[jira] [Created] (HIVE-28848) Remove DFS_URI auth from ALTER_PARTITION if there is no change in partition location

Mon, 24 Mar 2025 19:04:52 -0700 

Riju Trivedi created HIVE-28848:
-----------------------------------

             Summary: Remove DFS_URI auth from ALTER_PARTITION if there is no 
change in partition location
                 Key: HIVE-28848
                 URL: https://issues.apache.org/jira/browse/HIVE-28848
             Project: Hive
          Issue Type: Bug
          Components: Hive
    Affects Versions: 4.0.1
            Reporter: Riju Trivedi
            Assignee: Riju Trivedi


The LOAD DATA command invokes the ALTER_PARTITION event to update stats for the 
newly loaded partition. ALTER_PARTITION authorizes DFS_URI for the partition 
location even when the old and new partition locations do not change. This 
requires the Hadoop SQL  policy for DFS_URI to be defined for the partition 
location for LOAD DATA commands.

Steps to repro -
{code:java}
CREATE EXTERNAL TABLE test_db.staging_ana_fap_statistics_raw_v2 (id int, name 
string) partitioned by(date_year int, date_month int) STORED AS parquet; {code}
 * Add below Ranger policies for test user eg:- *test_user* under Allow 
Conditions

 * 
 ** Create Ranger Policy under cm_s3 | ??Bucket: sup-default-aws-cdp-bucket, 
Path: /tmp and 
/warehouse/tablespace/external/hive/test_db.db/staging_ana_fap_statistics_raw_v2
 Recursive: True | User: test_user, Access: Read, Write??????
 *  {*}Run SQL from Spark{*}: ??LOAD DATA INPATH 
's3a://sup-default-aws-cdp-bucket/tmp/2024_10_08_00_part-r-00000' INTO TABLE 
test_db.staging_ana_fap_statistics_raw_v2 PARTITION (date_year='2024', 
date_month='10')?? 

{code:java}
Caused by: org.apache.hadoop.hive.ql.metadata.HiveException: 
MetaException(message:Permission denied: user [test_user] does not have [WRITE] 
privilege on 
[[s3a://sup-default-aws-cdp-bucket/warehouse/tablespace/external/hive/test_db.db/staging_ana_fap_statistics_raw_v2/date_year=2024/date_month=10,
 
s3a://sup-default-aws-cdp-bucket/warehouse/tablespace/external/hive/test_db.db/staging_ana_fap_statistics_raw_v2/date_year=2024/date_month=10/]])
  at org.apache.hadoop.hive.ql.metadata.Hive.loadPartition(Hive.java:2604)
  at 
org.apache.spark.sql.hive.client.Shim_vCDP.loadPartition(HiveShim.scala:2024)
  at 
org.apache.spark.sql.hive.client.HiveClientImpl.$anonfun$loadPartition$1(HiveClientImpl.scala:996)
  ... 91 more
Caused by: org.apache.hadoop.hive.metastore.api.MetaException: Permission 
denied: user [test_user] does not have [WRITE] privilege on 
[[s3a://sup-default-aws-cdp-bucket/warehouse/tablespace/external/hive/test_db.db/staging_ana_fap_statistics_raw_v2/date_year=2024/date_month=10,
 
s3a://sup-default-aws-cdp-bucket/warehouse/tablespace/external/hive/test_db.db/staging_ana_fap_statistics_raw_v2/date_year=2024/date_month=10/]]
{code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to