(gravitino) branch branch-0.6 updated: [#4960] fix(server): hive metastore authentication failed when checking whether securable object exists in createRole() method (#4978)

Sat, 21 Sep 2024 00:33:36 -0700 

This is an automated email from the ASF dual-hosted git repository.

yuqi4733 pushed a commit to branch branch-0.6
in repository https://gitbox.apache.org/repos/asf/gravitino.git


The following commit(s) were added to refs/heads/branch-0.6 by this push:
     new 720a67ac9 [#4960] fix(server): hive metastore authentication failed 
when checking whether securable object exists in createRole() method (#4978)
720a67ac9 is described below

commit 720a67ac9468662585a9ca6cf05b71971ab3addf
Author: Jerry Shao <[email protected]>
AuthorDate: Sat Sep 21 15:33:27 2024 +0800

    [#4960] fix(server): hive metastore authentication failed when checking 
whether securable object exists in createRole() method (#4978)
    
    ### What changes were proposed in this pull request?
    
    put the check code into the code block Utils.doAs.
    
    ### Why are the changes needed?
    
    Fix: #4960
    
    ### Does this PR introduce _any_ user-facing change?
    
    Passing identity authentication information when checking hive resource
    
    ### How was this patch tested?
    
    yes,finish functional test By hand, based on the hive meatasotre with
    kerberos authentication enabled.
    
    Co-authored-by: yangyuxia <[email protected]>
    Co-authored-by: yangyx <[email protected]>
---
 .../java/org/apache/gravitino/server/web/rest/RoleOperations.java | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git 
a/server/src/main/java/org/apache/gravitino/server/web/rest/RoleOperations.java 
b/server/src/main/java/org/apache/gravitino/server/web/rest/RoleOperations.java
index f2ed13f7d..1fa8a443f 100644
--- 
a/server/src/main/java/org/apache/gravitino/server/web/rest/RoleOperations.java
+++ 
b/server/src/main/java/org/apache/gravitino/server/web/rest/RoleOperations.java
@@ -96,14 +96,12 @@ public class RoleOperations {
   @ResponseMetered(name = "create-role", absolute = true)
   public Response createRole(@PathParam("metalake") String metalake, 
RoleCreateRequest request) {
     try {
-
-      for (SecurableObjectDTO object : request.getSecurableObjects()) {
-        checkSecurableObject(metalake, object);
-      }
-
       return Utils.doAs(
           httpRequest,
           () -> {
+            for (SecurableObjectDTO object : request.getSecurableObjects()) {
+              checkSecurableObject(metalake, object);
+            }
             List<SecurableObject> securableObjects =
                 Arrays.stream(request.getSecurableObjects())
                     .map(

Reply via email to