Author: khorgath
Date: Thu May 8 23:26:47 2014
New Revision: 1593455
URL: http://svn.apache.org/r1593455
Log:
HIVE-6921 : index creation fails with sql std auth turned on (Ashutosh Chauhan
via Thejas Nair)
Added:
hive/branches/branch-0.13/ql/src/test/queries/clientpositive/authorization_index.q
hive/branches/branch-0.13/ql/src/test/results/clientpositive/authorization_index.q.out
Modified:
hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/exec/DDLTask.java
hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/metadata/Hive.java
hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/metadata/Table.java
Modified:
hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/exec/DDLTask.java
URL:
http://svn.apache.org/viewvc/hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/exec/DDLTask.java?rev=1593455&r1=1593454&r2=1593455&view=diff
==============================================================================
---
hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/exec/DDLTask.java
(original)
+++
hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/exec/DDLTask.java
Thu May 8 23:26:47 2014
@@ -4185,11 +4185,6 @@ public class DDLTask extends Task<DDLWor
}
}
- int rc = setGenericTableAttributes(tbl);
- if (rc != 0) {
- return rc;
- }
-
// create the table
db.createTable(tbl, crtTbl.getIfNotExists());
work.getOutputs().add(new WriteEntity(tbl,
WriteEntity.WriteType.DDL_NO_LOCK));
@@ -4292,12 +4287,6 @@ public class DDLTask extends Task<DDLWor
}
}
- // reset owner and creation time
- int rc = setGenericTableAttributes(tbl);
- if (rc != 0) {
- return rc;
- }
-
// create the table
db.createTable(tbl, crtTbl.getIfNotExists());
work.getOutputs().add(new WriteEntity(tbl,
WriteEntity.WriteType.DDL_NO_LOCK));
@@ -4357,11 +4346,6 @@ public class DDLTask extends Task<DDLWor
tbl.setPartCols(crtView.getPartCols());
}
- int rc = setGenericTableAttributes(tbl);
- if (rc != 0) {
- return rc;
- }
-
db.createTable(tbl, crtView.getIfNotExists());
work.getOutputs().add(new WriteEntity(tbl,
WriteEntity.WriteType.DDL_NO_LOCK));
}
@@ -4432,13 +4416,6 @@ public class DDLTask extends Task<DDLWor
return locations;
}
- private int setGenericTableAttributes(Table tbl) throws HiveException {
- tbl.setOwner(SessionState.getUserFromAuthenticator());
- // set create time
- tbl.setCreateTime((int) (System.currentTimeMillis() / 1000));
- return 0;
- }
-
private String escapeHiveCommand(String str) {
StringBuilder sb = new StringBuilder();
for (int i = 0; i < str.length(); i ++) {
Modified:
hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/metadata/Hive.java
URL:
http://svn.apache.org/viewvc/hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/metadata/Hive.java?rev=1593455&r1=1593454&r2=1593455&view=diff
==============================================================================
---
hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/metadata/Hive.java
(original)
+++
hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/metadata/Hive.java
Thu May 8 23:26:47 2014
@@ -776,6 +776,15 @@ public class Hive {
tt.putToParameters(prop.getKey(), prop.getValue());
}
}
+ SessionState ss = SessionState.get();
+ CreateTableAutomaticGrant grants;
+ if (ss != null && ((grants = ss.getCreateTableGrants()) != null)) {
+ PrincipalPrivilegeSet principalPrivs = new PrincipalPrivilegeSet();
+ principalPrivs.setUserPrivileges(grants.getUserGrants());
+ principalPrivs.setGroupPrivileges(grants.getGroupGrants());
+ principalPrivs.setRolePrivileges(grants.getRoleGrants());
+ tt.setPrivileges(principalPrivs);
+ }
}
if(!deferredRebuild) {
Modified:
hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/metadata/Table.java
URL:
http://svn.apache.org/viewvc/hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/metadata/Table.java?rev=1593455&r1=1593454&r2=1593455&view=diff
==============================================================================
---
hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/metadata/Table.java
(original)
+++
hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/metadata/Table.java
Thu May 8 23:26:47 2014
@@ -53,6 +53,7 @@ import org.apache.hadoop.hive.ql.io.Hive
import org.apache.hadoop.hive.ql.io.HiveSequenceFileOutputFormat;
import org.apache.hadoop.hive.ql.parse.SemanticAnalyzer;
import org.apache.hadoop.hive.ql.parse.SemanticException;
+import org.apache.hadoop.hive.ql.session.SessionState;
import org.apache.hadoop.hive.serde.serdeConstants;
import org.apache.hadoop.hive.serde2.Deserializer;
import org.apache.hadoop.hive.serde2.MetadataTypedColumnsetSerDe;
@@ -170,6 +171,10 @@ public class Table implements Serializab
t.setTableType(TableType.MANAGED_TABLE.toString());
t.setDbName(databaseName);
t.setTableName(tableName);
+ t.setOwner(SessionState.getUserFromAuthenticator());
+ // set create time
+ t.setCreateTime((int) (System.currentTimeMillis() / 1000));
+
}
return t;
}
Added:
hive/branches/branch-0.13/ql/src/test/queries/clientpositive/authorization_index.q
URL:
http://svn.apache.org/viewvc/hive/branches/branch-0.13/ql/src/test/queries/clientpositive/authorization_index.q?rev=1593455&view=auto
==============================================================================
---
hive/branches/branch-0.13/ql/src/test/queries/clientpositive/authorization_index.q
(added)
+++
hive/branches/branch-0.13/ql/src/test/queries/clientpositive/authorization_index.q
Thu May 8 23:26:47 2014
@@ -0,0 +1,12 @@
+set
hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
+set
hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
+
+set hive.security.authorization.enabled=true;
+create table t1 (a int);
+create index t1_index on table t1(a) as 'COMPACT' WITH DEFERRED REBUILD;
+desc formatted default__t1_t1_index__;
+alter index t1_index on t1 rebuild;
+
+drop table t1;
+
+set hive.security.authorization.enabled=false;
Added:
hive/branches/branch-0.13/ql/src/test/results/clientpositive/authorization_index.q.out
URL:
http://svn.apache.org/viewvc/hive/branches/branch-0.13/ql/src/test/results/clientpositive/authorization_index.q.out?rev=1593455&view=auto
==============================================================================
---
hive/branches/branch-0.13/ql/src/test/results/clientpositive/authorization_index.q.out
(added)
+++
hive/branches/branch-0.13/ql/src/test/results/clientpositive/authorization_index.q.out
Thu May 8 23:26:47 2014
@@ -0,0 +1,66 @@
+PREHOOK: query: create table t1 (a int)
+PREHOOK: type: CREATETABLE
+PREHOOK: Output: database:default
+POSTHOOK: query: create table t1 (a int)
+POSTHOOK: type: CREATETABLE
+POSTHOOK: Output: database:default
+POSTHOOK: Output: default@t1
+PREHOOK: query: create index t1_index on table t1(a) as 'COMPACT' WITH
DEFERRED REBUILD
+PREHOOK: type: CREATEINDEX
+POSTHOOK: query: create index t1_index on table t1(a) as 'COMPACT' WITH
DEFERRED REBUILD
+POSTHOOK: type: CREATEINDEX
+POSTHOOK: Output: default@default__t1_t1_index__
+PREHOOK: query: desc formatted default__t1_t1_index__
+PREHOOK: type: DESCTABLE
+PREHOOK: Input: default@default__t1_t1_index__
+POSTHOOK: query: desc formatted default__t1_t1_index__
+POSTHOOK: type: DESCTABLE
+POSTHOOK: Input: default@default__t1_t1_index__
+# col_name data_type comment
+
+a int
+_bucketname string
+_offsets array<bigint>
+
+# Detailed Table Information
+Database: default
+#### A masked pattern was here ####
+Protect Mode: None
+Retention: 0
+#### A masked pattern was here ####
+Table Type: INDEX_TABLE
+Table Parameters:
+#### A masked pattern was here ####
+
+# Storage Information
+SerDe Library: org.apache.hadoop.hive.serde2.lazy.LazySimpleSerDe
+InputFormat: org.apache.hadoop.mapred.TextInputFormat
+OutputFormat: org.apache.hadoop.hive.ql.io.IgnoreKeyTextOutputFormat
+Compressed: No
+Num Buckets: -1
+Bucket Columns: []
+Sort Columns: [Order(col:a, order:1)]
+Storage Desc Params:
+ serialization.format 1
+PREHOOK: query: alter index t1_index on t1 rebuild
+PREHOOK: type: ALTERINDEX_REBUILD
+PREHOOK: Input: default@t1
+PREHOOK: Output: default@default__t1_t1_index__
+POSTHOOK: query: alter index t1_index on t1 rebuild
+POSTHOOK: type: ALTERINDEX_REBUILD
+POSTHOOK: Input: default@t1
+POSTHOOK: Output: default@default__t1_t1_index__
+POSTHOOK: Lineage: default__t1_t1_index__._bucketname SIMPLE
[(t1)t1.FieldSchema(name:INPUT__FILE__NAME, type:string, comment:), ]
+POSTHOOK: Lineage: default__t1_t1_index__._offsets EXPRESSION
[(t1)t1.FieldSchema(name:BLOCK__OFFSET__INSIDE__FILE, type:bigint, comment:), ]
+POSTHOOK: Lineage: default__t1_t1_index__.a SIMPLE [(t1)t1.FieldSchema(name:a,
type:int, comment:null), ]
+PREHOOK: query: drop table t1
+PREHOOK: type: DROPTABLE
+PREHOOK: Input: default@t1
+PREHOOK: Output: default@t1
+POSTHOOK: query: drop table t1
+POSTHOOK: type: DROPTABLE
+POSTHOOK: Input: default@t1
+POSTHOOK: Output: default@t1
+POSTHOOK: Lineage: default__t1_t1_index__._bucketname SIMPLE
[(t1)t1.FieldSchema(name:INPUT__FILE__NAME, type:string, comment:), ]
+POSTHOOK: Lineage: default__t1_t1_index__._offsets EXPRESSION
[(t1)t1.FieldSchema(name:BLOCK__OFFSET__INSIDE__FILE, type:bigint, comment:), ]
+POSTHOOK: Lineage: default__t1_t1_index__.a SIMPLE [(t1)t1.FieldSchema(name:a,
type:int, comment:null), ]
