Interface AccessControl
-
- All Known Implementing Classes:
AccessControlManager
,AllowAllAccessControl
,DenyAllAccessControl
,ForwardingAccessControl
,TestingAccessControlManager
,ViewAccessControl
public interface AccessControl
-
-
Method Summary
All Methods Instance Methods Abstract Methods Default Methods Deprecated Methods Modifier and Type Method Description void
checkCanAddColumns(SecurityContext context, QualifiedObjectName tableName)
Check if identity is allowed to add columns to the specified table.void
checkCanCreateRole(SecurityContext context, String role, Optional<PrestoPrincipal> grantor, String catalogName)
Check if identity is allowed to create the specified role.void
checkCanCreateSchema(SecurityContext context, CatalogSchemaName schemaName)
Check if identity is allowed to create the specified schema.void
checkCanCreateTable(SecurityContext context, QualifiedObjectName tableName)
Check if identity is allowed to create the specified table.void
checkCanCreateView(SecurityContext context, QualifiedObjectName viewName)
Check if identity is allowed to create the specified view.void
checkCanCreateViewWithSelectFromColumns(SecurityContext context, QualifiedObjectName tableName, Set<String> columnNames)
Check if identity is allowed to create a view that selects from the specified columns.void
checkCanDeleteFromTable(SecurityContext context, QualifiedObjectName tableName)
Check if identity is allowed to delete from the specified table.void
checkCanDropColumn(SecurityContext context, QualifiedObjectName tableName)
Check if identity is allowed to drop columns from the specified table.void
checkCanDropRole(SecurityContext context, String role, String catalogName)
Check if identity is allowed to drop the specified role.void
checkCanDropSchema(SecurityContext context, CatalogSchemaName schemaName)
Check if identity is allowed to drop the specified schema.void
checkCanDropTable(SecurityContext context, QualifiedObjectName tableName)
Check if identity is allowed to drop the specified table.void
checkCanDropView(SecurityContext context, QualifiedObjectName viewName)
Check if identity is allowed to drop the specified view.void
checkCanExecuteFunction(SecurityContext context, String functionName)
Check if identity is allowed to execute functionvoid
checkCanExecuteProcedure(SecurityContext context, QualifiedObjectName procedureName)
Check if identity is allowed to execute procedurevoid
checkCanExecuteQuery(Identity identity)
Checks if identity can execute a query.void
checkCanGrantExecuteFunctionPrivilege(SecurityContext context, String functionName, Identity grantee, boolean grantOption)
Check if identity is allowed to create a view that executes the function.void
checkCanGrantRoles(SecurityContext context, Set<String> roles, Set<PrestoPrincipal> grantees, boolean adminOption, Optional<PrestoPrincipal> grantor, String catalogName)
Check if identity is allowed to grant the specified roles to the specified principals.void
checkCanGrantTablePrivilege(SecurityContext context, Privilege privilege, QualifiedObjectName tableName, PrestoPrincipal grantee, boolean grantOption)
Check if identity is allowed to grant a privilege to the grantee on the specified table.void
checkCanImpersonateUser(Identity identity, String userName)
Check if the identity is allowed impersonate the specified user.void
checkCanInsertIntoTable(SecurityContext context, QualifiedObjectName tableName)
Check if identity is allowed to insert into the specified table.void
checkCanKillQueryOwnedBy(Identity identity, String queryOwner)
Checks if identity can kill a query owned by the specified user.void
checkCanReadSystemInformation(Identity identity)
Check if identity is allowed to read system information such as statistics, service registry, thread stacks, etc.void
checkCanRenameColumn(SecurityContext context, QualifiedObjectName tableName)
Check if identity is allowed to rename a column in the specified table.void
checkCanRenameSchema(SecurityContext context, CatalogSchemaName schemaName, String newSchemaName)
Check if identity is allowed to rename the specified schema.void
checkCanRenameTable(SecurityContext context, QualifiedObjectName tableName, QualifiedObjectName newTableName)
Check if identity is allowed to rename the specified table.void
checkCanRenameView(SecurityContext context, QualifiedObjectName viewName, QualifiedObjectName newViewName)
Check if identity is allowed to rename the specified view.void
checkCanRevokeRoles(SecurityContext context, Set<String> roles, Set<PrestoPrincipal> grantees, boolean adminOption, Optional<PrestoPrincipal> grantor, String catalogName)
Check if identity is allowed to revoke the specified roles from the specified principals.void
checkCanRevokeTablePrivilege(SecurityContext context, Privilege privilege, QualifiedObjectName tableName, PrestoPrincipal revokee, boolean grantOption)
Check if identity is allowed to revoke a privilege from the revokee on the specified table.void
checkCanSelectFromColumns(SecurityContext context, QualifiedObjectName tableName, Set<String> columnNames)
Check if identity is allowed to select from the specified columns.void
checkCanSetCatalogSessionProperty(SecurityContext context, String catalogName, String propertyName)
Check if identity is allowed to set the specified catalog property.void
checkCanSetColumnComment(SecurityContext context, QualifiedObjectName tableName)
Check if identity is allowed to comment the specified column.void
checkCanSetRole(SecurityContext context, String role, String catalogName)
Check if identity is allowed to set role for specified catalog.void
checkCanSetSchemaAuthorization(SecurityContext context, CatalogSchemaName schemaName, PrestoPrincipal principal)
Check if identity is allowed to change the specified schema's user/role.void
checkCanSetSystemSessionProperty(Identity identity, String propertyName)
Check if identity is allowed to set the specified system property.void
checkCanSetTableComment(SecurityContext context, QualifiedObjectName tableName)
Check if identity is allowed to comment the specified table.void
checkCanSetUser(Optional<Principal> principal, String userName)
Deprecated.replaced with user mapping during authentication andcheckCanImpersonateUser(io.prestosql.spi.security.Identity, java.lang.String)
void
checkCanShowColumns(SecurityContext context, CatalogSchemaTableName table)
Check if identity is allowed to show columns of tables by executing SHOW COLUMNS, DESCRIBE etc.void
checkCanShowCreateSchema(SecurityContext context, CatalogSchemaName schemaName)
Check if identity is allowed to execute SHOW CREATE SCHEMA.void
checkCanShowCreateTable(SecurityContext context, QualifiedObjectName tableName)
Check if identity is allowed to execute SHOW CREATE TABLE, SHOW CREATE VIEW or SHOW CREATE MATERIALIZED VIEWvoid
checkCanShowCurrentRoles(SecurityContext context, String catalogName)
Check if identity is allowed to show current roles on the specified catalog.void
checkCanShowRoleAuthorizationDescriptors(SecurityContext context, String catalogName)
Check if identity is allowed to show role authorization descriptors (i.e.void
checkCanShowRoleGrants(SecurityContext context, String catalogName)
Check if identity is allowed to show its own role grants on the specified catalog.void
checkCanShowRoles(SecurityContext context, String catalogName)
Check if identity is allowed to show roles on the specified catalog.void
checkCanShowSchemas(SecurityContext context, String catalogName)
Check if identity is allowed to execute SHOW SCHEMAS in a catalog.void
checkCanShowTables(SecurityContext context, CatalogSchemaName schema)
Check if identity is allowed to show tables by executing SHOW TABLES, SHOW GRANTS etc.void
checkCanViewQueryOwnedBy(Identity identity, String queryOwner)
Checks if identity can view a query owned by the specified user.void
checkCanWriteSystemInformation(Identity identity)
Check if identity is allowed to write system information such as marking nodes offline, or changing runtime flags.Set<String>
filterCatalogs(Identity identity, Set<String> catalogs)
Filter the list of catalogs to those visible to the identity.List<ColumnMetadata>
filterColumns(SecurityContext context, CatalogSchemaTableName tableName, List<ColumnMetadata> columns)
Filter the list of columns to those visible to the identity.Set<String>
filterQueriesOwnedBy(Identity identity, Set<String> queryOwners)
Filter the list of users to those the identity view query owned by the user.Set<String>
filterSchemas(SecurityContext context, String catalogName, Set<String> schemaNames)
Filter the list of schemas in a catalog to those visible to the identity.Set<SchemaTableName>
filterTables(SecurityContext context, String catalogName, Set<SchemaTableName> tableNames)
Filter the list of tables and views to those visible to the identity.default List<ViewExpression>
getColumnMasks(SecurityContext context, QualifiedObjectName tableName, String columnName, Type type)
default List<ViewExpression>
getRowFilters(SecurityContext context, QualifiedObjectName tableName)
-
-
-
Method Detail
-
checkCanSetUser
@Deprecated void checkCanSetUser(Optional<Principal> principal, String userName)
Deprecated.replaced with user mapping during authentication andcheckCanImpersonateUser(io.prestosql.spi.security.Identity, java.lang.String)
Check if the principal is allowed to be the specified user.- Throws:
AccessDeniedException
- if not allowed
-
checkCanImpersonateUser
void checkCanImpersonateUser(Identity identity, String userName)
Check if the identity is allowed impersonate the specified user.- Throws:
AccessDeniedException
- if not allowed
-
checkCanReadSystemInformation
void checkCanReadSystemInformation(Identity identity)
Check if identity is allowed to read system information such as statistics, service registry, thread stacks, etc. This is typically allowed for administrators and management tools.- Throws:
AccessDeniedException
- if not allowed
-
checkCanWriteSystemInformation
void checkCanWriteSystemInformation(Identity identity)
Check if identity is allowed to write system information such as marking nodes offline, or changing runtime flags. This is typically allowed for administrators.- Throws:
AccessDeniedException
- if not allowed
-
checkCanExecuteQuery
void checkCanExecuteQuery(Identity identity)
Checks if identity can execute a query.- Throws:
AccessDeniedException
- if not allowed
-
checkCanViewQueryOwnedBy
void checkCanViewQueryOwnedBy(Identity identity, String queryOwner)
Checks if identity can view a query owned by the specified user. The method will not be called when the current user is the query owner.- Throws:
AccessDeniedException
- if not allowed
-
filterQueriesOwnedBy
Set<String> filterQueriesOwnedBy(Identity identity, Set<String> queryOwners)
Filter the list of users to those the identity view query owned by the user. The method will not be called with the current user in the set.
-
checkCanKillQueryOwnedBy
void checkCanKillQueryOwnedBy(Identity identity, String queryOwner)
Checks if identity can kill a query owned by the specified user. The method will not be called when the current user is the query owner.- Throws:
AccessDeniedException
- if not allowed
-
filterCatalogs
Set<String> filterCatalogs(Identity identity, Set<String> catalogs)
Filter the list of catalogs to those visible to the identity.
-
checkCanCreateSchema
void checkCanCreateSchema(SecurityContext context, CatalogSchemaName schemaName)
Check if identity is allowed to create the specified schema.- Throws:
AccessDeniedException
- if not allowed
-
checkCanDropSchema
void checkCanDropSchema(SecurityContext context, CatalogSchemaName schemaName)
Check if identity is allowed to drop the specified schema.- Throws:
AccessDeniedException
- if not allowed
-
checkCanRenameSchema
void checkCanRenameSchema(SecurityContext context, CatalogSchemaName schemaName, String newSchemaName)
Check if identity is allowed to rename the specified schema.- Throws:
AccessDeniedException
- if not allowed
-
checkCanSetSchemaAuthorization
void checkCanSetSchemaAuthorization(SecurityContext context, CatalogSchemaName schemaName, PrestoPrincipal principal)
Check if identity is allowed to change the specified schema's user/role.- Throws:
AccessDeniedException
- if not allowed
-
checkCanShowSchemas
void checkCanShowSchemas(SecurityContext context, String catalogName)
Check if identity is allowed to execute SHOW SCHEMAS in a catalog.NOTE: This method is only present to give users an error message when listing is not allowed. The
filterSchemas(io.prestosql.security.SecurityContext, java.lang.String, java.util.Set<java.lang.String>)
method must filter all results for unauthorized users, since there are multiple ways to list schemas.- Throws:
AccessDeniedException
- if not allowed
-
filterSchemas
Set<String> filterSchemas(SecurityContext context, String catalogName, Set<String> schemaNames)
Filter the list of schemas in a catalog to those visible to the identity.
-
checkCanShowCreateSchema
void checkCanShowCreateSchema(SecurityContext context, CatalogSchemaName schemaName)
Check if identity is allowed to execute SHOW CREATE SCHEMA.- Throws:
AccessDeniedException
- if not allowed
-
checkCanShowCreateTable
void checkCanShowCreateTable(SecurityContext context, QualifiedObjectName tableName)
Check if identity is allowed to execute SHOW CREATE TABLE, SHOW CREATE VIEW or SHOW CREATE MATERIALIZED VIEW- Throws:
AccessDeniedException
- if not allowed
-
checkCanCreateTable
void checkCanCreateTable(SecurityContext context, QualifiedObjectName tableName)
Check if identity is allowed to create the specified table.- Throws:
AccessDeniedException
- if not allowed
-
checkCanDropTable
void checkCanDropTable(SecurityContext context, QualifiedObjectName tableName)
Check if identity is allowed to drop the specified table.- Throws:
AccessDeniedException
- if not allowed
-
checkCanRenameTable
void checkCanRenameTable(SecurityContext context, QualifiedObjectName tableName, QualifiedObjectName newTableName)
Check if identity is allowed to rename the specified table.- Throws:
AccessDeniedException
- if not allowed
-
checkCanSetTableComment
void checkCanSetTableComment(SecurityContext context, QualifiedObjectName tableName)
Check if identity is allowed to comment the specified table.- Throws:
AccessDeniedException
- if not allowed
-
checkCanSetColumnComment
void checkCanSetColumnComment(SecurityContext context, QualifiedObjectName tableName)
Check if identity is allowed to comment the specified column.- Throws:
AccessDeniedException
- if not allowed
-
checkCanShowTables
void checkCanShowTables(SecurityContext context, CatalogSchemaName schema)
Check if identity is allowed to show tables by executing SHOW TABLES, SHOW GRANTS etc. in a catalog schema.NOTE: This method is only present to give users an error message when listing is not allowed. The
filterTables(io.prestosql.security.SecurityContext, java.lang.String, java.util.Set<io.prestosql.spi.connector.SchemaTableName>)
method must filter all results for unauthorized users, since there are multiple ways to list tables.- Throws:
AccessDeniedException
- if not allowed
-
filterTables
Set<SchemaTableName> filterTables(SecurityContext context, String catalogName, Set<SchemaTableName> tableNames)
Filter the list of tables and views to those visible to the identity.
-
checkCanShowColumns
void checkCanShowColumns(SecurityContext context, CatalogSchemaTableName table)
Check if identity is allowed to show columns of tables by executing SHOW COLUMNS, DESCRIBE etc.NOTE: This method is only present to give users an error message when listing is not allowed. The
filterColumns(io.prestosql.security.SecurityContext, io.prestosql.spi.connector.CatalogSchemaTableName, java.util.List<io.prestosql.spi.connector.ColumnMetadata>)
method must filter all results for unauthorized users, since there are multiple ways to list columns.- Throws:
AccessDeniedException
- if not allowed
-
filterColumns
List<ColumnMetadata> filterColumns(SecurityContext context, CatalogSchemaTableName tableName, List<ColumnMetadata> columns)
Filter the list of columns to those visible to the identity.
-
checkCanAddColumns
void checkCanAddColumns(SecurityContext context, QualifiedObjectName tableName)
Check if identity is allowed to add columns to the specified table.- Throws:
AccessDeniedException
- if not allowed
-
checkCanDropColumn
void checkCanDropColumn(SecurityContext context, QualifiedObjectName tableName)
Check if identity is allowed to drop columns from the specified table.- Throws:
AccessDeniedException
- if not allowed
-
checkCanRenameColumn
void checkCanRenameColumn(SecurityContext context, QualifiedObjectName tableName)
Check if identity is allowed to rename a column in the specified table.- Throws:
AccessDeniedException
- if not allowed
-
checkCanInsertIntoTable
void checkCanInsertIntoTable(SecurityContext context, QualifiedObjectName tableName)
Check if identity is allowed to insert into the specified table.- Throws:
AccessDeniedException
- if not allowed
-
checkCanDeleteFromTable
void checkCanDeleteFromTable(SecurityContext context, QualifiedObjectName tableName)
Check if identity is allowed to delete from the specified table.- Throws:
AccessDeniedException
- if not allowed
-
checkCanCreateView
void checkCanCreateView(SecurityContext context, QualifiedObjectName viewName)
Check if identity is allowed to create the specified view.- Throws:
AccessDeniedException
- if not allowed
-
checkCanRenameView
void checkCanRenameView(SecurityContext context, QualifiedObjectName viewName, QualifiedObjectName newViewName)
Check if identity is allowed to rename the specified view.- Throws:
AccessDeniedException
- if not allowed
-
checkCanDropView
void checkCanDropView(SecurityContext context, QualifiedObjectName viewName)
Check if identity is allowed to drop the specified view.- Throws:
AccessDeniedException
- if not allowed
-
checkCanCreateViewWithSelectFromColumns
void checkCanCreateViewWithSelectFromColumns(SecurityContext context, QualifiedObjectName tableName, Set<String> columnNames)
Check if identity is allowed to create a view that selects from the specified columns.- Throws:
AccessDeniedException
- if not allowed
-
checkCanGrantExecuteFunctionPrivilege
void checkCanGrantExecuteFunctionPrivilege(SecurityContext context, String functionName, Identity grantee, boolean grantOption)
Check if identity is allowed to create a view that executes the function.- Throws:
AccessDeniedException
- if not allowed
-
checkCanGrantTablePrivilege
void checkCanGrantTablePrivilege(SecurityContext context, Privilege privilege, QualifiedObjectName tableName, PrestoPrincipal grantee, boolean grantOption)
Check if identity is allowed to grant a privilege to the grantee on the specified table.- Throws:
AccessDeniedException
- if not allowed
-
checkCanRevokeTablePrivilege
void checkCanRevokeTablePrivilege(SecurityContext context, Privilege privilege, QualifiedObjectName tableName, PrestoPrincipal revokee, boolean grantOption)
Check if identity is allowed to revoke a privilege from the revokee on the specified table.- Throws:
AccessDeniedException
- if not allowed
-
checkCanSetSystemSessionProperty
void checkCanSetSystemSessionProperty(Identity identity, String propertyName)
Check if identity is allowed to set the specified system property.- Throws:
AccessDeniedException
- if not allowed
-
checkCanSetCatalogSessionProperty
void checkCanSetCatalogSessionProperty(SecurityContext context, String catalogName, String propertyName)
Check if identity is allowed to set the specified catalog property.- Throws:
AccessDeniedException
- if not allowed
-
checkCanSelectFromColumns
void checkCanSelectFromColumns(SecurityContext context, QualifiedObjectName tableName, Set<String> columnNames)
Check if identity is allowed to select from the specified columns. The column set can be empty.- Throws:
AccessDeniedException
- if not allowed
-
checkCanCreateRole
void checkCanCreateRole(SecurityContext context, String role, Optional<PrestoPrincipal> grantor, String catalogName)
Check if identity is allowed to create the specified role.- Throws:
AccessDeniedException
- if not allowed
-
checkCanDropRole
void checkCanDropRole(SecurityContext context, String role, String catalogName)
Check if identity is allowed to drop the specified role.- Throws:
AccessDeniedException
- if not allowed
-
checkCanGrantRoles
void checkCanGrantRoles(SecurityContext context, Set<String> roles, Set<PrestoPrincipal> grantees, boolean adminOption, Optional<PrestoPrincipal> grantor, String catalogName)
Check if identity is allowed to grant the specified roles to the specified principals.- Throws:
AccessDeniedException
- if not allowed
-
checkCanRevokeRoles
void checkCanRevokeRoles(SecurityContext context, Set<String> roles, Set<PrestoPrincipal> grantees, boolean adminOption, Optional<PrestoPrincipal> grantor, String catalogName)
Check if identity is allowed to revoke the specified roles from the specified principals.- Throws:
AccessDeniedException
- if not allowed
-
checkCanSetRole
void checkCanSetRole(SecurityContext context, String role, String catalogName)
Check if identity is allowed to set role for specified catalog.- Throws:
AccessDeniedException
- if not allowed
-
checkCanShowRoleAuthorizationDescriptors
void checkCanShowRoleAuthorizationDescriptors(SecurityContext context, String catalogName)
Check if identity is allowed to show role authorization descriptors (i.e. RoleGrants).- Throws:
AccessDeniedException
- if not allowed
-
checkCanShowRoles
void checkCanShowRoles(SecurityContext context, String catalogName)
Check if identity is allowed to show roles on the specified catalog.- Throws:
AccessDeniedException
- if not allowed
-
checkCanShowCurrentRoles
void checkCanShowCurrentRoles(SecurityContext context, String catalogName)
Check if identity is allowed to show current roles on the specified catalog.- Throws:
AccessDeniedException
- if not allowed
-
checkCanShowRoleGrants
void checkCanShowRoleGrants(SecurityContext context, String catalogName)
Check if identity is allowed to show its own role grants on the specified catalog.- Throws:
AccessDeniedException
- if not allowed
-
checkCanExecuteProcedure
void checkCanExecuteProcedure(SecurityContext context, QualifiedObjectName procedureName)
Check if identity is allowed to execute procedure- Throws:
AccessDeniedException
- if not allowed
-
checkCanExecuteFunction
void checkCanExecuteFunction(SecurityContext context, String functionName)
Check if identity is allowed to execute function- Throws:
AccessDeniedException
- if not allowed
-
getRowFilters
default List<ViewExpression> getRowFilters(SecurityContext context, QualifiedObjectName tableName)
-
getColumnMasks
default List<ViewExpression> getColumnMasks(SecurityContext context, QualifiedObjectName tableName, String columnName, Type type)
-
-