@Override public void runInternal() throws HiveSQLException { setState(OperationState.RUNNING); try { IMetaStoreClient metastoreClient = getParentSession().getMetaStoreClient(); String schemaPattern = convertSchemaPattern(schemaName); for (String dbName : metastoreClient.getDatabases(schemaPattern)) { rowSet.addRow(new Object[] {dbName, DEFAULT_HIVE_CATALOG}); } setState(OperationState.FINISHED); } catch (Exception e) { setState(OperationState.ERROR); throw new HiveSQLException(e); } }
public static List<HiveObjectPrivilege> authorizeAndGetRevokePrivileges( List<HivePrincipal> principals, List<HivePrivilege> hivePrivileges, HivePrivilegeObject hivePrivObject, boolean grantOption, IMetaStoreClient mClient, String userName) throws HiveAuthzPluginException, HiveAccessControlException { List<HiveObjectPrivilege> matchingPrivs = new ArrayList<HiveObjectPrivilege>(); StringBuilder errMsg = new StringBuilder(); for (HivePrincipal principal : principals) { // get metastore/thrift privilege object for this principal and object, not looking at // privileges obtained indirectly via roles List<HiveObjectPrivilege> msObjPrivs; try { msObjPrivs = mClient.list_privileges( principal.getName(), AuthorizationUtils.getThriftPrincipalType(principal.getType()), SQLAuthorizationUtils.getThriftHiveObjectRef(hivePrivObject)); } catch (MetaException e) { throw new HiveAuthzPluginException(e); } catch (TException e) { throw new HiveAuthzPluginException(e); } // the resulting privileges need to be filtered on privilege type and // username // create a Map to capture object privileges corresponding to privilege // type Map<String, HiveObjectPrivilege> priv2privObj = new HashMap<String, HiveObjectPrivilege>(); for (HiveObjectPrivilege msObjPriv : msObjPrivs) { PrivilegeGrantInfo grantInfo = msObjPriv.getGrantInfo(); // check if the grantor matches current user if (grantInfo.getGrantor() != null && grantInfo.getGrantor().equals(userName) && grantInfo.getGrantorType() == PrincipalType.USER) { // add to the map priv2privObj.put(grantInfo.getPrivilege(), msObjPriv); } // else skip this one } // find the privileges that we are looking for for (HivePrivilege hivePrivilege : hivePrivileges) { HiveObjectPrivilege matchedPriv = priv2privObj.get(hivePrivilege.getName()); if (matchedPriv != null) { matchingPrivs.add(matchedPriv); } else { errMsg .append("Cannot find privilege ") .append(hivePrivilege) .append(" for ") .append(principal) .append(" on ") .append(hivePrivObject) .append(" granted by ") .append(userName) .append(System.getProperty("line.separator")); } } } if (errMsg.length() != 0) { throw new HiveAccessControlException(errMsg.toString()); } return matchingPrivs; }