Package org.apache.hadoop.hive.ql.security.authorization.plugin

Examples of org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException

312
313
314
315
316
317
318
  private static void throwGetPrivErr(Exception e, HivePrivilegeObject hivePrivObject,
      String userName) throws HiveAuthzPluginException {
    String msg = "Error getting privileges on " + hivePrivObject + " for " + userName + ": "
      + e.getMessage();
    throw new HiveAuthzPluginException(msg, e);
  }
View Full Code Here
322
323
324
325
326
327
328
329
330
331
332
    RequiredPrivileges reqPrivs = new RequiredPrivileges();
    // add user privileges
    Map<String, List<PrivilegeGrantInfo>> userPrivs = thrifPrivs.getUserPrivileges();
    if (userPrivs != null && userPrivs.size() != 1) {
      throw new HiveAuthzPluginException("Invalid number of user privilege objects: "
          + userPrivs.size());
    }
    addRequiredPrivs(reqPrivs, userPrivs);

    // add role privileges
View Full Code Here
397
398
399
400
401
402
403
404
405
      if (FileUtils.isActionPermittedForFileHierarchy(fs, fileStatus, userName, FsAction.READ)) {
        availPrivs.addPrivilege(SQLPrivTypeGrant.SELECT_NOGRANT);
      }
    } catch (Exception e) {
      String msg = "Error getting permissions for " + filePath + ": " + e.getMessage();
      throw new HiveAuthzPluginException(msg, e);
    }
    return availPrivs;
  }
View Full Code Here
414
415
416
417
418
419
420
      throw new HiveAccessControlException(errorMessage);
    }
  }

  static HiveAuthzPluginException getPluginException(String prefix, Exception e) {
    return new HiveAuthzPluginException(prefix + ": " + e.getMessage(), e);
  }
View Full Code Here
436
437
438
439
440
441
442
443
      return hPrincipal;
    case ROLE:
      // lower case role names, for case insensitive behavior
      return new HivePrincipal(hPrincipal.getName().toLowerCase(), hPrincipal.getType());
    default:
      throw new HiveAuthzPluginException("Invalid principal type in principal " + hPrincipal);
    }
  }
View Full Code Here
255
256
257
258
259
260
261
262
263
264
265
    if (!isUserAdmin()) {
      throw new HiveAccessControlException("Current user : " + currentUserName+ " is not"
      + " allowed to add roles. " + ADMIN_ONLY_MSG);
    }
    if (RESERVED_ROLE_NAMES.contains(roleName.trim().toUpperCase())) {
      throw new HiveAuthzPluginException("Role name cannot be one of the reserved roles: " +
          RESERVED_ROLE_NAMES);
    }
    try {
      String grantorName = adminGrantor == null ? null : adminGrantor.getName();
      metastoreClientFactory.getHiveMetastoreClient().create_role(
View Full Code Here
64
65
66
67
68
69
70
71
72
73
74
  }

  private void assertHiveCliAuthDisabled(HiveConf conf) throws HiveAuthzPluginException {
    if (ctx.getClientType() == CLIENT_TYPE.HIVECLI
        && conf.getBoolVar(ConfVars.HIVE_AUTHORIZATION_ENABLED)) {
      throw new HiveAuthzPluginException(
          "SQL standards based authorization should not be enabled from hive cli"
              + "Instead the use of storage based authorization in hive metastore is reccomended. Set "
              + ConfVars.HIVE_AUTHORIZATION_ENABLED.varname + "=false to disable authz within cli");
    }
  }
View Full Code Here
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
      HivePrincipal grantorPrincipal, boolean grantOption) throws HiveAuthzPluginException {
    HiveObjectRef privObj = getThriftHiveObjectRef(hivePrivObject);
    PrivilegeBag privBag = new PrivilegeBag();
    for (HivePrivilege privilege : hivePrivileges) {
      if (privilege.getColumns() != null && privilege.getColumns().size() > 0) {
        throw new HiveAuthzPluginException("Privileges on columns not supported currently"
            + " in sql standard authorization mode");
      }
      if (!SUPPORTED_PRIVS_SET.contains(privilege.getName().toUpperCase(Locale.US))) {
        throw new HiveAuthzPluginException("Privilege: " + privilege.getName()
            + " is not supported in sql standard authorization mode");
      }
      PrivilegeGrantInfo grantInfo = getThriftPrivilegeGrantInfo(privilege, grantorPrincipal,
          grantOption, 0 /*real grant time added by metastore*/);
      for (HivePrincipal principal : hivePrincipals) {
View Full Code Here
107
108
109
110
111
112
113
114
          throws HiveAuthzPluginException {
    try {
      return AuthorizationUtils.getThriftPrivilegeGrantInfo(privilege, grantorPrincipal,
          grantOption, grantTime);
    } catch (HiveException e) {
      throw new HiveAuthzPluginException(e);
    }
  }
View Full Code Here
123
124
125
126
127
128
129
130
  static HiveObjectRef getThriftHiveObjectRef(HivePrivilegeObject privObj)
      throws HiveAuthzPluginException {
    try {
      return AuthorizationUtils.getThriftHiveObjectRef(privObj);
    } catch (HiveException e) {
      throw new HiveAuthzPluginException(e);
    }
  }
View Full Code Here
TOP

Related Classes of org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException

  • org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.RevokePrivAuthUtils
  • org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLAuthorizationUtils
  • org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAccessController
  • org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizationValidator
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.