Grant privileges to a role

PUT 
/metalakes/:metalake/permissions/roles/:role/:metadataObjectType/:metadataObjectFullName/grant

Grant privileges to a role

Request

Path Parameters

metalake stringrequired

The name of the metalake

role stringrequired

The name of the role

metadataObjectType stringrequired

Possible values: [METALAKE, CATALOG, SCHEMA, TABLE, COLUMN, FILESET, TOPIC, MODEL, ROLE]

The type of the metadata object

metadataObjectFullName stringrequired

The full name of the metadata object

application/json

Body

privileges

object[]

required

The privileges need to grant

Array [

name stringrequired

Possible values: [CREATE_CATALOG, USE_CATALOG, CREATE_SCHEMA, USE_SCHEMA, CREATE_TABLE, MODIFY_TABLE, SELECT_TABLE, CREATE_FILESET, WRITE_FILESET, READ_FILESET, CREATE_TOPIC, PRODUCE_TOPIC, CONSUME_TOPIC, MANAGE_USERS, MANAGE_GROUPS, CREATE_ROLE, MANAGE_GRANTS]

The name of the privilege

condition stringrequired

Possible values: [ALLOW, DENY]

The condition of the privilege, ALLOW or DENY

]

Responses

200

Returns the granted role object

application/vnd.gravitino.v1+json

Schema

Schema

code int32

Possible values: [0]

Status code of the response

role

object

name stringrequired

The name of the role

properties

object

nullable

A map of properties for the role

property name* string

securableObjects

object[]

A list of securable objects

Array [

fullName stringrequired

The full name of the securable object

type stringrequired

Possible values: [CATALOG, SCHEMA, TABLE, FILESET, TOPIC, METALAKE]

The type of the securable object

privileges

object[]

A list of privileges

Array [

name stringrequired

Possible values: [CREATE_CATALOG, USE_CATALOG, CREATE_SCHEMA, USE_SCHEMA, CREATE_TABLE, MODIFY_TABLE, SELECT_TABLE, CREATE_FILESET, WRITE_FILESET, READ_FILESET, CREATE_TOPIC, PRODUCE_TOPIC, CONSUME_TOPIC, MANAGE_USERS, MANAGE_GROUPS, CREATE_ROLE, MANAGE_GRANTS]

The name of the privilege

condition stringrequired

Possible values: [ALLOW, DENY]

The condition of the privilege, ALLOW or DENY

]

]

Example (from schema)

{
  "code": 0,
  "role": {
    "name": "string",
    "properties": {},
    "securableObjects": [
      {
        "fullName": "string",
        "type": "CATALOG",
        "privileges": [
          {
            "name": "CREATE_CATALOG",
            "condition": "ALLOW"
          }
        ]
      }
    ]
  }
}

GroupResponse

{
  "code": 0,
  "role": {
    "name": "role1",
    "properties": {
      "k1": "v1"
    },
    "securableObjects": [
      {
        "fullName": "catalog1.schema1.table1",
        "type": "TABLE",
        "privileges": [
          {
            "name": "SELECT_TABLE",
            "condition": "ALLOW"
          }
        ]
      }
    ]
  }
}

400

Parameter is invalid - The specified privilege is invalid

application/vnd.gravitino.v1+json

Schema

Schema

code integerrequired

Possible values: >= 1000 and <= 1100

HTTP response code

type stringrequired

Internal type definition of the error

message stringrequired

A human-readable message

stack string[]

Example (from schema)

{
  "code": 1002,
  "type": "string",
  "message": "string",
  "stack": [
    "string"
  ]
}

404

Not Found - The specified medata object or role does not exist in the specified metalake

application/vnd.gravitino.v1+json

Schema

Schema

code integerrequired

Possible values: >= 1000 and <= 1100

HTTP response code

type stringrequired

Internal type definition of the error

message stringrequired

A human-readable message

stack string[]

Example (from schema)

{
  "code": 1002,
  "type": "string",
  "message": "string",
  "stack": [
    "string"
  ]
}

NoSuchMetalakeException

{
  "code": 1003,
  "type": "NoSuchMetalakeException",
  "message": "Failed to operate metalake(s) [test] operation [LOAD], reason [NoSuchMetalakeException]",
  "stack": [
    "org.apache.gravitino.exceptions.NoSuchMetalakeException: Metalake test does not exist",
    "..."
  ]
}

NoSuchMetadataObjectException

{
  "code": 1003,
  "type": "NoSuchMetadataObjectException",
  "message": "Metadata object does not exist",
  "stack": [
    "org.apache.gravitino.exceptions.NoSuchMetadataObjectException: Metadata object does not exist",
    "..."
  ]
}

NoSuchRoleException

{
  "code": 1003,
  "type": "NoSuchRoleException",
  "message": "Role does not exist",
  "stack": [
    "org.apache.gravitino.exceptions.NoSuchRoleException: Role does not exist",
    "..."
  ]
}

5xx

A server-side problem that might not be addressable from the client side. Used for server 5xx errors without more specific documentation in individual routes.

application/vnd.gravitino.v1+json

Schema

Schema

code integerrequired

Possible values: >= 1000 and <= 1100

HTTP response code

type stringrequired

Internal type definition of the error

message stringrequired

A human-readable message

stack string[]

Example (from schema)

{
  "code": 1002,
  "type": "string",
  "message": "string",
  "stack": [
    "string"
  ]
}

Example

{
  "code": 1002,
  "type": "RuntimeException",
  "message": "Internal Server Error",
  "stack": [
    "java.lang.RuntimeException: Internal Server Error"
  ]
}

Loading...