results...

thejas Fri, 14 Mar 2014 12:50:29 -0700

Author: thejas
Date: Fri Mar 14 19:49:18 2014
New Revision: 1577678

URL: http://svn.apache.org/r1577678
Log:
HIVE-6629 : Change SET ROLE NONE to SET ROLE ALL (Brock Noland via Thejas Nair)


Added:
    
hive/trunk/ql/src/test/queries/clientnegative/authorization_cannot_create_all_role.q
    
hive/trunk/ql/src/test/queries/clientnegative/authorization_cannot_create_default_role.q
    
hive/trunk/ql/src/test/queries/clientnegative/authorization_cannot_create_none_role.q
    
hive/trunk/ql/src/test/results/clientnegative/authorization_cannot_create_all_role.q.out
    
hive/trunk/ql/src/test/results/clientnegative/authorization_cannot_create_default_role.q.out
    
hive/trunk/ql/src/test/results/clientnegative/authorization_cannot_create_none_role.q.out
Modified:
    hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/parse/HiveLexer.g
    hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g
    hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/parse/IdentifiersParser.g
    
hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java
    
hive/trunk/ql/src/test/queries/clientnegative/authorization_disallow_transform.q
    
hive/trunk/ql/src/test/queries/clientnegative/authorization_drop_role_no_admin.q
    
hive/trunk/ql/src/test/queries/clientpositive/authorization_set_show_current_role.q
    
hive/trunk/ql/src/test/results/clientnegative/authorization_disallow_transform.q.out
    
hive/trunk/ql/src/test/results/clientnegative/authorization_drop_role_no_admin.q.out
    
hive/trunk/ql/src/test/results/clientpositive/authorization_set_show_current_role.q.out

Modified: hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/parse/HiveLexer.g
URL: 
http://svn.apache.org/viewvc/hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/parse/HiveLexer.g?rev=1577678&r1=1577677&r2=1577678&view=diff
==============================================================================
--- hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/parse/HiveLexer.g 
(original)
+++ hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/parse/HiveLexer.g Fri Mar 
14 19:49:18 2014
@@ -41,6 +41,8 @@ import org.apache.hadoop.hive.conf.HiveC
 KW_TRUE : 'TRUE';
 KW_FALSE : 'FALSE';
 KW_ALL : 'ALL';
+KW_NONE: 'NONE';
+KW_DEFAULT : 'DEFAULT';
 KW_AND : 'AND';
 KW_OR : 'OR';
 KW_NOT : 'NOT' | '!';

Modified: hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g
URL: 
http://svn.apache.org/viewvc/hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g?rev=1577678&r1=1577677&r2=1577678&view=diff
==============================================================================
--- hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g 
(original)
+++ hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g Fri Mar 
14 19:49:18 2014
@@ -352,6 +352,8 @@ import java.util.HashMap;
     xlateMap.put("KW_TRUE", "TRUE");
     xlateMap.put("KW_FALSE", "FALSE");
     xlateMap.put("KW_ALL", "ALL");
+    xlateMap.put("KW_NONE", "NONE");
+    xlateMap.put("KW_DEFAULT", "DEFAULT");
     xlateMap.put("KW_AND", "AND");
     xlateMap.put("KW_OR", "OR");
     xlateMap.put("KW_NOT", "NOT");

Modified: 
hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/parse/IdentifiersParser.g
URL: 
http://svn.apache.org/viewvc/hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/parse/IdentifiersParser.g?rev=1577678&r1=1577677&r2=1577678&view=diff
==============================================================================
--- hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/parse/IdentifiersParser.g 
(original)
+++ hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/parse/IdentifiersParser.g 
Fri Mar 14 19:49:18 2014
@@ -538,5 +538,5 @@ functionIdentifier
 
 nonReserved
     :
-    KW_TRUE | KW_FALSE | KW_LIKE | KW_EXISTS | KW_ASC | KW_DESC | KW_ORDER | 
KW_GROUP | KW_BY | KW_AS | KW_INSERT | KW_OVERWRITE | KW_OUTER | KW_LEFT | 
KW_RIGHT | KW_FULL | KW_PARTITION | KW_PARTITIONS | KW_TABLE | KW_TABLES | 
KW_COLUMNS | KW_INDEX | KW_INDEXES | KW_REBUILD | KW_FUNCTIONS | KW_SHOW | 
KW_MSCK | KW_REPAIR | KW_DIRECTORY | KW_LOCAL | KW_USING | KW_CLUSTER | 
KW_DISTRIBUTE | KW_SORT | KW_UNION | KW_LOAD | KW_EXPORT | KW_IMPORT | KW_DATA 
| KW_INPATH | KW_IS | KW_NULL | KW_CREATE | KW_EXTERNAL | KW_ALTER | KW_CHANGE 
| KW_FIRST | KW_AFTER | KW_DESCRIBE | KW_DROP | KW_RENAME | KW_IGNORE | 
KW_PROTECTION | KW_TO | KW_COMMENT | KW_BOOLEAN | KW_TINYINT | KW_SMALLINT | 
KW_INT | KW_BIGINT | KW_FLOAT | KW_DOUBLE | KW_DATE | KW_DATETIME | 
KW_TIMESTAMP | KW_DECIMAL | KW_STRING | KW_ARRAY | KW_STRUCT | KW_UNIONTYPE | 
KW_PARTITIONED | KW_CLUSTERED | KW_SORTED | KW_INTO | KW_BUCKETS | KW_ROW | 
KW_ROWS | KW_FORMAT | KW_DELIMITED | KW_FIELDS | KW_TERMINATED | KW_ESCAPED | 
KW_COLLECTION | 
 KW_ITEMS | KW_KEYS | KW_KEY_TYPE | KW_LINES | KW_STORED | KW_FILEFORMAT | 
KW_SEQUENCEFILE | KW_TEXTFILE | KW_RCFILE | KW_ORCFILE | KW_PARQUETFILE | 
KW_INPUTFORMAT | KW_OUTPUTFORMAT | KW_INPUTDRIVER | KW_OUTPUTDRIVER | 
KW_OFFLINE | KW_ENABLE | KW_DISABLE | KW_READONLY | KW_NO_DROP | KW_LOCATION | 
KW_BUCKET | KW_OUT | KW_OF | KW_PERCENT | KW_ADD | KW_REPLACE | KW_RLIKE | 
KW_REGEXP | KW_TEMPORARY | KW_EXPLAIN | KW_FORMATTED | KW_PRETTY | 
KW_DEPENDENCY | KW_LOGICAL | KW_SERDE | KW_WITH | KW_DEFERRED | 
KW_SERDEPROPERTIES | KW_DBPROPERTIES | KW_LIMIT | KW_SET | KW_UNSET | 
KW_TBLPROPERTIES | KW_IDXPROPERTIES | KW_VALUE_TYPE | KW_ELEM_TYPE | KW_MAPJOIN 
| KW_STREAMTABLE | KW_HOLD_DDLTIME | KW_CLUSTERSTATUS | KW_UTC | 
KW_UTCTIMESTAMP | KW_LONG | KW_DELETE | KW_PLUS | KW_MINUS | KW_FETCH | 
KW_INTERSECT | KW_VIEW | KW_IN | KW_DATABASES | KW_MATERIALIZED | KW_SCHEMA | 
KW_SCHEMAS | KW_GRANT | KW_REVOKE | KW_SSL | KW_UNDO | KW_LOCK | KW_LOCKS | 
KW_UNLOCK | KW_SHARED | KW_EXCLUSIVE | KW_PROCEDURE |
  KW_UNSIGNED | KW_WHILE | KW_READ | KW_READS | KW_PURGE | KW_RANGE | 
KW_ANALYZE | KW_BEFORE | KW_BETWEEN | KW_BOTH | KW_BINARY | KW_CONTINUE | 
KW_CURSOR | KW_TRIGGER | KW_RECORDREADER | KW_RECORDWRITER | KW_SEMI | 
KW_LATERAL | KW_TOUCH | KW_ARCHIVE | KW_UNARCHIVE | KW_COMPUTE | KW_STATISTICS 
| KW_USE | KW_OPTION | KW_CONCATENATE | KW_SHOW_DATABASE | KW_UPDATE | 
KW_RESTRICT | KW_CASCADE | KW_SKEWED | KW_ROLLUP | KW_CUBE | KW_DIRECTORIES | 
KW_FOR | KW_GROUPING | KW_SETS | KW_TRUNCATE | KW_NOSCAN | KW_USER | KW_ROLE | 
KW_ROLES | KW_INNER | KW_DEFINED | KW_ADMIN | KW_JAR | KW_FILE | KW_OWNER | 
KW_PRINCIPALS
+    KW_TRUE | KW_FALSE | KW_LIKE | KW_EXISTS | KW_ASC | KW_DESC | KW_ORDER | 
KW_GROUP | KW_BY | KW_AS | KW_INSERT | KW_OVERWRITE | KW_OUTER | KW_LEFT | 
KW_RIGHT | KW_FULL | KW_PARTITION | KW_PARTITIONS | KW_TABLE | KW_TABLES | 
KW_COLUMNS | KW_INDEX | KW_INDEXES | KW_REBUILD | KW_FUNCTIONS | KW_SHOW | 
KW_MSCK | KW_REPAIR | KW_DIRECTORY | KW_LOCAL | KW_USING | KW_CLUSTER | 
KW_DISTRIBUTE | KW_SORT | KW_UNION | KW_LOAD | KW_EXPORT | KW_IMPORT | KW_DATA 
| KW_INPATH | KW_IS | KW_NULL | KW_CREATE | KW_EXTERNAL | KW_ALTER | KW_CHANGE 
| KW_FIRST | KW_AFTER | KW_DESCRIBE | KW_DROP | KW_RENAME | KW_IGNORE | 
KW_PROTECTION | KW_TO | KW_COMMENT | KW_BOOLEAN | KW_TINYINT | KW_SMALLINT | 
KW_INT | KW_BIGINT | KW_FLOAT | KW_DOUBLE | KW_DATE | KW_DATETIME | 
KW_TIMESTAMP | KW_DECIMAL | KW_STRING | KW_ARRAY | KW_STRUCT | KW_UNIONTYPE | 
KW_PARTITIONED | KW_CLUSTERED | KW_SORTED | KW_INTO | KW_BUCKETS | KW_ROW | 
KW_ROWS | KW_FORMAT | KW_DELIMITED | KW_FIELDS | KW_TERMINATED | KW_ESCAPED | 
KW_COLLECTION | 
 KW_ITEMS | KW_KEYS | KW_KEY_TYPE | KW_LINES | KW_STORED | KW_FILEFORMAT | 
KW_SEQUENCEFILE | KW_TEXTFILE | KW_RCFILE | KW_ORCFILE | KW_PARQUETFILE | 
KW_INPUTFORMAT | KW_OUTPUTFORMAT | KW_INPUTDRIVER | KW_OUTPUTDRIVER | 
KW_OFFLINE | KW_ENABLE | KW_DISABLE | KW_READONLY | KW_NO_DROP | KW_LOCATION | 
KW_BUCKET | KW_OUT | KW_OF | KW_PERCENT | KW_ADD | KW_REPLACE | KW_RLIKE | 
KW_REGEXP | KW_TEMPORARY | KW_EXPLAIN | KW_FORMATTED | KW_PRETTY | 
KW_DEPENDENCY | KW_LOGICAL | KW_SERDE | KW_WITH | KW_DEFERRED | 
KW_SERDEPROPERTIES | KW_DBPROPERTIES | KW_LIMIT | KW_SET | KW_UNSET | 
KW_TBLPROPERTIES | KW_IDXPROPERTIES | KW_VALUE_TYPE | KW_ELEM_TYPE | KW_MAPJOIN 
| KW_STREAMTABLE | KW_HOLD_DDLTIME | KW_CLUSTERSTATUS | KW_UTC | 
KW_UTCTIMESTAMP | KW_LONG | KW_DELETE | KW_PLUS | KW_MINUS | KW_FETCH | 
KW_INTERSECT | KW_VIEW | KW_IN | KW_DATABASES | KW_MATERIALIZED | KW_SCHEMA | 
KW_SCHEMAS | KW_GRANT | KW_REVOKE | KW_SSL | KW_UNDO | KW_LOCK | KW_LOCKS | 
KW_UNLOCK | KW_SHARED | KW_EXCLUSIVE | KW_PROCEDURE |
  KW_UNSIGNED | KW_WHILE | KW_READ | KW_READS | KW_PURGE | KW_RANGE | 
KW_ANALYZE | KW_BEFORE | KW_BETWEEN | KW_BOTH | KW_BINARY | KW_CONTINUE | 
KW_CURSOR | KW_TRIGGER | KW_RECORDREADER | KW_RECORDWRITER | KW_SEMI | 
KW_LATERAL | KW_TOUCH | KW_ARCHIVE | KW_UNARCHIVE | KW_COMPUTE | KW_STATISTICS 
| KW_USE | KW_OPTION | KW_CONCATENATE | KW_SHOW_DATABASE | KW_UPDATE | 
KW_RESTRICT | KW_CASCADE | KW_SKEWED | KW_ROLLUP | KW_CUBE | KW_DIRECTORIES | 
KW_FOR | KW_GROUPING | KW_SETS | KW_TRUNCATE | KW_NOSCAN | KW_USER | KW_ROLE | 
KW_ROLES | KW_INNER | KW_DEFINED | KW_ADMIN | KW_JAR | KW_FILE | KW_OWNER | 
KW_PRINCIPALS | KW_ALL | KW_DEFAULT | KW_NONE
     ;

Modified: 
hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java
URL: 
http://svn.apache.org/viewvc/hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java?rev=1577678&r1=1577677&r2=1577678&view=diff
==============================================================================
--- 
hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java
 (original)
+++ 
hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java
 Fri Mar 14 19:49:18 2014
@@ -17,6 +17,8 @@
  */
 package org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd;
 
+import com.google.common.collect.ImmutableSet;
+
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.HashSet;
@@ -61,6 +63,9 @@ import org.apache.thrift.TException;
 @Private
 public class SQLStdHiveAccessController implements HiveAccessController {
 
+  private static final String ALL = "ALL", DEFAULT = "DEFAULT", NONE = "NONE";
+  private static final ImmutableSet<String> RESERVED_ROLE_NAMES = 
ImmutableSet.of(ALL, DEFAULT, NONE);
+
   private final HiveMetastoreClientFactory metastoreClientFactory;
   private final HiveAuthenticationProvider authenticator;
   private String currentUserName;
@@ -175,7 +180,7 @@ public class SQLStdHiveAccessController 
   private List<HivePrivilege> expandAllPrivileges(List<HivePrivilege> 
hivePrivileges) {
     Set<HivePrivilege> hivePrivSet = new HashSet<HivePrivilege>();
     for (HivePrivilege hivePrivilege : hivePrivileges) {
-      if (hivePrivilege.getName().equals("ALL")) {
+      if (hivePrivilege.getName().equals(ALL)) {
         // expand to all supported privileges
         for (SQLPrivilegeType privType : SQLPrivilegeType.values()) {
           hivePrivSet.add(new HivePrivilege(privType.name(), 
hivePrivilege.getColumns()));
@@ -223,6 +228,10 @@ public class SQLStdHiveAccessController 
       throw new HiveAccessControlException("Current user : " + 
currentUserName+ " is not"
       + " allowed to add roles. " + ADMIN_ONLY_MSG);
     }
+    if (RESERVED_ROLE_NAMES.contains(roleName.trim().toUpperCase())) {
+      throw new HiveAuthzPluginException("Role name cannot be one of the 
reserved roles: " +
+          RESERVED_ROLE_NAMES);
+    }
     try {
       String grantorName = adminGrantor == null ? null : 
adminGrantor.getName();
       metastoreClientFactory.getHiveMetastoreClient().create_role(
@@ -418,8 +427,8 @@ public class SQLStdHiveAccessController 
     HiveAuthzPluginException {
 
     initUserRoles();
-    if ("NONE".equalsIgnoreCase(roleName)) {
-      // for set role NONE, reset roles to default roles.
+    if (ALL.equalsIgnoreCase(roleName)) {
+      // for set role ALL, reset roles to default roles.
       currentRoles.clear();
       currentRoles.addAll(getRolesFromMS());
       return;

Added: 
hive/trunk/ql/src/test/queries/clientnegative/authorization_cannot_create_all_role.q
URL: 
http://svn.apache.org/viewvc/hive/trunk/ql/src/test/queries/clientnegative/authorization_cannot_create_all_role.q?rev=1577678&view=auto
==============================================================================
--- 
hive/trunk/ql/src/test/queries/clientnegative/authorization_cannot_create_all_role.q
 (added)
+++ 
hive/trunk/ql/src/test/queries/clientnegative/authorization_cannot_create_all_role.q
 Fri Mar 14 19:49:18 2014
@@ -0,0 +1,6 @@
+set hive.users.in.admin.role=hive_admin_user;
+set 
hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactory;
+set 
hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
+set user.name=hive_admin_user;
+set role ADMIN;
+create role all;

Added: 
hive/trunk/ql/src/test/queries/clientnegative/authorization_cannot_create_default_role.q
URL: 
http://svn.apache.org/viewvc/hive/trunk/ql/src/test/queries/clientnegative/authorization_cannot_create_default_role.q?rev=1577678&view=auto
==============================================================================
--- 
hive/trunk/ql/src/test/queries/clientnegative/authorization_cannot_create_default_role.q
 (added)
+++ 
hive/trunk/ql/src/test/queries/clientnegative/authorization_cannot_create_default_role.q
 Fri Mar 14 19:49:18 2014
@@ -0,0 +1,6 @@
+set hive.users.in.admin.role=hive_admin_user;
+set 
hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactory;
+set 
hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
+set user.name=hive_admin_user;
+set role ADMIN;
+create role default;

Added: 
hive/trunk/ql/src/test/queries/clientnegative/authorization_cannot_create_none_role.q
URL: 
http://svn.apache.org/viewvc/hive/trunk/ql/src/test/queries/clientnegative/authorization_cannot_create_none_role.q?rev=1577678&view=auto
==============================================================================
--- 
hive/trunk/ql/src/test/queries/clientnegative/authorization_cannot_create_none_role.q
 (added)
+++ 
hive/trunk/ql/src/test/queries/clientnegative/authorization_cannot_create_none_role.q
 Fri Mar 14 19:49:18 2014
@@ -0,0 +1,6 @@
+set hive.users.in.admin.role=hive_admin_user;
+set 
hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactory;
+set 
hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
+set user.name=hive_admin_user;
+set role ADMIN;
+create role None;

Modified: 
hive/trunk/ql/src/test/queries/clientnegative/authorization_disallow_transform.q
URL: 
http://svn.apache.org/viewvc/hive/trunk/ql/src/test/queries/clientnegative/authorization_disallow_transform.q?rev=1577678&r1=1577677&r2=1577678&view=diff
==============================================================================
--- 
hive/trunk/ql/src/test/queries/clientnegative/authorization_disallow_transform.q
 (original)
+++ 
hive/trunk/ql/src/test/queries/clientnegative/authorization_disallow_transform.q
 Fri Mar 14 19:49:18 2014
@@ -1,3 +1,3 @@
 set 
hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactory;
-set role NONE;
+set role ALL;
 SELECT TRANSFORM (*) USING 'cat' AS (key, value) FROM src;

Modified: 
hive/trunk/ql/src/test/queries/clientnegative/authorization_drop_role_no_admin.q
URL: 
http://svn.apache.org/viewvc/hive/trunk/ql/src/test/queries/clientnegative/authorization_drop_role_no_admin.q?rev=1577678&r1=1577677&r2=1577678&view=diff
==============================================================================
--- 
hive/trunk/ql/src/test/queries/clientnegative/authorization_drop_role_no_admin.q
 (original)
+++ 
hive/trunk/ql/src/test/queries/clientnegative/authorization_drop_role_no_admin.q
 Fri Mar 14 19:49:18 2014
@@ -5,6 +5,6 @@ set user.name=hive_admin_user;
 set role ADMIN;
 show current roles;
 create role r1;
-set role NONE;
+set role ALL;
 show current roles;
 drop role r1;

Modified: 
hive/trunk/ql/src/test/queries/clientpositive/authorization_set_show_current_role.q
URL: 
http://svn.apache.org/viewvc/hive/trunk/ql/src/test/queries/clientpositive/authorization_set_show_current_role.q?rev=1577678&r1=1577677&r2=1577678&view=diff
==============================================================================
--- 
hive/trunk/ql/src/test/queries/clientpositive/authorization_set_show_current_role.q
 (original)
+++ 
hive/trunk/ql/src/test/queries/clientpositive/authorization_set_show_current_role.q
 Fri Mar 14 19:49:18 2014
@@ -13,7 +13,7 @@ show current roles;
 set role PUBLIC;
 show current roles;
 
-set role NONE;
+set role ALL;
 show current roles;
 
 set role ADMIN;

Added: 
hive/trunk/ql/src/test/results/clientnegative/authorization_cannot_create_all_role.q.out
URL: 
http://svn.apache.org/viewvc/hive/trunk/ql/src/test/results/clientnegative/authorization_cannot_create_all_role.q.out?rev=1577678&view=auto
==============================================================================
--- 
hive/trunk/ql/src/test/results/clientnegative/authorization_cannot_create_all_role.q.out
 (added)
+++ 
hive/trunk/ql/src/test/results/clientnegative/authorization_cannot_create_all_role.q.out
 Fri Mar 14 19:49:18 2014
@@ -0,0 +1,7 @@
+PREHOOK: query: set role ADMIN
+PREHOOK: type: SHOW_ROLES
+POSTHOOK: query: set role ADMIN
+POSTHOOK: type: SHOW_ROLES
+PREHOOK: query: create role all
+PREHOOK: type: CREATEROLE
+FAILED: Execution Error, return code 1 from 
org.apache.hadoop.hive.ql.exec.DDLTask. Role name cannot be one of the reserved 
roles: [ALL, DEFAULT, NONE]

Added: 
hive/trunk/ql/src/test/results/clientnegative/authorization_cannot_create_default_role.q.out
URL: 
http://svn.apache.org/viewvc/hive/trunk/ql/src/test/results/clientnegative/authorization_cannot_create_default_role.q.out?rev=1577678&view=auto
==============================================================================
--- 
hive/trunk/ql/src/test/results/clientnegative/authorization_cannot_create_default_role.q.out
 (added)
+++ 
hive/trunk/ql/src/test/results/clientnegative/authorization_cannot_create_default_role.q.out
 Fri Mar 14 19:49:18 2014
@@ -0,0 +1,7 @@
+PREHOOK: query: set role ADMIN
+PREHOOK: type: SHOW_ROLES
+POSTHOOK: query: set role ADMIN
+POSTHOOK: type: SHOW_ROLES
+PREHOOK: query: create role default
+PREHOOK: type: CREATEROLE
+FAILED: Execution Error, return code 1 from 
org.apache.hadoop.hive.ql.exec.DDLTask. Role name cannot be one of the reserved 
roles: [ALL, DEFAULT, NONE]

Added: 
hive/trunk/ql/src/test/results/clientnegative/authorization_cannot_create_none_role.q.out
URL: 
http://svn.apache.org/viewvc/hive/trunk/ql/src/test/results/clientnegative/authorization_cannot_create_none_role.q.out?rev=1577678&view=auto
==============================================================================
--- 
hive/trunk/ql/src/test/results/clientnegative/authorization_cannot_create_none_role.q.out
 (added)
+++ 
hive/trunk/ql/src/test/results/clientnegative/authorization_cannot_create_none_role.q.out
 Fri Mar 14 19:49:18 2014
@@ -0,0 +1,7 @@
+PREHOOK: query: set role ADMIN
+PREHOOK: type: SHOW_ROLES
+POSTHOOK: query: set role ADMIN
+POSTHOOK: type: SHOW_ROLES
+PREHOOK: query: create role None
+PREHOOK: type: CREATEROLE
+FAILED: Execution Error, return code 1 from 
org.apache.hadoop.hive.ql.exec.DDLTask. Role name cannot be one of the reserved 
roles: [ALL, DEFAULT, NONE]

Modified: 
hive/trunk/ql/src/test/results/clientnegative/authorization_disallow_transform.q.out
URL: 
http://svn.apache.org/viewvc/hive/trunk/ql/src/test/results/clientnegative/authorization_disallow_transform.q.out?rev=1577678&r1=1577677&r2=1577678&view=diff
==============================================================================
--- 
hive/trunk/ql/src/test/results/clientnegative/authorization_disallow_transform.q.out
 (original)
+++ 
hive/trunk/ql/src/test/results/clientnegative/authorization_disallow_transform.q.out
 Fri Mar 14 19:49:18 2014
@@ -1,6 +1,6 @@
-PREHOOK: query: set role NONE
+PREHOOK: query: set role ALL
 PREHOOK: type: SHOW_ROLES
-POSTHOOK: query: set role NONE
+POSTHOOK: query: set role ALL
 POSTHOOK: type: SHOW_ROLES
 PREHOOK: query: SELECT TRANSFORM (*) USING 'cat' AS (key, value) FROM src
 PREHOOK: type: QUERY

Modified: 
hive/trunk/ql/src/test/results/clientnegative/authorization_drop_role_no_admin.q.out
URL: 
http://svn.apache.org/viewvc/hive/trunk/ql/src/test/results/clientnegative/authorization_drop_role_no_admin.q.out?rev=1577678&r1=1577677&r2=1577678&view=diff
==============================================================================
--- 
hive/trunk/ql/src/test/results/clientnegative/authorization_drop_role_no_admin.q.out
 (original)
+++ 
hive/trunk/ql/src/test/results/clientnegative/authorization_drop_role_no_admin.q.out
 Fri Mar 14 19:49:18 2014
@@ -12,9 +12,9 @@ PREHOOK: query: create role r1
 PREHOOK: type: CREATEROLE
 POSTHOOK: query: create role r1
 POSTHOOK: type: CREATEROLE
-PREHOOK: query: set role NONE
+PREHOOK: query: set role ALL
 PREHOOK: type: SHOW_ROLES
-POSTHOOK: query: set role NONE
+POSTHOOK: query: set role ALL
 POSTHOOK: type: SHOW_ROLES
 PREHOOK: query: show current roles
 PREHOOK: type: SHOW_ROLES

Modified: 
hive/trunk/ql/src/test/results/clientpositive/authorization_set_show_current_role.q.out
URL: 
http://svn.apache.org/viewvc/hive/trunk/ql/src/test/results/clientpositive/authorization_set_show_current_role.q.out?rev=1577678&r1=1577677&r2=1577678&view=diff
==============================================================================
--- 
hive/trunk/ql/src/test/results/clientpositive/authorization_set_show_current_role.q.out
 (original)
+++ 
hive/trunk/ql/src/test/results/clientpositive/authorization_set_show_current_role.q.out
 Fri Mar 14 19:49:18 2014
@@ -36,9 +36,9 @@ POSTHOOK: query: show current roles
 POSTHOOK: type: SHOW_ROLES
 PUBLIC
 
-PREHOOK: query: set role NONE
+PREHOOK: query: set role ALL
 PREHOOK: type: SHOW_ROLES
-POSTHOOK: query: set role NONE
+POSTHOOK: query: set role ALL
 POSTHOOK: type: SHOW_ROLES
 PREHOOK: query: show current roles
 PREHOOK: type: SHOW_ROLES

svn commit: r1577678 - in /hive/trunk/ql/src: java/org/apache/hadoop/hive/ql/parse/ java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/ test/queries/clientnegative/ test/queries/clientpositive/ test/results/clientnegative/ test/results...

Reply via email to