From bc65abdbe684de129ea0d3c76557d83ab07a2228 Mon Sep 17 00:00:00 2001 From: Angerszhuuuu Date: Tue, 24 Oct 2023 18:47:37 +0800 Subject: [PATCH] update --- .../plugin/spark/authz/ObjectType.scala | 2 +- .../plugin/spark/authz/PrivilegeObject.scala | 32 ++++++------------- .../spark/authz/PrivilegeObjectType.scala | 2 +- .../spark/authz/PrivilegesBuilder.scala | 8 ++--- 4 files changed, 15 insertions(+), 29 deletions(-) diff --git a/extensions/spark/kyuubi-spark-authz/src/main/scala/org/apache/kyuubi/plugin/spark/authz/ObjectType.scala b/extensions/spark/kyuubi-spark-authz/src/main/scala/org/apache/kyuubi/plugin/spark/authz/ObjectType.scala index ceb89f69816..01088987d67 100644 --- a/extensions/spark/kyuubi-spark-authz/src/main/scala/org/apache/kyuubi/plugin/spark/authz/ObjectType.scala +++ b/extensions/spark/kyuubi-spark-authz/src/main/scala/org/apache/kyuubi/plugin/spark/authz/ObjectType.scala @@ -30,9 +30,9 @@ object ObjectType extends Enumeration { case PrivilegeObjectType.DATABASE => DATABASE case PrivilegeObjectType.TABLE_OR_VIEW if obj.columns.nonEmpty => COLUMN case PrivilegeObjectType.TABLE_OR_VIEW if opType.toString.contains("VIEW") => VIEW + case PrivilegeObjectType.TABLE_OR_VIEW if opType.toString.contains("INDEX") => INDEX case PrivilegeObjectType.TABLE_OR_VIEW => TABLE case PrivilegeObjectType.FUNCTION => FUNCTION - case PrivilegeObjectType.INDEX => INDEX } } } diff --git a/extensions/spark/kyuubi-spark-authz/src/main/scala/org/apache/kyuubi/plugin/spark/authz/PrivilegeObject.scala b/extensions/spark/kyuubi-spark-authz/src/main/scala/org/apache/kyuubi/plugin/spark/authz/PrivilegeObject.scala index 47fae5af8b6..fad7ddacd35 100644 --- a/extensions/spark/kyuubi-spark-authz/src/main/scala/org/apache/kyuubi/plugin/spark/authz/PrivilegeObject.scala +++ b/extensions/spark/kyuubi-spark-authz/src/main/scala/org/apache/kyuubi/plugin/spark/authz/PrivilegeObject.scala @@ -19,7 +19,6 @@ package org.apache.kyuubi.plugin.spark.authz import javax.annotation.Nonnull -import org.apache.kyuubi.plugin.spark.authz.OperationType._ import org.apache.kyuubi.plugin.spark.authz.PrivilegeObjectActionType.PrivilegeObjectActionType import org.apache.kyuubi.plugin.spark.authz.PrivilegeObjectType._ import org.apache.kyuubi.plugin.spark.authz.serde.{Database, Function, Table} @@ -65,28 +64,15 @@ object PrivilegeObject { def apply( table: Table, columns: Seq[String] = Nil, - actionType: PrivilegeObjectActionType = PrivilegeObjectActionType.OTHER, - operationType: OperationType = QUERY): PrivilegeObject = { - operationType match { - case ALTERINDEX_REBUILD | CREATEINDEX | DROPINDEX | SHOWINDEXES => - new PrivilegeObject( - INDEX, - actionType, - table.database.orNull, - table.table, - columns, - table.owner, - table.catalog) - case _ => - new PrivilegeObject( - TABLE_OR_VIEW, - actionType, - table.database.orNull, - table.table, - columns, - table.owner, - table.catalog) - } + actionType: PrivilegeObjectActionType = PrivilegeObjectActionType.OTHER): PrivilegeObject = { + new PrivilegeObject( + TABLE_OR_VIEW, + actionType, + table.database.orNull, + table.table, + columns, + table.owner, + table.catalog) } def apply(function: Function): PrivilegeObject = { diff --git a/extensions/spark/kyuubi-spark-authz/src/main/scala/org/apache/kyuubi/plugin/spark/authz/PrivilegeObjectType.scala b/extensions/spark/kyuubi-spark-authz/src/main/scala/org/apache/kyuubi/plugin/spark/authz/PrivilegeObjectType.scala index a74c8042979..f514fcb828c 100644 --- a/extensions/spark/kyuubi-spark-authz/src/main/scala/org/apache/kyuubi/plugin/spark/authz/PrivilegeObjectType.scala +++ b/extensions/spark/kyuubi-spark-authz/src/main/scala/org/apache/kyuubi/plugin/spark/authz/PrivilegeObjectType.scala @@ -20,5 +20,5 @@ package org.apache.kyuubi.plugin.spark.authz object PrivilegeObjectType extends Enumeration { type PrivilegeObjectType = Value - val DATABASE, TABLE_OR_VIEW, FUNCTION, INDEX = Value + val DATABASE, TABLE_OR_VIEW, FUNCTION = Value } diff --git a/extensions/spark/kyuubi-spark-authz/src/main/scala/org/apache/kyuubi/plugin/spark/authz/PrivilegesBuilder.scala b/extensions/spark/kyuubi-spark-authz/src/main/scala/org/apache/kyuubi/plugin/spark/authz/PrivilegesBuilder.scala index db184e6becb..a0ed5fb6a14 100644 --- a/extensions/spark/kyuubi-spark-authz/src/main/scala/org/apache/kyuubi/plugin/spark/authz/PrivilegesBuilder.scala +++ b/extensions/spark/kyuubi-spark-authz/src/main/scala/org/apache/kyuubi/plugin/spark/authz/PrivilegesBuilder.scala @@ -136,7 +136,7 @@ object PrivilegesBuilder { outputObjs: ArrayBuffer[PrivilegeObject], spark: SparkSession): OperationType = { - def getTablePriv(tableDesc: TableDesc, opType: OperationType): Seq[PrivilegeObject] = { + def getTablePriv(tableDesc: TableDesc): Seq[PrivilegeObject] = { try { val maybeTable = tableDesc.extract(plan, spark) maybeTable match { @@ -151,7 +151,7 @@ object PrivilegesBuilder { } else { val actionType = tableDesc.actionTypeDesc.map(_.extract(plan)).getOrElse(OTHER) val columnNames = tableDesc.columnDesc.map(_.extract(plan)).getOrElse(Nil) - Seq(PrivilegeObject(newTable, columnNames, actionType, opType)) + Seq(PrivilegeObject(newTable, columnNames, actionType)) } case None => Nil } @@ -184,9 +184,9 @@ object PrivilegesBuilder { val spec = TABLE_COMMAND_SPECS(classname) spec.tableDescs.foreach { td => if (td.isInput) { - inputObjs ++= getTablePriv(td, spec.operationType) + inputObjs ++= getTablePriv(td) } else { - outputObjs ++= getTablePriv(td, spec.operationType) + outputObjs ++= getTablePriv(td) } } spec.queries(plan).foreach(buildQuery(_, inputObjs, spark = spark))