From 8b2dabda9e383527264c5a8d0ed5a16499b67c20 Mon Sep 17 00:00:00 2001 From: gaurav8297 Date: Fri, 2 Jul 2021 09:51:33 +0530 Subject: [PATCH] Add grant/revoke schema privileges methods to hive metadata --- .../io/trino/plugin/hive/HiveMetadata.java | 12 +++++++++++ .../hive/security/AccessControlMetadata.java | 20 +++++++++++++++++-- 2 files changed, 30 insertions(+), 2 deletions(-) diff --git a/plugin/trino-hive/src/main/java/io/trino/plugin/hive/HiveMetadata.java b/plugin/trino-hive/src/main/java/io/trino/plugin/hive/HiveMetadata.java index f173dd2ef7e1..fb1382100f1f 100644 --- a/plugin/trino-hive/src/main/java/io/trino/plugin/hive/HiveMetadata.java +++ b/plugin/trino-hive/src/main/java/io/trino/plugin/hive/HiveMetadata.java @@ -2702,6 +2702,18 @@ public Set listEnabledRoles(ConnectorSession session) return accessControlMetadata.listEnabledRoles(session); } + @Override + public void grantSchemaPrivileges(ConnectorSession session, String schemaName, Set privileges, TrinoPrincipal grantee, boolean grantOption) + { + accessControlMetadata.grantSchemaPrivileges(session, schemaName, privileges, HivePrincipal.from(grantee), grantOption); + } + + @Override + public void revokeSchemaPrivileges(ConnectorSession session, String schemaName, Set privileges, TrinoPrincipal grantee, boolean grantOption) + { + accessControlMetadata.revokeSchemaPrivileges(session, schemaName, privileges, HivePrincipal.from(grantee), grantOption); + } + @Override public void grantTablePrivileges(ConnectorSession session, SchemaTableName schemaTableName, Set privileges, TrinoPrincipal grantee, boolean grantOption) { diff --git a/plugin/trino-hive/src/main/java/io/trino/plugin/hive/security/AccessControlMetadata.java b/plugin/trino-hive/src/main/java/io/trino/plugin/hive/security/AccessControlMetadata.java index f0a4c8d27ee9..75502aecf2d4 100644 --- a/plugin/trino-hive/src/main/java/io/trino/plugin/hive/security/AccessControlMetadata.java +++ b/plugin/trino-hive/src/main/java/io/trino/plugin/hive/security/AccessControlMetadata.java @@ -108,12 +108,28 @@ default Set listEnabledRoles(ConnectorSession session) throw new TrinoException(NOT_SUPPORTED, "This connector does not support roles"); } + /** + * Grants the specified privilege to the specified user on the specified schema + */ + default void grantSchemaPrivileges(ConnectorSession session, String schemaName, Set privileges, HivePrincipal grantee, boolean grantOption) + { + throw new TrinoException(NOT_SUPPORTED, "This connector does not support grants on schemas"); + } + + /** + * Revokes the specified privilege on the specified schema from the specified user + */ + default void revokeSchemaPrivileges(ConnectorSession session, String schemaName, Set privileges, HivePrincipal grantee, boolean grantOption) + { + throw new TrinoException(NOT_SUPPORTED, "This connector does not support revokes on schemas"); + } + /** * Grants the specified privilege to the specified user on the specified table */ default void grantTablePrivileges(ConnectorSession session, SchemaTableName tableName, Set privileges, HivePrincipal grantee, boolean grantOption) { - throw new TrinoException(NOT_SUPPORTED, "This connector does not support grants"); + throw new TrinoException(NOT_SUPPORTED, "This connector does not support grants on tables"); } /** @@ -121,7 +137,7 @@ default void grantTablePrivileges(ConnectorSession session, SchemaTableName tabl */ default void revokeTablePrivileges(ConnectorSession session, SchemaTableName tableName, Set privileges, HivePrincipal grantee, boolean grantOption) { - throw new TrinoException(NOT_SUPPORTED, "This connector does not support revokes"); + throw new TrinoException(NOT_SUPPORTED, "This connector does not support revokes on tables"); } /**