Re: [PR] HIVE-29106: When drop a table, there is no need to verify the directo… [hive]

Thu, 31 Jul 2025 19:38:06 -0700 


zxl-333 commented on code in PR #5997:
URL: https://github.com/apache/hive/pull/5997#discussion_r2246759426


##########
standalone-metastore/metastore-server/src/main/java/org/apache/hadoop/hive/metastore/HMSHandler.java:
##########
@@ -3050,18 +3050,6 @@ private boolean drop_table_core(final RawStore ms, final 
String catName, final S
       firePreEvent(new PreDropTableEvent(tbl, deleteData, this));
 
       tableDataShouldBeDeleted = checkTableDataShouldBeDeleted(tbl, 
deleteData);
-      if (tableDataShouldBeDeleted && tbl.getSd().getLocation() != null) {

Review Comment:
   When Ranger is not enabled, there is no issue with HIVE-28804. However, when 
Ranger is enabled, the HMS code fails to retrieve authorization information 
from Ranger during verification, leading to the following situation: even 
though write permissions for the table have been granted through Ranger, if the 
HDFS ACL permissions do not include write access, the user will be prompted 
with a "no write permission" error, resulting in the failure to drop the table.
   
   Now, we need to resolve the issue where table deletion fails when 
permissions are available and succeeds when permissions are unavailable, 
regardless of whether Ranger is enabled. The solution is to skip the 
verification of HDFS ACL permissions for database and table directories. 
Instead, the permission verification during deletion should be entrusted to the 
NameNode. If the deletion fails due to permission issues, the metadata must 
also be rolled back, and the engine side will receive the exception information 
about the deletion failure.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: gitbox-unsubscr...@hive.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscr...@hive.apache.org
For additional commands, e-mail: gitbox-h...@hive.apache.org

Reply via email to