[GitHub] trafodion pull request #1514: [TRAFODION-3022] Add web site link to Apache C...

2018-04-11 Thread svarnau 
GitHub user svarnau opened a pull request:

https://github.com/apache/trafodion/pull/1514

[TRAFODION-3022] Add web site link to Apache Current Events

This adds the ApacheCon (or whatever ASF current event is next) icon on the 
top-right of the web pages, opposite of the Dragon logo.

Icon can be previewed here: 
https://www.apache.org/events/current-event-125x125.png 

You can merge this pull request into a Git repository by running:

$ git pull https://github.com/svarnau/trafodion web3022

Alternatively you can review and apply these changes as the patch at:

https://github.com/apache/trafodion/pull/1514.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

This closes #1514


commit 40058343ca89f66a1e7b6abcef1f5329db6231f6
Author: Steve Varnau 
Date:   2018-04-11T17:55:30Z

[TRAFODION-3022] Add web site link to Apache Current Events




---

[GitHub] trafodion pull request #1512: [TRAFODION-2175] Get statement enhancements

2018-04-11 Thread robertamarton 
Github user robertamarton commented on a diff in the pull request:

https://github.com/apache/trafodion/pull/1512#discussion_r180791492
  
--- Diff: core/sql/executor/ExExeUtilGet.cpp ---
@@ -1642,6 +1672,119 @@ NABoolean 
ExExeUtilGetMetadataInfoTcb::checkUserPrivs(
   return TRUE;
 }
 
+// 

+// method:  colPrivsFrag
+//
+// This method was added to address a performance issue.  When determining 
if 
+// the user has column level privileges, we need to get the column name 
from 
+// Hive.  The call to get the column name (hivemd) is very expensive.  So 
this
+// method checks to see if the requested user has been granted any column
+// level privileges on a hive table.  If so, we will go ahead and do the
+// mapping (call hivemd).  If not, then we will not include the hivemd 
+// fragment for the query.
+//
+// Since we are scanning the column privileges table anyway, we also see 
if 
+// the requested user (or their roles) has been granted any privileges.  
If so,
+// we include the column privileges check in the query. 
+//
+// For Sentry enabled installations, we won't store Hive privileges in 
+// EsgynDB metadata.  By avoiding the hivemd calls, we save a lot of time
+// in processing the request.
+//
+//  returns additional union(s) for the getPrivForAuth query
+//  returns:
+// 0 - successful
+//-1 - unexpected error occurred
+// 

+Int32 ExExeUtilGetMetadataInfoTcb::colPrivsFrag(
+  const char *authName,
+  const char * cat,
+  const NAString ,
+  NAString )
+{
+  // if no authorization, skip
+  if (!CmpCommon::context()->isAuthorizationEnabled())
+return 0;
+
+  short rc  = 0;
+  Lng32 cliRC   = 0;
+
+  // See if privileges granted on Hive object or to the user/user's roles
+  NAString likeClause("like 'HIVE.%'");
+  sprintf(queryBuf_, "select "
+ "sum(case when (object_name %s and grantee_id %s) 
then 1 else 0 end), "
+ "sum(case when grantee_id %s then 1 else 0 end) "
+ "from %s.\"%s\".%s",
+  likeClause.data(), privWhereClause.data(), 
privWhereClause.data(),
+  cat, SEABASE_PRIVMGR_SCHEMA,
+  PRIVMGR_COLUMN_PRIVILEGES);
+
+  if (initializeInfoList(infoList_)) return -1;
+
+  numOutputEntries_ = 2;
+  cliRC = fetchAllRows(infoList_, queryBuf_, numOutputEntries_, FALSE, rc);
+  if (cliRC < 0)
+  {
+cliInterface()->retrieveSQLDiagnostics(getDiagsArea());
+return -1;
+  }
+
+  bool hasHive = false;
+  bool hasGrants = false;
+  infoList_->position();
+  OutputInfo * vi = (OutputInfo*)infoList_->getCurr();
+  if (vi && vi->get(0))
+  {
+if (*(Lng32*)vi->get(0) > 0)
--- End diff --

I will change these to int64 for a future delivery.


---