Package io.trino.plugin.hive.security
Interface AccessControlMetadata
-
- All Known Implementing Classes:
SqlStandardAccessControlMetadata
public interface AccessControlMetadata
-
-
Method Summary
All Methods Instance Methods Default Methods Modifier and Type Method Description default voidcreateRole(ConnectorSession session, String role, Optional<HivePrincipal> grantor)Creates the specified role.default voiddropRole(ConnectorSession session, String role)Drops the specified role.default voidgrantRoles(ConnectorSession connectorSession, Set<String> roles, Set<HivePrincipal> grantees, boolean adminOption, Optional<HivePrincipal> grantor)Grants the specified roles to the specified granteesdefault voidgrantSchemaPrivileges(ConnectorSession session, String schemaName, Set<Privilege> privileges, HivePrincipal grantee, boolean grantOption)Grants the specified privilege to the specified user on the specified schemadefault voidgrantTablePrivileges(ConnectorSession session, SchemaTableName tableName, Set<Privilege> privileges, HivePrincipal grantee, boolean grantOption)Grants the specified privilege to the specified user on the specified tabledefault Set<RoleGrant>listAllRoleGrants(ConnectorSession session, Optional<Set<String>> roles, Optional<Set<String>> grantees, OptionalLong limit)List principals for a given role, not recursively.default Set<RoleGrant>listApplicableRoles(ConnectorSession session, HivePrincipal principal)List applicable roles, including the transitive grants, for the specified principaldefault Set<String>listEnabledRoles(ConnectorSession session)List applicable roles, including the transitive grants, in given sessiondefault Set<RoleGrant>listRoleGrants(ConnectorSession session, HivePrincipal principal)List role grants for a given principal, not recursively.default Set<String>listRoles(ConnectorSession session)List available roles.default List<GrantInfo>listTablePrivileges(ConnectorSession session, List<SchemaTableName> tableName)List the table privileges granted to the specified grantee for the tables that have the specified prefix considering the selected session roledefault voidrevokeRoles(ConnectorSession connectorSession, Set<String> roles, Set<HivePrincipal> grantees, boolean adminOption, Optional<HivePrincipal> grantor)Revokes the specified roles from the specified granteesdefault voidrevokeSchemaPrivileges(ConnectorSession session, String schemaName, Set<Privilege> privileges, HivePrincipal grantee, boolean grantOption)Revokes the specified privilege on the specified schema from the specified userdefault voidrevokeTablePrivileges(ConnectorSession session, SchemaTableName tableName, Set<Privilege> privileges, HivePrincipal grantee, boolean grantOption)Revokes the specified privilege on the specified table from the specified user
-
-
-
Method Detail
-
createRole
default void createRole(ConnectorSession session, String role, Optional<HivePrincipal> grantor)
Creates the specified role.- Parameters:
grantor- represents the principal specified by WITH ADMIN statement
-
dropRole
default void dropRole(ConnectorSession session, String role)
Drops the specified role.
-
listRoles
default Set<String> listRoles(ConnectorSession session)
List available roles.
-
listAllRoleGrants
default Set<RoleGrant> listAllRoleGrants(ConnectorSession session, Optional<Set<String>> roles, Optional<Set<String>> grantees, OptionalLong limit)
List principals for a given role, not recursively.
-
listRoleGrants
default Set<RoleGrant> listRoleGrants(ConnectorSession session, HivePrincipal principal)
List role grants for a given principal, not recursively.
-
grantRoles
default void grantRoles(ConnectorSession connectorSession, Set<String> roles, Set<HivePrincipal> grantees, boolean adminOption, Optional<HivePrincipal> grantor)
Grants the specified roles to the specified grantees- Parameters:
grantor- represents the principal specified by GRANTED BY statement
-
revokeRoles
default void revokeRoles(ConnectorSession connectorSession, Set<String> roles, Set<HivePrincipal> grantees, boolean adminOption, Optional<HivePrincipal> grantor)
Revokes the specified roles from the specified grantees- Parameters:
grantor- represents the principal specified by GRANTED BY statement
-
listApplicableRoles
default Set<RoleGrant> listApplicableRoles(ConnectorSession session, HivePrincipal principal)
List applicable roles, including the transitive grants, for the specified principal
-
listEnabledRoles
default Set<String> listEnabledRoles(ConnectorSession session)
List applicable roles, including the transitive grants, in given session
-
grantSchemaPrivileges
default void grantSchemaPrivileges(ConnectorSession session, String schemaName, Set<Privilege> privileges, HivePrincipal grantee, boolean grantOption)
Grants the specified privilege to the specified user on the specified schema
-
revokeSchemaPrivileges
default void revokeSchemaPrivileges(ConnectorSession session, String schemaName, Set<Privilege> privileges, HivePrincipal grantee, boolean grantOption)
Revokes the specified privilege on the specified schema from the specified user
-
grantTablePrivileges
default void grantTablePrivileges(ConnectorSession session, SchemaTableName tableName, Set<Privilege> privileges, HivePrincipal grantee, boolean grantOption)
Grants the specified privilege to the specified user on the specified table
-
revokeTablePrivileges
default void revokeTablePrivileges(ConnectorSession session, SchemaTableName tableName, Set<Privilege> privileges, HivePrincipal grantee, boolean grantOption)
Revokes the specified privilege on the specified table from the specified user
-
listTablePrivileges
default List<GrantInfo> listTablePrivileges(ConnectorSession session, List<SchemaTableName> tableName)
List the table privileges granted to the specified grantee for the tables that have the specified prefix considering the selected session role
-
-