StorageBasedAuthorizationProvider (Hive Query Language 0.13.0.2.1.2.0-402 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.apache.hadoop.hive.ql.security.authorization
Class StorageBasedAuthorizationProvider

java.lang.Object
  org.apache.hadoop.hive.ql.security.authorization.HiveAuthorizationProviderBase
      org.apache.hadoop.hive.ql.security.authorization.StorageBasedAuthorizationProvider

All Implemented Interfaces:: org.apache.hadoop.conf.Configurable, HiveAuthorizationProvider, HiveMetastoreAuthorizationProvider

public class StorageBasedAuthorizationProvider
extends HiveAuthorizationProviderBase
implements HiveMetastoreAuthorizationProvider
extends HiveAuthorizationProviderBase
implements HiveMetastoreAuthorizationProvider

StorageBasedAuthorizationProvider is an implementation of HiveMetastoreAuthorizationProvider that tries to look at the hdfs permissions of files and directories associated with objects like databases, tables and partitions to determine whether or not an operation is allowed. The rule of thumb for which location to check in hdfs is as follows: CREATE : on location specified, or on location determined from metadata READS : not checked (the preeventlistener does not have an event to fire) UPDATES : on location in metadata DELETES : on location in metadata If the location does not yet exist, as the case is with creates, it steps out to the parent directory recursively to determine its permissions till it finds a parent that does exist.

Constructor Summary
`StorageBasedAuthorizationProvider()`

Method Summary
`void`	`authorize(org.apache.hadoop.hive.metastore.api.Database db, Privilege[] readRequiredPriv, Privilege[] writeRequiredPriv)` Authorization privileges against a database object.
`void`	`authorize(Partition part, Privilege[] readRequiredPriv, Privilege[] writeRequiredPriv)` Authorization privileges against a hive partition object.
`void`	`authorize(org.apache.hadoop.fs.Path path, Privilege[] readRequiredPriv, Privilege[] writeRequiredPriv)` Authorization privileges against a path.
`void`	`authorize(Privilege[] readRequiredPriv, Privilege[] writeRequiredPriv)` Authorization user level privileges.
`void`	`authorize(Table table, Partition part, List<String> columns, Privilege[] readRequiredPriv, Privilege[] writeRequiredPriv)` Authorization privileges against a list of columns.
`void`	`authorize(Table table, Privilege[] readRequiredPriv, Privilege[] writeRequiredPriv)` Authorization privileges against a hive table object.
`void`	`init(org.apache.hadoop.conf.Configuration conf)`
`void`	`setMetaStoreHandler(HiveMetaStore.HMSHandler handler)` Allows invoker of HiveMetaStoreAuthorizationProvider to send in a hive metastore handler that can be used to make calls to test whether or not authorizations can/will succeed.

Methods inherited from class org.apache.hadoop.hive.ql.security.authorization.HiveAuthorizationProviderBase
`getAuthenticator, getConf, setAuthenticator, setConf`

Methods inherited from class java.lang.Object
`equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Methods inherited from interface org.apache.hadoop.hive.ql.security.authorization.HiveAuthorizationProvider
`getAuthenticator, setAuthenticator`

Methods inherited from interface org.apache.hadoop.conf.Configurable
`getConf, setConf`

Constructor Detail

StorageBasedAuthorizationProvider

public StorageBasedAuthorizationProvider()

Method Detail

init

public void init(org.apache.hadoop.conf.Configuration conf)
          throws HiveException

Specified by:: init in interface HiveAuthorizationProvider

Throws:: HiveException