Author: khorgath Date: Thu May 8 23:26:47 2014 New Revision: 1593455 URL: http://svn.apache.org/r1593455 Log: HIVE-6921 : index creation fails with sql std auth turned on (Ashutosh Chauhan via Thejas Nair)
Added: hive/branches/branch-0.13/ql/src/test/queries/clientpositive/authorization_index.q hive/branches/branch-0.13/ql/src/test/results/clientpositive/authorization_index.q.out Modified: hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/exec/DDLTask.java hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/metadata/Hive.java hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/metadata/Table.java Modified: hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/exec/DDLTask.java URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/exec/DDLTask.java?rev=1593455&r1=1593454&r2=1593455&view=diff ============================================================================== --- hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/exec/DDLTask.java (original) +++ hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/exec/DDLTask.java Thu May 8 23:26:47 2014 @@ -4185,11 +4185,6 @@ public class DDLTask extends Task<DDLWor } } - int rc = setGenericTableAttributes(tbl); - if (rc != 0) { - return rc; - } - // create the table db.createTable(tbl, crtTbl.getIfNotExists()); work.getOutputs().add(new WriteEntity(tbl, WriteEntity.WriteType.DDL_NO_LOCK)); @@ -4292,12 +4287,6 @@ public class DDLTask extends Task<DDLWor } } - // reset owner and creation time - int rc = setGenericTableAttributes(tbl); - if (rc != 0) { - return rc; - } - // create the table db.createTable(tbl, crtTbl.getIfNotExists()); work.getOutputs().add(new WriteEntity(tbl, WriteEntity.WriteType.DDL_NO_LOCK)); @@ -4357,11 +4346,6 @@ public class DDLTask extends Task<DDLWor tbl.setPartCols(crtView.getPartCols()); } - int rc = setGenericTableAttributes(tbl); - if (rc != 0) { - return rc; - } - db.createTable(tbl, crtView.getIfNotExists()); work.getOutputs().add(new WriteEntity(tbl, WriteEntity.WriteType.DDL_NO_LOCK)); } @@ -4432,13 +4416,6 @@ public class DDLTask extends Task<DDLWor return locations; } - private int setGenericTableAttributes(Table tbl) throws HiveException { - tbl.setOwner(SessionState.getUserFromAuthenticator()); - // set create time - tbl.setCreateTime((int) (System.currentTimeMillis() / 1000)); - return 0; - } - private String escapeHiveCommand(String str) { StringBuilder sb = new StringBuilder(); for (int i = 0; i < str.length(); i ++) { Modified: hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/metadata/Hive.java URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/metadata/Hive.java?rev=1593455&r1=1593454&r2=1593455&view=diff ============================================================================== --- hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/metadata/Hive.java (original) +++ hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/metadata/Hive.java Thu May 8 23:26:47 2014 @@ -776,6 +776,15 @@ public class Hive { tt.putToParameters(prop.getKey(), prop.getValue()); } } + SessionState ss = SessionState.get(); + CreateTableAutomaticGrant grants; + if (ss != null && ((grants = ss.getCreateTableGrants()) != null)) { + PrincipalPrivilegeSet principalPrivs = new PrincipalPrivilegeSet(); + principalPrivs.setUserPrivileges(grants.getUserGrants()); + principalPrivs.setGroupPrivileges(grants.getGroupGrants()); + principalPrivs.setRolePrivileges(grants.getRoleGrants()); + tt.setPrivileges(principalPrivs); + } } if(!deferredRebuild) { Modified: hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/metadata/Table.java URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/metadata/Table.java?rev=1593455&r1=1593454&r2=1593455&view=diff ============================================================================== --- hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/metadata/Table.java (original) +++ hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/metadata/Table.java Thu May 8 23:26:47 2014 @@ -53,6 +53,7 @@ import org.apache.hadoop.hive.ql.io.Hive import org.apache.hadoop.hive.ql.io.HiveSequenceFileOutputFormat; import org.apache.hadoop.hive.ql.parse.SemanticAnalyzer; import org.apache.hadoop.hive.ql.parse.SemanticException; +import org.apache.hadoop.hive.ql.session.SessionState; import org.apache.hadoop.hive.serde.serdeConstants; import org.apache.hadoop.hive.serde2.Deserializer; import org.apache.hadoop.hive.serde2.MetadataTypedColumnsetSerDe; @@ -170,6 +171,10 @@ public class Table implements Serializab t.setTableType(TableType.MANAGED_TABLE.toString()); t.setDbName(databaseName); t.setTableName(tableName); + t.setOwner(SessionState.getUserFromAuthenticator()); + // set create time + t.setCreateTime((int) (System.currentTimeMillis() / 1000)); + } return t; } Added: hive/branches/branch-0.13/ql/src/test/queries/clientpositive/authorization_index.q URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/ql/src/test/queries/clientpositive/authorization_index.q?rev=1593455&view=auto ============================================================================== --- hive/branches/branch-0.13/ql/src/test/queries/clientpositive/authorization_index.q (added) +++ hive/branches/branch-0.13/ql/src/test/queries/clientpositive/authorization_index.q Thu May 8 23:26:47 2014 @@ -0,0 +1,12 @@ +set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; +set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; + +set hive.security.authorization.enabled=true; +create table t1 (a int); +create index t1_index on table t1(a) as 'COMPACT' WITH DEFERRED REBUILD; +desc formatted default__t1_t1_index__; +alter index t1_index on t1 rebuild; + +drop table t1; + +set hive.security.authorization.enabled=false; Added: hive/branches/branch-0.13/ql/src/test/results/clientpositive/authorization_index.q.out URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/ql/src/test/results/clientpositive/authorization_index.q.out?rev=1593455&view=auto ============================================================================== --- hive/branches/branch-0.13/ql/src/test/results/clientpositive/authorization_index.q.out (added) +++ hive/branches/branch-0.13/ql/src/test/results/clientpositive/authorization_index.q.out Thu May 8 23:26:47 2014 @@ -0,0 +1,66 @@ +PREHOOK: query: create table t1 (a int) +PREHOOK: type: CREATETABLE +PREHOOK: Output: database:default +POSTHOOK: query: create table t1 (a int) +POSTHOOK: type: CREATETABLE +POSTHOOK: Output: database:default +POSTHOOK: Output: default@t1 +PREHOOK: query: create index t1_index on table t1(a) as 'COMPACT' WITH DEFERRED REBUILD +PREHOOK: type: CREATEINDEX +POSTHOOK: query: create index t1_index on table t1(a) as 'COMPACT' WITH DEFERRED REBUILD +POSTHOOK: type: CREATEINDEX +POSTHOOK: Output: default@default__t1_t1_index__ +PREHOOK: query: desc formatted default__t1_t1_index__ +PREHOOK: type: DESCTABLE +PREHOOK: Input: default@default__t1_t1_index__ +POSTHOOK: query: desc formatted default__t1_t1_index__ +POSTHOOK: type: DESCTABLE +POSTHOOK: Input: default@default__t1_t1_index__ +# col_name data_type comment + +a int +_bucketname string +_offsets array<bigint> + +# Detailed Table Information +Database: default +#### A masked pattern was here #### +Protect Mode: None +Retention: 0 +#### A masked pattern was here #### +Table Type: INDEX_TABLE +Table Parameters: +#### A masked pattern was here #### + +# Storage Information +SerDe Library: org.apache.hadoop.hive.serde2.lazy.LazySimpleSerDe +InputFormat: org.apache.hadoop.mapred.TextInputFormat +OutputFormat: org.apache.hadoop.hive.ql.io.IgnoreKeyTextOutputFormat +Compressed: No +Num Buckets: -1 +Bucket Columns: [] +Sort Columns: [Order(col:a, order:1)] +Storage Desc Params: + serialization.format 1 +PREHOOK: query: alter index t1_index on t1 rebuild +PREHOOK: type: ALTERINDEX_REBUILD +PREHOOK: Input: default@t1 +PREHOOK: Output: default@default__t1_t1_index__ +POSTHOOK: query: alter index t1_index on t1 rebuild +POSTHOOK: type: ALTERINDEX_REBUILD +POSTHOOK: Input: default@t1 +POSTHOOK: Output: default@default__t1_t1_index__ +POSTHOOK: Lineage: default__t1_t1_index__._bucketname SIMPLE [(t1)t1.FieldSchema(name:INPUT__FILE__NAME, type:string, comment:), ] +POSTHOOK: Lineage: default__t1_t1_index__._offsets EXPRESSION [(t1)t1.FieldSchema(name:BLOCK__OFFSET__INSIDE__FILE, type:bigint, comment:), ] +POSTHOOK: Lineage: default__t1_t1_index__.a SIMPLE [(t1)t1.FieldSchema(name:a, type:int, comment:null), ] +PREHOOK: query: drop table t1 +PREHOOK: type: DROPTABLE +PREHOOK: Input: default@t1 +PREHOOK: Output: default@t1 +POSTHOOK: query: drop table t1 +POSTHOOK: type: DROPTABLE +POSTHOOK: Input: default@t1 +POSTHOOK: Output: default@t1 +POSTHOOK: Lineage: default__t1_t1_index__._bucketname SIMPLE [(t1)t1.FieldSchema(name:INPUT__FILE__NAME, type:string, comment:), ] +POSTHOOK: Lineage: default__t1_t1_index__._offsets EXPRESSION [(t1)t1.FieldSchema(name:BLOCK__OFFSET__INSIDE__FILE, type:bigint, comment:), ] +POSTHOOK: Lineage: default__t1_t1_index__.a SIMPLE [(t1)t1.FieldSchema(name:a, type:int, comment:null), ]