public KafkaMessageSchema(final KafkaStoragePlugin plugin, final String name) { super(ImmutableList.<String> of(), name); this.plugin = plugin; }
@Override public Iterator<LogicalExpression> iterator() { return ImmutableList.<LogicalExpression>of().iterator(); } }
/** * Check authorization for "SHOW TABLES" command in given Hive db. A {@link HiveAccessControlException} is thrown * for illegal access. * @param dbName */ public void authorizeShowTables(final String dbName) throws HiveAccessControlException { if (!authzEnabled) { return; } final HivePrivilegeObject toRead = new HivePrivilegeObject(HivePrivilegeObjectType.DATABASE, dbName, null); authorize(HiveOperationType.SHOWTABLES, ImmutableList.of(toRead), Collections.<HivePrivilegeObject> emptyList(), "SHOW TABLES"); }
public static List<Table> getTablesByNamesByBulkLoadHelper( final HiveMetaStoreClient mClient, final List<String> tableNames, final String schemaName, final int bulkSize) { final int totalTables = tableNames.size(); final List<org.apache.hadoop.hive.metastore.api.Table> tables = Lists.newArrayList(); // In each round, Drill asks for a sub-list of all the requested tables for (int fromIndex = 0; fromIndex < totalTables; fromIndex += bulkSize) { final int toIndex = Math.min(fromIndex + bulkSize, totalTables); final List<String> eachBulkofTableNames = tableNames.subList(fromIndex, toIndex); List<org.apache.hadoop.hive.metastore.api.Table> eachBulkofTables; // Retries once if the first call to fetch the metadata fails try { eachBulkofTables = DrillHiveMetaStoreClient.getTableObjectsByNameHelper(mClient, schemaName, eachBulkofTableNames); } catch (Exception e) { logger.warn("Exception occurred while trying to read tables from {}: {}", schemaName, e.getCause()); return ImmutableList.of(); } tables.addAll(eachBulkofTables); } return tables; }
/** * Check authorization for "READ TABLE" for given db.table. A {@link HiveAccessControlException} is thrown * for illegal access. * @param dbName * @param tableName */ public void authorizeReadTable(final String dbName, final String tableName) throws HiveAccessControlException { if (!authzEnabled) { return; } HivePrivilegeObject toRead = new HivePrivilegeObject(HivePrivilegeObjectType.TABLE_OR_VIEW, dbName, tableName); authorize(HiveOperationType.QUERY, ImmutableList.of(toRead), Collections.<HivePrivilegeObject> emptyList(), "READ TABLE"); }
/** * Because tables used by hive views, defined without name * of storage plugin, we're making sure that storage plugin * name will be taken into account for the special case, * when hive storage based authorization is used, and user * can query view, but doesn't have rights to access underlying * table. * * @param context - to rel conversion context * @param rowType - data type of requested columns * @param workspaceSchemaPath - path to view in drill, for example: ["hive"] * @param tokenSchemaTree - schema created for impersonated user * @return - relational representation of expanded Hive view */ @Override protected RelNode expandViewForImpersonatedUser(RelOptTable.ToRelContext context, RelDataType rowType, List<String> workspaceSchemaPath, SchemaPlus tokenSchemaTree) { SchemaPlus drillHiveSchema = SchemaUtilites.findSchema(tokenSchemaTree, workspaceSchemaPath); workspaceSchemaPath = ImmutableList.of(); return super.expandViewForImpersonatedUser(context, rowType, workspaceSchemaPath, drillHiveSchema); }
@Test public void user1_db_u1g1_only_infoSchema() throws Exception { updateClient(org1Users[1]); fromInfoSchemaHelper(db_u1g1_only, ImmutableList.of( u1g1_student_all_755, u1g1_student_u1_700, u1g1_voter_all_755, u1g1_voter_u1_700 ), ImmutableList.of( TableType.TABLE, TableType.TABLE, TableType.TABLE, TableType.TABLE )); }
@Test public void user2_db_general_infoSchema() throws Exception { updateClient(org1Users[2]); fromInfoSchemaHelper(db_general, ImmutableList.of( g_student_all_755, g_voter_u2g1_750, g_voter_all_755, g_vw_g_student_u0_700 ), ImmutableList.of( TableType.TABLE, TableType.TABLE, TableType.TABLE, TableType.VIEW )); }
@Test public void user0_db_general_infoSchema() throws Exception { updateClient(org1Users[0]); fromInfoSchemaHelper(db_general, ImmutableList.of( g_student_u0_700, g_student_u0g0_750, g_student_all_755, g_voter_all_755, g_partitioned_student_u0_700, g_vw_g_student_u0_700 ), ImmutableList.of( TableType.TABLE, TableType.TABLE, TableType.TABLE, TableType.TABLE, TableType.TABLE, TableType.VIEW )); }
@Test public void user1_db_general_infoSchema() throws Exception { updateClient(org1Users[1]); fromInfoSchemaHelper(db_general, ImmutableList.of( g_student_u0g0_750, g_student_all_755, g_voter_u1_700, g_voter_u2g1_750, g_voter_all_755, g_vw_g_student_u0_700 ), ImmutableList.of( TableType.TABLE, TableType.TABLE, TableType.TABLE, TableType.TABLE, TableType.TABLE, TableType.VIEW )); }
@Test public void user2_db_general_showTables() throws Exception { updateClient(org1Users[2]); showTablesHelper(db_general, ImmutableList.of( g_student_all_755, g_voter_u2g1_750, g_voter_all_755, g_vw_g_student_u0_700 )); }
@Test public void user0_db_u0_only_showTables() throws Exception { updateClient(org1Users[0]); showTablesHelper(db_u0_only, ImmutableList.of( u0_student_all_755, u0_voter_all_755, u0_vw_voter_all_755 )); }
@Test public void user2_db_u1g1_only_showTables() throws Exception { updateClient(org1Users[2]); showTablesHelper(db_u1g1_only, ImmutableList.of( u1g1_student_all_755, u1g1_voter_all_755 )); }
@Test public void user1_db_u1g1_only_showTables() throws Exception { updateClient(org1Users[1]); showTablesHelper(db_u1g1_only, ImmutableList.of( u1g1_student_all_755, u1g1_student_u1_700, u1g1_voter_all_755, u1g1_voter_u1_700 )); }
@Test public void user1_db_general_showTables() throws Exception { updateClient(org1Users[1]); showTablesHelper(db_general, ImmutableList.of( g_student_u0g0_750, g_student_all_755, g_voter_u1_700, g_voter_u2g1_750, g_voter_all_755, g_vw_g_student_u0_700 )); }
@Test public void user0_showTables() throws Exception { updateClient(org1Users[0]); showTablesHelper(db_general, // Users are expected to see all tables in a database even if they don't have permissions to read from tables. ImmutableList.of( g_student_user0, g_student_user2, g_voter_role0, vw_student_user0, vw_voter_role0, vw_student_user2 )); }
@Test public void user1_showTables() throws Exception { updateClient(org1Users[1]); showTablesHelper(db_general, // Users are expected to see all tables in a database even if they don't have permissions to read from tables. ImmutableList.of( g_student_user0, g_student_user2, g_voter_role0, vw_student_user0, vw_voter_role0, vw_student_user2 )); }
/** * Should only contain the tables that the user * has access to read. * * @throws Exception */ @Test public void user0_db_general_showTables() throws Exception { updateClient(org1Users[0]); showTablesHelper(db_general, ImmutableList.of( g_student_u0_700, g_student_u0g0_750, g_student_all_755, g_voter_all_755, g_partitioned_student_u0_700, g_vw_g_student_u0_700 )); }