Modified: hive/branches/cbo/ql/src/java/org/apache/hadoop/hive/ql/session/SessionState.java URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/java/org/apache/hadoop/hive/ql/session/SessionState.java?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/java/org/apache/hadoop/hive/ql/session/SessionState.java (original) +++ hive/branches/cbo/ql/src/java/org/apache/hadoop/hive/ql/session/SessionState.java Fri Jul 25 00:38:23 2014 @@ -19,8 +19,6 @@ package org.apache.hadoop.hive.ql.session; import static org.apache.hadoop.hive.metastore.MetaStoreUtils.DEFAULT_DATABASE_NAME; -import com.google.common.base.Preconditions; - import java.io.File; import java.io.IOException; import java.io.InputStream; @@ -69,6 +67,8 @@ import org.apache.hadoop.hive.ql.util.Do import org.apache.hadoop.hive.shims.ShimLoader; import org.apache.hadoop.util.ReflectionUtils; +import com.google.common.base.Preconditions; + /** * SessionState encapsulates common data associated with a session. * @@ -83,7 +83,7 @@ public class SessionState { private static final String LOCAL_SESSION_PATH_KEY = "_hive.local.session.path"; private static final String HDFS_SESSION_PATH_KEY = "_hive.hdfs.session.path"; private static final String TMP_TABLE_SPACE_KEY = "_hive.tmp_table_space"; - private Map<String, Map<String, Table>> tempTables = new HashMap<String, Map<String, Table>>(); + private final Map<String, Map<String, Table>> tempTables = new HashMap<String, Map<String, Table>>(); protected ClassLoader parentLoader; @@ -173,6 +173,8 @@ public class SessionState { private final String CONFIG_AUTHZ_SETTINGS_APPLIED_MARKER = "hive.internal.ss.authz.settings.applied.marker"; + private String userIpAddress; + /** * Lineage state. */ @@ -466,7 +468,7 @@ public class SessionState { FileSystem fs = p.getFileSystem(conf); p = new Path(fs.makeQualified(p).toString()); FsPermission fsPermission = new FsPermission(Short.parseShort(perm.trim(), 8)); - + if (!Utilities.createDirsWithPermission(conf, p, fsPermission)) { throw new IOException("Cannot create directory: " + p.toString()); @@ -475,7 +477,7 @@ public class SessionState { // best effort to clean up if we don't shut down properly fs.deleteOnExit(p); } - + /** * Setup authentication and authorization plugins for this session. @@ -1135,4 +1137,20 @@ public class SessionState { public Map<String, Map<String, Table>> getTempTables() { return tempTables; } + + /** + * @return ip address for user running the query + */ + public String getUserIpAddress() { + return userIpAddress; + } + + /** + * set the ip address for user running the query + * @param userIpAddress + */ + public void setUserIpAddress(String userIpAddress) { + this.userIpAddress = userIpAddress; + } + }
Modified: hive/branches/cbo/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDAFEvaluator.java URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDAFEvaluator.java?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDAFEvaluator.java (original) +++ hive/branches/cbo/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDAFEvaluator.java Fri Jul 25 00:38:23 2014 @@ -26,6 +26,7 @@ import org.apache.hadoop.hive.ql.metadat import org.apache.hadoop.hive.ql.plan.ptf.WindowFrameDef; import org.apache.hadoop.hive.ql.udf.UDFType; import org.apache.hadoop.hive.serde2.objectinspector.ObjectInspector; +import org.apache.hive.common.util.AnnotationUtils; /** * A Generic User-defined aggregation function (GenericUDAF) for the use with @@ -49,7 +50,7 @@ public abstract class GenericUDAFEvaluat public static boolean isEstimable(AggregationBuffer buffer) { if (buffer instanceof AbstractAggregationBuffer) { Class<? extends AggregationBuffer> clazz = buffer.getClass(); - AggregationType annotation = clazz.getAnnotation(AggregationType.class); + AggregationType annotation = AnnotationUtils.getAnnotation(clazz, AggregationType.class); return annotation != null && annotation.estimable(); } return false; @@ -94,7 +95,7 @@ public abstract class GenericUDAFEvaluat * Additionally setup GenericUDAFEvaluator with MapredContext before initializing. * This is only called in runtime of MapRedTask. * - * @param context context + * @param mapredContext context */ public void configure(MapredContext mapredContext) { } Modified: hive/branches/cbo/ql/src/test/org/apache/hadoop/hive/ql/security/authorization/plugin/TestHiveOperationType.java URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/org/apache/hadoop/hive/ql/security/authorization/plugin/TestHiveOperationType.java?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/org/apache/hadoop/hive/ql/security/authorization/plugin/TestHiveOperationType.java (original) +++ hive/branches/cbo/ql/src/test/org/apache/hadoop/hive/ql/security/authorization/plugin/TestHiveOperationType.java Fri Jul 25 00:38:23 2014 @@ -17,7 +17,7 @@ */ package org.apache.hadoop.hive.ql.security.authorization.plugin; -import static org.junit.Assert.*; +import static org.junit.Assert.fail; import org.apache.hadoop.hive.ql.plan.HiveOperation; import org.junit.Test; @@ -40,8 +40,6 @@ public class TestHiveOperationType { fail("Unable to find corresponding type in HiveOperationType for " + op + " : " + ex ); } } - assertEquals("Check if HiveOperation, HiveOperationType have same number of instances", - HiveOperation.values().length, HiveOperationType.values().length); } } Modified: hive/branches/cbo/ql/src/test/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/TestSQLStdHiveAccessController.java URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/TestSQLStdHiveAccessController.java?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/TestSQLStdHiveAccessController.java (original) +++ hive/branches/cbo/ql/src/test/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/TestSQLStdHiveAccessController.java Fri Jul 25 00:38:23 2014 @@ -17,7 +17,6 @@ */ package org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd; -import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; @@ -42,17 +41,13 @@ public class TestSQLStdHiveAccessControl * @throws HiveAuthzPluginException */ @Test - public void checkConfigProcessing() throws HiveAuthzPluginException { + public void testConfigProcessing() throws HiveAuthzPluginException { HiveConf processedConf = new HiveConf(); SQLStdHiveAccessController accessController = new SQLStdHiveAccessController(null, processedConf, new HadoopDefaultAuthenticator()); accessController.applyAuthorizationConfigPolicy(processedConf); - // check that unsafe commands have been disabled - assertEquals("only set command should be allowed", - processedConf.getVar(ConfVars.HIVE_SECURITY_COMMAND_WHITELIST), "set"); - // check that hook to disable transforms has been added assertTrue("Check for transform query disabling hook", processedConf.getVar(ConfVars.PREEXECHOOKS).contains(DisallowTransformHook.class.getName())); @@ -90,7 +85,7 @@ public class TestSQLStdHiveAccessControl * @throws HiveAuthzPluginException */ @Test - public void checkConfigProcessingCustomSetWhitelist() throws HiveAuthzPluginException { + public void testConfigProcessingCustomSetWhitelist() throws HiveAuthzPluginException { HiveConf processedConf = new HiveConf(); // add custom value, including one from the default, one new one Modified: hive/branches/cbo/ql/src/test/org/apache/hadoop/hive/ql/txn/compactor/TestCleaner.java URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/org/apache/hadoop/hive/ql/txn/compactor/TestCleaner.java?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/org/apache/hadoop/hive/ql/txn/compactor/TestCleaner.java (original) +++ hive/branches/cbo/ql/src/test/org/apache/hadoop/hive/ql/txn/compactor/TestCleaner.java Fri Jul 25 00:38:23 2014 @@ -23,7 +23,6 @@ import org.apache.hadoop.hive.conf.HiveC import org.apache.hadoop.hive.metastore.api.*; import org.apache.hadoop.hive.metastore.txn.CompactionInfo; import org.apache.hadoop.hive.metastore.txn.TxnDbUtil; -import org.junit.After; import org.junit.Before; import org.junit.Test; @@ -68,7 +67,7 @@ public class TestCleaner extends Compact // Check there are no compactions requests left. ShowCompactResponse rsp = txnHandler.showCompact(new ShowCompactRequest()); - Assert.assertNull(rsp.getCompacts()); + Assert.assertEquals(0, rsp.getCompactsSize()); // Check that the files are removed List<Path> paths = getDirectories(conf, t, null); @@ -101,7 +100,7 @@ public class TestCleaner extends Compact // Check there are no compactions requests left. ShowCompactResponse rsp = txnHandler.showCompact(new ShowCompactRequest()); - Assert.assertNull(rsp.getCompacts()); + Assert.assertEquals(0, rsp.getCompactsSize()); // Check that the files are removed List<Path> paths = getDirectories(conf, t, p); @@ -132,7 +131,7 @@ public class TestCleaner extends Compact // Check there are no compactions requests left. ShowCompactResponse rsp = txnHandler.showCompact(new ShowCompactRequest()); - Assert.assertNull(rsp.getCompacts()); + Assert.assertEquals(0, rsp.getCompactsSize()); // Check that the files are removed List<Path> paths = getDirectories(conf, t, null); @@ -172,7 +171,7 @@ public class TestCleaner extends Compact // Check there are no compactions requests left. ShowCompactResponse rsp = txnHandler.showCompact(new ShowCompactRequest()); - Assert.assertNull(rsp.getCompacts()); + Assert.assertEquals(0, rsp.getCompactsSize()); // Check that the files are removed List<Path> paths = getDirectories(conf, t, p); @@ -289,7 +288,7 @@ public class TestCleaner extends Compact // Check there are no compactions requests left. ShowCompactResponse rsp = txnHandler.showCompact(new ShowCompactRequest()); - Assert.assertNull(rsp.getCompacts()); + Assert.assertEquals(0, rsp.getCompactsSize()); // Check that the files are removed List<Path> paths = getDirectories(conf, t, p); Modified: hive/branches/cbo/ql/src/test/org/apache/hadoop/hive/ql/txn/compactor/TestInitiator.java URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/org/apache/hadoop/hive/ql/txn/compactor/TestInitiator.java?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/org/apache/hadoop/hive/ql/txn/compactor/TestInitiator.java (original) +++ hive/branches/cbo/ql/src/test/org/apache/hadoop/hive/ql/txn/compactor/TestInitiator.java Fri Jul 25 00:38:23 2014 @@ -23,7 +23,6 @@ import org.apache.commons.logging.LogFac import org.apache.hadoop.hive.conf.HiveConf; import org.apache.hadoop.hive.metastore.api.*; import org.apache.hadoop.hive.metastore.txn.TxnDbUtil; -import org.junit.After; import org.junit.Before; import org.junit.Test; @@ -187,7 +186,7 @@ public class TestInitiator extends Compa startInitiator(conf); ShowCompactResponse rsp = txnHandler.showCompact(new ShowCompactRequest()); - Assert.assertNull(rsp.getCompacts()); + Assert.assertEquals(0, rsp.getCompactsSize()); } @Test @@ -246,7 +245,7 @@ public class TestInitiator extends Compa startInitiator(conf); ShowCompactResponse rsp = txnHandler.showCompact(new ShowCompactRequest()); - Assert.assertNull(rsp.getCompacts()); + Assert.assertEquals(0, rsp.getCompactsSize()); } @Test @@ -379,7 +378,7 @@ public class TestInitiator extends Compa startInitiator(conf); ShowCompactResponse rsp = txnHandler.showCompact(new ShowCompactRequest()); - Assert.assertNull(rsp.getCompacts()); + Assert.assertEquals(0, rsp.getCompactsSize()); } @Test @@ -492,7 +491,7 @@ public class TestInitiator extends Compa startInitiator(conf); ShowCompactResponse rsp = txnHandler.showCompact(new ShowCompactRequest()); - Assert.assertNull(rsp.getCompacts()); + Assert.assertEquals(0, rsp.getCompactsSize()); } @Test Modified: hive/branches/cbo/ql/src/test/queries/clientnegative/authorization_addjar.q URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/queries/clientnegative/authorization_addjar.q?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/queries/clientnegative/authorization_addjar.q (original) +++ hive/branches/cbo/ql/src/test/queries/clientnegative/authorization_addjar.q Fri Jul 25 00:38:23 2014 @@ -1,7 +1,4 @@ set hive.security.authorization.enabled=true; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactory; --- running a sql query to initialize the authorization - not needed in real HS2 mode -show tables; - -add jar ${system:maven.local.repository}/org/apache/hive/hcatalog/hive-hcatalog-core/${system:hive.version}/hive-hcatalog-core-${system:hive.version}.jar; +add jar dummy.jar Modified: hive/branches/cbo/ql/src/test/queries/clientnegative/authorization_dfs.q URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/queries/clientnegative/authorization_dfs.q?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/queries/clientnegative/authorization_dfs.q (original) +++ hive/branches/cbo/ql/src/test/queries/clientnegative/authorization_dfs.q Fri Jul 25 00:38:23 2014 @@ -1,7 +1,4 @@ set hive.security.authorization.enabled=true; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactory; --- running a sql query to initialize the authorization - not needed in real HS2 mode -show tables; -dfs -ls ${system:test.tmp.dir}/ - +dfs -ls dummy_file; Modified: hive/branches/cbo/ql/src/test/queries/clientpositive/annotate_stats_filter.q URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/queries/clientpositive/annotate_stats_filter.q?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/queries/clientpositive/annotate_stats_filter.q (original) +++ hive/branches/cbo/ql/src/test/queries/clientpositive/annotate_stats_filter.q Fri Jul 25 00:38:23 2014 @@ -50,6 +50,20 @@ explain extended select * from loc_orc w -- numRows: 0 rawDataSize: 0 explain extended select * from loc_orc where !true; +-- Constant evaluation. true will pass all rows, false will not pass any rows +-- numRows: 8 rawDataSize: 804 +explain extended select * from loc_orc where true; +-- numRows: 8 rawDataSize: 804 +explain extended select * from loc_orc where 'foo'; +-- numRows: 8 rawDataSize: 804 +explain extended select * from loc_orc where true = true; +-- numRows: 0 rawDataSize: 0 +explain extended select * from loc_orc where false = true; +-- numRows: 0 rawDataSize: 0 +explain extended select * from loc_orc where 'foo' = 'bar'; +-- numRows: 0 rawDataSize: 0 +explain extended select * from loc_orc where false; + -- OR evaluation. 1 row for OH and 1 row for CA -- numRows: 2 rawDataSize: 204 explain extended select * from loc_orc where state='OH' or state='CA'; Modified: hive/branches/cbo/ql/src/test/queries/clientpositive/authorization_revoke_table_priv.q URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/queries/clientpositive/authorization_revoke_table_priv.q?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/queries/clientpositive/authorization_revoke_table_priv.q (original) +++ hive/branches/cbo/ql/src/test/queries/clientpositive/authorization_revoke_table_priv.q Fri Jul 25 00:38:23 2014 @@ -74,6 +74,13 @@ set user.name=user2; SHOW GRANT USER user2 ON TABLE table_priv_rev; set user.name=user1; +-- revoke grant option for select privilege from user2 +REVOKE GRANT OPTION FOR SELECT ON TABLE table_priv_rev FROM USER user2; + +set user.name=user2; +SHOW GRANT USER user2 ON TABLE table_priv_rev; +set user.name=user1; + -- revoke select privilege from user2 REVOKE SELECT ON TABLE table_priv_rev FROM USER user2; Modified: hive/branches/cbo/ql/src/test/queries/clientpositive/avro_partitioned.q URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/queries/clientpositive/avro_partitioned.q?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/queries/clientpositive/avro_partitioned.q (original) +++ hive/branches/cbo/ql/src/test/queries/clientpositive/avro_partitioned.q Fri Jul 25 00:38:23 2014 @@ -72,7 +72,9 @@ SELECT * FROM episodes_partitioned ORDER SELECT * FROM episodes_partitioned WHERE doctor_pt = 6; -- Fetch w/non-existent partition SELECT * FROM episodes_partitioned WHERE doctor_pt = 7 LIMIT 5; - +-- Alter table add an empty partition +ALTER TABLE episodes_partitioned ADD PARTITION (doctor_pt=7); +SELECT COUNT(*) FROM episodes_partitioned; -- Verify that reading from an Avro partition works -- even if it has an old schema relative to the current table level schema Modified: hive/branches/cbo/ql/src/test/queries/clientpositive/nonmr_fetch_threshold.q URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/queries/clientpositive/nonmr_fetch_threshold.q?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/queries/clientpositive/nonmr_fetch_threshold.q (original) +++ hive/branches/cbo/ql/src/test/queries/clientpositive/nonmr_fetch_threshold.q Fri Jul 25 00:38:23 2014 @@ -5,5 +5,6 @@ explain select cast(key as int) * 10, up set hive.fetch.task.conversion.threshold=100; +-- from HIVE-7397, limit + partition pruning filter explain select * from srcpart where ds='2008-04-08' AND hr='11' limit 10; explain select cast(key as int) * 10, upper(value) from src limit 10; Modified: hive/branches/cbo/ql/src/test/queries/clientpositive/orc_ppd_date.q URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/queries/clientpositive/orc_ppd_date.q?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/queries/clientpositive/orc_ppd_date.q (original) +++ hive/branches/cbo/ql/src/test/queries/clientpositive/orc_ppd_date.q Fri Jul 25 00:38:23 2014 @@ -12,6 +12,9 @@ select sum(hash(*)) from newtypesorc whe set hive.optimize.index.filter=true; select sum(hash(*)) from newtypesorc where da='1970-02-20'; +set hive.optimize.index.filter=true; +select sum(hash(*)) from newtypesorc where da= date '1970-02-20'; + set hive.optimize.index.filter=false; select sum(hash(*)) from newtypesorc where da=cast('1970-02-20' as date); Modified: hive/branches/cbo/ql/src/test/resources/orc-file-dump.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/resources/orc-file-dump.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/resources/orc-file-dump.out (original) +++ hive/branches/cbo/ql/src/test/resources/orc-file-dump.out Fri Jul 25 00:38:23 2014 @@ -51,7 +51,7 @@ Stripes: Encoding column 0: DIRECT Encoding column 1: DIRECT_V2 Encoding column 2: DIRECT_V2 - Encoding column 3: DICTIONARY_V2 + Encoding column 3: DICTIONARY_V2[35] Stripe: offset: 63966 data: 63755 rows: 5000 tail: 74 index: 122 Stream: column 0 section ROW_INDEX start: 63966 length 10 Stream: column 1 section ROW_INDEX start: 63976 length 34 @@ -65,7 +65,7 @@ Stripes: Encoding column 0: DIRECT Encoding column 1: DIRECT_V2 Encoding column 2: DIRECT_V2 - Encoding column 3: DICTIONARY_V2 + Encoding column 3: DICTIONARY_V2[35] Stripe: offset: 127917 data: 63766 rows: 5000 tail: 74 index: 124 Stream: column 0 section ROW_INDEX start: 127917 length 10 Stream: column 1 section ROW_INDEX start: 127927 length 36 @@ -79,7 +79,7 @@ Stripes: Encoding column 0: DIRECT Encoding column 1: DIRECT_V2 Encoding column 2: DIRECT_V2 - Encoding column 3: DICTIONARY_V2 + Encoding column 3: DICTIONARY_V2[35] Stripe: offset: 191881 data: 63796 rows: 5000 tail: 74 index: 123 Stream: column 0 section ROW_INDEX start: 191881 length 10 Stream: column 1 section ROW_INDEX start: 191891 length 35 @@ -93,7 +93,7 @@ Stripes: Encoding column 0: DIRECT Encoding column 1: DIRECT_V2 Encoding column 2: DIRECT_V2 - Encoding column 3: DICTIONARY_V2 + Encoding column 3: DICTIONARY_V2[35] Stripe: offset: 255874 data: 12940 rows: 1000 tail: 71 index: 123 Stream: column 0 section ROW_INDEX start: 255874 length 10 Stream: column 1 section ROW_INDEX start: 255884 length 36 @@ -107,7 +107,7 @@ Stripes: Encoding column 0: DIRECT Encoding column 1: DIRECT_V2 Encoding column 2: DIRECT_V2 - Encoding column 3: DICTIONARY_V2 + Encoding column 3: DICTIONARY_V2[35] File length: 269529 bytes Padding length: 0 bytes Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_addjar.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_addjar.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_addjar.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_addjar.q.out Fri Jul 25 00:38:23 2014 @@ -1,16 +1 @@ -PREHOOK: query: -- running a sql query to initialize the authorization - not needed in real HS2 mode -show tables -PREHOOK: type: SHOWTABLES -POSTHOOK: query: -- running a sql query to initialize the authorization - not needed in real HS2 mode -show tables -POSTHOOK: type: SHOWTABLES -alltypesorc -src -src1 -src_json -src_sequencefile -src_thrift -srcbucket -srcbucket2 -srcpart -Failed processing command add Insufficient privileges to execute add +Query returned non-zero code: 1, cause: Permission denied: Principal [name=hive_test_user, type=USER] does not have following privileges for operation ADD [[ADMIN PRIVILEGE] on Object [type=COMMAND_PARAMS, name=[jar, dummy.jar]]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_addpartition.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_addpartition.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_addpartition.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_addpartition.q.out Fri Jul 25 00:38:23 2014 @@ -7,4 +7,4 @@ create table tpart(i int, j int) partiti POSTHOOK: type: CREATETABLE POSTHOOK: Output: database:default POSTHOOK: Output: default@tpart -FAILED: HiveAccessControlException Permission denied. Principal [name=user2, type=USER] does not have following privileges on Object [type=TABLE_OR_VIEW, name=default.tpart] : [INSERT] +FAILED: HiveAccessControlException Permission denied: Principal [name=user2, type=USER] does not have following privileges for operation ALTERTABLE_ADDPARTS [[INSERT] on Object [type=TABLE_OR_VIEW, name=default.tpart]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_alter_db_owner.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_alter_db_owner.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_alter_db_owner.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_alter_db_owner.q.out Fri Jul 25 00:38:23 2014 @@ -6,4 +6,4 @@ PREHOOK: type: CREATEDATABASE create database dbao POSTHOOK: type: CREATEDATABASE -FAILED: HiveAccessControlException Permission denied. Principal [name=user1, type=USER] does not have following privileges on Object [type=DATABASE, name=dbao] : [ADMIN PRIVILEGE] +FAILED: HiveAccessControlException Permission denied: Principal [name=user1, type=USER] does not have following privileges for operation ALTERDATABASE_OWNER [[ADMIN PRIVILEGE] on Object [type=DATABASE, name=dbao]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_alter_db_owner_default.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_alter_db_owner_default.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_alter_db_owner_default.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_alter_db_owner_default.q.out Fri Jul 25 00:38:23 2014 @@ -1 +1 @@ -FAILED: HiveAccessControlException Permission denied. Principal [name=user1, type=USER] does not have following privileges on Object [type=DATABASE, name=default] : [ADMIN PRIVILEGE] +FAILED: HiveAccessControlException Permission denied: Principal [name=user1, type=USER] does not have following privileges for operation ALTERDATABASE_OWNER [[ADMIN PRIVILEGE] on Object [type=DATABASE, name=default]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_caseinsensitivity.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_caseinsensitivity.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_caseinsensitivity.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_caseinsensitivity.q.out Fri Jul 25 00:38:23 2014 @@ -59,4 +59,4 @@ testrole PREHOOK: query: create role TESTRoLE PREHOOK: type: CREATEROLE -FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. InvalidObjectException(message:Role testrole already exists.) +FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. Role testrole already exists. Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_create_func1.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_create_func1.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_create_func1.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_create_func1.q.out Fri Jul 25 00:38:23 2014 @@ -1 +1 @@ -FAILED: HiveAccessControlException Permission denied. Principal [name=hive_test_user, type=USER] does not have following privileges on Object [type=DATABASE, name=default] : [ADMIN PRIVILEGE] +FAILED: HiveAccessControlException Permission denied: Principal [name=hive_test_user, type=USER] does not have following privileges for operation CREATEFUNCTION [[ADMIN PRIVILEGE] on Object [type=DATABASE, name=default], [ADMIN PRIVILEGE] on Object [type=FUNCTION, name=perm_fn]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_create_func2.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_create_func2.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_create_func2.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_create_func2.q.out Fri Jul 25 00:38:23 2014 @@ -1 +1 @@ -FAILED: HiveAccessControlException Permission denied. Principal [name=hive_test_user, type=USER] does not have following privileges on Object [type=DATABASE, name=default] : [ADMIN PRIVILEGE] +FAILED: HiveAccessControlException Permission denied: Principal [name=hive_test_user, type=USER] does not have following privileges for operation CREATEFUNCTION [[ADMIN PRIVILEGE] on Object [type=FUNCTION, name=temp_fn]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_create_macro1.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_create_macro1.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_create_macro1.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_create_macro1.q.out Fri Jul 25 00:38:23 2014 @@ -1 +1 @@ -FAILED: HiveAccessControlException Permission denied. Principal [name=hive_test_user, type=USER] does not have following privileges on Object [type=DATABASE, name=default] : [ADMIN PRIVILEGE] +FAILED: HiveAccessControlException Permission denied: Principal [name=hive_test_user, type=USER] does not have following privileges for operation CREATEMACRO [[ADMIN PRIVILEGE] on Object [type=DATABASE, name=default]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_createview.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_createview.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_createview.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_createview.q.out Fri Jul 25 00:38:23 2014 @@ -7,4 +7,4 @@ create table t1(i int) POSTHOOK: type: CREATETABLE POSTHOOK: Output: database:default POSTHOOK: Output: default@t1 -FAILED: HiveAccessControlException Permission denied. Principal [name=user1, type=USER] does not have following privileges on Object [type=TABLE_OR_VIEW, name=default.t1] : [SELECT with grant] +FAILED: HiveAccessControlException Permission denied: Principal [name=user1, type=USER] does not have following privileges for operation CREATEVIEW [[SELECT with grant] on Object [type=TABLE_OR_VIEW, name=default.t1]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_ctas.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_ctas.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_ctas.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_ctas.q.out Fri Jul 25 00:38:23 2014 @@ -7,4 +7,4 @@ create table t1(i int) POSTHOOK: type: CREATETABLE POSTHOOK: Output: database:default POSTHOOK: Output: default@t1 -FAILED: HiveAccessControlException Permission denied. Principal [name=user1, type=USER] does not have following privileges on Object [type=TABLE_OR_VIEW, name=default.t1] : [SELECT] +FAILED: HiveAccessControlException Permission denied: Principal [name=user1, type=USER] does not have following privileges for operation CREATETABLE_AS_SELECT [[SELECT] on Object [type=TABLE_OR_VIEW, name=default.t1]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_desc_table_nosel.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_desc_table_nosel.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_desc_table_nosel.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_desc_table_nosel.q.out Fri Jul 25 00:38:23 2014 @@ -26,4 +26,4 @@ PREHOOK: Output: default@t1 POSTHOOK: query: revoke select on table t1 from user user2 POSTHOOK: type: REVOKE_PRIVILEGE POSTHOOK: Output: default@t1 -FAILED: HiveAccessControlException Permission denied. Principal [name=user2, type=USER] does not have following privileges on Object [type=TABLE_OR_VIEW, name=default.t1] : [SELECT] +FAILED: HiveAccessControlException Permission denied: Principal [name=user2, type=USER] does not have following privileges for operation DESCTABLE [[SELECT] on Object [type=TABLE_OR_VIEW, name=default.t1]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_dfs.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_dfs.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_dfs.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_dfs.q.out Fri Jul 25 00:38:23 2014 @@ -1,16 +1 @@ -PREHOOK: query: -- running a sql query to initialize the authorization - not needed in real HS2 mode -show tables -PREHOOK: type: SHOWTABLES -POSTHOOK: query: -- running a sql query to initialize the authorization - not needed in real HS2 mode -show tables -POSTHOOK: type: SHOWTABLES -alltypesorc -src -src1 -src_json -src_sequencefile -src_thrift -srcbucket -srcbucket2 -srcpart -Failed processing command dfs Insufficient privileges to execute dfs +Query returned non-zero code: 1, cause: Permission denied: Principal [name=hive_test_user, type=USER] does not have following privileges for operation DFS [[ADMIN PRIVILEGE] on Object [type=COMMAND_PARAMS, name=[-ls, dummy_file]]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_drop_db_cascade.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_drop_db_cascade.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_drop_db_cascade.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_drop_db_cascade.q.out Fri Jul 25 00:38:23 2014 @@ -50,4 +50,4 @@ POSTHOOK: query: show current roles POSTHOOK: type: SHOW_ROLES public -FAILED: HiveAccessControlException Permission denied. Principal [name=user2, type=USER] does not have following privileges on Object [type=TABLE_OR_VIEW, name=dba2.tab2] : [OBJECT OWNERSHIP] +FAILED: HiveAccessControlException Permission denied: Principal [name=user2, type=USER] does not have following privileges for operation DROPDATABASE [[OBJECT OWNERSHIP] on Object [type=TABLE_OR_VIEW, name=dba2.tab2]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_drop_db_empty.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_drop_db_empty.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_drop_db_empty.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_drop_db_empty.q.out Fri Jul 25 00:38:23 2014 @@ -46,4 +46,4 @@ POSTHOOK: query: show current roles POSTHOOK: type: SHOW_ROLES public -FAILED: HiveAccessControlException Permission denied. Principal [name=user2, type=USER] does not have following privileges on Object [type=DATABASE, name=dba2] : [OBJECT OWNERSHIP] +FAILED: HiveAccessControlException Permission denied: Principal [name=user2, type=USER] does not have following privileges for operation DROPDATABASE [[OBJECT OWNERSHIP] on Object [type=DATABASE, name=dba2]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_droppartition.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_droppartition.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_droppartition.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_droppartition.q.out Fri Jul 25 00:38:23 2014 @@ -16,4 +16,4 @@ POSTHOOK: type: ALTERTABLE_ADDPARTS #### A masked pattern was here #### POSTHOOK: Output: default@tpart POSTHOOK: Output: default@tpart@k=abc -FAILED: HiveAccessControlException Permission denied. Principal [name=user1, type=USER] does not have following privileges on Object [type=TABLE_OR_VIEW, name=default.tpart] : [DELETE] +FAILED: HiveAccessControlException Permission denied: Principal [name=user1, type=USER] does not have following privileges for operation ALTERTABLE_DROPPARTS [[DELETE] on Object [type=TABLE_OR_VIEW, name=default.tpart]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_fail_1.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_fail_1.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_fail_1.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_fail_1.q.out Fri Jul 25 00:38:23 2014 @@ -14,5 +14,4 @@ POSTHOOK: Output: default@authorization_ PREHOOK: query: grant Create on table authorization_fail_1 to user hive_test_user PREHOOK: type: GRANT_PRIVILEGE PREHOOK: Output: default@authorization_fail_1 -Error: java.lang.RuntimeException: InvalidObjectException(message:Create is already granted on table [default,authorization_fail_1] by hive_test_user) -FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask +FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. org.apache.hadoop.hive.ql.metadata.HiveException: java.lang.RuntimeException: InvalidObjectException(message:CREATE is already granted on table [default,authorization_fail_1] by hive_test_user) Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_fail_3.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_fail_3.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_fail_3.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_fail_3.q.out Fri Jul 25 00:38:23 2014 @@ -26,7 +26,7 @@ PREHOOK: query: show grant user hive_tes PREHOOK: type: SHOW_GRANT POSTHOOK: query: show grant user hive_test_user on table authorization_fail_3 POSTHOOK: type: SHOW_GRANT -default authorization_fail_3 hive_test_user USER Create false -1 hive_test_user +default authorization_fail_3 hive_test_user USER CREATE false -1 hive_test_user PREHOOK: query: show grant user hive_test_user on table authorization_fail_3 partition (ds='2010') PREHOOK: type: SHOW_GRANT POSTHOOK: query: show grant user hive_test_user on table authorization_fail_3 partition (ds='2010') Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_fail_4.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_fail_4.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_fail_4.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_fail_4.q.out Fri Jul 25 00:38:23 2014 @@ -40,12 +40,12 @@ PREHOOK: query: show grant user hive_tes PREHOOK: type: SHOW_GRANT POSTHOOK: query: show grant user hive_test_user on table authorization_fail_4 POSTHOOK: type: SHOW_GRANT -default authorization_fail_4 hive_test_user USER Alter false -1 hive_test_user -default authorization_fail_4 hive_test_user USER Create false -1 hive_test_user +default authorization_fail_4 hive_test_user USER ALTER false -1 hive_test_user +default authorization_fail_4 hive_test_user USER CREATE false -1 hive_test_user PREHOOK: query: show grant user hive_test_user on table authorization_fail_4 partition (ds='2010') PREHOOK: type: SHOW_GRANT POSTHOOK: query: show grant user hive_test_user on table authorization_fail_4 partition (ds='2010') POSTHOOK: type: SHOW_GRANT -default authorization_fail_4 [2010] hive_test_user USER Alter false -1 hive_test_user -default authorization_fail_4 [2010] hive_test_user USER Create false -1 hive_test_user +default authorization_fail_4 [2010] hive_test_user USER ALTER false -1 hive_test_user +default authorization_fail_4 [2010] hive_test_user USER CREATE false -1 hive_test_user Authorization failed:No privilege 'Select' found for inputs { database:default, table:authorization_fail_4, partitionName:ds=2010, columnName:key}. Use SHOW GRANT to get more details. Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_fail_5.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_fail_5.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_fail_5.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_fail_5.q.out Fri Jul 25 00:38:23 2014 @@ -46,16 +46,16 @@ PREHOOK: query: show grant user hive_tes PREHOOK: type: SHOW_GRANT POSTHOOK: query: show grant user hive_test_user on table authorization_fail POSTHOOK: type: SHOW_GRANT -default authorization_fail hive_test_user USER Alter false -1 hive_test_user -default authorization_fail hive_test_user USER Create false -1 hive_test_user -default authorization_fail hive_test_user USER Select false -1 hive_test_user +default authorization_fail hive_test_user USER ALTER false -1 hive_test_user +default authorization_fail hive_test_user USER CREATE false -1 hive_test_user +default authorization_fail hive_test_user USER SELECT false -1 hive_test_user PREHOOK: query: show grant user hive_test_user on table authorization_fail partition (ds='2010') PREHOOK: type: SHOW_GRANT POSTHOOK: query: show grant user hive_test_user on table authorization_fail partition (ds='2010') POSTHOOK: type: SHOW_GRANT -default authorization_fail [2010] hive_test_user USER Alter false -1 hive_test_user -default authorization_fail [2010] hive_test_user USER Create false -1 hive_test_user -default authorization_fail [2010] hive_test_user USER Select false -1 hive_test_user +default authorization_fail [2010] hive_test_user USER ALTER false -1 hive_test_user +default authorization_fail [2010] hive_test_user USER CREATE false -1 hive_test_user +default authorization_fail [2010] hive_test_user USER SELECT false -1 hive_test_user PREHOOK: query: revoke Select on table authorization_fail partition (ds='2010') from user hive_test_user PREHOOK: type: REVOKE_PRIVILEGE PREHOOK: Output: default@authorization_fail@ds=2010 @@ -66,6 +66,6 @@ PREHOOK: query: show grant user hive_tes PREHOOK: type: SHOW_GRANT POSTHOOK: query: show grant user hive_test_user on table authorization_fail partition (ds='2010') POSTHOOK: type: SHOW_GRANT -default authorization_fail [2010] hive_test_user USER Alter false -1 hive_test_user -default authorization_fail [2010] hive_test_user USER Create false -1 hive_test_user +default authorization_fail [2010] hive_test_user USER ALTER false -1 hive_test_user +default authorization_fail [2010] hive_test_user USER CREATE false -1 hive_test_user Authorization failed:No privilege 'Select' found for inputs { database:default, table:authorization_fail, partitionName:ds=2010, columnName:key}. Use SHOW GRANT to get more details. Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_fail_7.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_fail_7.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_fail_7.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_fail_7.q.out Fri Jul 25 00:38:23 2014 @@ -33,7 +33,7 @@ PREHOOK: query: show grant role hive_tes PREHOOK: type: SHOW_GRANT POSTHOOK: query: show grant role hive_test_role_fail on table authorization_fail POSTHOOK: type: SHOW_GRANT -default authorization_fail hive_test_role_fail ROLE Select false -1 hive_test_user +default authorization_fail hive_test_role_fail ROLE SELECT false -1 hive_test_user PREHOOK: query: drop role hive_test_role_fail PREHOOK: type: DROPROLE POSTHOOK: query: drop role hive_test_role_fail Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_grant_table_allpriv.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_grant_table_allpriv.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_grant_table_allpriv.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_grant_table_allpriv.q.out Fri Jul 25 00:38:23 2014 @@ -21,4 +21,4 @@ PREHOOK: query: -- try grant all to user GRANT ALL ON table_priv_allf TO USER user3 PREHOOK: type: GRANT_PRIVILEGE PREHOOK: Output: default@table_priv_allf -FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. Permission denied. Principal [name=user2, type=USER] does not have following privileges on Object [type=TABLE_OR_VIEW, name=default.table_priv_allf] : [SELECT with grant, UPDATE with grant, DELETE with grant] +FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. Permission denied: Principal [name=user2, type=USER] does not have following privileges for operation GRANT_PRIVILEGE [[SELECT with grant, UPDATE with grant, DELETE with grant] on Object [type=TABLE_OR_VIEW, name=default.table_priv_allf]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_grant_table_fail1.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_grant_table_fail1.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_grant_table_fail1.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_grant_table_fail1.q.out Fri Jul 25 00:38:23 2014 @@ -13,4 +13,4 @@ PREHOOK: query: -- try grant insert to u GRANT INSERT ON table_priv_gfail1 TO USER user3 PREHOOK: type: GRANT_PRIVILEGE PREHOOK: Output: default@table_priv_gfail1 -FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. Permission denied. Principal [name=user2, type=USER] does not have following privileges on Object [type=TABLE_OR_VIEW, name=default.table_priv_gfail1] : [INSERT with grant] +FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. Permission denied: Principal [name=user2, type=USER] does not have following privileges for operation GRANT_PRIVILEGE [[INSERT with grant] on Object [type=TABLE_OR_VIEW, name=default.table_priv_gfail1]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_grant_table_fail_nogrant.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_grant_table_fail_nogrant.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_grant_table_fail_nogrant.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_grant_table_fail_nogrant.q.out Fri Jul 25 00:38:23 2014 @@ -21,4 +21,4 @@ PREHOOK: query: -- try grant insert to u GRANT INSERT ON table_priv_gfail1 TO USER user3 PREHOOK: type: GRANT_PRIVILEGE PREHOOK: Output: default@table_priv_gfail1 -FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. Permission denied. Principal [name=user2, type=USER] does not have following privileges on Object [type=TABLE_OR_VIEW, name=default.table_priv_gfail1] : [INSERT with grant] +FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. Permission denied: Principal [name=user2, type=USER] does not have following privileges for operation GRANT_PRIVILEGE [[INSERT with grant] on Object [type=TABLE_OR_VIEW, name=default.table_priv_gfail1]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_insert_noinspriv.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_insert_noinspriv.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_insert_noinspriv.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_insert_noinspriv.q.out Fri Jul 25 00:38:23 2014 @@ -14,4 +14,4 @@ POSTHOOK: query: create table user2tab(i POSTHOOK: type: CREATETABLE POSTHOOK: Output: database:default POSTHOOK: Output: default@user2tab -FAILED: HiveAccessControlException Permission denied. Principal [name=user1, type=USER] does not have following privileges on Object [type=TABLE_OR_VIEW, name=default.t1] : [INSERT] +FAILED: HiveAccessControlException Permission denied: Principal [name=user1, type=USER] does not have following privileges for operation QUERY [[INSERT] on Object [type=TABLE_OR_VIEW, name=default.t1, action=INSERT]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_insert_noselectpriv.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_insert_noselectpriv.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_insert_noselectpriv.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_insert_noselectpriv.q.out Fri Jul 25 00:38:23 2014 @@ -14,4 +14,4 @@ POSTHOOK: query: create table t2(i int) POSTHOOK: type: CREATETABLE POSTHOOK: Output: database:default POSTHOOK: Output: default@t2 -FAILED: HiveAccessControlException Permission denied. Principal [name=user1, type=USER] does not have following privileges on Object [type=TABLE_OR_VIEW, name=default.t1] : [SELECT] +FAILED: HiveAccessControlException Permission denied: Principal [name=user1, type=USER] does not have following privileges for operation QUERY [[SELECT] on Object [type=TABLE_OR_VIEW, name=default.t1]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_insertoverwrite_nodel.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_insertoverwrite_nodel.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_insertoverwrite_nodel.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_insertoverwrite_nodel.q.out Fri Jul 25 00:38:23 2014 @@ -33,4 +33,4 @@ POSTHOOK: query: create table user1tab(i POSTHOOK: type: CREATETABLE POSTHOOK: Output: database:default POSTHOOK: Output: default@user1tab -FAILED: HiveAccessControlException Permission denied. Principal [name=user1, type=USER] does not have following privileges on Object [type=TABLE_OR_VIEW, name=default.t1] : [DELETE] +FAILED: HiveAccessControlException Permission denied: Principal [name=user1, type=USER] does not have following privileges for operation QUERY [[DELETE] on Object [type=TABLE_OR_VIEW, name=default.t1, action=INSERT_OVERWRITE]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_not_owner_alter_tab_rename.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_not_owner_alter_tab_rename.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_not_owner_alter_tab_rename.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_not_owner_alter_tab_rename.q.out Fri Jul 25 00:38:23 2014 @@ -7,4 +7,4 @@ create table t1(i int) POSTHOOK: type: CREATETABLE POSTHOOK: Output: database:default POSTHOOK: Output: default@t1 -FAILED: HiveAccessControlException Permission denied. Principal [name=user2, type=USER] does not have following privileges on Object [type=TABLE_OR_VIEW, name=default.t1] : [OBJECT OWNERSHIP] +FAILED: HiveAccessControlException Permission denied: Principal [name=user2, type=USER] does not have following privileges for operation ALTERTABLE_RENAME [[OBJECT OWNERSHIP] on Object [type=TABLE_OR_VIEW, name=default.t1], [OBJECT OWNERSHIP] on Object [type=TABLE_OR_VIEW, name=default.t1]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_not_owner_alter_tab_serdeprop.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_not_owner_alter_tab_serdeprop.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_not_owner_alter_tab_serdeprop.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_not_owner_alter_tab_serdeprop.q.out Fri Jul 25 00:38:23 2014 @@ -7,4 +7,4 @@ create table t1(i int) POSTHOOK: type: CREATETABLE POSTHOOK: Output: database:default POSTHOOK: Output: default@t1 -FAILED: HiveAccessControlException Permission denied. Principal [name=user2, type=USER] does not have following privileges on Object [type=TABLE_OR_VIEW, name=default.t1] : [OBJECT OWNERSHIP] +FAILED: HiveAccessControlException Permission denied: Principal [name=user2, type=USER] does not have following privileges for operation ALTERTABLE_SERDEPROPERTIES [[OBJECT OWNERSHIP] on Object [type=TABLE_OR_VIEW, name=default.t1], [OBJECT OWNERSHIP] on Object [type=TABLE_OR_VIEW, name=default.t1]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_not_owner_drop_tab.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_not_owner_drop_tab.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_not_owner_drop_tab.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_not_owner_drop_tab.q.out Fri Jul 25 00:38:23 2014 @@ -7,4 +7,4 @@ create table t1(i int) POSTHOOK: type: CREATETABLE POSTHOOK: Output: database:default POSTHOOK: Output: default@t1 -FAILED: HiveAccessControlException Permission denied. Principal [name=user2, type=USER] does not have following privileges on Object [type=TABLE_OR_VIEW, name=default.t1] : [OBJECT OWNERSHIP] +FAILED: HiveAccessControlException Permission denied: Principal [name=user2, type=USER] does not have following privileges for operation DROPTABLE [[OBJECT OWNERSHIP] on Object [type=TABLE_OR_VIEW, name=default.t1]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_not_owner_drop_view.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_not_owner_drop_view.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_not_owner_drop_view.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_not_owner_drop_view.q.out Fri Jul 25 00:38:23 2014 @@ -14,4 +14,4 @@ POSTHOOK: query: create view vt1 as sele POSTHOOK: type: CREATEVIEW POSTHOOK: Input: default@t1 POSTHOOK: Output: default@vt1 -FAILED: HiveAccessControlException Permission denied. Principal [name=user2, type=USER] does not have following privileges on Object [type=TABLE_OR_VIEW, name=default.vt1] : [OBJECT OWNERSHIP] +FAILED: HiveAccessControlException Permission denied: Principal [name=user2, type=USER] does not have following privileges for operation DROPVIEW [[OBJECT OWNERSHIP] on Object [type=TABLE_OR_VIEW, name=default.vt1], [OBJECT OWNERSHIP] on Object [type=TABLE_OR_VIEW, name=default.vt1]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_part.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_part.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_part.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_part.q.out Fri Jul 25 00:38:23 2014 @@ -68,7 +68,7 @@ PREHOOK: query: show grant group hive_te PREHOOK: type: SHOW_GRANT POSTHOOK: query: show grant group hive_test_group1 on table authorization_part_fail POSTHOOK: type: SHOW_GRANT -default authorization_part_fail hive_test_group1 GROUP Select false -1 hive_test_user +default authorization_part_fail hive_test_group1 GROUP SELECT false -1 hive_test_user PREHOOK: query: insert overwrite table authorization_part_fail partition (ds='2010') select key, value from src_auth PREHOOK: type: QUERY PREHOOK: Input: default@src_auth @@ -83,12 +83,12 @@ PREHOOK: query: show grant group hive_te PREHOOK: type: SHOW_GRANT POSTHOOK: query: show grant group hive_test_group1 on table authorization_part_fail(key) partition (ds='2010') POSTHOOK: type: SHOW_GRANT -default authorization_part_fail [2010] key hive_test_group1 GROUP Select false -1 hive_test_user +default authorization_part_fail [2010] [key] hive_test_group1 GROUP SELECT false -1 hive_test_user PREHOOK: query: show grant group hive_test_group1 on table authorization_part_fail partition (ds='2010') PREHOOK: type: SHOW_GRANT POSTHOOK: query: show grant group hive_test_group1 on table authorization_part_fail partition (ds='2010') POSTHOOK: type: SHOW_GRANT -default authorization_part_fail [2010] hive_test_group1 GROUP Select false -1 hive_test_user +default authorization_part_fail [2010] hive_test_group1 GROUP SELECT false -1 hive_test_user PREHOOK: query: select key, value from authorization_part_fail where ds='2010' order by key limit 20 PREHOOK: type: QUERY PREHOOK: Input: default@authorization_part_fail @@ -133,12 +133,12 @@ PREHOOK: query: show grant group hive_te PREHOOK: type: SHOW_GRANT POSTHOOK: query: show grant group hive_test_group1 on table authorization_part_fail(key) partition (ds='2011') POSTHOOK: type: SHOW_GRANT -default authorization_part_fail [2011] key hive_test_group1 GROUP Select false -1 hive_test_user +default authorization_part_fail [2011] [key] hive_test_group1 GROUP SELECT false -1 hive_test_user PREHOOK: query: show grant group hive_test_group1 on table authorization_part_fail partition (ds='2011') PREHOOK: type: SHOW_GRANT POSTHOOK: query: show grant group hive_test_group1 on table authorization_part_fail partition (ds='2011') POSTHOOK: type: SHOW_GRANT -default authorization_part_fail [2011] hive_test_group1 GROUP Select false -1 hive_test_user +default authorization_part_fail [2011] hive_test_group1 GROUP SELECT false -1 hive_test_user PREHOOK: query: select key, value from authorization_part_fail where ds='2011' order by key limit 20 PREHOOK: type: QUERY PREHOOK: Input: default@authorization_part_fail Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_priv_current_role_neg.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_priv_current_role_neg.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_priv_current_role_neg.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_priv_current_role_neg.q.out Fri Jul 25 00:38:23 2014 @@ -76,4 +76,4 @@ PREHOOK: query: -- set role to public, s grant all on table tpriv_current_role to user user5 PREHOOK: type: GRANT_PRIVILEGE PREHOOK: Output: default@tpriv_current_role -FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. Permission denied. Principal [name=user2, type=USER] does not have following privileges on Object [type=TABLE_OR_VIEW, name=default.tpriv_current_role] : [SELECT with grant, INSERT with grant, UPDATE with grant, DELETE with grant] +FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. Permission denied: Principal [name=user2, type=USER] does not have following privileges for operation GRANT_PRIVILEGE [[SELECT with grant, INSERT with grant, UPDATE with grant, DELETE with grant] on Object [type=TABLE_OR_VIEW, name=default.tpriv_current_role]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_public_create.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_public_create.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_public_create.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_public_create.q.out Fri Jul 25 00:38:23 2014 @@ -1,4 +1,3 @@ PREHOOK: query: create role PUBLIC PREHOOK: type: CREATEROLE -Error in role operation create_role on role name public, error message MetaException(message:public role implictly exists. It can't be created.) -FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask +FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. org.apache.hadoop.hive.ql.metadata.HiveException: MetaException(message:public role implictly exists. It can't be created.) Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_public_drop.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_public_drop.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_public_drop.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_public_drop.q.out Fri Jul 25 00:38:23 2014 @@ -1,4 +1,3 @@ PREHOOK: query: drop role PUBLIC PREHOOK: type: DROPROLE -Error in role operation drop_role on role name public, error message MetaException(message:public/admin role can't be dropped.) -FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask +FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. org.apache.hadoop.hive.ql.metadata.HiveException: MetaException(message:public/admin role can't be dropped.) Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_role_cycles1.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_role_cycles1.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_role_cycles1.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_role_cycles1.q.out Fri Jul 25 00:38:23 2014 @@ -19,4 +19,4 @@ POSTHOOK: type: GRANT_ROLE PREHOOK: query: -- this will create a cycle grant role role2 to role role1 PREHOOK: type: GRANT_ROLE -FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException: Cannot grant role role1 to role2 as role2 already belongs to the role role1. (no cycles allowed) +FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. Cannot grant role role1 to role2 as role2 already belongs to the role role1. (no cycles allowed) Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_role_cycles2.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_role_cycles2.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_role_cycles2.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_role_cycles2.q.out Fri Jul 25 00:38:23 2014 @@ -45,4 +45,4 @@ POSTHOOK: type: GRANT_ROLE PREHOOK: query: -- this will create a cycle in middle of the hierarchy grant role role2 to role role4 PREHOOK: type: GRANT_ROLE -FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException: Cannot grant role role4 to role2 as role2 already belongs to the role role4. (no cycles allowed) +FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. Cannot grant role role4 to role2 as role2 already belongs to the role role4. (no cycles allowed) Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_role_grant.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_role_grant.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_role_grant.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_role_grant.q.out Fri Jul 25 00:38:23 2014 @@ -41,4 +41,4 @@ POSTHOOK: query: set role role_noadmin POSTHOOK: type: SHOW_ROLES PREHOOK: query: grant src_role_wadmin to user user3 PREHOOK: type: GRANT_ROLE -FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAccessControlException: Current user : user2 is not allowed to grant role. User has to belong to ADMIN role and have it as current role, for this action. Otherwise, grantor need to have ADMIN OPTION on role being granted and have it as a current role for this action. +FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. Current user : user2 is not allowed to grant role. User has to belong to ADMIN role and have it as current role, for this action. Otherwise, grantor need to have ADMIN OPTION on role being granted and have it as a current role for this action. Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_role_grant2.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_role_grant2.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_role_grant2.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_role_grant2.q.out Fri Jul 25 00:38:23 2014 @@ -59,4 +59,4 @@ POSTHOOK: type: SHOW_ROLES PREHOOK: query: -- grant/revoke should now fail grant src_role_wadmin to user user3 PREHOOK: type: GRANT_ROLE -FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAccessControlException: Current user : user2 is not allowed to grant role. User has to belong to ADMIN role and have it as current role, for this action. Otherwise, grantor need to have ADMIN OPTION on role being granted and have it as a current role for this action. +FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. Current user : user2 is not allowed to grant role. User has to belong to ADMIN role and have it as current role, for this action. Otherwise, grantor need to have ADMIN OPTION on role being granted and have it as a current role for this action. Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_role_grant_nosuchrole.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_role_grant_nosuchrole.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_role_grant_nosuchrole.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_role_grant_nosuchrole.q.out Fri Jul 25 00:38:23 2014 @@ -16,4 +16,4 @@ create role role1 POSTHOOK: type: CREATEROLE PREHOOK: query: grant role1 to role nosuchrole PREHOOK: type: GRANT_ROLE -FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException: Error granting roles for nosuchrole to role role1: NoSuchObjectException(message:Role nosuchrole does not exist) +FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. Error granting roles for nosuchrole to role role1: NoSuchObjectException(message:Role nosuchrole does not exist) Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_rolehierarchy_privs.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_rolehierarchy_privs.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_rolehierarchy_privs.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_rolehierarchy_privs.q.out Fri Jul 25 00:38:23 2014 @@ -206,4 +206,4 @@ role1 role2 role4 -FAILED: HiveAccessControlException Permission denied. Principal [name=user1, type=USER] does not have following privileges on Object [type=TABLE_OR_VIEW, name=default.t1] : [SELECT] +FAILED: HiveAccessControlException Permission denied: Principal [name=user1, type=USER] does not have following privileges for operation QUERY [[SELECT] on Object [type=TABLE_OR_VIEW, name=default.t1]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_select.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_select.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_select.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_select.q.out Fri Jul 25 00:38:23 2014 @@ -7,4 +7,4 @@ create table t1(i int) POSTHOOK: type: CREATETABLE POSTHOOK: Output: database:default POSTHOOK: Output: default@t1 -FAILED: HiveAccessControlException Permission denied. Principal [name=user1, type=USER] does not have following privileges on Object [type=TABLE_OR_VIEW, name=default.t1] : [SELECT] +FAILED: HiveAccessControlException Permission denied: Principal [name=user1, type=USER] does not have following privileges for operation QUERY [[SELECT] on Object [type=TABLE_OR_VIEW, name=default.t1]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_select_view.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_select_view.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_select_view.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_select_view.q.out Fri Jul 25 00:38:23 2014 @@ -14,4 +14,4 @@ POSTHOOK: query: create view v1 as selec POSTHOOK: type: CREATEVIEW POSTHOOK: Input: default@t1 POSTHOOK: Output: default@v1 -FAILED: HiveAccessControlException Permission denied. Principal [name=user1, type=USER] does not have following privileges on Object [type=TABLE_OR_VIEW, name=default.v1] : [SELECT] +FAILED: HiveAccessControlException Permission denied: Principal [name=user1, type=USER] does not have following privileges for operation QUERY [[SELECT] on Object [type=TABLE_OR_VIEW, name=default.v1]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_show_parts_nosel.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_show_parts_nosel.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_show_parts_nosel.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_show_parts_nosel.q.out Fri Jul 25 00:38:23 2014 @@ -7,4 +7,4 @@ create table t_show_parts(i int) partiti POSTHOOK: type: CREATETABLE POSTHOOK: Output: database:default POSTHOOK: Output: default@t_show_parts -FAILED: HiveAccessControlException Permission denied. Principal [name=user2, type=USER] does not have following privileges on Object [type=TABLE_OR_VIEW, name=default.t_show_parts] : [SELECT] +FAILED: HiveAccessControlException Permission denied: Principal [name=user2, type=USER] does not have following privileges for operation SHOWPARTITIONS [[SELECT] on Object [type=TABLE_OR_VIEW, name=default.t_show_parts]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorization_truncate.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorization_truncate.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorization_truncate.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorization_truncate.q.out Fri Jul 25 00:38:23 2014 @@ -7,4 +7,4 @@ create table t1(i int, j int) POSTHOOK: type: CREATETABLE POSTHOOK: Output: database:default POSTHOOK: Output: default@t1 -FAILED: HiveAccessControlException Permission denied. Principal [name=user1, type=USER] does not have following privileges on Object [type=TABLE_OR_VIEW, name=default.t1] : [OBJECT OWNERSHIP] +FAILED: HiveAccessControlException Permission denied: Principal [name=user1, type=USER] does not have following privileges for operation TRUNCATETABLE [[OBJECT OWNERSHIP] on Object [type=TABLE_OR_VIEW, name=default.t1]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/authorize_create_tbl.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/authorize_create_tbl.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/authorize_create_tbl.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/authorize_create_tbl.q.out Fri Jul 25 00:38:23 2014 @@ -6,4 +6,4 @@ PREHOOK: query: use db23221 PREHOOK: type: SWITCHDATABASE POSTHOOK: query: use db23221 POSTHOOK: type: SWITCHDATABASE -FAILED: HiveAccessControlException Permission denied. Principal [name=user44, type=USER] does not have following privileges on Object [type=DATABASE, name=db23221] : [OBJECT OWNERSHIP] +FAILED: HiveAccessControlException Permission denied: Principal [name=user44, type=USER] does not have following privileges for operation CREATETABLE [[OBJECT OWNERSHIP] on Object [type=DATABASE, name=db23221]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/create_function_nonexistent_class.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/create_function_nonexistent_class.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/create_function_nonexistent_class.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/create_function_nonexistent_class.q.out Fri Jul 25 00:38:23 2014 @@ -1,5 +1,6 @@ PREHOOK: query: create function default.badfunc as 'my.nonexistent.class' PREHOOK: type: CREATEFUNCTION PREHOOK: Output: database:default +PREHOOK: Output: default.badfunc FAILED: Class my.nonexistent.class not found FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.FunctionTask Modified: hive/branches/cbo/ql/src/test/results/clientnegative/create_function_nonudf_class.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/create_function_nonudf_class.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/create_function_nonudf_class.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/create_function_nonudf_class.q.out Fri Jul 25 00:38:23 2014 @@ -1,5 +1,6 @@ PREHOOK: query: create function default.badfunc as 'java.lang.String' PREHOOK: type: CREATEFUNCTION PREHOOK: Output: database:default +PREHOOK: Output: default.badfunc FAILED: Class java.lang.String does not implement UDF, GenericUDF, or UDAF FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.FunctionTask Modified: hive/branches/cbo/ql/src/test/results/clientnegative/create_udaf_failure.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/create_udaf_failure.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/create_udaf_failure.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/create_udaf_failure.q.out Fri Jul 25 00:38:23 2014 @@ -1,7 +1,7 @@ PREHOOK: query: CREATE TEMPORARY FUNCTION test_udaf AS 'org.apache.hadoop.hive.ql.udf.UDAFWrongArgLengthForTestCase' PREHOOK: type: CREATEFUNCTION -PREHOOK: Output: database:default +PREHOOK: Output: test_udaf POSTHOOK: query: CREATE TEMPORARY FUNCTION test_udaf AS 'org.apache.hadoop.hive.ql.udf.UDAFWrongArgLengthForTestCase' POSTHOOK: type: CREATEFUNCTION -POSTHOOK: Output: database:default +POSTHOOK: Output: test_udaf FAILED: SemanticException org.apache.hadoop.hive.ql.exec.UDFArgumentLengthException: public boolean org.apache.hadoop.hive.ql.udf.UDAFWrongArgLengthForTestCase$UDAFWrongArgLengthForTestCaseEvaluator.merge() requires 0 arguments but 1 are passed in. Modified: hive/branches/cbo/ql/src/test/results/clientnegative/create_unknown_genericudf.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/create_unknown_genericudf.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/create_unknown_genericudf.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/create_unknown_genericudf.q.out Fri Jul 25 00:38:23 2014 @@ -1,5 +1,5 @@ PREHOOK: query: CREATE TEMPORARY FUNCTION dummy_genericudf AS 'org.apache.hadoop.hive.ql.udf.generic.DummyGenericUDF' PREHOOK: type: CREATEFUNCTION -PREHOOK: Output: database:default +PREHOOK: Output: dummy_genericudf FAILED: Class org.apache.hadoop.hive.ql.udf.generic.DummyGenericUDF not found FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.FunctionTask Modified: hive/branches/cbo/ql/src/test/results/clientnegative/create_unknown_udf_udaf.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/create_unknown_udf_udaf.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/create_unknown_udf_udaf.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/create_unknown_udf_udaf.q.out Fri Jul 25 00:38:23 2014 @@ -1,5 +1,5 @@ PREHOOK: query: CREATE TEMPORARY FUNCTION dummy_function AS 'org.apache.hadoop.hive.ql.udf.DummyFunction' PREHOOK: type: CREATEFUNCTION -PREHOOK: Output: database:default +PREHOOK: Output: dummy_function FAILED: Class org.apache.hadoop.hive.ql.udf.DummyFunction not found FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.FunctionTask Modified: hive/branches/cbo/ql/src/test/results/clientnegative/drop_native_udf.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/drop_native_udf.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/drop_native_udf.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/drop_native_udf.q.out Fri Jul 25 00:38:23 2014 @@ -1,4 +1,4 @@ PREHOOK: query: DROP TEMPORARY FUNCTION max PREHOOK: type: DROPFUNCTION -PREHOOK: Output: database:default +PREHOOK: Output: max FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.FunctionTask Modified: hive/branches/cbo/ql/src/test/results/clientnegative/temp_table_authorize_create_tbl.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/temp_table_authorize_create_tbl.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/temp_table_authorize_create_tbl.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/temp_table_authorize_create_tbl.q.out Fri Jul 25 00:38:23 2014 @@ -6,4 +6,4 @@ PREHOOK: query: use db23221 PREHOOK: type: SWITCHDATABASE POSTHOOK: query: use db23221 POSTHOOK: type: SWITCHDATABASE -FAILED: HiveAccessControlException Permission denied. Principal [name=user44, type=USER] does not have following privileges on Object [type=DATABASE, name=db23221] : [OBJECT OWNERSHIP] +FAILED: HiveAccessControlException Permission denied: Principal [name=user44, type=USER] does not have following privileges for operation CREATETABLE [[OBJECT OWNERSHIP] on Object [type=DATABASE, name=db23221]] Modified: hive/branches/cbo/ql/src/test/results/clientnegative/udf_function_does_not_implement_udf.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/udf_function_does_not_implement_udf.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/udf_function_does_not_implement_udf.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/udf_function_does_not_implement_udf.q.out Fri Jul 25 00:38:23 2014 @@ -1,5 +1,5 @@ PREHOOK: query: CREATE TEMPORARY FUNCTION moo AS 'org.apache.hadoop.hive.ql.Driver' PREHOOK: type: CREATEFUNCTION -PREHOOK: Output: database:default +PREHOOK: Output: moo FAILED: Class org.apache.hadoop.hive.ql.Driver does not implement UDF, GenericUDF, or UDAF FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.FunctionTask Modified: hive/branches/cbo/ql/src/test/results/clientnegative/udf_local_resource.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/udf_local_resource.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/udf_local_resource.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/udf_local_resource.q.out Fri Jul 25 00:38:23 2014 @@ -1,4 +1,5 @@ PREHOOK: query: create function lookup as 'org.apache.hadoop.hive.ql.udf.UDFFileLookup' using file '../../data/files/sales.txt' PREHOOK: type: CREATEFUNCTION PREHOOK: Output: database:default +PREHOOK: Output: lookup FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.FunctionTask. Hive warehouse is non-local, but ../../data/files/sales.txt specifies file on local filesystem. Resources on non-local warehouse should specify a non-local scheme/path Modified: hive/branches/cbo/ql/src/test/results/clientnegative/udf_nonexistent_resource.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/udf_nonexistent_resource.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/udf_nonexistent_resource.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/udf_nonexistent_resource.q.out Fri Jul 25 00:38:23 2014 @@ -1,5 +1,6 @@ PREHOOK: query: create function lookup as 'org.apache.hadoop.hive.ql.udf.UDFFileLookup' using file 'nonexistent_file.txt' PREHOOK: type: CREATEFUNCTION PREHOOK: Output: database:default +PREHOOK: Output: lookup nonexistent_file.txt does not exist FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.FunctionTask. nonexistent_file.txt does not exist Modified: hive/branches/cbo/ql/src/test/results/clientnegative/udf_test_error.q.out URL: http://svn.apache.org/viewvc/hive/branches/cbo/ql/src/test/results/clientnegative/udf_test_error.q.out?rev=1613335&r1=1613334&r2=1613335&view=diff ============================================================================== --- hive/branches/cbo/ql/src/test/results/clientnegative/udf_test_error.q.out (original) +++ hive/branches/cbo/ql/src/test/results/clientnegative/udf_test_error.q.out Fri Jul 25 00:38:23 2014 @@ -1,9 +1,9 @@ PREHOOK: query: CREATE TEMPORARY FUNCTION test_error AS 'org.apache.hadoop.hive.ql.udf.UDFTestErrorOnFalse' PREHOOK: type: CREATEFUNCTION -PREHOOK: Output: database:default +PREHOOK: Output: test_error POSTHOOK: query: CREATE TEMPORARY FUNCTION test_error AS 'org.apache.hadoop.hive.ql.udf.UDFTestErrorOnFalse' POSTHOOK: type: CREATEFUNCTION -POSTHOOK: Output: database:default +POSTHOOK: Output: test_error PREHOOK: query: SELECT test_error(key < 125 OR key > 130) FROM src PREHOOK: type: QUERY PREHOOK: Input: default@src
