/**
* Gets a RolePrivilege from the given role name. Returns the privilege if it exists, or null if
* no privilege matching the privilege spec exist. Throws a CatalogException if the role does not
* exist.
*/
public RolePrivilege getRolePrivilege(String roleName, TPrivilege privSpec)
throws CatalogException {
catalogLock_.readLock().lock();
try {
Role role = authPolicy_.getRole(roleName);
if (role == null) throw new CatalogException("Role does not exist: " + roleName);
return role.getPrivilege(privSpec.getPrivilege_name());
} finally {
catalogLock_.readLock().unlock();
}
}
/**
* Removes a RolePrivilege from the given role name. Returns the removed RolePrivilege with an
* incremented catalog version or null if no matching privilege was found. Throws a
* CatalogException if no role exists with this name.
*/
public RolePrivilege removeRolePrivilege(String roleName, TPrivilege thriftPriv)
throws CatalogException {
catalogLock_.writeLock().lock();
try {
Role role = authPolicy_.getRole(roleName);
if (role == null) throw new CatalogException("Role does not exist: " + roleName);
RolePrivilege rolePrivilege = role.removePrivilege(thriftPriv.getPrivilege_name());
if (rolePrivilege == null) return null;
rolePrivilege.setCatalogVersion(incrementAndGetCatalogVersion());
return rolePrivilege;
} finally {
catalogLock_.writeLock().unlock();
}
}