commit b0128b274afa95ea26488d2dd209799510804149 Author: Thejas Nair Date: Wed Mar 5 01:48:59 2014 -0800 metastore api change diff --git a/metastore/if/hive_metastore.thrift b/metastore/if/hive_metastore.thrift index c400cdf..b3f01d6 100755 --- a/metastore/if/hive_metastore.thrift +++ b/metastore/if/hive_metastore.thrift @@ -138,6 +138,11 @@ struct Role { 1: string roleName, 2: i32 createTime, 3: string ownerName, + + // Following fields are populated by list_roles + // They are ignored during other commands such as role creation + // See RolePrincipalGrant which gives a 'normalized' representation + // of this information 4: optional string principalName, 5: optional string principalType, 6: optional bool grantOption, @@ -145,6 +150,25 @@ struct Role { 8: optional string grantor } +// Representation of a grant for a principal to a role +struct RolePrincipalGrant { + 1: string roleName, + 2: string principalName, + 3: PrincipalType principalType, + 4: bool grantOption, + 5: i32 grantTime, + 6: string grantorName, + 7: PrincipalType grantorPrincipalType +} + +struct GetPrincipalsInRoleRequest { + 1: string roleName; +} + +struct GetPrincipalsInRoleResponse { + 1: list principalGrants; +} + // namespace for tables struct Database { 1: string name, @@ -916,6 +940,11 @@ service ThriftHiveMetastore extends fb303.FacebookService throws(1:MetaException o1) list list_roles(1:string principal_name, 2:PrincipalType principal_type) throws(1:MetaException o1) + // get all role-grants for users/roles that have been granted the given role + // Note that in the returned list of RolePrincipalGrants, the roleName is + // redundant as it would match the role_name argument of this function + GetPrincipalsInRoleResponse get_principals_in_role(1: GetPrincipalsInRoleRequest request) throws(1:MetaException o1) + PrincipalPrivilegeSet get_privilege_set(1:HiveObjectRef hiveObject, 2:string user_name, 3: list group_names) throws(1:MetaException o1) list list_privileges(1:string principal_name, 2:PrincipalType principal_type,