0001
0002
0003
0004
0005
0006
0007
0008
0009
0010
0011
0012
0013
0014
0015
0016
0017
0018
0019 package org.apache.hive.service.cli.operation;
0020
0021 import java.util.List;
0022
0023 import org.apache.hadoop.hive.conf.HiveConf;
0024 import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAccessControlException;
0025 import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzContext;
0026 import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException;
0027 import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveOperationType;
0028 import org.apache.hadoop.hive.ql.security.authorization.plugin.HivePrivilegeObject;
0029 import org.apache.hadoop.hive.ql.session.SessionState;
0030 import org.apache.hive.service.cli.HiveSQLException;
0031 import org.apache.hive.service.cli.OperationState;
0032 import org.apache.hive.service.cli.OperationType;
0033 import org.apache.hive.service.cli.TableSchema;
0034 import org.apache.hive.service.cli.session.HiveSession;
0035
0036
0037
0038
0039
0040 public abstract class MetadataOperation extends Operation {
0041
0042 protected static final String DEFAULT_HIVE_CATALOG = "";
0043 protected static TableSchema RESULT_SET_SCHEMA;
0044 private static final char SEARCH_STRING_ESCAPE = '\\';
0045
0046 protected MetadataOperation(HiveSession parentSession, OperationType opType) {
0047 super(parentSession, opType);
0048 setHasResultSet(true);
0049 }
0050
0051
0052
0053
0054
0055 @Override
0056 public void close() throws HiveSQLException {
0057 setState(OperationState.CLOSED);
0058 cleanupOperationLog();
0059 }
0060
0061
0062
0063
0064 protected String convertIdentifierPattern(final String pattern, boolean datanucleusFormat) {
0065 if (pattern == null) {
0066 return convertPattern("%", true);
0067 } else {
0068 return convertPattern(pattern, datanucleusFormat);
0069 }
0070 }
0071
0072
0073
0074
0075
0076 protected String convertSchemaPattern(final String pattern) {
0077 if ((pattern == null) || pattern.isEmpty()) {
0078 return convertPattern("%", true);
0079 } else {
0080 return convertPattern(pattern, true);
0081 }
0082 }
0083
0084
0085
0086
0087
0088
0089
0090
0091
0092
0093
0094
0095
0096
0097 private String convertPattern(final String pattern, boolean datanucleusFormat) {
0098 String wStr;
0099 if (datanucleusFormat) {
0100 wStr = "*";
0101 } else {
0102 wStr = ".*";
0103 }
0104 return pattern
0105 .replaceAll("([^\\\\])%", "$1" + wStr).replaceAll("\\\\%", "%").replaceAll("^%", wStr)
0106 .replaceAll("([^\\\\])_", "$1.").replaceAll("\\\\_", "_").replaceAll("^_", ".");
0107 }
0108
0109 protected boolean isAuthV2Enabled(){
0110 SessionState ss = SessionState.get();
0111 return (ss.isAuthorizationModeV2() &&
0112 HiveConf.getBoolVar(ss.getConf(), HiveConf.ConfVars.HIVE_AUTHORIZATION_ENABLED));
0113 }
0114
0115 protected void authorizeMetaGets(HiveOperationType opType, List<HivePrivilegeObject> inpObjs)
0116 throws HiveSQLException {
0117 authorizeMetaGets(opType, inpObjs, null);
0118 }
0119
0120 protected void authorizeMetaGets(HiveOperationType opType, List<HivePrivilegeObject> inpObjs,
0121 String cmdString) throws HiveSQLException {
0122 SessionState ss = SessionState.get();
0123 HiveAuthzContext.Builder ctxBuilder = new HiveAuthzContext.Builder();
0124 ctxBuilder.setUserIpAddress(ss.getUserIpAddress());
0125 ctxBuilder.setCommandString(cmdString);
0126 try {
0127 ss.getAuthorizerV2().checkPrivileges(opType, inpObjs, null,
0128 ctxBuilder.build());
0129 } catch (HiveAuthzPluginException | HiveAccessControlException e) {
0130 throw new HiveSQLException(e.getMessage(), e);
0131 }
0132 }
0133
0134 }