ambari-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From srima...@apache.org
Subject [1/2] ambari git commit: AMBARI-11575. hive-site.xml property "hive.security.metastore.authorization.manager" becomes invalid when switching values in "Choose Authorization" widget (srimanth)
Date Mon, 08 Jun 2015 22:25:26 GMT
Repository: ambari
Updated Branches:
  refs/heads/branch-2.1 ab526ff5f -> b36ce9c6a


http://git-wip-us.apache.org/repos/asf/ambari/blob/b36ce9c6/ambari-server/src/main/resources/stacks/HDPWIN/2.2/services/HIVE/configuration/hive-site.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDPWIN/2.2/services/HIVE/configuration/hive-site.xml
b/ambari-server/src/main/resources/stacks/HDPWIN/2.2/services/HIVE/configuration/hive-site.xml
index e6421ee..ff14e4c 100644
--- a/ambari-server/src/main/resources/stacks/HDPWIN/2.2/services/HIVE/configuration/hive-site.xml
+++ b/ambari-server/src/main/resources/stacks/HDPWIN/2.2/services/HIVE/configuration/hive-site.xml
@@ -92,6 +92,12 @@ limitations under the License.
       The Hive client authorization manager class name. The user defined authorization class
should implement
       interface org.apache.hadoop.hive.ql.security.authorization.HiveAuthorizationProvider.
     </description>
+    <depends-on>
+      <property>
+        <type>hive-env</type>
+        <name>hive_security_authorization</name>
+      </property>
+    </depends-on>
   </property>
 
   <property>
@@ -968,11 +974,17 @@ limitations under the License.
       hive client authenticator manager class name. The user defined authenticator should
implement
       interface org.apache.hadoop.hive.ql.security.HiveAuthenticationProvider.
     </description>
+    <depends-on>
+      <property>
+        <type>hive-env</type>
+        <name>hive_security_authorization</name>
+      </property>
+    </depends-on>
   </property>
   <property>
     <name>hive.security.metastore.authorization.manager</name>
     <display-name>Hive Authorization Manager</display-name>
-    <value>org.apache.hadoop.hive.ql.security.authorization.StorageBasedAuthorizationProvider,org.apache.hadoop.hive.ql.security.authorization.MetaStoreAuthzAPIAuthorizerEmbedOnly</value>
+    <value>org.apache.hadoop.hive.ql.security.authorization.StorageBasedAuthorizationProvider</value>
     <description>
       authorization manager class name to be used in the metastore for authorization.
       The user defined authorization class should implement interface
@@ -1245,12 +1257,23 @@ limitations under the License.
 
   <property>
     <name>hive.server2.tez.default.queues</name>
+    <display-name>Default query queues</display-name>
     <value>default</value>
     <description>
       A list of comma separated values corresponding to YARN queues of the same name.
       When HiveServer2 is launched in Tez mode, this configuration needs to be set
       for multiple Tez sessions to run in parallel on the cluster.
     </description>
+    <value-attributes>
+      <type>combo</type>
+      <entries>
+        <entry>
+          <value>default</value>
+          <label>Default</label>
+        </entry>
+      </entries>
+      <selection-cardinality>1+</selection-cardinality>
+    </value-attributes>
   </property>
 
   <property>

http://git-wip-us.apache.org/repos/asf/ambari/blob/b36ce9c6/ambari-server/src/main/resources/stacks/HDPWIN/2.2/services/HIVE/configuration/hiveserver2-site.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDPWIN/2.2/services/HIVE/configuration/hiveserver2-site.xml
b/ambari-server/src/main/resources/stacks/HDPWIN/2.2/services/HIVE/configuration/hiveserver2-site.xml
index c0cb31c..b68ddbe 100644
--- a/ambari-server/src/main/resources/stacks/HDPWIN/2.2/services/HIVE/configuration/hiveserver2-site.xml
+++ b/ambari-server/src/main/resources/stacks/HDPWIN/2.2/services/HIVE/configuration/hiveserver2-site.xml
@@ -23,6 +23,12 @@ limitations under the License.
     <name>hive.security.authenticator.manager</name>
     <value>org.apache.hadoop.hive.ql.security.SessionStateUserAuthenticator</value>
     <description>Hive client authenticator manager class name. The user-defined authenticator
class should implement interface org.apache.hadoop.hive.ql.security.HiveAuthenticationProvider.
 </description>
+    <depends-on>
+      <property>
+        <type>hive-env</type>
+        <name>hive_security_authorization</name>
+      </property>
+    </depends-on>
   </property>
   
   <property>
@@ -30,79 +36,19 @@ limitations under the License.
     <value>org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactory</value>
     <description>the hive client authorization manager class name.
     The user defined authorization class should implement interface org.apache.hadoop.hive.ql.security.authorization.HiveAuthorizationProvider.
 </description>
+    <depends-on>
+      <property>
+        <type>hive-env</type>
+        <name>hive_security_authorization</name>
+      </property>
+    </depends-on>
   </property>
-
-  <property>
-    <name>hive.server2.enable.doAs</name>
-    <value>true</value>
-    <description>
-      Setting this property to true will have HiveServer2 execute
-      Hive operations as the user making the calls to it.
-    </description>
-    <display-name>Run as end user instead of Hive user</display-name>
-    <value-attributes>
-      <type>value-list</type>
-      <entries>
-        <entry>
-          <value>true</value>
-          <label>True</label>
-        </entry>
-        <entry>
-          <value>false</value>
-          <label>False</label>
-        </entry>
-      </entries>
-      <selection-cardinality>1</selection-cardinality>
-    </value-attributes>
-  </property>
-
-  <property>
-    <name>hive.server2.tez.sessions.per.default.queue</name>
-    <value>1</value>
-    <description>
-      A positive integer that determines the number of Tez sessions that should be
-      launched on each of the queues specified by "hive.server2.tez.default.queues".
-      Determines the parallelism on each queue.
-    </description>
-    <display-name>Session per queue</display-name>
-    <value-attributes>
-      <type>int</type>
-      <minimum>1</minimum>
-      <maximum>10</maximum>
-      <step-increment>1</step-increment>
-    </value-attributes>
-  </property>
-
-  <property>
-    <name>hive.server2.tez.default.queues</name>
-    <display-name>Default query queues</display-name>
-    <value>default</value>
-    <description>
-      A list of comma separated values corresponding to YARN queues of the same name.
-      When HiveServer2 is launched in Tez mode, this configuration needs to be set
-      for multiple Tez sessions to run in parallel on the cluster.
-    </description>
-    <value-attributes>
-      <type>combo</type>
-      <entries>
-        <entry>
-          <value>default</value>
-          <label>Default</label>
-        </entry>
-      </entries>
-      <selection-cardinality>1+</selection-cardinality>
-    </value-attributes>
-  </property>
-
+  
   <property>
-    <name>hive.server2.tez.initialize.default.sessions</name>
+    <name>hive.security.authorization.enabled</name>
     <value>false</value>
-    <description>
-      This flag is used in HiveServer2 to enable a user to use HiveServer2 without
-      turning on Tez for HiveServer2. The user could potentially want to run queries
-      over Tez without the pool of sessions.
-    </description>
-    <display-name>Start Tez session at Initialization</display-name>
+    <description>enable or disable the Hive client authorization</description>
+    <display-name>Enable Authorization</display-name>
     <value-attributes>
       <type>value-list</type>
       <entries>
@@ -117,5 +63,12 @@ limitations under the License.
       </entries>
       <selection-cardinality>1</selection-cardinality>
     </value-attributes>
+    <depends-on>
+      <property>
+        <type>hive-env</type>
+        <name>hive_security_authorization</name>
+      </property>
+    </depends-on>
   </property>
+
 </configuration>
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/ambari/blob/b36ce9c6/ambari-server/src/main/resources/stacks/HDPWIN/2.2/services/HIVE/themes/theme.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDPWIN/2.2/services/HIVE/themes/theme.json
b/ambari-server/src/main/resources/stacks/HDPWIN/2.2/services/HIVE/themes/theme.json
index 1d88c73..1a3b9fc 100644
--- a/ambari-server/src/main/resources/stacks/HDPWIN/2.2/services/HIVE/themes/theme.json
+++ b/ambari-server/src/main/resources/stacks/HDPWIN/2.2/services/HIVE/themes/theme.json
@@ -196,15 +196,15 @@
           "subsection-name": "optimization-row1-col3"
         },
         {
-          "config": "hiveserver2-site/hive.server2.tez.default.queues",
+          "config": "hive-site/hive.server2.tez.default.queues",
           "subsection-name": "interactive-query-row1-col1"
         },
         {
-          "config": "hiveserver2-site/hive.server2.tez.initialize.default.sessions",
+          "config": "hive-site/hive.server2.tez.initialize.default.sessions",
           "subsection-name": "interactive-query-row1-col1"
         },
         {
-          "config": "hiveserver2-site/hive.server2.tez.sessions.per.default.queue",
+          "config": "hive-site/hive.server2.tez.sessions.per.default.queue",
           "subsection-name": "interactive-query-row1-col1"
         },
         {
@@ -212,7 +212,7 @@
           "subsection-name": "security-row1-col1"
         },
         {
-          "config": "hiveserver2-site/hive.server2.enable.doAs",
+          "config": "hive-site/hive.server2.enable.doAs",
           "subsection-name": "security-row1-col1"
         },
         {
@@ -341,13 +341,13 @@
         }
       },
       {
-        "config": "hiveserver2-site/hive.server2.tez.initialize.default.sessions",
+        "config": "hive-site/hive.server2.tez.initialize.default.sessions",
         "widget": {
           "type": "toggle"
         }
       },
       {
-        "config": "hiveserver2-site/hive.server2.tez.sessions.per.default.queue",
+        "config": "hive-site/hive.server2.tez.sessions.per.default.queue",
         "widget": {
           "type": "slider",
           "units": [
@@ -358,7 +358,7 @@
         }
       },
       {
-        "config": "hiveserver2-site/hive.server2.enable.doAs",
+        "config": "hive-site/hive.server2.enable.doAs",
         "widget": {
           "type": "toggle"
         }
@@ -382,7 +382,7 @@
         }
       },
       {
-        "config": "hiveserver2-site/hive.server2.tez.default.queues",
+        "config": "hive-site/hive.server2.tez.default.queues",
         "widget": {
           "type": "list"
         }

http://git-wip-us.apache.org/repos/asf/ambari/blob/b36ce9c6/ambari-server/src/main/resources/stacks/HDPWIN/2.2/services/stack_advisor.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDPWIN/2.2/services/stack_advisor.py
b/ambari-server/src/main/resources/stacks/HDPWIN/2.2/services/stack_advisor.py
index 6d123b0..6d527ea 100644
--- a/ambari-server/src/main/resources/stacks/HDPWIN/2.2/services/stack_advisor.py
+++ b/ambari-server/src/main/resources/stacks/HDPWIN/2.2/services/stack_advisor.py
@@ -371,48 +371,67 @@ class HDPWIN22StackAdvisor(HDPWIN21StackAdvisor):
     putHiveSiteProperty("hive.compute.query.using.stats", "true")
 
     # Interactive Query
-    putHiveServerProperty("hive.server2.tez.initialize.default.sessions", "false")
-    putHiveServerProperty("hive.server2.tez.sessions.per.default.queue", "1")
-    putHiveServerProperty("hive.server2.enable.doAs", "true")
+    putHiveSiteProperty("hive.server2.tez.initialize.default.sessions", "false")
+    putHiveSiteProperty("hive.server2.tez.sessions.per.default.queue", "1")
+    putHiveSiteProperty("hive.server2.enable.doAs", "true")
 
     yarn_queues = "default"
     if "capacity-scheduler" in configurations and \
       "yarn.scheduler.capacity.root.queues" in configurations["capacity-scheduler"]["properties"]:
       yarn_queues = str(configurations["capacity-scheduler"]["properties"]["yarn.scheduler.capacity.root.queues"])
-    putHiveServerProperty("hive.server2.tez.default.queues", yarn_queues)
+    putHiveSiteProperty("hive.server2.tez.default.queues", yarn_queues)
 
     # Interactive Queues property attributes
     putHiveServerPropertyAttribute = self.putPropertyAttribute(configurations, "hiveserver2-site")
     entries = []
     for queue in yarn_queues.split(","):
       entries.append({"label": str(queue) + " queue", "value": queue})
-    putHiveServerPropertyAttribute("hive.server2.tez.default.queues", "entries", entries)
+    putHiveSitePropertyAttribute("hive.server2.tez.default.queues", "entries", entries)
 
     # Security
     putHiveEnvProperty("hive_security_authorization", "None")
+    # hive_security_authorization == 'none'
     if str(configurations["hive-env"]["properties"]["hive_security_authorization"]).lower()
== "none":
       putHiveSiteProperty("hive.security.authorization.enabled", "false")
+      putHiveSiteProperty("hive.security.authorization.manager", "org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdConfOnlyAuthorizerFactory")
+      putHiveServerPropertyAttribute("hive.security.authorization.manager", "delete", "true")
+      putHiveServerPropertyAttribute("hive.security.authorization.enabled", "delete", "true")
+      putHiveServerPropertyAttribute("hive.security.authenticator.manager", "delete", "true")
     else:
       putHiveSiteProperty("hive.security.authorization.enabled", "true")
 
     try:
       auth_manager_value = str(configurations["hive-env"]["properties"]["hive.security.metastore.authorization.manager"])
     except KeyError:
-      auth_manager_value = ''
+      auth_manager_value = 'org.apache.hadoop.hive.ql.security.authorization.StorageBasedAuthorizationProvider'
       pass
+    auth_manager_values = auth_manager_value.split(",")
     sqlstdauth_class = "org.apache.hadoop.hive.ql.security.authorization.MetaStoreAuthzAPIAuthorizerEmbedOnly"
 
+    putHiveSiteProperty("hive.server2.enable.doAs", "true")
+
+    # hive_security_authorization == 'sqlstdauth'
     if str(configurations["hive-env"]["properties"]["hive_security_authorization"]).lower()
== "sqlstdauth":
-      if sqlstdauth_class not in auth_manager_value:
-        putHiveSiteProperty("hive.security.metastore.authorization.manager", auth_manager_value
+ "," + sqlstdauth_class)
-    elif auth_manager_value != '':
+      putHiveSiteProperty("hive.server2.enable.doAs", "false")
+      putHiveServerProperty("hive.security.authorization.enabled", "true")
+      putHiveServerProperty("hive.security.authorization.manager", "org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactory")
+      putHiveServerProperty("hive.security.authenticator.manager", "org.apache.hadoop.hive.ql.security.SessionStateUserAuthenticator")
+      putHiveSiteProperty("hive.security.authorization.manager", "org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdConfOnlyAuthorizerFactory")
+      if sqlstdauth_class not in auth_manager_values:
+        auth_manager_values.append(sqlstdauth_class)
+    elif sqlstdauth_class in auth_manager_values:
       #remove item from csv
-      auth_manager_values = auth_manager_value.split(",")
       auth_manager_values = [x for x in auth_manager_values if x != sqlstdauth_class]
-      putHiveSiteProperty("hive.security.metastore.authorization.manager", ",".join(auth_manager_values))
       pass
+    putHiveSiteProperty("hive.security.metastore.authorization.manager", ",".join(auth_manager_values))
+
+    # hive_security_authorization == 'ranger'
+    if str(configurations["hive-env"]["properties"]["hive_security_authorization"]).lower()
== "ranger":
+      putHiveSiteProperty("hive.server2.enable.doAs", "false")
+      putHiveServerProperty("hive.security.authorization.enabled", "true")
+      putHiveServerProperty("hive.security.authorization.manager", "org.apache.ranger.authorization.hive.authorizer.RangerHiveAuthorizerFactory")
+      putHiveServerProperty("hive.security.authenticator.manager", "org.apache.hadoop.hive.ql.security.SessionStateUserAuthenticator")
 
-    putHiveServerProperty("hive.server2.enable.doAs", "true")
     putHiveSiteProperty("hive.server2.use.SSL", "false")
 
     #Hive authentication

http://git-wip-us.apache.org/repos/asf/ambari/blob/b36ce9c6/ambari-server/src/test/python/stacks/2.2/common/test_stack_advisor.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.2/common/test_stack_advisor.py b/ambari-server/src/test/python/stacks/2.2/common/test_stack_advisor.py
index 46f58ad..d021f62 100644
--- a/ambari-server/src/test/python/stacks/2.2/common/test_stack_advisor.py
+++ b/ambari-server/src/test/python/stacks/2.2/common/test_stack_advisor.py
@@ -964,6 +964,10 @@ class TestHDP22StackAdvisor(TestCase):
       },
       'hive-site': {
         'properties': {
+          'hive.server2.enable.doAs': 'true',
+          'hive.server2.tez.default.queues': "queue1,queue2",
+          'hive.server2.tez.initialize.default.sessions': 'false',
+          'hive.server2.tez.sessions.per.default.queue': '1',
           'hive.auto.convert.join.noconditionaltask.size': '268435456',
           'hive.cbo.enable': 'true',
           'hive.compactor.initiator.on': 'false',
@@ -995,7 +999,9 @@ class TestHDP22StackAdvisor(TestCase):
           'hive.tez.java.opts': '-server -Xmx615m -Djava.net.preferIPv4Stack=true -XX:NewRatio=8
-XX:+UseNUMA -XX:+UseParallelGC -XX:+PrintGCDetails -verbose:gc -XX:+PrintGCTimeStamps',
           'hive.txn.manager': 'org.apache.hadoop.hive.ql.lockmgr.DummyTxnManager',
           'hive.vectorized.execution.enabled': 'true',
-          'hive.vectorized.execution.reduce.enabled': 'false'
+          'hive.vectorized.execution.reduce.enabled': 'false',
+          'hive.security.metastore.authorization.manager': 'org.apache.hadoop.hive.ql.security.authorization.StorageBasedAuthorizationProvider',
+          'hive.security.authorization.manager': 'org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdConfOnlyAuthorizerFactory'
         },
        'property_attributes': {
          'hive.auto.convert.join.noconditionaltask.size': {'maximum': '805306368'},
@@ -1004,22 +1010,21 @@ class TestHDP22StackAdvisor(TestCase):
          'hive.server2.authentication.ldap.baseDN': {'delete': 'true'}, 
          'hive.server2.authentication.kerberos.principal': {'delete': 'true'}, 
          'hive.server2.authentication.kerberos.keytab': {'delete': 'true'}, 
-         'hive.server2.authentication.ldap.url': {'delete': 'true'}
+         'hive.server2.authentication.ldap.url': {'delete': 'true'},
+         'hive.server2.tez.default.queues': {
+           'entries': [{'value': 'queue1', 'label': 'queue1 queue'}, {'value': 'queue2',
'label': 'queue2 queue'}]
+          }
         }
       },
       'hiveserver2-site': {
         'properties': {
-          'hive.server2.enable.doAs': 'true',
-          'hive.server2.tez.default.queues': "queue1,queue2",
-          'hive.server2.tez.initialize.default.sessions': 'false',
-          'hive.server2.tez.sessions.per.default.queue': '1'
         },
         'property_attributes': {
-          'hive.server2.tez.default.queues': {
-            'entries': [{'value': 'queue1', 'label': 'queue1 queue'}, {'value': 'queue2',
'label': 'queue2 queue'}]
-          }
+         'hive.security.authorization.manager': {'delete': 'true'},
+         'hive.security.authorization.enabled': {'delete': 'true'},
+         'hive.security.authenticator.manager': {'delete': 'true'}
         }
-      },
+      }
     }
     services = {
       "services": [
@@ -1150,9 +1155,12 @@ class TestHDP22StackAdvisor(TestCase):
     expected["hive-site"]["properties"]["hive.stats.fetch.partition.stats"]="false"
     expected["hive-site"]["properties"]["hive.stats.fetch.column.stats"]="false"
     expected["hive-site"]["properties"]["hive.security.authorization.enabled"]="true"
-    expected["hiveserver2-site"]["properties"]["hive.server2.enable.doAs"]="false"
+    expected["hive-site"]["properties"]["hive.server2.enable.doAs"]="false"
     expected["hive-site"]["properties"]["hive.security.metastore.authorization.manager"]=\
-      ",org.apache.hadoop.hive.ql.security.authorization.MetaStoreAuthzAPIAuthorizerEmbedOnly"
+      "org.apache.hadoop.hive.ql.security.authorization.StorageBasedAuthorizationProvider,org.apache.hadoop.hive.ql.security.authorization.MetaStoreAuthzAPIAuthorizerEmbedOnly"
+    expected["hiveserver2-site"]["properties"]["hive.security.authorization.enabled"]="true"
+    expected["hiveserver2-site"]["properties"]["hive.security.authorization.manager"]="org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactory"
+    expected["hiveserver2-site"]["properties"]["hive.security.authenticator.manager"]="org.apache.hadoop.hive.ql.security.SessionStateUserAuthenticator"
 
     self.stackAdvisor.recommendHIVEConfigurations(configurations, clusterData, services,
hosts)
     self.assertEquals(configurations, expected)
@@ -1162,7 +1170,9 @@ class TestHDP22StackAdvisor(TestCase):
     configurations["hive-env"]["properties"]["hive_security_authorization"] = "none"
     expected["hive-env"]["properties"]["hive_security_authorization"] = "none"
     expected["hive-site"]["properties"]["hive.security.authorization.enabled"]="false"
-    expected["hiveserver2-site"]["properties"]["hive.server2.enable.doAs"]="true"
+    expected["hive-site"]["properties"]["hive.server2.enable.doAs"]="true"
+    expected["hive-site"]["properties"]["hive.security.metastore.authorization.manager"]=\
+      "org.apache.hadoop.hive.ql.security.authorization.StorageBasedAuthorizationProvider"
     self.stackAdvisor.recommendHIVEConfigurations(configurations, clusterData, services,
hosts)
     self.assertEquals(configurations, expected)
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/b36ce9c6/ambari-web/app/controllers/main/service/info/summary.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/controllers/main/service/info/summary.js b/ambari-web/app/controllers/main/service/info/summary.js
index c4d56f3..779ccdd 100644
--- a/ambari-web/app/controllers/main/service/info/summary.js
+++ b/ambari-web/app/controllers/main/service/info/summary.js
@@ -55,11 +55,6 @@ App.MainServiceInfoSummaryController = Em.Controller.extend(App.WidgetSectionMix
       propertyName: 'ranger-hdfs-plugin-enabled'
     },
     {
-      serviceName: 'HIVE',
-      type: 'ranger-hive-plugin-properties',
-      propertyName: 'ranger-hive-plugin-enabled'
-    },
-    {
       serviceName: 'HBASE',
       type: 'ranger-hbase-plugin-properties',
       propertyName: 'ranger-hbase-plugin-enabled'

http://git-wip-us.apache.org/repos/asf/ambari/blob/b36ce9c6/ambari-web/app/data/HDP2.2/site_properties.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/data/HDP2.2/site_properties.js b/ambari-web/app/data/HDP2.2/site_properties.js
index f81cb0c..44d7a82 100644
--- a/ambari-web/app/data/HDP2.2/site_properties.js
+++ b/ambari-web/app/data/HDP2.2/site_properties.js
@@ -214,17 +214,6 @@ hdp22properties.push(
   },
   {
     "id": "site property",
-    "name": "ranger-hive-plugin-enabled",
-    "displayType": "checkbox",
-    "displayName": "Enable Ranger for HIVE",
-    "isOverridable": false,
-    "filename": "ranger-hive-plugin-properties.xml",
-    "category": "Advanced ranger-hive-plugin-properties",
-    "serviceName": "HIVE",
-    "index": 1
-  },
-  {
-    "id": "site property",
     "name": "policy_user",
     "value": "ambari-qa",
     "recommendedValue": "ambari-qa",

http://git-wip-us.apache.org/repos/asf/ambari/blob/b36ce9c6/ambari-web/app/utils/configs/modification_handlers/hive.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/utils/configs/modification_handlers/hive.js b/ambari-web/app/utils/configs/modification_handlers/hive.js
deleted file mode 100644
index bfb9b9c..0000000
--- a/ambari-web/app/utils/configs/modification_handlers/hive.js
+++ /dev/null
@@ -1,122 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with this
- * work for additional information regarding copyright ownership. The ASF
- * licenses this file to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- * http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
- * License for the specific language governing permissions and limitations under
- * the License.
- */
-
-var App = require('app');
-require('utils/configs/modification_handlers/modification_handler');
-
-module.exports = App.ServiceConfigModificationHandler.create({
-  serviceId : 'HIVE',
-
-  getDependentConfigChanges : function(changedConfig, selectedServices, allConfigs, securityEnabled)
{
-    var affectedProperties = [];
-    var newValue = changedConfig.get("value");
-    var rangerPluginEnabledName = "ranger-hive-plugin-enabled";
-    var affectedPropertyName = changedConfig.get("name");
-    if (affectedPropertyName == rangerPluginEnabledName) {
-      var configAuthorizationEnabled = this.getConfig(allConfigs, 'hive.security.authorization.enabled',
'hive-site.xml', 'HIVE');
-      var configAuthorizationManager = this.getConfig(allConfigs, 'hive.security.authorization.manager',
'hiveserver2-site.xml', 'HIVE');
-      var configAuthenticatorManager = this.getConfig(allConfigs, 'hive.security.authenticator.manager',
'hiveserver2-site.xml', 'HIVE');
-      var configRestrictedList = this.getConfig(allConfigs, 'hive.conf.restricted.list',
'hive-site.xml', 'HIVE');
-
-      var rangerPluginEnabled = newValue == "Yes";
-      var newConfigAuthorizationEnabledValue = rangerPluginEnabled ? "true" : "false";
-      var newAuthorizationManagerValue = rangerPluginEnabled ? (App.get('isHadoop23Stack')
? "org.apache.ranger.authorization.hive.authorizer.RangerHiveAuthorizerFactory"
-          : "com.xasecure.authorization.hive.authorizer.XaSecureHiveAuthorizerFactory")
-         : "org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactory";
-      var newAuthenticatorManagerValue = rangerPluginEnabled ? "org.apache.hadoop.hive.ql.security.SessionStateUserAuthenticator"
-          : "org.apache.hadoop.hive.ql.security.SessionStateUserAuthenticator";
-      var enabledRestrictedMap = {
-        "hive.security.authorization.enabled" : "hive.security.authorization.enabled",
-        "hive.security.authorization.manager" : "hive.security.authorization.manager",
-        "hive.security.authenticator.manager" : "hive.security.authenticator.manager"
-      }
-      var enabledRestrictedList = Object.keys(enabledRestrictedMap);
-      var newRestrictedListValue = rangerPluginEnabled ? enabledRestrictedList : [];
-
-      // Add Hive-Ranger configs
-      if (configAuthorizationEnabled != null && newConfigAuthorizationEnabledValue
!== configAuthorizationEnabled.get('value')) {
-        affectedProperties.push({
-          serviceName : "HIVE",
-          sourceServiceName : "HIVE",
-          propertyName : 'hive.security.authorization.enabled',
-          propertyDisplayName : 'hive.security.authorization.enabled',
-          newValue : newConfigAuthorizationEnabledValue,
-          curValue : configAuthorizationEnabled.get('value'),
-          changedPropertyName : rangerPluginEnabledName,
-          removed : false,
-          filename : 'hive-site.xml'
-        });
-      }
-      if (configAuthorizationManager != null && newAuthorizationManagerValue !==
configAuthorizationManager.get('value')) {
-        affectedProperties.push({
-          serviceName : "HIVE",
-          sourceServiceName : "HIVE",
-          propertyName : 'hive.security.authorization.manager',
-          propertyDisplayName : 'hive.security.authorization.manager',
-          newValue : newAuthorizationManagerValue,
-          curValue : configAuthorizationManager.get('value'),
-          changedPropertyName : rangerPluginEnabledName,
-          removed : false,
-          filename : 'hiveserver2-site.xml'
-        });
-      }
-      if (configAuthenticatorManager != null && newAuthenticatorManagerValue !==
configAuthenticatorManager.get('value')) {
-        affectedProperties.push({
-          serviceName : "HIVE",
-          sourceServiceName : "HIVE",
-          propertyName : 'hive.security.authenticator.manager',
-          propertyDisplayName : 'hive.security.authenticator.manager',
-          newValue : newAuthenticatorManagerValue,
-          curValue : configAuthenticatorManager.get('value'),
-          changedPropertyName : rangerPluginEnabledName,
-          removed : false,
-          filename : 'hiveserver2-site.xml'
-        });
-      }
-      if (configRestrictedList != null) {
-        var currentValueList = configRestrictedList.get('value').split(',');
-        // 'newRestrictedListValue' elements should be found in existing list
-        var newValueList = [];
-        currentValueList.forEach(function(s) {
-          if (enabledRestrictedMap[s] == s) {
-            return;
-          }
-          newValueList.push(s);
-        });
-        if (newRestrictedListValue.length > 0)
-          newValueList = newValueList.concat(newRestrictedListValue);
-
-        if (newValueList.length != currentValueList.length) {
-          // One of the value was not found - set all of them in.
-          var newValueListString = newValueList.join(',');
-          affectedProperties.push({
-            serviceName : "HIVE",
-            sourceServiceName : "HIVE",
-            propertyName : 'hive.conf.restricted.list',
-            propertyDisplayName : 'hive.conf.restricted.list',
-            newValue : newValueListString,
-            curValue : configRestrictedList.get('value'),
-            changedPropertyName : rangerPluginEnabledName,
-            removed : false,
-            filename : 'hive-site.xml'
-          });
-        }
-      }
-    }
-    return affectedProperties;
-  }
-});
\ No newline at end of file


Mime
View raw message