Grant privileges to a role
PUT/metalakes/:metalake/permissions/roles/:role/:metadataObjectType/:metadataObjectFullName/grant
Grant privileges to a role
Request
Path Parameters
The name of the metalake
The name of the role
Possible values: [CATALOG, SCHEMA, TABLE, FILESET, TOPIC, ROLE, METALAKE]
The type of the metadata object
The full name of the metadata object
- application/json
Body
Array [
]
privileges
object[]
required
The privileges need to grant
Possible values: [CREATE_CATALOG, USE_CATALOG, CREATE_SCHEMA, USE_SCHEMA, CREATE_TABLE, MODIFY_TABLE, SELECT_TABLE, CREATE_FILESET, WRITE_FILESET, READ_FILESET, CREATE_TOPIC, PRODUCE_TOPIC, CONSUME_TOPIC, MANAGE_USERS, MANAGE_GROUPS, CREATE_ROLE, MANAGE_GRANTS]
The name of the privilege
Possible values: [ALLOW, DENY]
The condition of the privilege, ALLOW or DENY
Responses
- 200
- 404
- 5xx
Returns the granted role object
- application/vnd.gravitino.v1+json
- Schema
- Example (from schema)
- GroupResponse
Schema
Array [
Array [
]
]
Possible values: [0]
Status code of the response
role
object
The name of the role
properties
object
nullable
A map of properties for the role
securableObjects
object[]
A list of securable objects
The full name of the securable object
Possible values: [CATALOG, SCHEMA, TABLE, FILESET, TOPIC, METALAKE]
The type of the securable object
privileges
object[]
A list of privileges
Possible values: [CREATE_CATALOG, USE_CATALOG, CREATE_SCHEMA, USE_SCHEMA, CREATE_TABLE, MODIFY_TABLE, SELECT_TABLE, CREATE_FILESET, WRITE_FILESET, READ_FILESET, CREATE_TOPIC, PRODUCE_TOPIC, CONSUME_TOPIC, MANAGE_USERS, MANAGE_GROUPS, CREATE_ROLE, MANAGE_GRANTS]
The name of the privilege
Possible values: [ALLOW, DENY]
The condition of the privilege, ALLOW or DENY
{
"code": 0,
"role": {
"name": "string",
"properties": {},
"securableObjects": [
{
"fullName": "string",
"type": "CATALOG",
"privileges": [
{
"name": "CREATE_CATALOG",
"condition": "ALLOW"
}
]
}
]
}
}
{
"code": 0,
"role": {
"name": "role1",
"properties": {
"k1": "v1"
},
"securableObjects": [
{
"fullName": "catalog1.schema1.table1",
"type": "TABLE",
"privileges": [
{
"name": "SELECT_TABLE",
"condition": "ALLOW"
}
]
}
]
}
}
Not Found - The specified medata object or role does not exist in the specified metalake
- application/vnd.gravitino.v1+json
- Schema
- Example (from schema)
- NoSuchMetalakeException
- NoSuchMetadataObjectException
- NoSuchRoleException
Schema
Possible values: >= 1000 and <= 1100
HTTP response code
Internal type definition of the error
A human-readable message
{
"code": 1002,
"type": "string",
"message": "string",
"stack": [
"string"
]
}
{
"code": 1003,
"type": "NoSuchMetalakeException",
"message": "Failed to operate metalake(s) [test] operation [LOAD], reason [NoSuchMetalakeException]",
"stack": [
"org.apache.gravitino.exceptions.NoSuchMetalakeException: Metalake test does not exist",
"..."
]
}
{
"code": 1003,
"type": "NoSuchMetadataObjectException",
"message": "Metadata object does not exist",
"stack": [
"org.apache.gravitino.exceptions.NoSuchUserException: Metadata object does not exist",
"..."
]
}
{
"code": 1003,
"type": "NoSuchRoleException",
"message": "Role does not exist",
"stack": [
"org.apache.gravitino.exceptions.NoSuchRoleException: Role does not exist",
"..."
]
}
A server-side problem that might not be addressable from the client side. Used for server 5xx errors without more specific documentation in individual routes.
- application/vnd.gravitino.v1+json
- Schema
- Example (from schema)
- Example
Schema
Possible values: >= 1000 and <= 1100
HTTP response code
Internal type definition of the error
A human-readable message
{
"code": 1002,
"type": "string",
"message": "string",
"stack": [
"string"
]
}
{
"code": 1002,
"type": "RuntimeException",
"message": "Internal Server Error",
"stack": [
"java.lang.RuntimeException: Internal Server Error"
]
}