/tags/release-0.1-rc2/hive/external/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/Privilege.java
Java | 189 lines | 138 code | 30 blank | 21 comment | 25 complexity | 82c2286221b515513a1554f5c39ca5f6 MD5 | raw file
Possible License(s): Apache-2.0, BSD-3-Clause, JSON, CPL-1.0
- /**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
- package org.apache.hadoop.hive.ql.security.authorization;
- import java.util.EnumSet;
- import org.apache.hadoop.hive.ql.parse.HiveParser;
- /**
- * Privilege defines a privilege in Hive. Each privilege has a name and scope associated with it.
- * This class contains all of the predefined privileges in Hive.
- */
- public class Privilege {
-
- public enum PrivilegeType {
- ALL,
- ALTER_DATA,
- ALTER_METADATA,
- CREATE,
- DROP,
- INDEX,
- LOCK,
- SELECT,
- SHOW_DATABASE,
- UNKNOWN
- }
- public static PrivilegeType getPrivTypeByToken(int token) {
- switch (token) {
- case HiveParser.TOK_PRIV_ALL:
- return PrivilegeType.ALL;
- case HiveParser.TOK_PRIV_ALTER_DATA:
- return PrivilegeType.ALTER_DATA;
- case HiveParser.TOK_PRIV_ALTER_METADATA:
- return PrivilegeType.ALTER_METADATA;
- case HiveParser.TOK_PRIV_CREATE:
- return PrivilegeType.CREATE;
- case HiveParser.TOK_PRIV_DROP:
- return PrivilegeType.DROP;
- case HiveParser.TOK_PRIV_INDEX:
- return PrivilegeType.INDEX;
- case HiveParser.TOK_PRIV_LOCK:
- return PrivilegeType.LOCK;
- case HiveParser.TOK_PRIV_SELECT:
- return PrivilegeType.SELECT;
- case HiveParser.TOK_PRIV_SHOW_DATABASE:
- return PrivilegeType.SHOW_DATABASE;
- default:
- return PrivilegeType.UNKNOWN;
- }
- }
- public static PrivilegeType getPrivTypeByName(String privilegeName) {
- String canonicalizedName = privilegeName.toLowerCase();
- if (canonicalizedName.equals("all")) {
- return PrivilegeType.ALL;
- } else if (canonicalizedName.equals("update")) {
- return PrivilegeType.ALTER_DATA;
- } else if (canonicalizedName.equals("alter")) {
- return PrivilegeType.ALTER_METADATA;
- } else if (canonicalizedName.equals("create")) {
- return PrivilegeType.CREATE;
- } else if (canonicalizedName.equals("drop")) {
- return PrivilegeType.DROP;
- } else if (canonicalizedName.equals("index")) {
- return PrivilegeType.INDEX;
- } else if (canonicalizedName.equals("lock")) {
- return PrivilegeType.LOCK;
- } else if (canonicalizedName.equals("select")) {
- return PrivilegeType.SELECT;
- } else if (canonicalizedName.equals("show_database")) {
- return PrivilegeType.SHOW_DATABASE;
- }
- return PrivilegeType.UNKNOWN;
- }
- private PrivilegeType priv;
-
- private EnumSet<PrivilegeScope> supportedScopeSet;
-
- private Privilege(PrivilegeType priv, EnumSet<PrivilegeScope> scopeSet) {
- super();
- this.priv = priv;
- this.supportedScopeSet = scopeSet;
- }
- public Privilege(PrivilegeType priv) {
- super();
- this.priv = priv;
-
- }
- public PrivilegeType getPriv() {
- return priv;
- }
- public void setPriv(PrivilegeType priv) {
- this.priv = priv;
- }
-
- public boolean supportColumnLevel() {
- return supportedScopeSet != null
- && supportedScopeSet.contains(PrivilegeScope.COLUMN_LEVEL_SCOPE);
- }
- public boolean supportDBLevel() {
- return supportedScopeSet != null
- && supportedScopeSet.contains(PrivilegeScope.DB_LEVEL_SCOPE);
- }
- public boolean supportTableLevel() {
- return supportedScopeSet != null
- && supportedScopeSet.contains(PrivilegeScope.TABLE_LEVEL_SCOPE);
- }
-
- @Override
- public String toString() {
- switch (this.priv) {
- case ALL:
- return "All";
- case ALTER_DATA:
- return "Update";
- case ALTER_METADATA:
- return "Alter";
- case CREATE:
- return "Create";
- case DROP:
- return "Drop";
- case INDEX:
- return "Index";
- case LOCK:
- return "Lock";
- case SELECT:
- return "Select";
- case SHOW_DATABASE:
- return "Show_Database";
- default:
- return "Unknown";
- }
- }
- public Privilege() {
- }
- public static Privilege ALL = new Privilege(PrivilegeType.ALL,
- PrivilegeScope.ALLSCOPE_EXCEPT_COLUMN);
- public static Privilege ALTER_METADATA = new Privilege(PrivilegeType.ALTER_METADATA,
- PrivilegeScope.ALLSCOPE_EXCEPT_COLUMN);
- public static Privilege ALTER_DATA = new Privilege(PrivilegeType.ALTER_DATA,
- PrivilegeScope.ALLSCOPE_EXCEPT_COLUMN);
- public static Privilege CREATE = new Privilege(PrivilegeType.CREATE,
- PrivilegeScope.ALLSCOPE_EXCEPT_COLUMN);
- public static Privilege DROP = new Privilege(PrivilegeType.DROP,
- PrivilegeScope.ALLSCOPE_EXCEPT_COLUMN);
- public static Privilege INDEX = new Privilege(PrivilegeType.INDEX,
- PrivilegeScope.ALLSCOPE);
- public static Privilege LOCK = new Privilege(PrivilegeType.LOCK,
- PrivilegeScope.ALLSCOPE_EXCEPT_COLUMN);
- public static Privilege SELECT = new Privilege(PrivilegeType.SELECT,
- PrivilegeScope.ALLSCOPE);
- public static Privilege SHOW_DATABASE = new Privilege(PrivilegeType.SHOW_DATABASE,
- EnumSet.of(PrivilegeScope.USER_LEVEL_SCOPE));
- }