmdObjects(List<HivePrivilegeObject> listObjs,
HiveAuthzContext context)
Filter out any objects that should not be shown to the user, from the list of
tables or databases coming from a 'show tables' or 'show databases' command
|
List<String> |
getAllRoles() |
List<String> |
getCurrentRoleNames() |
List<HiveRoleGrant> |
getPrincipalGrantInfoForRole(String roleName)
Get the grant information for principals granted the given role
|
List<HiveRoleGrant> |
getRoleGrantInfoForPrincipal(HivePrincipal principal)
Get the grant information of roles the given principal belongs to
|
HiveAuthorizer.VERSION |
getVersion() |
void |
grantPrivileges(List<HivePrincipal> hivePrincipals,
List<HivePrivilege> hivePrivileges,
HivePrivilegeObject hivePrivObject,
HivePrincipal grantorPrincipal,
boolean grantOption)
Grant privileges for principals on the object
|
void |
grantRole(List<HivePrincipal> hivePrincipals,
List<String> roles,
boolean grantOption,
HivePrincipal grantorPrinc)
Grant roles in given roles list to principals in given hivePrincipals list
|
void |
revokePrivileges(List<HivePrincipal> hivePrincipals,
List<HivePrivilege> hivePrivileges,
HivePrivilegeObject hivePrivObject,
HivePrincipal grantorPrincipal,
boolean grantOption)
Revoke privileges for principals on the object
|
void |
revokeRole(List<HivePrincipal> hivePrincipals,
List<String> roles,
boolean grantOption,
HivePrincipal grantorPrinc)
Revoke roles in given roles list to principals in given hivePrincipals list
|
void |
setCurrentRole(String roleName)
Set the current role to roleName argument
|
List<HivePrivilegeInfo> |
showPrivileges(HivePrincipal principal,
HivePrivilegeObject privObj)
Show privileges for given principal on given object
|
public HiveAuthorizerImpl(HiveAccessController accessController, HiveAuthorizationValidator authValidator)
public void grantPrivileges(List<HivePrincipal> hivePrincipals, List<HivePrivilege> hivePrivileges, HivePrivilegeObject hivePrivObject, HivePrincipal grantorPrincipal, boolean grantOption) throws HiveAuthzPluginException, HiveAccessControlException
HiveAuthorizergrantPrivileges in interface HiveAuthorizerHiveAuthzPluginExceptionHiveAccessControlExceptionpublic void revokePrivileges(List<HivePrincipal> hivePrincipals, List<HivePrivilege> hivePrivileges, HivePrivilegeObject hivePrivObject, HivePrincipal grantorPrincipal, boolean grantOption) throws HiveAuthzPluginException, HiveAccessControlException
HiveAuthorizerrevokePrivileges in interface HiveAuthorizerHiveAuthzPluginExceptionHiveAccessControlExceptionpublic void createRole(String roleName, HivePrincipal adminGrantor) throws HiveAuthzPluginException, HiveAccessControlException
HiveAuthorizercreateRole in interface HiveAuthorizeradminGrantor - - The user in "[ WITH ADMIN HiveAuthzPluginExceptionHiveAccessControlExceptionpublic void dropRole(String roleName) throws HiveAuthzPluginException, HiveAccessControlException
HiveAuthorizerdropRole in interface HiveAuthorizerHiveAuthzPluginExceptionHiveAccessControlExceptionpublic void grantRole(List<HivePrincipal> hivePrincipals, List<String> roles, boolean grantOption, HivePrincipal grantorPrinc) throws HiveAuthzPluginException, HiveAccessControlException
HiveAuthorizergrantRole in interface HiveAuthorizerHiveAuthzPluginExceptionHiveAccessControlExceptionpublic void revokeRole(List<HivePrincipal> hivePrincipals, List<String> roles, boolean grantOption, HivePrincipal grantorPrinc) throws HiveAuthzPluginException, HiveAccessControlException
HiveAuthorizerrevokeRole in interface HiveAuthorizerHiveAuthzPluginExceptionHiveAccessControlExceptionpublic void checkPrivileges(HiveOperationType hiveOpType, List<HivePrivilegeObject> inputHObjs, List<HivePrivilegeObject> outputHObjs, HiveAuthzContext context) throws HiveAuthzPluginException, HiveAccessControlException
HiveAuthorizercheckPrivileges in interface HiveAuthorizerHiveAuthzPluginExceptionHiveAccessControlExceptionpublic List<HivePrivilegeObject> filterListCmdObjects(List<HivePrivilegeObject> listObjs, HiveAuthzContext context) throws HiveAuthzPluginException, HiveAccessControlException
HiveAuthorizerfilterListCmdObjects in interface HiveAuthorizerlistObjs - List of all objects obtained as result of a show commandHiveAuthzPluginExceptionHiveAccessControlExceptionpublic List<String> getAllRoles() throws HiveAuthzPluginException, HiveAccessControlException
getAllRoles in interface HiveAuthorizerHiveAuthzPluginExceptionHiveAccessControlExceptionpublic List<HivePrivilegeInfo> showPrivileges(HivePrincipal principal, HivePrivilegeObject privObj) throws HiveAuthzPluginException, HiveAccessControlException
HiveAuthorizershowPrivileges in interface HiveAuthorizerHiveAuthzPluginExceptionHiveAccessControlExceptionpublic HiveAuthorizer.VERSION getVersion()
getVersion in interface HiveAuthorizerpublic void setCurrentRole(String roleName) throws HiveAccessControlException, HiveAuthzPluginException
HiveAuthorizersetCurrentRole in interface HiveAuthorizerHiveAccessControlExceptionHiveAuthzPluginExceptionpublic List<String> getCurrentRoleNames() throws HiveAuthzPluginException
getCurrentRoleNames in interface HiveAuthorizerHiveAuthzPluginExceptionpublic List<HiveRoleGrant> getPrincipalGrantInfoForRole(String roleName) throws HiveAuthzPluginException, HiveAccessControlException
HiveAuthorizergetPrincipalGrantInfoForRole in interface HiveAuthorizerHiveAuthzPluginExceptionHiveAccessControlExceptionpublic List<HiveRoleGrant> getRoleGrantInfoForPrincipal(HivePrincipal principal) throws HiveAuthzPluginException, HiveAccessControlException
HiveAuthorizergetRoleGrantInfoForPrincipal in interface HiveAuthorizerHiveAuthzPluginExceptionHiveAccessControlExceptionpublic void applyAuthorizationConfigPolicy(HiveConf hiveConf) throws HiveAuthzPluginException
HiveAuthorizerapplyAuthorizationConfigPolicy in interface HiveAuthorizerHiveAuthzPluginExceptionCopyright © 2017 The Apache Software Foundation. All rights reserved.