Package io.trino.plugin.hive.security
Class SqlStandardAccessControlMetadata
- java.lang.Object
-
- io.trino.plugin.hive.security.SqlStandardAccessControlMetadata
-
- All Implemented Interfaces:
AccessControlMetadata
public class SqlStandardAccessControlMetadata extends Object implements AccessControlMetadata
-
-
Constructor Summary
Constructors Constructor Description SqlStandardAccessControlMetadata(SqlStandardAccessControlMetadataMetastore metastore)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voidcreateRole(ConnectorSession session, String role, Optional<HivePrincipal> grantor)Creates the specified role.voiddropRole(ConnectorSession session, String role)Drops the specified role.voidgrantRoles(ConnectorSession session, Set<String> roles, Set<HivePrincipal> grantees, boolean adminOption, Optional<HivePrincipal> grantor)Grants the specified roles to the specified granteesvoidgrantTablePrivileges(ConnectorSession session, SchemaTableName schemaTableName, Set<Privilege> privileges, HivePrincipal grantee, boolean grantOption)Grants the specified privilege to the specified user on the specified tableSet<RoleGrant>listAllRoleGrants(ConnectorSession session, Optional<Set<String>> roles, Optional<Set<String>> grantees, OptionalLong limit)List principals for a given role, not recursively.Set<RoleGrant>listApplicableRoles(ConnectorSession session, HivePrincipal principal)List applicable roles, including the transitive grants, for the specified principalSet<String>listEnabledRoles(ConnectorSession session)List applicable roles, including the transitive grants, in given sessionSet<RoleGrant>listRoleGrants(ConnectorSession session, HivePrincipal principal)List role grants for a given principal, not recursively.Set<String>listRoles(ConnectorSession session)List available roles.List<GrantInfo>listTablePrivileges(ConnectorSession session, List<SchemaTableName> tableNames)List the table privileges granted to the specified grantee for the tables that have the specified prefix considering the selected session rolevoidrevokeRoles(ConnectorSession session, Set<String> roles, Set<HivePrincipal> grantees, boolean adminOption, Optional<HivePrincipal> grantor)Revokes the specified roles from the specified granteesvoidrevokeTablePrivileges(ConnectorSession session, SchemaTableName schemaTableName, Set<Privilege> privileges, HivePrincipal grantee, boolean grantOption)Revokes the specified privilege on the specified table from the specified user-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface io.trino.plugin.hive.security.AccessControlMetadata
grantSchemaPrivileges, revokeSchemaPrivileges
-
-
-
-
Constructor Detail
-
SqlStandardAccessControlMetadata
public SqlStandardAccessControlMetadata(SqlStandardAccessControlMetadataMetastore metastore)
-
-
Method Detail
-
createRole
public void createRole(ConnectorSession session, String role, Optional<HivePrincipal> grantor)
Description copied from interface:AccessControlMetadataCreates the specified role.- Specified by:
createRolein interfaceAccessControlMetadatagrantor- represents the principal specified by WITH ADMIN statement
-
dropRole
public void dropRole(ConnectorSession session, String role)
Description copied from interface:AccessControlMetadataDrops the specified role.- Specified by:
dropRolein interfaceAccessControlMetadata
-
listRoles
public Set<String> listRoles(ConnectorSession session)
Description copied from interface:AccessControlMetadataList available roles.- Specified by:
listRolesin interfaceAccessControlMetadata
-
listAllRoleGrants
public Set<RoleGrant> listAllRoleGrants(ConnectorSession session, Optional<Set<String>> roles, Optional<Set<String>> grantees, OptionalLong limit)
Description copied from interface:AccessControlMetadataList principals for a given role, not recursively.- Specified by:
listAllRoleGrantsin interfaceAccessControlMetadata
-
listRoleGrants
public Set<RoleGrant> listRoleGrants(ConnectorSession session, HivePrincipal principal)
Description copied from interface:AccessControlMetadataList role grants for a given principal, not recursively.- Specified by:
listRoleGrantsin interfaceAccessControlMetadata
-
grantRoles
public void grantRoles(ConnectorSession session, Set<String> roles, Set<HivePrincipal> grantees, boolean adminOption, Optional<HivePrincipal> grantor)
Description copied from interface:AccessControlMetadataGrants the specified roles to the specified grantees- Specified by:
grantRolesin interfaceAccessControlMetadatagrantor- represents the principal specified by GRANTED BY statement
-
revokeRoles
public void revokeRoles(ConnectorSession session, Set<String> roles, Set<HivePrincipal> grantees, boolean adminOption, Optional<HivePrincipal> grantor)
Description copied from interface:AccessControlMetadataRevokes the specified roles from the specified grantees- Specified by:
revokeRolesin interfaceAccessControlMetadatagrantor- represents the principal specified by GRANTED BY statement
-
listApplicableRoles
public Set<RoleGrant> listApplicableRoles(ConnectorSession session, HivePrincipal principal)
Description copied from interface:AccessControlMetadataList applicable roles, including the transitive grants, for the specified principal- Specified by:
listApplicableRolesin interfaceAccessControlMetadata
-
listEnabledRoles
public Set<String> listEnabledRoles(ConnectorSession session)
Description copied from interface:AccessControlMetadataList applicable roles, including the transitive grants, in given session- Specified by:
listEnabledRolesin interfaceAccessControlMetadata
-
grantTablePrivileges
public void grantTablePrivileges(ConnectorSession session, SchemaTableName schemaTableName, Set<Privilege> privileges, HivePrincipal grantee, boolean grantOption)
Description copied from interface:AccessControlMetadataGrants the specified privilege to the specified user on the specified table- Specified by:
grantTablePrivilegesin interfaceAccessControlMetadata
-
revokeTablePrivileges
public void revokeTablePrivileges(ConnectorSession session, SchemaTableName schemaTableName, Set<Privilege> privileges, HivePrincipal grantee, boolean grantOption)
Description copied from interface:AccessControlMetadataRevokes the specified privilege on the specified table from the specified user- Specified by:
revokeTablePrivilegesin interfaceAccessControlMetadata
-
listTablePrivileges
public List<GrantInfo> listTablePrivileges(ConnectorSession session, List<SchemaTableName> tableNames)
Description copied from interface:AccessControlMetadataList the table privileges granted to the specified grantee for the tables that have the specified prefix considering the selected session role- Specified by:
listTablePrivilegesin interfaceAccessControlMetadata
-
-