Package io.prestosql.plugin.base.security

Class FileBasedSystemAccessControl

  • All Implemented Interfaces:
    io.prestosql.spi.security.SystemAccessControl
    public class FileBasedSystemAccessControl
extends java.lang.Object
implements io.prestosql.spi.security.SystemAccessControl

    • Field Summary

      Fields 
      Modifier and Type Field Description
      static java.lang.String NAME  

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void checkCanAccessCatalog​(io.prestosql.spi.security.SystemSecurityContext context, java.lang.String catalogName)  
      void checkCanAddColumn​(io.prestosql.spi.security.SystemSecurityContext context, io.prestosql.spi.connector.CatalogSchemaTableName table)  
      void checkCanCreateSchema​(io.prestosql.spi.security.SystemSecurityContext context, io.prestosql.spi.connector.CatalogSchemaName schema)  
      void checkCanCreateTable​(io.prestosql.spi.security.SystemSecurityContext context, io.prestosql.spi.connector.CatalogSchemaTableName table)  
      void checkCanCreateView​(io.prestosql.spi.security.SystemSecurityContext context, io.prestosql.spi.connector.CatalogSchemaTableName view)  
      void checkCanCreateViewWithSelectFromColumns​(io.prestosql.spi.security.SystemSecurityContext context, io.prestosql.spi.connector.CatalogSchemaTableName table, java.util.Set<java.lang.String> columns)  
      void checkCanDeleteFromTable​(io.prestosql.spi.security.SystemSecurityContext context, io.prestosql.spi.connector.CatalogSchemaTableName table)  
      void checkCanDropColumn​(io.prestosql.spi.security.SystemSecurityContext context, io.prestosql.spi.connector.CatalogSchemaTableName table)  
      void checkCanDropSchema​(io.prestosql.spi.security.SystemSecurityContext context, io.prestosql.spi.connector.CatalogSchemaName schema)  
      void checkCanDropTable​(io.prestosql.spi.security.SystemSecurityContext context, io.prestosql.spi.connector.CatalogSchemaTableName table)  
      void checkCanDropView​(io.prestosql.spi.security.SystemSecurityContext context, io.prestosql.spi.connector.CatalogSchemaTableName view)  
      void checkCanExecuteFunction​(io.prestosql.spi.security.SystemSecurityContext systemSecurityContext, java.lang.String functionName)  
      void checkCanExecuteProcedure​(io.prestosql.spi.security.SystemSecurityContext systemSecurityContext, io.prestosql.spi.connector.CatalogSchemaRoutineName procedure)  
      void checkCanExecuteQuery​(io.prestosql.spi.security.SystemSecurityContext context)  
      void checkCanGrantExecuteFunctionPrivilege​(io.prestosql.spi.security.SystemSecurityContext context, java.lang.String functionName, io.prestosql.spi.security.PrestoPrincipal grantee, boolean grantOption)  
      void checkCanGrantTablePrivilege​(io.prestosql.spi.security.SystemSecurityContext context, io.prestosql.spi.security.Privilege privilege, io.prestosql.spi.connector.CatalogSchemaTableName table, io.prestosql.spi.security.PrestoPrincipal grantee, boolean grantOption)  
      void checkCanImpersonateUser​(io.prestosql.spi.security.SystemSecurityContext context, java.lang.String userName)  
      void checkCanInsertIntoTable​(io.prestosql.spi.security.SystemSecurityContext context, io.prestosql.spi.connector.CatalogSchemaTableName table)  
      void checkCanKillQueryOwnedBy​(io.prestosql.spi.security.SystemSecurityContext context, java.lang.String queryOwner)  
      void checkCanReadSystemInformation​(io.prestosql.spi.security.SystemSecurityContext context)  
      void checkCanRenameColumn​(io.prestosql.spi.security.SystemSecurityContext context, io.prestosql.spi.connector.CatalogSchemaTableName table)  
      void checkCanRenameSchema​(io.prestosql.spi.security.SystemSecurityContext context, io.prestosql.spi.connector.CatalogSchemaName schema, java.lang.String newSchemaName)  
      void checkCanRenameTable​(io.prestosql.spi.security.SystemSecurityContext context, io.prestosql.spi.connector.CatalogSchemaTableName table, io.prestosql.spi.connector.CatalogSchemaTableName newTable)  
      void checkCanRenameView​(io.prestosql.spi.security.SystemSecurityContext context, io.prestosql.spi.connector.CatalogSchemaTableName view, io.prestosql.spi.connector.CatalogSchemaTableName newView)  
      void checkCanRevokeTablePrivilege​(io.prestosql.spi.security.SystemSecurityContext context, io.prestosql.spi.security.Privilege privilege, io.prestosql.spi.connector.CatalogSchemaTableName table, io.prestosql.spi.security.PrestoPrincipal revokee, boolean grantOption)  
      void checkCanSelectFromColumns​(io.prestosql.spi.security.SystemSecurityContext context, io.prestosql.spi.connector.CatalogSchemaTableName table, java.util.Set<java.lang.String> columns)  
      void checkCanSetCatalogSessionProperty​(io.prestosql.spi.security.SystemSecurityContext context, java.lang.String catalogName, java.lang.String propertyName)  
      void checkCanSetColumnComment​(io.prestosql.spi.security.SystemSecurityContext context, io.prestosql.spi.connector.CatalogSchemaTableName table)  
      void checkCanSetSchemaAuthorization​(io.prestosql.spi.security.SystemSecurityContext context, io.prestosql.spi.connector.CatalogSchemaName schema, io.prestosql.spi.security.PrestoPrincipal principal)  
      void checkCanSetSystemSessionProperty​(io.prestosql.spi.security.SystemSecurityContext context, java.lang.String propertyName)  
      void checkCanSetTableComment​(io.prestosql.spi.security.SystemSecurityContext context, io.prestosql.spi.connector.CatalogSchemaTableName table)  
      void checkCanSetUser​(java.util.Optional<java.security.Principal> principal, java.lang.String userName)  
      void checkCanShowColumns​(io.prestosql.spi.security.SystemSecurityContext context, io.prestosql.spi.connector.CatalogSchemaTableName table)  
      void checkCanShowCreateSchema​(io.prestosql.spi.security.SystemSecurityContext context, io.prestosql.spi.connector.CatalogSchemaName schemaName)  
      void checkCanShowCreateTable​(io.prestosql.spi.security.SystemSecurityContext context, io.prestosql.spi.connector.CatalogSchemaTableName table)  
      void checkCanShowRoles​(io.prestosql.spi.security.SystemSecurityContext context, java.lang.String catalogName)  
      void checkCanShowSchemas​(io.prestosql.spi.security.SystemSecurityContext context, java.lang.String catalogName)  
      void checkCanShowTables​(io.prestosql.spi.security.SystemSecurityContext context, io.prestosql.spi.connector.CatalogSchemaName schema)  
      void checkCanViewQueryOwnedBy​(io.prestosql.spi.security.SystemSecurityContext context, java.lang.String queryOwner)  
      void checkCanWriteSystemInformation​(io.prestosql.spi.security.SystemSecurityContext context)  
      java.util.Set<java.lang.String> filterCatalogs​(io.prestosql.spi.security.SystemSecurityContext context, java.util.Set<java.lang.String> catalogs)  
      java.util.List<io.prestosql.spi.connector.ColumnMetadata> filterColumns​(io.prestosql.spi.security.SystemSecurityContext context, io.prestosql.spi.connector.CatalogSchemaTableName tableName, java.util.List<io.prestosql.spi.connector.ColumnMetadata> columns)  
      java.util.Set<java.lang.String> filterSchemas​(io.prestosql.spi.security.SystemSecurityContext context, java.lang.String catalogName, java.util.Set<java.lang.String> schemaNames)  
      java.util.Set<io.prestosql.spi.connector.SchemaTableName> filterTables​(io.prestosql.spi.security.SystemSecurityContext context, java.lang.String catalogName, java.util.Set<io.prestosql.spi.connector.SchemaTableName> tableNames)  
      java.util.Set<java.lang.String> filterViewQueryOwnedBy​(io.prestosql.spi.security.SystemSecurityContext context, java.util.Set<java.lang.String> queryOwners)  
      java.util.Optional<io.prestosql.spi.security.ViewExpression> getColumnMask​(io.prestosql.spi.security.SystemSecurityContext context, io.prestosql.spi.connector.CatalogSchemaTableName tableName, java.lang.String columnName, io.prestosql.spi.type.Type type)  
      java.lang.Iterable<io.prestosql.spi.eventlistener.EventListener> getEventListeners()  
      java.util.Optional<io.prestosql.spi.security.ViewExpression> getRowFilter​(io.prestosql.spi.security.SystemSecurityContext context, io.prestosql.spi.connector.CatalogSchemaTableName tableName)  

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Method Detail

      • checkCanImpersonateUser

        public void checkCanImpersonateUser​(io.prestosql.spi.security.SystemSecurityContext context,
                                    java.lang.String userName)
        Specified by:
        checkCanImpersonateUser in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanSetUser

        public void checkCanSetUser​(java.util.Optional<java.security.Principal> principal,
                            java.lang.String userName)
        Specified by:
        checkCanSetUser in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanExecuteQuery

        public void checkCanExecuteQuery​(io.prestosql.spi.security.SystemSecurityContext context)
        Specified by:
        checkCanExecuteQuery in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanViewQueryOwnedBy

        public void checkCanViewQueryOwnedBy​(io.prestosql.spi.security.SystemSecurityContext context,
                                     java.lang.String queryOwner)
        Specified by:
        checkCanViewQueryOwnedBy in interface io.prestosql.spi.security.SystemAccessControl

      • filterViewQueryOwnedBy

        public java.util.Set<java.lang.String> filterViewQueryOwnedBy​(io.prestosql.spi.security.SystemSecurityContext context,
                                                              java.util.Set<java.lang.String> queryOwners)
        Specified by:
        filterViewQueryOwnedBy in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanKillQueryOwnedBy

        public void checkCanKillQueryOwnedBy​(io.prestosql.spi.security.SystemSecurityContext context,
                                     java.lang.String queryOwner)
        Specified by:
        checkCanKillQueryOwnedBy in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanReadSystemInformation

        public void checkCanReadSystemInformation​(io.prestosql.spi.security.SystemSecurityContext context)
        Specified by:
        checkCanReadSystemInformation in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanWriteSystemInformation

        public void checkCanWriteSystemInformation​(io.prestosql.spi.security.SystemSecurityContext context)
        Specified by:
        checkCanWriteSystemInformation in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanSetSystemSessionProperty

        public void checkCanSetSystemSessionProperty​(io.prestosql.spi.security.SystemSecurityContext context,
                                             java.lang.String propertyName)
        Specified by:
        checkCanSetSystemSessionProperty in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanAccessCatalog

        public void checkCanAccessCatalog​(io.prestosql.spi.security.SystemSecurityContext context,
                                  java.lang.String catalogName)
        Specified by:
        checkCanAccessCatalog in interface io.prestosql.spi.security.SystemAccessControl

      • filterCatalogs

        public java.util.Set<java.lang.String> filterCatalogs​(io.prestosql.spi.security.SystemSecurityContext context,
                                                      java.util.Set<java.lang.String> catalogs)
        Specified by:
        filterCatalogs in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanCreateSchema

        public void checkCanCreateSchema​(io.prestosql.spi.security.SystemSecurityContext context,
                                 io.prestosql.spi.connector.CatalogSchemaName schema)
        Specified by:
        checkCanCreateSchema in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanDropSchema

        public void checkCanDropSchema​(io.prestosql.spi.security.SystemSecurityContext context,
                               io.prestosql.spi.connector.CatalogSchemaName schema)
        Specified by:
        checkCanDropSchema in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanRenameSchema

        public void checkCanRenameSchema​(io.prestosql.spi.security.SystemSecurityContext context,
                                 io.prestosql.spi.connector.CatalogSchemaName schema,
                                 java.lang.String newSchemaName)
        Specified by:
        checkCanRenameSchema in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanSetSchemaAuthorization

        public void checkCanSetSchemaAuthorization​(io.prestosql.spi.security.SystemSecurityContext context,
                                           io.prestosql.spi.connector.CatalogSchemaName schema,
                                           io.prestosql.spi.security.PrestoPrincipal principal)
        Specified by:
        checkCanSetSchemaAuthorization in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanShowSchemas

        public void checkCanShowSchemas​(io.prestosql.spi.security.SystemSecurityContext context,
                                java.lang.String catalogName)
        Specified by:
        checkCanShowSchemas in interface io.prestosql.spi.security.SystemAccessControl

      • filterSchemas

        public java.util.Set<java.lang.String> filterSchemas​(io.prestosql.spi.security.SystemSecurityContext context,
                                                     java.lang.String catalogName,
                                                     java.util.Set<java.lang.String> schemaNames)
        Specified by:
        filterSchemas in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanShowCreateTable

        public void checkCanShowCreateTable​(io.prestosql.spi.security.SystemSecurityContext context,
                                    io.prestosql.spi.connector.CatalogSchemaTableName table)
        Specified by:
        checkCanShowCreateTable in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanShowCreateSchema

        public void checkCanShowCreateSchema​(io.prestosql.spi.security.SystemSecurityContext context,
                                     io.prestosql.spi.connector.CatalogSchemaName schemaName)
        Specified by:
        checkCanShowCreateSchema in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanCreateTable

        public void checkCanCreateTable​(io.prestosql.spi.security.SystemSecurityContext context,
                                io.prestosql.spi.connector.CatalogSchemaTableName table)
        Specified by:
        checkCanCreateTable in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanDropTable

        public void checkCanDropTable​(io.prestosql.spi.security.SystemSecurityContext context,
                              io.prestosql.spi.connector.CatalogSchemaTableName table)
        Specified by:
        checkCanDropTable in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanRenameTable

        public void checkCanRenameTable​(io.prestosql.spi.security.SystemSecurityContext context,
                                io.prestosql.spi.connector.CatalogSchemaTableName table,
                                io.prestosql.spi.connector.CatalogSchemaTableName newTable)
        Specified by:
        checkCanRenameTable in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanSetTableComment

        public void checkCanSetTableComment​(io.prestosql.spi.security.SystemSecurityContext context,
                                    io.prestosql.spi.connector.CatalogSchemaTableName table)
        Specified by:
        checkCanSetTableComment in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanSetColumnComment

        public void checkCanSetColumnComment​(io.prestosql.spi.security.SystemSecurityContext context,
                                     io.prestosql.spi.connector.CatalogSchemaTableName table)
        Specified by:
        checkCanSetColumnComment in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanShowTables

        public void checkCanShowTables​(io.prestosql.spi.security.SystemSecurityContext context,
                               io.prestosql.spi.connector.CatalogSchemaName schema)
        Specified by:
        checkCanShowTables in interface io.prestosql.spi.security.SystemAccessControl

      • filterTables

        public java.util.Set<io.prestosql.spi.connector.SchemaTableName> filterTables​(io.prestosql.spi.security.SystemSecurityContext context,
                                                                              java.lang.String catalogName,
                                                                              java.util.Set<io.prestosql.spi.connector.SchemaTableName> tableNames)
        Specified by:
        filterTables in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanShowColumns

        public void checkCanShowColumns​(io.prestosql.spi.security.SystemSecurityContext context,
                                io.prestosql.spi.connector.CatalogSchemaTableName table)
        Specified by:
        checkCanShowColumns in interface io.prestosql.spi.security.SystemAccessControl

      • filterColumns

        public java.util.List<io.prestosql.spi.connector.ColumnMetadata> filterColumns​(io.prestosql.spi.security.SystemSecurityContext context,
                                                                               io.prestosql.spi.connector.CatalogSchemaTableName tableName,
                                                                               java.util.List<io.prestosql.spi.connector.ColumnMetadata> columns)
        Specified by:
        filterColumns in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanAddColumn

        public void checkCanAddColumn​(io.prestosql.spi.security.SystemSecurityContext context,
                              io.prestosql.spi.connector.CatalogSchemaTableName table)
        Specified by:
        checkCanAddColumn in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanDropColumn

        public void checkCanDropColumn​(io.prestosql.spi.security.SystemSecurityContext context,
                               io.prestosql.spi.connector.CatalogSchemaTableName table)
        Specified by:
        checkCanDropColumn in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanRenameColumn

        public void checkCanRenameColumn​(io.prestosql.spi.security.SystemSecurityContext context,
                                 io.prestosql.spi.connector.CatalogSchemaTableName table)
        Specified by:
        checkCanRenameColumn in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanSelectFromColumns

        public void checkCanSelectFromColumns​(io.prestosql.spi.security.SystemSecurityContext context,
                                      io.prestosql.spi.connector.CatalogSchemaTableName table,
                                      java.util.Set<java.lang.String> columns)
        Specified by:
        checkCanSelectFromColumns in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanInsertIntoTable

        public void checkCanInsertIntoTable​(io.prestosql.spi.security.SystemSecurityContext context,
                                    io.prestosql.spi.connector.CatalogSchemaTableName table)
        Specified by:
        checkCanInsertIntoTable in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanDeleteFromTable

        public void checkCanDeleteFromTable​(io.prestosql.spi.security.SystemSecurityContext context,
                                    io.prestosql.spi.connector.CatalogSchemaTableName table)
        Specified by:
        checkCanDeleteFromTable in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanCreateView

        public void checkCanCreateView​(io.prestosql.spi.security.SystemSecurityContext context,
                               io.prestosql.spi.connector.CatalogSchemaTableName view)
        Specified by:
        checkCanCreateView in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanRenameView

        public void checkCanRenameView​(io.prestosql.spi.security.SystemSecurityContext context,
                               io.prestosql.spi.connector.CatalogSchemaTableName view,
                               io.prestosql.spi.connector.CatalogSchemaTableName newView)
        Specified by:
        checkCanRenameView in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanDropView

        public void checkCanDropView​(io.prestosql.spi.security.SystemSecurityContext context,
                             io.prestosql.spi.connector.CatalogSchemaTableName view)
        Specified by:
        checkCanDropView in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanCreateViewWithSelectFromColumns

        public void checkCanCreateViewWithSelectFromColumns​(io.prestosql.spi.security.SystemSecurityContext context,
                                                    io.prestosql.spi.connector.CatalogSchemaTableName table,
                                                    java.util.Set<java.lang.String> columns)
        Specified by:
        checkCanCreateViewWithSelectFromColumns in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanGrantExecuteFunctionPrivilege

        public void checkCanGrantExecuteFunctionPrivilege​(io.prestosql.spi.security.SystemSecurityContext context,
                                                  java.lang.String functionName,
                                                  io.prestosql.spi.security.PrestoPrincipal grantee,
                                                  boolean grantOption)
        Specified by:
        checkCanGrantExecuteFunctionPrivilege in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanSetCatalogSessionProperty

        public void checkCanSetCatalogSessionProperty​(io.prestosql.spi.security.SystemSecurityContext context,
                                              java.lang.String catalogName,
                                              java.lang.String propertyName)
        Specified by:
        checkCanSetCatalogSessionProperty in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanGrantTablePrivilege

        public void checkCanGrantTablePrivilege​(io.prestosql.spi.security.SystemSecurityContext context,
                                        io.prestosql.spi.security.Privilege privilege,
                                        io.prestosql.spi.connector.CatalogSchemaTableName table,
                                        io.prestosql.spi.security.PrestoPrincipal grantee,
                                        boolean grantOption)
        Specified by:
        checkCanGrantTablePrivilege in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanRevokeTablePrivilege

        public void checkCanRevokeTablePrivilege​(io.prestosql.spi.security.SystemSecurityContext context,
                                         io.prestosql.spi.security.Privilege privilege,
                                         io.prestosql.spi.connector.CatalogSchemaTableName table,
                                         io.prestosql.spi.security.PrestoPrincipal revokee,
                                         boolean grantOption)
        Specified by:
        checkCanRevokeTablePrivilege in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanShowRoles

        public void checkCanShowRoles​(io.prestosql.spi.security.SystemSecurityContext context,
                              java.lang.String catalogName)
        Specified by:
        checkCanShowRoles in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanExecuteProcedure

        public void checkCanExecuteProcedure​(io.prestosql.spi.security.SystemSecurityContext systemSecurityContext,
                                     io.prestosql.spi.connector.CatalogSchemaRoutineName procedure)
        Specified by:
        checkCanExecuteProcedure in interface io.prestosql.spi.security.SystemAccessControl

      • checkCanExecuteFunction

        public void checkCanExecuteFunction​(io.prestosql.spi.security.SystemSecurityContext systemSecurityContext,
                                    java.lang.String functionName)
        Specified by:
        checkCanExecuteFunction in interface io.prestosql.spi.security.SystemAccessControl

      • getEventListeners

        public java.lang.Iterable<io.prestosql.spi.eventlistener.EventListener> getEventListeners()
        Specified by:
        getEventListeners in interface io.prestosql.spi.security.SystemAccessControl

      • getRowFilter

        public java.util.Optional<io.prestosql.spi.security.ViewExpression> getRowFilter​(io.prestosql.spi.security.SystemSecurityContext context,
                                                                                 io.prestosql.spi.connector.CatalogSchemaTableName tableName)
        Specified by:
        getRowFilter in interface io.prestosql.spi.security.SystemAccessControl

      • getColumnMask

        public java.util.Optional<io.prestosql.spi.security.ViewExpression> getColumnMask​(io.prestosql.spi.security.SystemSecurityContext context,
                                                                                  io.prestosql.spi.connector.CatalogSchemaTableName tableName,
                                                                                  java.lang.String columnName,
                                                                                  io.prestosql.spi.type.Type type)
        Specified by:
        getColumnMask in interface io.prestosql.spi.security.SystemAccessControl