Remove connector allow-all access control

core/trino-main/src/test/java/io/trino/connector/MockConnectorAccessControl.java

@@ -14,7 +14,6 @@
 package io.trino.connector;
 
 import com.google.common.collect.ImmutableList;
-import io.trino.plugin.base.security.AllowAllAccessControl;
 import io.trino.spi.connector.ConnectorSecurityContext;
 import io.trino.spi.connector.SchemaTableName;
 import io.trino.spi.security.ConnectorIdentity;
@@ -38,7 +37,7 @@
 import static java.util.Objects.requireNonNull;
 
 class MockConnectorAccessControl
-        extends AllowAllAccessControl
+        extends TestingAllowAllAccessControl
 {
     private static final String INFORMATION_SCHEMA = "information_schema";
 

lib/trino-plugin-toolkit/src/main/java/io/trino/plugin/base/security/AllowAllAccessControl.java → core/trino-main/src/test/java/io/trino/connector/TestingAllowAllAccessControl.java

@@ -11,7 +11,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package io.trino.plugin.base.security;
+package io.trino.connector;
 
 import com.google.common.collect.ImmutableList;
 import io.trino.spi.connector.ConnectorAccessControl;
@@ -29,7 +29,7 @@
 import java.util.Optional;
 import java.util.Set;
 
-public class AllowAllAccessControl
+public class TestingAllowAllAccessControl
         implements ConnectorAccessControl
 {
     @Override

core/trino-main/src/test/java/io/trino/security/TestAccessControlManager.java

@@ -20,7 +20,6 @@
 import io.trino.connector.MockConnectorFactory;
 import io.trino.eventlistener.EventListenerManager;
 import io.trino.metadata.QualifiedObjectName;
-import io.trino.plugin.base.security.AllowAllAccessControl;
 import io.trino.plugin.base.security.AllowAllSystemAccessControl;
 import io.trino.plugin.base.security.DefaultSystemAccessControl;
 import io.trino.plugin.base.security.ReadOnlySystemAccessControl;
@@ -318,7 +317,7 @@ public void testAllowExecuteProcedure()
             accessControlManager.loadSystemAccessControl("allow-all", ImmutableMap.of());
 
             queryRunner.createCatalog(TEST_CATALOG_NAME, MockConnectorFactory.create(), ImmutableMap.of());
-            accessControlManager.setConnectorAccessControlProvider(CatalogServiceProvider.singleton(TEST_CATALOG_HANDLE, Optional.of(new AllowAllAccessControl())));
+            accessControlManager.setConnectorAccessControlProvider(CatalogServiceProvider.singleton(TEST_CATALOG_HANDLE, Optional.empty()));
 
             transaction(transactionManager, accessControlManager)
                     .execute(transactionId -> {

docs/src/main/sphinx/connector/hive-security.rst

@@ -36,7 +36,8 @@ Property value                                     Description
                                                    :doc:`/sql/revoke` commands.
                                                    See :ref:`hive-sql-standard-based-authorization` for details.
 
-``allow-all``                                      No authorization checks are enforced.
+``system``                                         No authorization checks are enforced. Roles are controlled by
+                                                   system access control.
 ================================================== ============================================================
 
 .. _hive-sql-standard-based-authorization:

plugin/trino-hive-hadoop2/src/test/java/io/trino/plugin/hive/TestHivePlugin.java

@@ -335,7 +335,7 @@ public void testAllowAllAccessControl()
                 "test",
                 ImmutableMap.<String, String>builder()
                         .put("hive.metastore.uri", "thrift://foo:1234")
-                        .put("hive.security", "allow-all")
+                        .put("hive.security", "system")
                         .buildOrThrow(),
                 new TestingConnectorContext())
                 .shutdown();

plugin/trino-hive/src/main/java/io/trino/plugin/hive/security/HiveSecurityModule.java

@@ -30,7 +30,6 @@ public class HiveSecurityModule
     public static final String FILE = "file";
     public static final String READ_ONLY = "read-only";
     public static final String SQL_STANDARD = "sql-standard";
-    public static final String ALLOW_ALL = "allow-all";
     public static final String SYSTEM = "system";
 
     @Override
@@ -53,7 +52,6 @@ protected void setup(Binder binder)
                         new ReadOnlySecurityModule(),
                         new StaticAccessControlMetadataModule()));
         bindSecurityModule(SQL_STANDARD, new SqlStandardSecurityModule());
-        bindSecurityModule(ALLOW_ALL, new AllowAllSecurityModule());
         bindSecurityModule(SYSTEM, new SystemSecurityModule());
     }
 

plugin/trino-hive/src/test/java/io/trino/plugin/hive/HiveQueryRunner.java

@@ -52,7 +52,6 @@
 import static io.airlift.log.Level.WARN;
 import static io.airlift.units.Duration.nanosSince;
 import static io.trino.plugin.hive.HiveTestUtils.HDFS_ENVIRONMENT;
-import static io.trino.plugin.hive.security.HiveSecurityModule.ALLOW_ALL;
 import static io.trino.plugin.hive.security.HiveSecurityModule.SQL_STANDARD;
 import static io.trino.plugin.tpch.ColumnNaming.SIMPLIFIED;
 import static io.trino.plugin.tpch.DecimalTypeMapping.DOUBLE;
@@ -398,7 +397,6 @@ public static void main(String[] args)
                 .setInitialTables(TpchTable.getTables())
                 .setBaseDataDir(baseDataDir)
                 .setTpcdsCatalogEnabled(true)
-                .setSecurity(ALLOW_ALL)
                 // Uncomment to enable standard column naming (column names to be prefixed with the first letter of the table name, e.g.: o_orderkey vs orderkey)
                 // and standard column types (decimals vs double for some columns). This will allow running unmodified tpch queries on the cluster.
                 //.setTpchColumnNaming(ColumnNaming.STANDARD)

plugin/trino-hive/src/test/java/io/trino/plugin/hive/s3/S3HiveQueryRunner.java

@@ -27,7 +27,6 @@
 
 import static com.google.common.base.Preconditions.checkArgument;
 import static io.trino.plugin.hive.TestingThriftHiveMetastoreBuilder.testingThriftHiveMetastoreBuilder;
-import static io.trino.plugin.hive.security.HiveSecurityModule.ALLOW_ALL;
 import static java.util.Objects.requireNonNull;
 
 public final class S3HiveQueryRunner
@@ -152,7 +151,6 @@ public static void main(String[] args)
                 .setExtraProperties(ImmutableMap.of("http-server.http.port", "8080"))
                 .setSkipTimezoneSetup(true)
                 .setInitialTables(TpchTable.getTables())
-                .setSecurity(ALLOW_ALL)
                 .build();
         Logger log = Logger.get(S3HiveQueryRunner.class);
         log.info("======== SERVER STARTED ========");

plugin/trino-iceberg/src/main/java/io/trino/plugin/iceberg/IcebergSecurityConfig.java

@@ -21,13 +21,12 @@ public class IcebergSecurityConfig
 {
     public enum IcebergSecurity
     {
-        ALLOW_ALL,
         READ_ONLY,
         SYSTEM,
         FILE,
     }
 
-    private IcebergSecurity securitySystem = IcebergSecurity.ALLOW_ALL;
+    private IcebergSecurity securitySystem = IcebergSecurity.SYSTEM;
 
     @NotNull
     public IcebergSecurity getSecuritySystem()

plugin/trino-iceberg/src/main/java/io/trino/plugin/iceberg/IcebergSecurityModule.java

@@ -22,7 +22,6 @@
 import io.trino.plugin.iceberg.IcebergSecurityConfig.IcebergSecurity;
 
 import static io.airlift.configuration.ConditionalModule.conditionalModule;
-import static io.trino.plugin.iceberg.IcebergSecurityConfig.IcebergSecurity.ALLOW_ALL;
 import static io.trino.plugin.iceberg.IcebergSecurityConfig.IcebergSecurity.FILE;
 import static io.trino.plugin.iceberg.IcebergSecurityConfig.IcebergSecurity.READ_ONLY;
 
@@ -33,7 +32,6 @@ public class IcebergSecurityModule
     protected void setup(Binder binder)
     {
         install(new ConnectorAccessControlModule());
-        bindSecurityModule(ALLOW_ALL, new AllowAllSecurityModule());
         bindSecurityModule(READ_ONLY, new ReadOnlySecurityModule());
         bindSecurityModule(FILE, new FileBasedAccessControlModule());
         // SYSTEM: do not bind an ConnectorAccessControl so the engine will use system security with system roles

plugin/trino-iceberg/src/test/java/io/trino/plugin/iceberg/TestIcebergPlugin.java

@@ -124,22 +124,6 @@ public void testRecordingMetastore()
                 .hasMessageContaining("Configuration property 'hive.metastore-recording-path' was not used");
     }
 
-    @Test
-    public void testAllowAllAccessControl()
-    {
-        ConnectorFactory connectorFactory = getConnectorFactory();
-
-        connectorFactory.create(
-                "test",
-                ImmutableMap.<String, String>builder()
-                        .put("iceberg.catalog.type", "HIVE_METASTORE")
-                        .put("hive.metastore.uri", "thrift://foo:1234")
-                        .put("iceberg.security", "allow-all")
-                        .buildOrThrow(),
-                new TestingConnectorContext())
-                .shutdown();
-    }
-
     @Test
     public void testReadOnlyAllAccessControl()
     {

plugin/trino-iceberg/src/test/java/io/trino/plugin/iceberg/TestIcebergSecurityConfig.java

@@ -21,16 +21,16 @@
 import static io.airlift.configuration.testing.ConfigAssertions.assertFullMapping;
 import static io.airlift.configuration.testing.ConfigAssertions.assertRecordedDefaults;
 import static io.airlift.configuration.testing.ConfigAssertions.recordDefaults;
-import static io.trino.plugin.iceberg.IcebergSecurityConfig.IcebergSecurity.ALLOW_ALL;
 import static io.trino.plugin.iceberg.IcebergSecurityConfig.IcebergSecurity.READ_ONLY;
+import static io.trino.plugin.iceberg.IcebergSecurityConfig.IcebergSecurity.SYSTEM;
 
 public class TestIcebergSecurityConfig
 {
     @Test
     public void testDefaults()
     {
         assertRecordedDefaults(recordDefaults(IcebergSecurityConfig.class)
-                .setSecuritySystem(ALLOW_ALL));
+                .setSecuritySystem(SYSTEM));
     }
 
     @Test