private Set<HivePrivilege> getPrivileges(String user, HiveObjectRef objectReference) {
ImmutableSet.Builder<HivePrivilege> privileges = ImmutableSet.builder();
try (HiveMetastoreClient client = clientProvider.createMetastoreClient()) {
PrincipalPrivilegeSet privilegeSet = client.getPrivilegeSet(objectReference, user, null);
if (privilegeSet != null) {
Map<String, List<PrivilegeGrantInfo>> userPrivileges = privilegeSet.getUserPrivileges();
if (userPrivileges != null) {
privileges.addAll(toGrants(userPrivileges.get(user)));
}
for (List<PrivilegeGrantInfo> rolePrivileges : privilegeSet.getRolePrivileges().values()) {
privileges.addAll(toGrants(rolePrivileges));
}
// We do not add the group permissions as Hive does not seem to process these
}
} catch (TException e) {
throw new PrestoException(HIVE_METASTORE_ERROR, e);
}
return privileges.build();
}
@Override
public boolean hasPrivilegeWithGrantOptionOnTable(
String user, String databaseName, String tableName, HivePrivilege hivePrivilege) {
try (HiveMetastoreClient metastoreClient = clientProvider.createMetastoreClient()) {
PrincipalPrivilegeSet principalPrivilegeSet =
metastoreClient.getPrivilegeSet(
new HiveObjectRef(HiveObjectType.TABLE, databaseName, tableName, null, null),
user,
null);
for (PrivilegeGrantInfo privilegeGrantInfo :
principalPrivilegeSet.getUserPrivileges().get(user)) {
if (privilegeGrantInfo.getPrivilege().equalsIgnoreCase(hivePrivilege.name())
&& privilegeGrantInfo.isGrantOption()) {
return true;
}
}
return false;
} catch (TException e) {
throw new PrestoException(HIVE_METASTORE_ERROR, e);
}
}
