Interface AccessControlMetadata

All Known Implementing Classes:
SqlStandardAccessControlMetadata
public interface AccessControlMetadata

  • Method Details

    • isUsingSystemSecurity

      default boolean isUsingSystemSecurity()

    • roleExists

      default boolean roleExists(ConnectorSession session, String role)
      Does the specified role exist.

    • createRole

      default void createRole(ConnectorSession session, String role, Optional<HivePrincipal> grantor)
      Creates the specified role.
      Parameters:
      grantor - represents the principal specified by WITH ADMIN statement

    • dropRole

      default void dropRole(ConnectorSession session, String role)
      Drops the specified role.

    • listRoles

      default Set<String> listRoles(ConnectorSession session)
      List available roles.

    • listRoleGrants

      default Set<RoleGrant> listRoleGrants(ConnectorSession session, HivePrincipal principal)
      List role grants for a given principal, not recursively.

    • grantRoles

      default void grantRoles(ConnectorSession connectorSession, Set<String> roles, Set<HivePrincipal> grantees, boolean adminOption, Optional<HivePrincipal> grantor)
      Grants the specified roles to the specified grantees
      Parameters:
      grantor - represents the principal specified by GRANTED BY statement

    • revokeRoles

      default void revokeRoles(ConnectorSession connectorSession, Set<String> roles, Set<HivePrincipal> grantees, boolean adminOption, Optional<HivePrincipal> grantor)
      Revokes the specified roles from the specified grantees
      Parameters:
      grantor - represents the principal specified by GRANTED BY statement

    • listApplicableRoles

      default Set<RoleGrant> listApplicableRoles(ConnectorSession session, HivePrincipal principal)
      List applicable roles, including the transitive grants, for the specified principal

    • listEnabledRoles

      default Set<String> listEnabledRoles(ConnectorSession session)
      List applicable roles, including the transitive grants, in given session

    • grantSchemaPrivileges

      default void grantSchemaPrivileges(ConnectorSession session, String schemaName, Set<Privilege> privileges, HivePrincipal grantee, boolean grantOption)
      Grants the specified privilege to the specified user on the specified schema

    • getSchemaOwner

      default Optional<HivePrincipal> getSchemaOwner(ConnectorSession session, String schemaName)
      Get the owner on the specified schema

    • revokeSchemaPrivileges

      default void revokeSchemaPrivileges(ConnectorSession session, String schemaName, Set<Privilege> privileges, HivePrincipal grantee, boolean grantOption)
      Revokes the specified privilege on the specified schema from the specified user

    • grantTablePrivileges

      default void grantTablePrivileges(ConnectorSession session, SchemaTableName tableName, Set<Privilege> privileges, HivePrincipal grantee, boolean grantOption)
      Grants the specified privilege to the specified user on the specified table

    • revokeTablePrivileges

      default void revokeTablePrivileges(ConnectorSession session, SchemaTableName tableName, Set<Privilege> privileges, HivePrincipal grantee, boolean grantOption)
      Revokes the specified privilege on the specified table from the specified user

    • listTablePrivileges

      default List<GrantInfo> listTablePrivileges(ConnectorSession session, List<SchemaTableName> tableName)
      List the table privileges granted to the specified grantee for the tables that have the specified prefix considering the selected session role