----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/21289/#review42625 -----------------------------------------------------------
metastore/src/java/org/apache/hadoop/hive/metastore/ObjectStore.java <https://reviews.apache.org/r/21289/#comment76447> This should be done within transaction. Else, this may result in TOCTU bug. - Ashutosh Chauhan On May 9, 2014, 11:14 p.m., Thejas Nair wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/21289/ > ----------------------------------------------------------- > > (Updated May 9, 2014, 11:14 p.m.) > > > Review request for hive and Ashutosh Chauhan. > > > Bugs: HIVE-7033 > https://issues.apache.org/jira/browse/HIVE-7033 > > > Repository: hive-git > > > Description > ------- > > The following grant statement that grants to a role that does not exist > succeeds, but it should result in an error. > > > grant all on t1 to role nosuchrole; > > Patch also fixes the handling of role names in some cases to be case > insensitive. > > > Diffs > ----- > > metastore/src/java/org/apache/hadoop/hive/metastore/ObjectStore.java > 4b4f4f2 > > ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HivePrincipal.java > 62b8994 > ql/src/test/queries/clientnegative/authorization_role_grant_nosuchrole.q > PRE-CREATION > ql/src/test/queries/clientnegative/authorization_table_grant_nosuchrole.q > PRE-CREATION > ql/src/test/queries/clientpositive/authorization_1_sql_std.q 79ae17a > ql/src/test/queries/clientpositive/authorization_role_grant1.q f89d0dc > ql/src/test/queries/clientpositive/authorization_role_grant2.q 984d7ed > > ql/src/test/results/clientnegative/authorization_role_grant_nosuchrole.q.out > PRE-CREATION > > ql/src/test/results/clientnegative/authorization_table_grant_nosuchrole.q.out > PRE-CREATION > ql/src/test/results/clientpositive/authorization_1_sql_std.q.out 718ff31 > ql/src/test/results/clientpositive/authorization_role_grant1.q.out 3c846eb > ql/src/test/results/clientpositive/authorization_role_grant2.q.out 1e8f88a > > Diff: https://reviews.apache.org/r/21289/diff/ > > > Testing > ------- > > New tests included > > > Thanks, > > Thejas Nair > >