Package io.trino.metadata
Interface SystemSecurityMetadata
- All Known Implementing Classes:
DisabledSystemSecurityMetadata
public interface SystemSecurityMetadata
-
Method Summary
Modifier and TypeMethodDescriptionvoidcolumnCreated(Session session, CatalogSchemaTableName table, String column) A column was createdvoidcolumnDropped(Session session, CatalogSchemaTableName table, String column) A column was droppedvoidcolumnRenamed(Session session, CatalogSchemaTableName table, String oldName, String newName) A column was renamedvoidcreateRole(Session session, String role, Optional<TrinoPrincipal> grantor) Creates the specified role.voiddenySchemaPrivileges(Session session, CatalogSchemaName schemaName, Set<Privilege> privileges, TrinoPrincipal grantee) Denys the specified privilege to the specified user on the specified schema.voiddenyTablePrivileges(Session session, QualifiedObjectName tableName, Set<Privilege> privileges, TrinoPrincipal grantee) Denys the specified privilege to the specified user on the specified tablevoidDrops the specified role.getFunctionRunAsIdentity(Session session, CatalogSchemaFunctionName functionName) Get the identity to run the function asgetSchemaOwner(Session session, CatalogSchemaName schema) Set the owner of the specified schemagetViewRunAsIdentity(Session session, CatalogSchemaTableName viewName) Get the identity to run the view asvoidgrantRoles(Session session, Set<String> roles, Set<TrinoPrincipal> grantees, boolean adminOption, Optional<TrinoPrincipal> grantor) Grants the specified roles to the specified grantees.voidgrantSchemaPrivileges(Session session, CatalogSchemaName schemaName, Set<Privilege> privileges, TrinoPrincipal grantee, boolean grantOption) Grants the specified privilege to the specified user on the specified schema.voidgrantTablePrivileges(Session session, QualifiedObjectName tableName, Set<Privilege> privileges, TrinoPrincipal grantee, boolean grantOption) Grants the specified privilege to the specified user on the specified tablelistApplicableRoles(Session session, TrinoPrincipal principal) List applicable roles, including the transitive grants, for the specified principallistEnabledRoles(Identity identity) List applicable roles, including the transitive grants, in given identitylistRoleGrants(Session session, TrinoPrincipal principal) List roles grants for a given principal, not recursively.List available roles.listTablePrivileges(Session session, QualifiedTablePrefix prefix) Gets the privileges for the specified table available to the given grantee considering the selected session rolevoidrevokeRoles(Session session, Set<String> roles, Set<TrinoPrincipal> grantees, boolean adminOption, Optional<TrinoPrincipal> grantor) Revokes the specified roles from the specified grantees.voidrevokeSchemaPrivileges(Session session, CatalogSchemaName schemaName, Set<Privilege> privileges, TrinoPrincipal grantee, boolean grantOption) Revokes the specified privilege on the specified schema from the specified user.voidrevokeTablePrivileges(Session session, QualifiedObjectName tableName, Set<Privilege> privileges, TrinoPrincipal grantee, boolean grantOption) Revokes the specified privilege on the specified table from the specified userbooleanroleExists(Session session, String role) Does the specified role exist.voidschemaCreated(Session session, CatalogSchemaName schema) A schema was createdvoidschemaDropped(Session session, CatalogSchemaName schema) A schema was droppedvoidschemaRenamed(Session session, CatalogSchemaName sourceSchema, CatalogSchemaName targetSchema) A schema was renamedvoidsetSchemaOwner(Session session, CatalogSchemaName schema, TrinoPrincipal principal) Set the owner of the specified schemavoidsetTableOwner(Session session, CatalogSchemaTableName table, TrinoPrincipal principal) Set the owner of the specified tablevoidsetViewOwner(Session session, CatalogSchemaTableName view, TrinoPrincipal principal) Set the owner of the specified viewvoidtableCreated(Session session, CatalogSchemaTableName table) A table or view was createdvoidtableDropped(Session session, CatalogSchemaTableName table) A table or view was droppedvoidtableRenamed(Session session, CatalogSchemaTableName sourceTable, CatalogSchemaTableName targetTable) A table or view was renamed
-
Method Details
-
roleExists
Does the specified role exist. -
createRole
Creates the specified role.- Parameters:
grantor- represents the principal specified by WITH ADMIN statement
-
dropRole
Drops the specified role. -
listRoles
List available roles. -
listRoleGrants
List roles grants for a given principal, not recursively. -
grantRoles
void grantRoles(Session session, Set<String> roles, Set<TrinoPrincipal> grantees, boolean adminOption, Optional<TrinoPrincipal> grantor) Grants the specified roles to the specified grantees.- Parameters:
grantor- represents the principal specified by GRANTED BY statement
-
revokeRoles
void revokeRoles(Session session, Set<String> roles, Set<TrinoPrincipal> grantees, boolean adminOption, Optional<TrinoPrincipal> grantor) Revokes the specified roles from the specified grantees.- Parameters:
grantor- represents the principal specified by GRANTED BY statement
-
listApplicableRoles
List applicable roles, including the transitive grants, for the specified principal -
listEnabledRoles
List applicable roles, including the transitive grants, in given identity -
grantSchemaPrivileges
void grantSchemaPrivileges(Session session, CatalogSchemaName schemaName, Set<Privilege> privileges, TrinoPrincipal grantee, boolean grantOption) Grants the specified privilege to the specified user on the specified schema. -
denySchemaPrivileges
void denySchemaPrivileges(Session session, CatalogSchemaName schemaName, Set<Privilege> privileges, TrinoPrincipal grantee) Denys the specified privilege to the specified user on the specified schema. -
revokeSchemaPrivileges
void revokeSchemaPrivileges(Session session, CatalogSchemaName schemaName, Set<Privilege> privileges, TrinoPrincipal grantee, boolean grantOption) Revokes the specified privilege on the specified schema from the specified user. -
grantTablePrivileges
void grantTablePrivileges(Session session, QualifiedObjectName tableName, Set<Privilege> privileges, TrinoPrincipal grantee, boolean grantOption) Grants the specified privilege to the specified user on the specified table -
denyTablePrivileges
void denyTablePrivileges(Session session, QualifiedObjectName tableName, Set<Privilege> privileges, TrinoPrincipal grantee) Denys the specified privilege to the specified user on the specified table -
revokeTablePrivileges
void revokeTablePrivileges(Session session, QualifiedObjectName tableName, Set<Privilege> privileges, TrinoPrincipal grantee, boolean grantOption) Revokes the specified privilege on the specified table from the specified user -
listTablePrivileges
Gets the privileges for the specified table available to the given grantee considering the selected session role -
getSchemaOwner
Set the owner of the specified schema -
setSchemaOwner
Set the owner of the specified schema -
setTableOwner
Set the owner of the specified table -
getViewRunAsIdentity
Get the identity to run the view as -
setViewOwner
Set the owner of the specified view -
getFunctionRunAsIdentity
Optional<Identity> getFunctionRunAsIdentity(Session session, CatalogSchemaFunctionName functionName) Get the identity to run the function as -
schemaCreated
A schema was created -
schemaRenamed
A schema was renamed -
schemaDropped
A schema was dropped -
tableCreated
A table or view was created -
tableRenamed
void tableRenamed(Session session, CatalogSchemaTableName sourceTable, CatalogSchemaTableName targetTable) A table or view was renamed -
tableDropped
A table or view was dropped -
columnCreated
A column was created -
columnRenamed
A column was renamed -
columnDropped
A column was dropped
-