Package io.trino.plugin.base.security

Class ForwardingSystemAccessControl

java.lang.Object

io.trino.plugin.base.security.ForwardingSystemAccessControl

All Implemented Interfaces:

SystemAccessControl

public abstract class ForwardingSystemAccessControl
extends Object
implements SystemAccessControl

Constructor Summary

Constructors

Constructor	Description
ForwardingSystemAccessControl()

Method Summary

Modifier and Type	Method	Description
void	checkCanAccessCatalog(SystemSecurityContext context, String catalogName)
void	checkCanAddColumn(SystemSecurityContext context, CatalogSchemaTableName table)
void	checkCanCreateMaterializedView(SystemSecurityContext context, CatalogSchemaTableName materializedView)
void	checkCanCreateRole(SystemSecurityContext context, String role, Optional<TrinoPrincipal> grantor)
void	checkCanCreateSchema(SystemSecurityContext context, CatalogSchemaName schema)
void	checkCanCreateTable(SystemSecurityContext context, CatalogSchemaTableName table)
void	checkCanCreateTable(SystemSecurityContext context, CatalogSchemaTableName table, Map<String,Object> properties)
void	checkCanCreateView(SystemSecurityContext context, CatalogSchemaTableName view)
void	checkCanCreateViewWithSelectFromColumns(SystemSecurityContext context, CatalogSchemaTableName table, Set<String> columns)
void	checkCanDeleteFromTable(SystemSecurityContext context, CatalogSchemaTableName table)
void	checkCanDenySchemaPrivilege(SystemSecurityContext context, Privilege privilege, CatalogSchemaName schema, TrinoPrincipal grantee)
void	checkCanDenyTablePrivilege(SystemSecurityContext context, Privilege privilege, CatalogSchemaTableName table, TrinoPrincipal grantee)
void	checkCanDropColumn(SystemSecurityContext context, CatalogSchemaTableName table)
void	checkCanDropMaterializedView(SystemSecurityContext context, CatalogSchemaTableName materializedView)
void	checkCanDropRole(SystemSecurityContext context, String role)
void	checkCanDropSchema(SystemSecurityContext context, CatalogSchemaName schema)
void	checkCanDropTable(SystemSecurityContext context, CatalogSchemaTableName table)
void	checkCanDropView(SystemSecurityContext context, CatalogSchemaTableName view)
void	checkCanExecuteFunction(SystemSecurityContext systemSecurityContext, String functionName)
void	checkCanExecuteProcedure(SystemSecurityContext systemSecurityContext, CatalogSchemaRoutineName procedure)
void	checkCanExecuteQuery(SystemSecurityContext context)
void	checkCanExecuteTableProcedure(SystemSecurityContext systemSecurityContext, CatalogSchemaTableName table, String procedure)
void	checkCanGrantExecuteFunctionPrivilege(SystemSecurityContext context, String functionName, TrinoPrincipal grantee, boolean grantOption)
void	checkCanGrantRoles(SystemSecurityContext context, Set<String> roles, Set<TrinoPrincipal> grantees, boolean adminOption, Optional<TrinoPrincipal> grantor)
void	checkCanGrantSchemaPrivilege(SystemSecurityContext context, Privilege privilege, CatalogSchemaName schema, TrinoPrincipal grantee, boolean grantOption)
void	checkCanGrantTablePrivilege(SystemSecurityContext context, Privilege privilege, CatalogSchemaTableName table, TrinoPrincipal grantee, boolean grantOption)
void	checkCanImpersonateUser(SystemSecurityContext context, String userName)
void	checkCanInsertIntoTable(SystemSecurityContext context, CatalogSchemaTableName table)
void	checkCanKillQueryOwnedBy(SystemSecurityContext context, Identity queryOwner)
void	checkCanKillQueryOwnedBy(SystemSecurityContext context, String queryOwner)
void	checkCanReadSystemInformation(SystemSecurityContext context)
void	checkCanRefreshMaterializedView(SystemSecurityContext context, CatalogSchemaTableName materializedView)
void	checkCanRenameColumn(SystemSecurityContext context, CatalogSchemaTableName table)
void	checkCanRenameMaterializedView(SystemSecurityContext context, CatalogSchemaTableName view, CatalogSchemaTableName newView)
void	checkCanRenameSchema(SystemSecurityContext context, CatalogSchemaName schema, String newSchemaName)
void	checkCanRenameTable(SystemSecurityContext context, CatalogSchemaTableName table, CatalogSchemaTableName newTable)
void	checkCanRenameView(SystemSecurityContext context, CatalogSchemaTableName view, CatalogSchemaTableName newView)
void	checkCanRevokeRoles(SystemSecurityContext context, Set<String> roles, Set<TrinoPrincipal> grantees, boolean adminOption, Optional<TrinoPrincipal> grantor)
void	checkCanRevokeSchemaPrivilege(SystemSecurityContext context, Privilege privilege, CatalogSchemaName schema, TrinoPrincipal revokee, boolean grantOption)
void	checkCanRevokeTablePrivilege(SystemSecurityContext context, Privilege privilege, CatalogSchemaTableName table, TrinoPrincipal revokee, boolean grantOption)
void	checkCanSelectFromColumns(SystemSecurityContext context, CatalogSchemaTableName table, Set<String> columns)
void	checkCanSetCatalogSessionProperty(SystemSecurityContext context, String catalogName, String propertyName)
void	checkCanSetColumnComment(SystemSecurityContext context, CatalogSchemaTableName table)
void	checkCanSetSchemaAuthorization(SystemSecurityContext context, CatalogSchemaName schema, TrinoPrincipal principal)
void	checkCanSetSystemSessionProperty(SystemSecurityContext context, String propertyName)
void	checkCanSetTableAuthorization(SystemSecurityContext context, CatalogSchemaTableName table, TrinoPrincipal principal)
void	checkCanSetTableComment(SystemSecurityContext context, CatalogSchemaTableName table)
void	checkCanSetTableProperties(SystemSecurityContext context, CatalogSchemaTableName table, Map<String,Object> properties)
void	checkCanSetUser(Optional<Principal> principal, String userName)
void	checkCanSetViewAuthorization(SystemSecurityContext context, CatalogSchemaTableName view, TrinoPrincipal principal)
void	checkCanShowColumns(SystemSecurityContext context, CatalogSchemaTableName tableName)
void	checkCanShowCreateSchema(SystemSecurityContext context, CatalogSchemaName schemaName)
void	checkCanShowCreateTable(SystemSecurityContext context, CatalogSchemaTableName table)
void	checkCanShowCurrentRoles(SystemSecurityContext context)
void	checkCanShowRoleAuthorizationDescriptors(SystemSecurityContext context)
void	checkCanShowRoleGrants(SystemSecurityContext context)
void	checkCanShowRoles(SystemSecurityContext context)
void	checkCanShowSchemas(SystemSecurityContext context, String catalogName)
void	checkCanShowTables(SystemSecurityContext context, CatalogSchemaName schema)
void	checkCanTruncateTable(SystemSecurityContext context, CatalogSchemaTableName table)
void	checkCanUpdateTableColumns(SystemSecurityContext context, CatalogSchemaTableName table, Set<String> updatedColumnNames)
void	checkCanViewQueryOwnedBy(SystemSecurityContext context, Identity queryOwner)
void	checkCanViewQueryOwnedBy(SystemSecurityContext context, String queryOwner)
void	checkCanWriteSystemInformation(SystemSecurityContext context)
protected abstract SystemAccessControl	delegate()
Set<String>	filterCatalogs(SystemSecurityContext context, Set<String> catalogs)
Set<String>	filterColumns(SystemSecurityContext context, CatalogSchemaTableName tableName, Set<String> columns)
Set<String>	filterSchemas(SystemSecurityContext context, String catalogName, Set<String> schemaNames)
Set<SchemaTableName>	filterTables(SystemSecurityContext context, String catalogName, Set<SchemaTableName> tableNames)
Collection<Identity>	filterViewQueryOwnedBy(SystemSecurityContext context, Collection<Identity> queryOwners)
Set<String>	filterViewQueryOwnedBy(SystemSecurityContext context, Set<String> queryOwners)
Optional<ViewExpression>	getColumnMask(SystemSecurityContext context, CatalogSchemaTableName tableName, String columnName, Type type)
Iterable<EventListener>	getEventListeners()
Optional<ViewExpression>	getRowFilter(SystemSecurityContext context, CatalogSchemaTableName tableName)
static SystemAccessControl	of(Supplier<SystemAccessControl> systemAccessControlSupplier)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

ForwardingSystemAccessControl

public ForwardingSystemAccessControl()

Method Details

of

public static SystemAccessControl of(Supplier<SystemAccessControl> systemAccessControlSupplier)

delegate

protected abstract SystemAccessControl delegate()

checkCanImpersonateUser

public void checkCanImpersonateUser(SystemSecurityContext context,
 String userName)

Specified by:

checkCanImpersonateUser in interface SystemAccessControl

checkCanSetUser

public void checkCanSetUser(Optional<Principal> principal,
 String userName)

Specified by:

checkCanSetUser in interface SystemAccessControl

checkCanReadSystemInformation

public void checkCanReadSystemInformation(SystemSecurityContext context)

Specified by:

checkCanReadSystemInformation in interface SystemAccessControl

checkCanWriteSystemInformation

public void checkCanWriteSystemInformation(SystemSecurityContext context)

Specified by:

checkCanWriteSystemInformation in interface SystemAccessControl

checkCanExecuteQuery

public void checkCanExecuteQuery(SystemSecurityContext context)

Specified by:

checkCanExecuteQuery in interface SystemAccessControl

checkCanViewQueryOwnedBy

public void checkCanViewQueryOwnedBy(SystemSecurityContext context,
 Identity queryOwner)

Specified by:

checkCanViewQueryOwnedBy in interface SystemAccessControl

checkCanViewQueryOwnedBy

public void checkCanViewQueryOwnedBy(SystemSecurityContext context,
 String queryOwner)

Specified by:

checkCanViewQueryOwnedBy in interface SystemAccessControl

filterViewQueryOwnedBy

public Collection<Identity> filterViewQueryOwnedBy(SystemSecurityContext context,
 Collection<Identity> queryOwners)

Specified by:

filterViewQueryOwnedBy in interface SystemAccessControl

filterViewQueryOwnedBy

public Set<String> filterViewQueryOwnedBy(SystemSecurityContext context,
 Set<String> queryOwners)

Specified by:

filterViewQueryOwnedBy in interface SystemAccessControl

checkCanKillQueryOwnedBy

public void checkCanKillQueryOwnedBy(SystemSecurityContext context,
 Identity queryOwner)

Specified by:

checkCanKillQueryOwnedBy in interface SystemAccessControl

checkCanKillQueryOwnedBy

public void checkCanKillQueryOwnedBy(SystemSecurityContext context,
 String queryOwner)

Specified by:

checkCanKillQueryOwnedBy in interface SystemAccessControl

checkCanSetSystemSessionProperty

public void checkCanSetSystemSessionProperty(SystemSecurityContext context,
 String propertyName)

Specified by:

checkCanSetSystemSessionProperty in interface SystemAccessControl

checkCanAccessCatalog

public void checkCanAccessCatalog(SystemSecurityContext context,
 String catalogName)

Specified by:

checkCanAccessCatalog in interface SystemAccessControl

filterCatalogs

public Set<String> filterCatalogs(SystemSecurityContext context,
 Set<String> catalogs)

Specified by:

filterCatalogs in interface SystemAccessControl

checkCanCreateSchema

public void checkCanCreateSchema(SystemSecurityContext context,
 CatalogSchemaName schema)

Specified by:

checkCanCreateSchema in interface SystemAccessControl

checkCanDropSchema

public void checkCanDropSchema(SystemSecurityContext context,
 CatalogSchemaName schema)

Specified by:

checkCanDropSchema in interface SystemAccessControl

checkCanRenameSchema

public void checkCanRenameSchema(SystemSecurityContext context,
 CatalogSchemaName schema,
 String newSchemaName)

Specified by:

checkCanRenameSchema in interface SystemAccessControl

checkCanSetSchemaAuthorization

public void checkCanSetSchemaAuthorization(SystemSecurityContext context,
 CatalogSchemaName schema,
 TrinoPrincipal principal)

Specified by:

checkCanSetSchemaAuthorization in interface SystemAccessControl

checkCanShowSchemas

public void checkCanShowSchemas(SystemSecurityContext context,
 String catalogName)

Specified by:

checkCanShowSchemas in interface SystemAccessControl

filterSchemas

public Set<String> filterSchemas(SystemSecurityContext context,
 String catalogName,
 Set<String> schemaNames)

Specified by:

filterSchemas in interface SystemAccessControl

checkCanShowCreateSchema

public void checkCanShowCreateSchema(SystemSecurityContext context,
 CatalogSchemaName schemaName)

Specified by:

checkCanShowCreateSchema in interface SystemAccessControl

checkCanShowCreateTable

public void checkCanShowCreateTable(SystemSecurityContext context,
 CatalogSchemaTableName table)

Specified by:

checkCanShowCreateTable in interface SystemAccessControl

checkCanCreateTable

public void checkCanCreateTable(SystemSecurityContext context,
 CatalogSchemaTableName table)

Specified by:

checkCanCreateTable in interface SystemAccessControl

checkCanCreateTable

public void checkCanCreateTable(SystemSecurityContext context,
 CatalogSchemaTableName table,
 Map<String,Object> properties)

Specified by:

checkCanCreateTable in interface SystemAccessControl

checkCanDropTable

public void checkCanDropTable(SystemSecurityContext context,
 CatalogSchemaTableName table)

Specified by:

checkCanDropTable in interface SystemAccessControl

checkCanRenameTable

public void checkCanRenameTable(SystemSecurityContext context,
 CatalogSchemaTableName table,
 CatalogSchemaTableName newTable)

Specified by:

checkCanRenameTable in interface SystemAccessControl

checkCanSetTableProperties

public void checkCanSetTableProperties(SystemSecurityContext context,
 CatalogSchemaTableName table,
 Map<String,Object> properties)

Specified by:

checkCanSetTableProperties in interface SystemAccessControl

checkCanSetTableComment

public void checkCanSetTableComment(SystemSecurityContext context,
 CatalogSchemaTableName table)

Specified by:

checkCanSetTableComment in interface SystemAccessControl

checkCanSetColumnComment

public void checkCanSetColumnComment(SystemSecurityContext context,
 CatalogSchemaTableName table)

Specified by:

checkCanSetColumnComment in interface SystemAccessControl

checkCanShowTables

public void checkCanShowTables(SystemSecurityContext context,
 CatalogSchemaName schema)

Specified by:

checkCanShowTables in interface SystemAccessControl

filterTables

public Set<SchemaTableName> filterTables(SystemSecurityContext context,
 String catalogName,
 Set<SchemaTableName> tableNames)

Specified by:

filterTables in interface SystemAccessControl

checkCanShowColumns

public void checkCanShowColumns(SystemSecurityContext context,
 CatalogSchemaTableName tableName)

Specified by:

checkCanShowColumns in interface SystemAccessControl

filterColumns

public Set<String> filterColumns(SystemSecurityContext context,
 CatalogSchemaTableName tableName,
 Set<String> columns)

Specified by:

filterColumns in interface SystemAccessControl

checkCanAddColumn

public void checkCanAddColumn(SystemSecurityContext context,
 CatalogSchemaTableName table)

Specified by:

checkCanAddColumn in interface SystemAccessControl

checkCanDropColumn

public void checkCanDropColumn(SystemSecurityContext context,
 CatalogSchemaTableName table)

Specified by:

checkCanDropColumn in interface SystemAccessControl

checkCanRenameColumn

public void checkCanRenameColumn(SystemSecurityContext context,
 CatalogSchemaTableName table)

Specified by:

checkCanRenameColumn in interface SystemAccessControl

checkCanSetTableAuthorization

public void checkCanSetTableAuthorization(SystemSecurityContext context,
 CatalogSchemaTableName table,
 TrinoPrincipal principal)

Specified by:

checkCanSetTableAuthorization in interface SystemAccessControl

checkCanSelectFromColumns

public void checkCanSelectFromColumns(SystemSecurityContext context,
 CatalogSchemaTableName table,
 Set<String> columns)

Specified by:

checkCanSelectFromColumns in interface SystemAccessControl

checkCanInsertIntoTable

public void checkCanInsertIntoTable(SystemSecurityContext context,
 CatalogSchemaTableName table)

Specified by:

checkCanInsertIntoTable in interface SystemAccessControl

checkCanDeleteFromTable

public void checkCanDeleteFromTable(SystemSecurityContext context,
 CatalogSchemaTableName table)

Specified by:

checkCanDeleteFromTable in interface SystemAccessControl

checkCanTruncateTable

public void checkCanTruncateTable(SystemSecurityContext context,
 CatalogSchemaTableName table)

Specified by:

checkCanTruncateTable in interface SystemAccessControl

checkCanUpdateTableColumns

public void checkCanUpdateTableColumns(SystemSecurityContext context,
 CatalogSchemaTableName table,
 Set<String> updatedColumnNames)

Specified by:

checkCanUpdateTableColumns in interface SystemAccessControl

checkCanCreateView

public void checkCanCreateView(SystemSecurityContext context,
 CatalogSchemaTableName view)

Specified by:

checkCanCreateView in interface SystemAccessControl

checkCanRenameView

public void checkCanRenameView(SystemSecurityContext context,
 CatalogSchemaTableName view,
 CatalogSchemaTableName newView)

Specified by:

checkCanRenameView in interface SystemAccessControl

checkCanSetViewAuthorization

public void checkCanSetViewAuthorization(SystemSecurityContext context,
 CatalogSchemaTableName view,
 TrinoPrincipal principal)

Specified by:

checkCanSetViewAuthorization in interface SystemAccessControl

checkCanDropView

public void checkCanDropView(SystemSecurityContext context,
 CatalogSchemaTableName view)

Specified by:

checkCanDropView in interface SystemAccessControl

checkCanCreateViewWithSelectFromColumns

public void checkCanCreateViewWithSelectFromColumns(SystemSecurityContext context,
 CatalogSchemaTableName table,
 Set<String> columns)

Specified by:

checkCanCreateViewWithSelectFromColumns in interface SystemAccessControl

checkCanCreateMaterializedView

public void checkCanCreateMaterializedView(SystemSecurityContext context,
 CatalogSchemaTableName materializedView)

Specified by:

checkCanCreateMaterializedView in interface SystemAccessControl

checkCanRefreshMaterializedView

public void checkCanRefreshMaterializedView(SystemSecurityContext context,
 CatalogSchemaTableName materializedView)

Specified by:

checkCanRefreshMaterializedView in interface SystemAccessControl

checkCanDropMaterializedView

public void checkCanDropMaterializedView(SystemSecurityContext context,
 CatalogSchemaTableName materializedView)

Specified by:

checkCanDropMaterializedView in interface SystemAccessControl

checkCanRenameMaterializedView

public void checkCanRenameMaterializedView(SystemSecurityContext context,
 CatalogSchemaTableName view,
 CatalogSchemaTableName newView)

Specified by:

checkCanRenameMaterializedView in interface SystemAccessControl

checkCanGrantExecuteFunctionPrivilege

public void checkCanGrantExecuteFunctionPrivilege(SystemSecurityContext context,
 String functionName,
 TrinoPrincipal grantee,
 boolean grantOption)

Specified by:

checkCanGrantExecuteFunctionPrivilege in interface SystemAccessControl

checkCanSetCatalogSessionProperty

public void checkCanSetCatalogSessionProperty(SystemSecurityContext context,
 String catalogName,
 String propertyName)

Specified by:

checkCanSetCatalogSessionProperty in interface SystemAccessControl

checkCanGrantSchemaPrivilege

public void checkCanGrantSchemaPrivilege(SystemSecurityContext context,
 Privilege privilege,
 CatalogSchemaName schema,
 TrinoPrincipal grantee,
 boolean grantOption)

Specified by:

checkCanGrantSchemaPrivilege in interface SystemAccessControl

checkCanDenySchemaPrivilege

public void checkCanDenySchemaPrivilege(SystemSecurityContext context,
 Privilege privilege,
 CatalogSchemaName schema,
 TrinoPrincipal grantee)

Specified by:

checkCanDenySchemaPrivilege in interface SystemAccessControl

checkCanRevokeSchemaPrivilege

public void checkCanRevokeSchemaPrivilege(SystemSecurityContext context,
 Privilege privilege,
 CatalogSchemaName schema,
 TrinoPrincipal revokee,
 boolean grantOption)

Specified by:

checkCanRevokeSchemaPrivilege in interface SystemAccessControl

checkCanGrantTablePrivilege

public void checkCanGrantTablePrivilege(SystemSecurityContext context,
 Privilege privilege,
 CatalogSchemaTableName table,
 TrinoPrincipal grantee,
 boolean grantOption)

Specified by:

checkCanGrantTablePrivilege in interface SystemAccessControl

checkCanDenyTablePrivilege

public void checkCanDenyTablePrivilege(SystemSecurityContext context,
 Privilege privilege,
 CatalogSchemaTableName table,
 TrinoPrincipal grantee)

Specified by:

checkCanDenyTablePrivilege in interface SystemAccessControl

checkCanRevokeTablePrivilege

public void checkCanRevokeTablePrivilege(SystemSecurityContext context,
 Privilege privilege,
 CatalogSchemaTableName table,
 TrinoPrincipal revokee,
 boolean grantOption)

Specified by:

checkCanRevokeTablePrivilege in interface SystemAccessControl

checkCanShowRoles

public void checkCanShowRoles(SystemSecurityContext context)

Specified by:

checkCanShowRoles in interface SystemAccessControl

checkCanCreateRole

public void checkCanCreateRole(SystemSecurityContext context,
 String role,
 Optional<TrinoPrincipal> grantor)

Specified by:

checkCanCreateRole in interface SystemAccessControl

checkCanDropRole

public void checkCanDropRole(SystemSecurityContext context,
 String role)

Specified by:

checkCanDropRole in interface SystemAccessControl

checkCanGrantRoles

public void checkCanGrantRoles(SystemSecurityContext context,
 Set<String> roles,
 Set<TrinoPrincipal> grantees,
 boolean adminOption,
 Optional<TrinoPrincipal> grantor)

Specified by:

checkCanGrantRoles in interface SystemAccessControl

checkCanRevokeRoles

public void checkCanRevokeRoles(SystemSecurityContext context,
 Set<String> roles,
 Set<TrinoPrincipal> grantees,
 boolean adminOption,
 Optional<TrinoPrincipal> grantor)

Specified by:

checkCanRevokeRoles in interface SystemAccessControl

checkCanShowRoleAuthorizationDescriptors

public void checkCanShowRoleAuthorizationDescriptors(SystemSecurityContext context)

Specified by:

checkCanShowRoleAuthorizationDescriptors in interface SystemAccessControl

checkCanShowCurrentRoles

public void checkCanShowCurrentRoles(SystemSecurityContext context)

Specified by:

checkCanShowCurrentRoles in interface SystemAccessControl

checkCanShowRoleGrants

public void checkCanShowRoleGrants(SystemSecurityContext context)

Specified by:

checkCanShowRoleGrants in interface SystemAccessControl

checkCanExecuteProcedure

public void checkCanExecuteProcedure(SystemSecurityContext systemSecurityContext,
 CatalogSchemaRoutineName procedure)

Specified by:

checkCanExecuteProcedure in interface SystemAccessControl

checkCanExecuteFunction

public void checkCanExecuteFunction(SystemSecurityContext systemSecurityContext,
 String functionName)

Specified by:

checkCanExecuteFunction in interface SystemAccessControl

checkCanExecuteTableProcedure

public void checkCanExecuteTableProcedure(SystemSecurityContext systemSecurityContext,
 CatalogSchemaTableName table,
 String procedure)

Specified by:

checkCanExecuteTableProcedure in interface SystemAccessControl

getEventListeners

public Iterable<EventListener> getEventListeners()

Specified by:

getEventListeners in interface SystemAccessControl

getRowFilter

public Optional<ViewExpression> getRowFilter(SystemSecurityContext context,
 CatalogSchemaTableName tableName)

Specified by:

getRowFilter in interface SystemAccessControl

getColumnMask

public Optional<ViewExpression> getColumnMask(SystemSecurityContext context,
 CatalogSchemaTableName tableName,
 String columnName,
 Type type)

Specified by:

getColumnMask in interface SystemAccessControl