Fix information schema for catalogs with system security

trinodb · Mar 29, 2022 · 7f954b5 · 7f954b5
1 parent d0b4c44
commit 7f954b5
Showing 1 changed file with 8 additions and 5 deletions.
diff --git a/...-main/src/main/java/io/trino/connector/informationschema/InformationSchemaPageSource.java b/...-main/src/main/java/io/trino/connector/informationschema/InformationSchemaPageSource.java
@@ -344,14 +344,15 @@ private void addTablePrivilegesRecords(QualifiedTablePrefix prefix)
 
     private void addRolesRecords()
     {
+        Optional<String> catalogName = metadata.isCatalogManagedSecurity(session, this.catalogName) ? Optional.of(this.catalogName) : Optional.empty();
         try {
-            accessControl.checkCanShowRoles(session.toSecurityContext(), Optional.of(catalogName));
+            accessControl.checkCanShowRoles(session.toSecurityContext(), catalogName);
         }
         catch (AccessDeniedException exception) {
             return;
         }
 
-        for (String role : metadata.listRoles(session, Optional.of(catalogName))) {
+        for (String role : metadata.listRoles(session, catalogName)) {
             addRecord(role);
             if (isLimitExhausted()) {
                 return;
@@ -361,14 +362,15 @@ private void addRolesRecords()
 
     private void addRoleAuthorizationDescriptorRecords()
     {
+        Optional<String> catalogName = metadata.isCatalogManagedSecurity(session, this.catalogName) ? Optional.of(this.catalogName) : Optional.empty();
         try {
-            accessControl.checkCanShowRoleAuthorizationDescriptors(session.toSecurityContext(), Optional.of(catalogName));
+            accessControl.checkCanShowRoleAuthorizationDescriptors(session.toSecurityContext(), catalogName);
         }
         catch (AccessDeniedException exception) {
             return;
         }
 
-        for (RoleGrant grant : metadata.listAllRoleGrants(session, Optional.of(catalogName), roles, grantees, limit)) {
+        for (RoleGrant grant : metadata.listAllRoleGrants(session, catalogName, roles, grantees, limit)) {
             addRecord(
                     grant.getRoleName(),
                     null, // grantor
@@ -384,7 +386,8 @@ private void addRoleAuthorizationDescriptorRecords()
 
     private void addApplicableRolesRecords()
     {
-        for (RoleGrant grant : metadata.listApplicableRoles(session, new TrinoPrincipal(USER, session.getUser()), Optional.of(catalogName))) {
+        Optional<String> catalogName = metadata.isCatalogManagedSecurity(session, this.catalogName) ? Optional.of(this.catalogName) : Optional.empty();
+        for (RoleGrant grant : metadata.listApplicableRoles(session, new TrinoPrincipal(USER, session.getUser()), catalogName)) {
             addRecord(
                     grant.getGrantee().getName(),
                     grant.getGrantee().getType().toString(),