Class ForwardingAccessControl
- java.lang.Object
-
- io.prestosql.security.ForwardingAccessControl
-
- All Implemented Interfaces:
AccessControl
public abstract class ForwardingAccessControl extends Object implements AccessControl
-
-
Constructor Summary
Constructors Constructor Description ForwardingAccessControl()
-
Method Summary
All Methods Static Methods Instance Methods Abstract Methods Concrete Methods Deprecated Methods Modifier and Type Method Description void
checkCanAddColumns(SecurityContext context, QualifiedObjectName tableName)
Check if identity is allowed to add columns to the specified table.void
checkCanCreateRole(SecurityContext context, String role, Optional<PrestoPrincipal> grantor, String catalogName)
Check if identity is allowed to create the specified role.void
checkCanCreateSchema(SecurityContext context, CatalogSchemaName schemaName)
Check if identity is allowed to create the specified schema.void
checkCanCreateTable(SecurityContext context, QualifiedObjectName tableName)
Check if identity is allowed to create the specified table.void
checkCanCreateView(SecurityContext context, QualifiedObjectName viewName)
Check if identity is allowed to create the specified view.void
checkCanCreateViewWithSelectFromColumns(SecurityContext context, QualifiedObjectName tableName, Set<String> columnNames)
Check if identity is allowed to create a view that selects from the specified columns.void
checkCanDeleteFromTable(SecurityContext context, QualifiedObjectName tableName)
Check if identity is allowed to delete from the specified table.void
checkCanDropColumn(SecurityContext context, QualifiedObjectName tableName)
Check if identity is allowed to drop columns from the specified table.void
checkCanDropRole(SecurityContext context, String role, String catalogName)
Check if identity is allowed to drop the specified role.void
checkCanDropSchema(SecurityContext context, CatalogSchemaName schemaName)
Check if identity is allowed to drop the specified schema.void
checkCanDropTable(SecurityContext context, QualifiedObjectName tableName)
Check if identity is allowed to drop the specified table.void
checkCanDropView(SecurityContext context, QualifiedObjectName viewName)
Check if identity is allowed to drop the specified view.void
checkCanExecuteFunction(SecurityContext context, String functionName)
Check if identity is allowed to execute functionvoid
checkCanExecuteProcedure(SecurityContext context, QualifiedObjectName procedureName)
Check if identity is allowed to execute procedurevoid
checkCanExecuteQuery(Identity identity)
Checks if identity can execute a query.void
checkCanGrantExecuteFunctionPrivilege(SecurityContext context, String functionName, Identity grantee, boolean grantOption)
Check if identity is allowed to create a view that executes the function.void
checkCanGrantRoles(SecurityContext context, Set<String> roles, Set<PrestoPrincipal> grantees, boolean adminOption, Optional<PrestoPrincipal> grantor, String catalogName)
Check if identity is allowed to grant the specified roles to the specified principals.void
checkCanGrantTablePrivilege(SecurityContext context, Privilege privilege, QualifiedObjectName tableName, PrestoPrincipal grantee, boolean grantOption)
Check if identity is allowed to grant a privilege to the grantee on the specified table.void
checkCanImpersonateUser(Identity identity, String userName)
Check if the identity is allowed impersonate the specified user.void
checkCanInsertIntoTable(SecurityContext context, QualifiedObjectName tableName)
Check if identity is allowed to insert into the specified table.void
checkCanKillQueryOwnedBy(Identity identity, String queryOwner)
Checks if identity can kill a query owned by the specified user.void
checkCanReadSystemInformation(Identity identity)
Check if identity is allowed to read system information such as statistics, service registry, thread stacks, etc.void
checkCanRenameColumn(SecurityContext context, QualifiedObjectName tableName)
Check if identity is allowed to rename a column in the specified table.void
checkCanRenameSchema(SecurityContext context, CatalogSchemaName schemaName, String newSchemaName)
Check if identity is allowed to rename the specified schema.void
checkCanRenameTable(SecurityContext context, QualifiedObjectName tableName, QualifiedObjectName newTableName)
Check if identity is allowed to rename the specified table.void
checkCanRenameView(SecurityContext context, QualifiedObjectName viewName, QualifiedObjectName newViewName)
Check if identity is allowed to rename the specified view.void
checkCanRevokeRoles(SecurityContext context, Set<String> roles, Set<PrestoPrincipal> grantees, boolean adminOption, Optional<PrestoPrincipal> grantor, String catalogName)
Check if identity is allowed to revoke the specified roles from the specified principals.void
checkCanRevokeTablePrivilege(SecurityContext context, Privilege privilege, QualifiedObjectName tableName, PrestoPrincipal revokee, boolean grantOption)
Check if identity is allowed to revoke a privilege from the revokee on the specified table.void
checkCanSelectFromColumns(SecurityContext context, QualifiedObjectName tableName, Set<String> columnNames)
Check if identity is allowed to select from the specified columns.void
checkCanSetCatalogSessionProperty(SecurityContext context, String catalogName, String propertyName)
Check if identity is allowed to set the specified catalog property.void
checkCanSetColumnComment(SecurityContext context, QualifiedObjectName tableName)
Check if identity is allowed to comment the specified column.void
checkCanSetRole(SecurityContext context, String role, String catalogName)
Check if identity is allowed to set role for specified catalog.void
checkCanSetSchemaAuthorization(SecurityContext context, CatalogSchemaName schemaName, PrestoPrincipal principal)
Check if identity is allowed to change the specified schema's user/role.void
checkCanSetSystemSessionProperty(Identity identity, String propertyName)
Check if identity is allowed to set the specified system property.void
checkCanSetTableComment(SecurityContext context, QualifiedObjectName tableName)
Check if identity is allowed to comment the specified table.void
checkCanSetUser(Optional<Principal> principal, String userName)
Deprecated.void
checkCanShowColumns(SecurityContext context, CatalogSchemaTableName table)
Check if identity is allowed to show columns of tables by executing SHOW COLUMNS, DESCRIBE etc.void
checkCanShowCreateSchema(SecurityContext context, CatalogSchemaName schemaName)
Check if identity is allowed to execute SHOW CREATE SCHEMA.void
checkCanShowCreateTable(SecurityContext context, QualifiedObjectName tableName)
Check if identity is allowed to execute SHOW CREATE TABLE, SHOW CREATE VIEW or SHOW CREATE MATERIALIZED VIEWvoid
checkCanShowCurrentRoles(SecurityContext context, String catalogName)
Check if identity is allowed to show current roles on the specified catalog.void
checkCanShowRoleAuthorizationDescriptors(SecurityContext context, String catalogName)
Check if identity is allowed to show role authorization descriptors (i.e.void
checkCanShowRoleGrants(SecurityContext context, String catalogName)
Check if identity is allowed to show its own role grants on the specified catalog.void
checkCanShowRoles(SecurityContext context, String catalogName)
Check if identity is allowed to show roles on the specified catalog.void
checkCanShowSchemas(SecurityContext context, String catalogName)
Check if identity is allowed to execute SHOW SCHEMAS in a catalog.void
checkCanShowTables(SecurityContext context, CatalogSchemaName schema)
Check if identity is allowed to show tables by executing SHOW TABLES, SHOW GRANTS etc.void
checkCanViewQueryOwnedBy(Identity identity, String queryOwner)
Checks if identity can view a query owned by the specified user.void
checkCanWriteSystemInformation(Identity identity)
Check if identity is allowed to write system information such as marking nodes offline, or changing runtime flags.protected abstract AccessControl
delegate()
Set<String>
filterCatalogs(Identity identity, Set<String> catalogs)
Filter the list of catalogs to those visible to the identity.List<ColumnMetadata>
filterColumns(SecurityContext context, CatalogSchemaTableName tableName, List<ColumnMetadata> columns)
Filter the list of columns to those visible to the identity.Set<String>
filterQueriesOwnedBy(Identity identity, Set<String> queryOwners)
Filter the list of users to those the identity view query owned by the user.Set<String>
filterSchemas(SecurityContext context, String catalogName, Set<String> schemaNames)
Filter the list of schemas in a catalog to those visible to the identity.Set<SchemaTableName>
filterTables(SecurityContext context, String catalogName, Set<SchemaTableName> tableNames)
Filter the list of tables and views to those visible to the identity.List<ViewExpression>
getColumnMasks(SecurityContext context, QualifiedObjectName tableName, String columnName, Type type)
List<ViewExpression>
getRowFilters(SecurityContext context, QualifiedObjectName tableName)
static ForwardingAccessControl
of(Supplier<AccessControl> accessControlSupplier)
-
-
-
Method Detail
-
of
public static ForwardingAccessControl of(Supplier<AccessControl> accessControlSupplier)
-
delegate
protected abstract AccessControl delegate()
-
checkCanImpersonateUser
public void checkCanImpersonateUser(Identity identity, String userName)
Description copied from interface:AccessControl
Check if the identity is allowed impersonate the specified user.- Specified by:
checkCanImpersonateUser
in interfaceAccessControl
-
checkCanReadSystemInformation
public void checkCanReadSystemInformation(Identity identity)
Description copied from interface:AccessControl
Check if identity is allowed to read system information such as statistics, service registry, thread stacks, etc. This is typically allowed for administrators and management tools.- Specified by:
checkCanReadSystemInformation
in interfaceAccessControl
-
checkCanWriteSystemInformation
public void checkCanWriteSystemInformation(Identity identity)
Description copied from interface:AccessControl
Check if identity is allowed to write system information such as marking nodes offline, or changing runtime flags. This is typically allowed for administrators.- Specified by:
checkCanWriteSystemInformation
in interfaceAccessControl
-
checkCanSetUser
@Deprecated public void checkCanSetUser(Optional<Principal> principal, String userName)
Deprecated.Description copied from interface:AccessControl
Check if the principal is allowed to be the specified user.- Specified by:
checkCanSetUser
in interfaceAccessControl
-
checkCanExecuteQuery
public void checkCanExecuteQuery(Identity identity)
Description copied from interface:AccessControl
Checks if identity can execute a query.- Specified by:
checkCanExecuteQuery
in interfaceAccessControl
-
checkCanViewQueryOwnedBy
public void checkCanViewQueryOwnedBy(Identity identity, String queryOwner)
Description copied from interface:AccessControl
Checks if identity can view a query owned by the specified user. The method will not be called when the current user is the query owner.- Specified by:
checkCanViewQueryOwnedBy
in interfaceAccessControl
-
filterQueriesOwnedBy
public Set<String> filterQueriesOwnedBy(Identity identity, Set<String> queryOwners)
Description copied from interface:AccessControl
Filter the list of users to those the identity view query owned by the user. The method will not be called with the current user in the set.- Specified by:
filterQueriesOwnedBy
in interfaceAccessControl
-
checkCanKillQueryOwnedBy
public void checkCanKillQueryOwnedBy(Identity identity, String queryOwner)
Description copied from interface:AccessControl
Checks if identity can kill a query owned by the specified user. The method will not be called when the current user is the query owner.- Specified by:
checkCanKillQueryOwnedBy
in interfaceAccessControl
-
filterCatalogs
public Set<String> filterCatalogs(Identity identity, Set<String> catalogs)
Description copied from interface:AccessControl
Filter the list of catalogs to those visible to the identity.- Specified by:
filterCatalogs
in interfaceAccessControl
-
checkCanCreateSchema
public void checkCanCreateSchema(SecurityContext context, CatalogSchemaName schemaName)
Description copied from interface:AccessControl
Check if identity is allowed to create the specified schema.- Specified by:
checkCanCreateSchema
in interfaceAccessControl
-
checkCanDropSchema
public void checkCanDropSchema(SecurityContext context, CatalogSchemaName schemaName)
Description copied from interface:AccessControl
Check if identity is allowed to drop the specified schema.- Specified by:
checkCanDropSchema
in interfaceAccessControl
-
checkCanRenameSchema
public void checkCanRenameSchema(SecurityContext context, CatalogSchemaName schemaName, String newSchemaName)
Description copied from interface:AccessControl
Check if identity is allowed to rename the specified schema.- Specified by:
checkCanRenameSchema
in interfaceAccessControl
-
checkCanSetSchemaAuthorization
public void checkCanSetSchemaAuthorization(SecurityContext context, CatalogSchemaName schemaName, PrestoPrincipal principal)
Description copied from interface:AccessControl
Check if identity is allowed to change the specified schema's user/role.- Specified by:
checkCanSetSchemaAuthorization
in interfaceAccessControl
-
checkCanShowSchemas
public void checkCanShowSchemas(SecurityContext context, String catalogName)
Description copied from interface:AccessControl
Check if identity is allowed to execute SHOW SCHEMAS in a catalog.NOTE: This method is only present to give users an error message when listing is not allowed. The
AccessControl.filterSchemas(io.prestosql.security.SecurityContext, java.lang.String, java.util.Set<java.lang.String>)
method must filter all results for unauthorized users, since there are multiple ways to list schemas.- Specified by:
checkCanShowSchemas
in interfaceAccessControl
-
filterSchemas
public Set<String> filterSchemas(SecurityContext context, String catalogName, Set<String> schemaNames)
Description copied from interface:AccessControl
Filter the list of schemas in a catalog to those visible to the identity.- Specified by:
filterSchemas
in interfaceAccessControl
-
checkCanShowCreateSchema
public void checkCanShowCreateSchema(SecurityContext context, CatalogSchemaName schemaName)
Description copied from interface:AccessControl
Check if identity is allowed to execute SHOW CREATE SCHEMA.- Specified by:
checkCanShowCreateSchema
in interfaceAccessControl
-
checkCanShowCreateTable
public void checkCanShowCreateTable(SecurityContext context, QualifiedObjectName tableName)
Description copied from interface:AccessControl
Check if identity is allowed to execute SHOW CREATE TABLE, SHOW CREATE VIEW or SHOW CREATE MATERIALIZED VIEW- Specified by:
checkCanShowCreateTable
in interfaceAccessControl
-
checkCanCreateTable
public void checkCanCreateTable(SecurityContext context, QualifiedObjectName tableName)
Description copied from interface:AccessControl
Check if identity is allowed to create the specified table.- Specified by:
checkCanCreateTable
in interfaceAccessControl
-
checkCanDropTable
public void checkCanDropTable(SecurityContext context, QualifiedObjectName tableName)
Description copied from interface:AccessControl
Check if identity is allowed to drop the specified table.- Specified by:
checkCanDropTable
in interfaceAccessControl
-
checkCanRenameTable
public void checkCanRenameTable(SecurityContext context, QualifiedObjectName tableName, QualifiedObjectName newTableName)
Description copied from interface:AccessControl
Check if identity is allowed to rename the specified table.- Specified by:
checkCanRenameTable
in interfaceAccessControl
-
checkCanSetTableComment
public void checkCanSetTableComment(SecurityContext context, QualifiedObjectName tableName)
Description copied from interface:AccessControl
Check if identity is allowed to comment the specified table.- Specified by:
checkCanSetTableComment
in interfaceAccessControl
-
checkCanSetColumnComment
public void checkCanSetColumnComment(SecurityContext context, QualifiedObjectName tableName)
Description copied from interface:AccessControl
Check if identity is allowed to comment the specified column.- Specified by:
checkCanSetColumnComment
in interfaceAccessControl
-
checkCanShowTables
public void checkCanShowTables(SecurityContext context, CatalogSchemaName schema)
Description copied from interface:AccessControl
Check if identity is allowed to show tables by executing SHOW TABLES, SHOW GRANTS etc. in a catalog schema.NOTE: This method is only present to give users an error message when listing is not allowed. The
AccessControl.filterTables(io.prestosql.security.SecurityContext, java.lang.String, java.util.Set<io.prestosql.spi.connector.SchemaTableName>)
method must filter all results for unauthorized users, since there are multiple ways to list tables.- Specified by:
checkCanShowTables
in interfaceAccessControl
-
filterTables
public Set<SchemaTableName> filterTables(SecurityContext context, String catalogName, Set<SchemaTableName> tableNames)
Description copied from interface:AccessControl
Filter the list of tables and views to those visible to the identity.- Specified by:
filterTables
in interfaceAccessControl
-
checkCanShowColumns
public void checkCanShowColumns(SecurityContext context, CatalogSchemaTableName table)
Description copied from interface:AccessControl
Check if identity is allowed to show columns of tables by executing SHOW COLUMNS, DESCRIBE etc.NOTE: This method is only present to give users an error message when listing is not allowed. The
AccessControl.filterColumns(io.prestosql.security.SecurityContext, io.prestosql.spi.connector.CatalogSchemaTableName, java.util.List<io.prestosql.spi.connector.ColumnMetadata>)
method must filter all results for unauthorized users, since there are multiple ways to list columns.- Specified by:
checkCanShowColumns
in interfaceAccessControl
-
filterColumns
public List<ColumnMetadata> filterColumns(SecurityContext context, CatalogSchemaTableName tableName, List<ColumnMetadata> columns)
Description copied from interface:AccessControl
Filter the list of columns to those visible to the identity.- Specified by:
filterColumns
in interfaceAccessControl
-
checkCanAddColumns
public void checkCanAddColumns(SecurityContext context, QualifiedObjectName tableName)
Description copied from interface:AccessControl
Check if identity is allowed to add columns to the specified table.- Specified by:
checkCanAddColumns
in interfaceAccessControl
-
checkCanDropColumn
public void checkCanDropColumn(SecurityContext context, QualifiedObjectName tableName)
Description copied from interface:AccessControl
Check if identity is allowed to drop columns from the specified table.- Specified by:
checkCanDropColumn
in interfaceAccessControl
-
checkCanRenameColumn
public void checkCanRenameColumn(SecurityContext context, QualifiedObjectName tableName)
Description copied from interface:AccessControl
Check if identity is allowed to rename a column in the specified table.- Specified by:
checkCanRenameColumn
in interfaceAccessControl
-
checkCanInsertIntoTable
public void checkCanInsertIntoTable(SecurityContext context, QualifiedObjectName tableName)
Description copied from interface:AccessControl
Check if identity is allowed to insert into the specified table.- Specified by:
checkCanInsertIntoTable
in interfaceAccessControl
-
checkCanDeleteFromTable
public void checkCanDeleteFromTable(SecurityContext context, QualifiedObjectName tableName)
Description copied from interface:AccessControl
Check if identity is allowed to delete from the specified table.- Specified by:
checkCanDeleteFromTable
in interfaceAccessControl
-
checkCanCreateView
public void checkCanCreateView(SecurityContext context, QualifiedObjectName viewName)
Description copied from interface:AccessControl
Check if identity is allowed to create the specified view.- Specified by:
checkCanCreateView
in interfaceAccessControl
-
checkCanRenameView
public void checkCanRenameView(SecurityContext context, QualifiedObjectName viewName, QualifiedObjectName newViewName)
Description copied from interface:AccessControl
Check if identity is allowed to rename the specified view.- Specified by:
checkCanRenameView
in interfaceAccessControl
-
checkCanDropView
public void checkCanDropView(SecurityContext context, QualifiedObjectName viewName)
Description copied from interface:AccessControl
Check if identity is allowed to drop the specified view.- Specified by:
checkCanDropView
in interfaceAccessControl
-
checkCanCreateViewWithSelectFromColumns
public void checkCanCreateViewWithSelectFromColumns(SecurityContext context, QualifiedObjectName tableName, Set<String> columnNames)
Description copied from interface:AccessControl
Check if identity is allowed to create a view that selects from the specified columns.- Specified by:
checkCanCreateViewWithSelectFromColumns
in interfaceAccessControl
-
checkCanGrantExecuteFunctionPrivilege
public void checkCanGrantExecuteFunctionPrivilege(SecurityContext context, String functionName, Identity grantee, boolean grantOption)
Description copied from interface:AccessControl
Check if identity is allowed to create a view that executes the function.- Specified by:
checkCanGrantExecuteFunctionPrivilege
in interfaceAccessControl
-
checkCanGrantTablePrivilege
public void checkCanGrantTablePrivilege(SecurityContext context, Privilege privilege, QualifiedObjectName tableName, PrestoPrincipal grantee, boolean grantOption)
Description copied from interface:AccessControl
Check if identity is allowed to grant a privilege to the grantee on the specified table.- Specified by:
checkCanGrantTablePrivilege
in interfaceAccessControl
-
checkCanRevokeTablePrivilege
public void checkCanRevokeTablePrivilege(SecurityContext context, Privilege privilege, QualifiedObjectName tableName, PrestoPrincipal revokee, boolean grantOption)
Description copied from interface:AccessControl
Check if identity is allowed to revoke a privilege from the revokee on the specified table.- Specified by:
checkCanRevokeTablePrivilege
in interfaceAccessControl
-
checkCanSetSystemSessionProperty
public void checkCanSetSystemSessionProperty(Identity identity, String propertyName)
Description copied from interface:AccessControl
Check if identity is allowed to set the specified system property.- Specified by:
checkCanSetSystemSessionProperty
in interfaceAccessControl
-
checkCanSetCatalogSessionProperty
public void checkCanSetCatalogSessionProperty(SecurityContext context, String catalogName, String propertyName)
Description copied from interface:AccessControl
Check if identity is allowed to set the specified catalog property.- Specified by:
checkCanSetCatalogSessionProperty
in interfaceAccessControl
-
checkCanSelectFromColumns
public void checkCanSelectFromColumns(SecurityContext context, QualifiedObjectName tableName, Set<String> columnNames)
Description copied from interface:AccessControl
Check if identity is allowed to select from the specified columns. The column set can be empty.- Specified by:
checkCanSelectFromColumns
in interfaceAccessControl
-
checkCanCreateRole
public void checkCanCreateRole(SecurityContext context, String role, Optional<PrestoPrincipal> grantor, String catalogName)
Description copied from interface:AccessControl
Check if identity is allowed to create the specified role.- Specified by:
checkCanCreateRole
in interfaceAccessControl
-
checkCanDropRole
public void checkCanDropRole(SecurityContext context, String role, String catalogName)
Description copied from interface:AccessControl
Check if identity is allowed to drop the specified role.- Specified by:
checkCanDropRole
in interfaceAccessControl
-
checkCanGrantRoles
public void checkCanGrantRoles(SecurityContext context, Set<String> roles, Set<PrestoPrincipal> grantees, boolean adminOption, Optional<PrestoPrincipal> grantor, String catalogName)
Description copied from interface:AccessControl
Check if identity is allowed to grant the specified roles to the specified principals.- Specified by:
checkCanGrantRoles
in interfaceAccessControl
-
checkCanRevokeRoles
public void checkCanRevokeRoles(SecurityContext context, Set<String> roles, Set<PrestoPrincipal> grantees, boolean adminOption, Optional<PrestoPrincipal> grantor, String catalogName)
Description copied from interface:AccessControl
Check if identity is allowed to revoke the specified roles from the specified principals.- Specified by:
checkCanRevokeRoles
in interfaceAccessControl
-
checkCanSetRole
public void checkCanSetRole(SecurityContext context, String role, String catalogName)
Description copied from interface:AccessControl
Check if identity is allowed to set role for specified catalog.- Specified by:
checkCanSetRole
in interfaceAccessControl
-
checkCanShowRoleAuthorizationDescriptors
public void checkCanShowRoleAuthorizationDescriptors(SecurityContext context, String catalogName)
Description copied from interface:AccessControl
Check if identity is allowed to show role authorization descriptors (i.e. RoleGrants).- Specified by:
checkCanShowRoleAuthorizationDescriptors
in interfaceAccessControl
-
checkCanShowRoles
public void checkCanShowRoles(SecurityContext context, String catalogName)
Description copied from interface:AccessControl
Check if identity is allowed to show roles on the specified catalog.- Specified by:
checkCanShowRoles
in interfaceAccessControl
-
checkCanShowCurrentRoles
public void checkCanShowCurrentRoles(SecurityContext context, String catalogName)
Description copied from interface:AccessControl
Check if identity is allowed to show current roles on the specified catalog.- Specified by:
checkCanShowCurrentRoles
in interfaceAccessControl
-
checkCanShowRoleGrants
public void checkCanShowRoleGrants(SecurityContext context, String catalogName)
Description copied from interface:AccessControl
Check if identity is allowed to show its own role grants on the specified catalog.- Specified by:
checkCanShowRoleGrants
in interfaceAccessControl
-
checkCanExecuteProcedure
public void checkCanExecuteProcedure(SecurityContext context, QualifiedObjectName procedureName)
Description copied from interface:AccessControl
Check if identity is allowed to execute procedure- Specified by:
checkCanExecuteProcedure
in interfaceAccessControl
-
checkCanExecuteFunction
public void checkCanExecuteFunction(SecurityContext context, String functionName)
Description copied from interface:AccessControl
Check if identity is allowed to execute function- Specified by:
checkCanExecuteFunction
in interfaceAccessControl
-
getRowFilters
public List<ViewExpression> getRowFilters(SecurityContext context, QualifiedObjectName tableName)
- Specified by:
getRowFilters
in interfaceAccessControl
-
getColumnMasks
public List<ViewExpression> getColumnMasks(SecurityContext context, QualifiedObjectName tableName, String columnName, Type type)
- Specified by:
getColumnMasks
in interfaceAccessControl
-
-