Add Unimplemented methods and add distro dependency to trino-module

checkCanUpdateTableColumns checkCanAlterColumn
aakashnand · Jan 21, 2024 · a19fe10 · okayhooni · Apr 5, 2024 · a19fe10
1 parent 1727d95
commit a19fe10
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 0 deletions.
diff --git a/...main/java/org/apache/ranger/authorization/trino/authorizer/RangerSystemAccessControl.java b/...main/java/org/apache/ranger/authorization/trino/authorizer/RangerSystemAccessControl.java
@@ -606,6 +606,14 @@ public void checkCanRenameColumn(SystemSecurityContext context, CatalogSchemaTab
     }
   }
 
+  @Override
+  public void checkCanAlterColumn(SystemSecurityContext context, CatalogSchemaTableName table) {
+    RangerTrinoResource res = createResource(table);
+    if (!hasPermission(res, context, TrinoAccessType.ALTER)) {
+      LOG.debug("RangerSystemAccessControl.checkCanAlterColumn(" + table.getSchemaTableName().getTableName() + ") denied");
+      AccessDeniedException.denyAlterColumn(table.getSchemaTableName().getTableName());
+    }
+  }
   /**
    * This is evaluated on table level
    */
@@ -668,6 +676,11 @@ public void checkCanKillQueryOwnedBy(Identity identity, Identity queryOwner) {
     }
   }
 
+  @Override
+  public void checkCanUpdateTableColumns(SystemSecurityContext securityContext, CatalogSchemaTableName table, Set<String> updatedColumnNames) {
+    SystemAccessControl.super.checkCanUpdateTableColumns(securityContext, table, updatedColumnNames);
+  }
+
   /** FUNCTIONS **/
   @Override
   public boolean canExecuteFunction(SystemSecurityContext systemSecurityContext, CatalogSchemaRoutineName functionName) {

diff --git a/pom.xml b/pom.xml
@@ -647,6 +647,7 @@
                 <module>ranger-util</module>
                 <module>plugin-trino</module>
                 <module>ranger-trino-plugin-shim</module>
+                <module>distro</module>
             </modules>
         </profile>
         <profile>