FileBasedPrivilegeManager (Paimon : 1.1-SNAPSHOT API)

java.lang.Object
- org.apache.paimon.privilege.FileBasedPrivilegeManager

All Implemented Interfaces:

PrivilegeManager
```
public class FileBasedPrivilegeManager
extends Object
implements PrivilegeManager
```
A PrivilegeManager based on user and privilege system tables. The directories of these system tables are created at the root of warehouse (table-root/user.sys and table-root/privilege.sys).
User table is the table which stores all user information. The schema of user table is:
- user (string): user name (primary key)
- sha256 (bytes): sha256 of password
Privilege table is the table storing what privileges each user have. Its schema is:
- name (string): user or role name (primary key)
- entity_type (string): user or role (primary key)
- identifier (string): identifier of object (primary key)
- privilege (string): name of privilege (primary key), see PrivilegeType

Field Summary
- Fields inherited from interface org.apache.paimon.privilege.PrivilegeManager
  IDENTIFIER_WHOLE_CATALOG, PASSWORD_ANONYMOUS, USER_ANONYMOUS, USER_ROOT

Constructor Summary

Constructors
Constructor and Description
`FileBasedPrivilegeManager(String warehouse, FileIO fileIO, String user, String password)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`createUser(String user, String password)` Create `user` with `password`.
`void`	`dropUser(String user)` Remove `user` from the privilege system.
`PrivilegeChecker`	`getPrivilegeChecker()` Get `PrivilegeChecker` of this privilege system to check if a user has specific privileges on an object.
`void`	`grant(String user, String identifier, PrivilegeType privilege)` Grant `user` with `privilege` on `identifier`.
`void`	`initializePrivilege(String rootPassword)` Initialize the privilege system if not enabled.
`void`	`objectDropped(String identifier)` Notify the privilege system that the object with `identifier` is dropped.
`void`	`objectRenamed(String oldName, String newName)` Notify the privilege system that the identifier of an object is changed from `oldName` to `newName`.
`boolean`	`privilegeEnabled()` Check if the privilege system is enabled.
`int`	`revoke(String user, String identifier, PrivilegeType privilege)` Revoke `privilege` from `user` on `identifier`.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - FileBasedPrivilegeManager
```
public FileBasedPrivilegeManager(String warehouse,
                                 FileIO fileIO,
                                 String user,
                                 String password)
```
- Method Detail
  - privilegeEnabled
```
public boolean privilegeEnabled()
```
    Description copied from interface: PrivilegeManager
    
    Check if the privilege system is enabled.
    
    Specified by:
    
    privilegeEnabled in interface PrivilegeManager
  - initializePrivilege
```
public void initializePrivilege(String rootPassword)
```
    Description copied from interface: PrivilegeManager
    
    Initialize the privilege system if not enabled. Also creates two special users: root and anonymous.
    
    Specified by:
    
    initializePrivilege in interface PrivilegeManager
  - createUser
```
public void createUser(String user,
                       String password)
```
    Description copied from interface: PrivilegeManager
    
    Create user with password.
    
    Specified by:
    
    createUser in interface PrivilegeManager
  - dropUser
```
public void dropUser(String user)
```
    Description copied from interface: PrivilegeManager
    
    Remove user from the privilege system.
    
    Specified by:
    
    dropUser in interface PrivilegeManager
  - grant
```
public void grant(String user,
                  String identifier,
                  PrivilegeType privilege)
```
    Description copied from interface: PrivilegeManager
    
    Grant user with privilege on identifier.
    
    Specified by:
    
    grant in interface PrivilegeManager
  - revoke
```
public int revoke(String user,
                  String identifier,
                  PrivilegeType privilege)
```
    Description copied from interface: PrivilegeManager
    
    Revoke privilege from user on identifier. Note that user will also lose privilege on all descendants of identifier.
    
    Specified by:
    
    revoke in interface PrivilegeManager
  - objectRenamed
```
public void objectRenamed(String oldName,
                          String newName)
```
    Description copied from interface: PrivilegeManager
    
    Notify the privilege system that the identifier of an object is changed from oldName to newName.
    
    Specified by:
    
    objectRenamed in interface PrivilegeManager
  - objectDropped
```
public void objectDropped(String identifier)
```
    Description copied from interface: PrivilegeManager
    
    Notify the privilege system that the object with identifier is dropped.
    
    Specified by:
    
    objectDropped in interface PrivilegeManager
  - getPrivilegeChecker
```
public PrivilegeChecker getPrivilegeChecker()
```
    Description copied from interface: PrivilegeManager
    
    Get PrivilegeChecker of this privilege system to check if a user has specific privileges on an object.
    
    Specified by:
    
    getPrivilegeChecker in interface PrivilegeManager

Back to Paimon Website

Class FileBasedPrivilegeManager

Field Summary

Fields inherited from interface org.apache.paimon.privilege.PrivilegeManager

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

FileBasedPrivilegeManager

Method Detail

privilegeEnabled

initializePrivilege

createUser

dropUser

grant

revoke

objectRenamed

objectDropped

getPrivilegeChecker

Back to Paimon Website