private Set<HivePrivilege> getPrivileges(String user, HiveObjectRef objectReference) { ImmutableSet.Builder<HivePrivilege> privileges = ImmutableSet.builder(); try (HiveMetastoreClient client = clientProvider.createMetastoreClient()) { PrincipalPrivilegeSet privilegeSet = client.getPrivilegeSet(objectReference, user, null); if (privilegeSet != null) { Map<String, List<PrivilegeGrantInfo>> userPrivileges = privilegeSet.getUserPrivileges(); if (userPrivileges != null) { privileges.addAll(toGrants(userPrivileges.get(user))); } for (List<PrivilegeGrantInfo> rolePrivileges : privilegeSet.getRolePrivileges().values()) { privileges.addAll(toGrants(rolePrivileges)); } // We do not add the group permissions as Hive does not seem to process these } } catch (TException e) { throw new PrestoException(HIVE_METASTORE_ERROR, e); } return privileges.build(); }
@Override public boolean hasPrivilegeWithGrantOptionOnTable( String user, String databaseName, String tableName, HivePrivilege hivePrivilege) { try (HiveMetastoreClient metastoreClient = clientProvider.createMetastoreClient()) { PrincipalPrivilegeSet principalPrivilegeSet = metastoreClient.getPrivilegeSet( new HiveObjectRef(HiveObjectType.TABLE, databaseName, tableName, null, null), user, null); for (PrivilegeGrantInfo privilegeGrantInfo : principalPrivilegeSet.getUserPrivileges().get(user)) { if (privilegeGrantInfo.getPrivilege().equalsIgnoreCase(hivePrivilege.name()) && privilegeGrantInfo.isGrantOption()) { return true; } } return false; } catch (TException e) { throw new PrestoException(HIVE_METASTORE_ERROR, e); } }