hive-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From the...@apache.org
Subject svn commit: r1565475 [1/2] - in /hive/trunk: common/src/java/org/apache/hadoop/hive/conf/ data/conf/ itests/hive-unit/src/test/java/org/apache/hadoop/hive/jdbc/ itests/hive-unit/src/test/java/org/apache/hive/jdbc/ jdbc/src/java/org/apache/hive/jdbc/ me...
Date Thu, 06 Feb 2014 23:11:13 GMT
Author: thejas
Date: Thu Feb  6 23:11:12 2014
New Revision: 1565475

URL: http://svn.apache.org/r1565475
Log:
HIVE-6204 : The result of show grant / show role should be tabular format (Navis via Thejas Nair)

Added:
    hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveRole.java
Modified:
    hive/trunk/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
    hive/trunk/data/conf/hive-site.xml
    hive/trunk/itests/hive-unit/src/test/java/org/apache/hadoop/hive/jdbc/TestJdbcDriver.java
    hive/trunk/itests/hive-unit/src/test/java/org/apache/hive/jdbc/TestJdbcDriver2.java
    hive/trunk/jdbc/src/java/org/apache/hive/jdbc/HiveQueryResultSet.java
    hive/trunk/metastore/if/hive_metastore.thrift
    hive/trunk/metastore/src/gen/thrift/gen-cpp/hive_metastore_types.cpp
    hive/trunk/metastore/src/gen/thrift/gen-cpp/hive_metastore_types.h
    hive/trunk/metastore/src/gen/thrift/gen-javabean/org/apache/hadoop/hive/metastore/api/Role.java
    hive/trunk/metastore/src/gen/thrift/gen-php/metastore/Types.php
    hive/trunk/metastore/src/gen/thrift/gen-py/hive_metastore/ttypes.py
    hive/trunk/metastore/src/gen/thrift/gen-rb/hive_metastore_types.rb
    hive/trunk/metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java
    hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/Context.java
    hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/exec/DDLTask.java
    hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/parse/DDLSemanticAnalyzer.java
    hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/plan/RoleDDLDesc.java
    hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/plan/ShowGrantDesc.java
    hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAccessController.java
    hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAuthorizer.java
    hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAuthorizerImpl.java
    hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java
    hive/trunk/ql/src/test/results/clientnegative/authorization_fail_3.q.out
    hive/trunk/ql/src/test/results/clientnegative/authorization_fail_4.q.out
    hive/trunk/ql/src/test/results/clientnegative/authorization_fail_5.q.out
    hive/trunk/ql/src/test/results/clientnegative/authorization_fail_7.q.out
    hive/trunk/ql/src/test/results/clientnegative/authorization_part.q.out
    hive/trunk/ql/src/test/results/clientpositive/alter_rename_partition_authorization.q.out
    hive/trunk/ql/src/test/results/clientpositive/authorization_1.q.out
    hive/trunk/ql/src/test/results/clientpositive/authorization_1_sql_std.q.out
    hive/trunk/ql/src/test/results/clientpositive/authorization_2.q.out
    hive/trunk/ql/src/test/results/clientpositive/authorization_3.q.out
    hive/trunk/ql/src/test/results/clientpositive/authorization_4.q.out
    hive/trunk/ql/src/test/results/clientpositive/authorization_5.q.out
    hive/trunk/ql/src/test/results/clientpositive/authorization_6.q.out
    hive/trunk/ql/src/test/results/clientpositive/authorization_9.q.out
    hive/trunk/ql/src/test/results/clientpositive/authorization_role_grant1.q.out
    hive/trunk/ql/src/test/results/clientpositive/authorization_view.q.out
    hive/trunk/ql/src/test/results/clientpositive/keyword_1.q.out

Modified: hive/trunk/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
URL: http://svn.apache.org/viewvc/hive/trunk/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java (original)
+++ hive/trunk/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java Thu Feb  6 23:11:12 2014
@@ -208,6 +208,8 @@ public class HiveConf extends Configurat
     TASKLOG_DEBUG_TIMEOUT("hive.exec.tasklog.debug.timeout", 20000),
     OUTPUT_FILE_EXTENSION("hive.output.file.extension", null),
 
+    HIVE_IN_TEST("hive.in.test", false), // internal usage only, true in test mode
+
     // should hive determine whether to run in local mode automatically ?
     LOCALMODEAUTO("hive.exec.mode.local.auto", false),
     // if yes:
@@ -1508,6 +1510,7 @@ public class HiveConf extends Configurat
         restrictList.add(entry.trim());
       }
     }
-    restrictList.add(ConfVars.HIVE_CONF_RESTRICTED_LIST.toString());
+    restrictList.add(ConfVars.HIVE_IN_TEST.varname);
+    restrictList.add(ConfVars.HIVE_CONF_RESTRICTED_LIST.varname);
   }
 }

Modified: hive/trunk/data/conf/hive-site.xml
URL: http://svn.apache.org/viewvc/hive/trunk/data/conf/hive-site.xml?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/data/conf/hive-site.xml (original)
+++ hive/trunk/data/conf/hive-site.xml Thu Feb  6 23:11:12 2014
@@ -19,6 +19,12 @@
 
 <configuration>
 
+<property>
+  <name>hive.in.test</name>
+  <value>true</value>
+  <description>Internal marker for test. Used for masking env-dependent values</description>
+</property>
+
 <!-- Hive Configuration can either be stored in this file or in the hadoop configuration files  -->
 <!-- that are implied by Hadoop setup variables.                                                -->
 <!-- Aside from Hadoop setup variables - this file is provided as a convenience so that Hive    -->

Modified: hive/trunk/itests/hive-unit/src/test/java/org/apache/hadoop/hive/jdbc/TestJdbcDriver.java
URL: http://svn.apache.org/viewvc/hive/trunk/itests/hive-unit/src/test/java/org/apache/hadoop/hive/jdbc/TestJdbcDriver.java?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/itests/hive-unit/src/test/java/org/apache/hadoop/hive/jdbc/TestJdbcDriver.java (original)
+++ hive/trunk/itests/hive-unit/src/test/java/org/apache/hadoop/hive/jdbc/TestJdbcDriver.java Thu Feb  6 23:11:12 2014
@@ -1147,24 +1147,16 @@ public class TestJdbcDriver extends Test
 
     ResultSet res = stmt.getResultSet();
     assertTrue(res.next());
-    assertEquals("database", res.getString(1));
-    assertEquals("default", res.getString(2));
-    assertTrue(res.next());
-    assertEquals("table", res.getString(1));
+    assertEquals("default", res.getString(1));
     assertEquals(dataTypeTableName, res.getString(2));
-    assertTrue(res.next());
-    assertEquals("principalName", res.getString(1));
-    assertEquals("hive_test_user", res.getString(2));
-    assertTrue(res.next());
-    assertEquals("principalType", res.getString(1));
-    assertEquals("USER", res.getString(2));
-    assertTrue(res.next());
-    assertEquals("privilege", res.getString(1));
-    assertEquals("Select", res.getString(2));
-    assertTrue(res.next());
-    assertEquals("grantTime", res.getString(1));
-    assertTrue(res.next());
-    assertEquals("grantor", res.getString(1));
+    assertEquals("", res.getString(3));     // partition
+    assertEquals("", res.getString(4));     // column
+    assertEquals("hive_test_user", res.getString(5));
+    assertEquals("USER", res.getString(6));
+    assertEquals("Select", res.getString(7));
+    assertEquals(false, res.getBoolean(8)); // grant option
+    assertEquals(-1, res.getLong(9));
+    assertNotNull(res.getString(10));       // grantor
     assertFalse(res.next());
     res.close();
   }

Modified: hive/trunk/itests/hive-unit/src/test/java/org/apache/hive/jdbc/TestJdbcDriver2.java
URL: http://svn.apache.org/viewvc/hive/trunk/itests/hive-unit/src/test/java/org/apache/hive/jdbc/TestJdbcDriver2.java?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/itests/hive-unit/src/test/java/org/apache/hive/jdbc/TestJdbcDriver2.java (original)
+++ hive/trunk/itests/hive-unit/src/test/java/org/apache/hive/jdbc/TestJdbcDriver2.java Thu Feb  6 23:11:12 2014
@@ -1947,40 +1947,29 @@ public class TestJdbcDriver2 {
     }
   }
 
+  @Test
   public void testShowGrant() throws SQLException {
     Statement stmt = con.createStatement();
     stmt.execute("grant select on table " + dataTypeTableName + " to user hive_test_user");
     stmt.execute("show grant user hive_test_user on table " + dataTypeTableName);
 
     ResultSet res = stmt.getResultSet();
-    ResultSetMetaData metaData = res.getMetaData();
-
-    assertEquals("property", metaData.getColumnName(1));
-    assertEquals("value", metaData.getColumnName(2));
-
-    assertTrue(res.next());
-    assertEquals("database", res.getString(1));
-    assertEquals("default", res.getString(2));
     assertTrue(res.next());
-    assertEquals("table", res.getString(1));
+    assertEquals("default", res.getString(1));
     assertEquals(dataTypeTableName, res.getString(2));
-    assertTrue(res.next());
-    assertEquals("principalName", res.getString(1));
-    assertEquals("hive_test_user", res.getString(2));
-    assertTrue(res.next());
-    assertEquals("principalType", res.getString(1));
-    assertEquals("USER", res.getString(2));
-    assertTrue(res.next());
-    assertEquals("privilege", res.getString(1));
-    assertEquals("Select", res.getString(2));
-    assertTrue(res.next());
-    assertEquals("grantTime", res.getString(1));
-    assertTrue(res.next());
-    assertEquals("grantor", res.getString(1));
+    assertEquals("", res.getString(3));     // partition
+    assertEquals("", res.getString(4));     // column
+    assertEquals("hive_test_user", res.getString(5));
+    assertEquals("USER", res.getString(6));
+    assertEquals("Select", res.getString(7));
+    assertEquals(false, res.getBoolean(8)); // grant option
+    assertEquals(-1, res.getLong(9));
+    assertNotNull(res.getString(10));       // grantor
     assertFalse(res.next());
     res.close();
   }
 
+  @Test
   public void testShowRoleGrant() throws SQLException {
     Statement stmt = con.createStatement();
     stmt.execute("create role role1");
@@ -1990,7 +1979,8 @@ public class TestJdbcDriver2 {
     ResultSet res = stmt.getResultSet();
     assertTrue(res.next());
     assertEquals("role1", res.getString(1));
-    assertFalse(res.next());
+    assertTrue(res.next());
+    assertEquals("PUBLIC", res.getString(1));
     res.close();
   }
 }

Modified: hive/trunk/jdbc/src/java/org/apache/hive/jdbc/HiveQueryResultSet.java
URL: http://svn.apache.org/viewvc/hive/trunk/jdbc/src/java/org/apache/hive/jdbc/HiveQueryResultSet.java?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/jdbc/src/java/org/apache/hive/jdbc/HiveQueryResultSet.java (original)
+++ hive/trunk/jdbc/src/java/org/apache/hive/jdbc/HiveQueryResultSet.java Thu Feb  6 23:11:12 2014
@@ -236,7 +236,6 @@ public class HiveQueryResultSet extends 
    * Retrieve schema from the server
    */
   private void retrieveSchema() throws SQLException {
-    System.err.println("[HiveQueryResultSet/next] 0");
     try {
       TGetResultSetMetadataReq metadataReq = new TGetResultSetMetadataReq(stmtHandle);
       // TODO need session handle

Modified: hive/trunk/metastore/if/hive_metastore.thrift
URL: http://svn.apache.org/viewvc/hive/trunk/metastore/if/hive_metastore.thrift?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/metastore/if/hive_metastore.thrift (original)
+++ hive/trunk/metastore/if/hive_metastore.thrift Thu Feb  6 23:11:12 2014
@@ -107,6 +107,11 @@ struct Role {
   1: string roleName,
   2: i32 createTime,
   3: string ownerName,
+  4: optional string principalName,
+  5: optional string principalType,
+  6: optional bool grantOption,
+  7: optional i32 grantTime,
+  8: optional string grantor
 }
 
 // namespace for tables

Modified: hive/trunk/metastore/src/gen/thrift/gen-cpp/hive_metastore_types.cpp
URL: http://svn.apache.org/viewvc/hive/trunk/metastore/src/gen/thrift/gen-cpp/hive_metastore_types.cpp?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/metastore/src/gen/thrift/gen-cpp/hive_metastore_types.cpp (original)
+++ hive/trunk/metastore/src/gen/thrift/gen-cpp/hive_metastore_types.cpp Thu Feb  6 23:11:12 2014
@@ -990,8 +990,8 @@ void swap(PrincipalPrivilegeSet &a, Prin
   swap(a.__isset, b.__isset);
 }
 
-const char* Role::ascii_fingerprint = "70563A0628F75DF9555F4D24690B1E26";
-const uint8_t Role::binary_fingerprint[16] = {0x70,0x56,0x3A,0x06,0x28,0xF7,0x5D,0xF9,0x55,0x5F,0x4D,0x24,0x69,0x0B,0x1E,0x26};
+const char* Role::ascii_fingerprint = "8DEBC3096AEF414FFF38C357ECEEA8BC";
+const uint8_t Role::binary_fingerprint[16] = {0x8D,0xEB,0xC3,0x09,0x6A,0xEF,0x41,0x4F,0xFF,0x38,0xC3,0x57,0xEC,0xEE,0xA8,0xBC};
 
 uint32_t Role::read(::apache::thrift::protocol::TProtocol* iprot) {
 
@@ -1037,6 +1037,46 @@ uint32_t Role::read(::apache::thrift::pr
           xfer += iprot->skip(ftype);
         }
         break;
+      case 4:
+        if (ftype == ::apache::thrift::protocol::T_STRING) {
+          xfer += iprot->readString(this->principalName);
+          this->__isset.principalName = true;
+        } else {
+          xfer += iprot->skip(ftype);
+        }
+        break;
+      case 5:
+        if (ftype == ::apache::thrift::protocol::T_STRING) {
+          xfer += iprot->readString(this->principalType);
+          this->__isset.principalType = true;
+        } else {
+          xfer += iprot->skip(ftype);
+        }
+        break;
+      case 6:
+        if (ftype == ::apache::thrift::protocol::T_BOOL) {
+          xfer += iprot->readBool(this->grantOption);
+          this->__isset.grantOption = true;
+        } else {
+          xfer += iprot->skip(ftype);
+        }
+        break;
+      case 7:
+        if (ftype == ::apache::thrift::protocol::T_I32) {
+          xfer += iprot->readI32(this->grantTime);
+          this->__isset.grantTime = true;
+        } else {
+          xfer += iprot->skip(ftype);
+        }
+        break;
+      case 8:
+        if (ftype == ::apache::thrift::protocol::T_STRING) {
+          xfer += iprot->readString(this->grantor);
+          this->__isset.grantor = true;
+        } else {
+          xfer += iprot->skip(ftype);
+        }
+        break;
       default:
         xfer += iprot->skip(ftype);
         break;
@@ -1065,6 +1105,31 @@ uint32_t Role::write(::apache::thrift::p
   xfer += oprot->writeString(this->ownerName);
   xfer += oprot->writeFieldEnd();
 
+  if (this->__isset.principalName) {
+    xfer += oprot->writeFieldBegin("principalName", ::apache::thrift::protocol::T_STRING, 4);
+    xfer += oprot->writeString(this->principalName);
+    xfer += oprot->writeFieldEnd();
+  }
+  if (this->__isset.principalType) {
+    xfer += oprot->writeFieldBegin("principalType", ::apache::thrift::protocol::T_STRING, 5);
+    xfer += oprot->writeString(this->principalType);
+    xfer += oprot->writeFieldEnd();
+  }
+  if (this->__isset.grantOption) {
+    xfer += oprot->writeFieldBegin("grantOption", ::apache::thrift::protocol::T_BOOL, 6);
+    xfer += oprot->writeBool(this->grantOption);
+    xfer += oprot->writeFieldEnd();
+  }
+  if (this->__isset.grantTime) {
+    xfer += oprot->writeFieldBegin("grantTime", ::apache::thrift::protocol::T_I32, 7);
+    xfer += oprot->writeI32(this->grantTime);
+    xfer += oprot->writeFieldEnd();
+  }
+  if (this->__isset.grantor) {
+    xfer += oprot->writeFieldBegin("grantor", ::apache::thrift::protocol::T_STRING, 8);
+    xfer += oprot->writeString(this->grantor);
+    xfer += oprot->writeFieldEnd();
+  }
   xfer += oprot->writeFieldStop();
   xfer += oprot->writeStructEnd();
   return xfer;
@@ -1075,6 +1140,11 @@ void swap(Role &a, Role &b) {
   swap(a.roleName, b.roleName);
   swap(a.createTime, b.createTime);
   swap(a.ownerName, b.ownerName);
+  swap(a.principalName, b.principalName);
+  swap(a.principalType, b.principalType);
+  swap(a.grantOption, b.grantOption);
+  swap(a.grantTime, b.grantTime);
+  swap(a.grantor, b.grantor);
   swap(a.__isset, b.__isset);
 }
 

Modified: hive/trunk/metastore/src/gen/thrift/gen-cpp/hive_metastore_types.h
URL: http://svn.apache.org/viewvc/hive/trunk/metastore/src/gen/thrift/gen-cpp/hive_metastore_types.h?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/metastore/src/gen/thrift/gen-cpp/hive_metastore_types.h (original)
+++ hive/trunk/metastore/src/gen/thrift/gen-cpp/hive_metastore_types.h Thu Feb  6 23:11:12 2014
@@ -553,19 +553,24 @@ class PrincipalPrivilegeSet {
 void swap(PrincipalPrivilegeSet &a, PrincipalPrivilegeSet &b);
 
 typedef struct _Role__isset {
-  _Role__isset() : roleName(false), createTime(false), ownerName(false) {}
+  _Role__isset() : roleName(false), createTime(false), ownerName(false), principalName(false), principalType(false), grantOption(false), grantTime(false), grantor(false) {}
   bool roleName;
   bool createTime;
   bool ownerName;
+  bool principalName;
+  bool principalType;
+  bool grantOption;
+  bool grantTime;
+  bool grantor;
 } _Role__isset;
 
 class Role {
  public:
 
-  static const char* ascii_fingerprint; // = "70563A0628F75DF9555F4D24690B1E26";
-  static const uint8_t binary_fingerprint[16]; // = {0x70,0x56,0x3A,0x06,0x28,0xF7,0x5D,0xF9,0x55,0x5F,0x4D,0x24,0x69,0x0B,0x1E,0x26};
+  static const char* ascii_fingerprint; // = "8DEBC3096AEF414FFF38C357ECEEA8BC";
+  static const uint8_t binary_fingerprint[16]; // = {0x8D,0xEB,0xC3,0x09,0x6A,0xEF,0x41,0x4F,0xFF,0x38,0xC3,0x57,0xEC,0xEE,0xA8,0xBC};
 
-  Role() : roleName(), createTime(0), ownerName() {
+  Role() : roleName(), createTime(0), ownerName(), principalName(), principalType(), grantOption(0), grantTime(0), grantor() {
   }
 
   virtual ~Role() throw() {}
@@ -573,6 +578,11 @@ class Role {
   std::string roleName;
   int32_t createTime;
   std::string ownerName;
+  std::string principalName;
+  std::string principalType;
+  bool grantOption;
+  int32_t grantTime;
+  std::string grantor;
 
   _Role__isset __isset;
 
@@ -588,6 +598,31 @@ class Role {
     ownerName = val;
   }
 
+  void __set_principalName(const std::string& val) {
+    principalName = val;
+    __isset.principalName = true;
+  }
+
+  void __set_principalType(const std::string& val) {
+    principalType = val;
+    __isset.principalType = true;
+  }
+
+  void __set_grantOption(const bool val) {
+    grantOption = val;
+    __isset.grantOption = true;
+  }
+
+  void __set_grantTime(const int32_t val) {
+    grantTime = val;
+    __isset.grantTime = true;
+  }
+
+  void __set_grantor(const std::string& val) {
+    grantor = val;
+    __isset.grantor = true;
+  }
+
   bool operator == (const Role & rhs) const
   {
     if (!(roleName == rhs.roleName))
@@ -596,6 +631,26 @@ class Role {
       return false;
     if (!(ownerName == rhs.ownerName))
       return false;
+    if (__isset.principalName != rhs.__isset.principalName)
+      return false;
+    else if (__isset.principalName && !(principalName == rhs.principalName))
+      return false;
+    if (__isset.principalType != rhs.__isset.principalType)
+      return false;
+    else if (__isset.principalType && !(principalType == rhs.principalType))
+      return false;
+    if (__isset.grantOption != rhs.__isset.grantOption)
+      return false;
+    else if (__isset.grantOption && !(grantOption == rhs.grantOption))
+      return false;
+    if (__isset.grantTime != rhs.__isset.grantTime)
+      return false;
+    else if (__isset.grantTime && !(grantTime == rhs.grantTime))
+      return false;
+    if (__isset.grantor != rhs.__isset.grantor)
+      return false;
+    else if (__isset.grantor && !(grantor == rhs.grantor))
+      return false;
     return true;
   }
   bool operator != (const Role &rhs) const {

Modified: hive/trunk/metastore/src/gen/thrift/gen-javabean/org/apache/hadoop/hive/metastore/api/Role.java
URL: http://svn.apache.org/viewvc/hive/trunk/metastore/src/gen/thrift/gen-javabean/org/apache/hadoop/hive/metastore/api/Role.java?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/metastore/src/gen/thrift/gen-javabean/org/apache/hadoop/hive/metastore/api/Role.java (original)
+++ hive/trunk/metastore/src/gen/thrift/gen-javabean/org/apache/hadoop/hive/metastore/api/Role.java Thu Feb  6 23:11:12 2014
@@ -37,6 +37,11 @@ public class Role implements org.apache.
   private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)1);
   private static final org.apache.thrift.protocol.TField CREATE_TIME_FIELD_DESC = new org.apache.thrift.protocol.TField("createTime", org.apache.thrift.protocol.TType.I32, (short)2);
   private static final org.apache.thrift.protocol.TField OWNER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("ownerName", org.apache.thrift.protocol.TType.STRING, (short)3);
+  private static final org.apache.thrift.protocol.TField PRINCIPAL_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("principalName", org.apache.thrift.protocol.TType.STRING, (short)4);
+  private static final org.apache.thrift.protocol.TField PRINCIPAL_TYPE_FIELD_DESC = new org.apache.thrift.protocol.TField("principalType", org.apache.thrift.protocol.TType.STRING, (short)5);
+  private static final org.apache.thrift.protocol.TField GRANT_OPTION_FIELD_DESC = new org.apache.thrift.protocol.TField("grantOption", org.apache.thrift.protocol.TType.BOOL, (short)6);
+  private static final org.apache.thrift.protocol.TField GRANT_TIME_FIELD_DESC = new org.apache.thrift.protocol.TField("grantTime", org.apache.thrift.protocol.TType.I32, (short)7);
+  private static final org.apache.thrift.protocol.TField GRANTOR_FIELD_DESC = new org.apache.thrift.protocol.TField("grantor", org.apache.thrift.protocol.TType.STRING, (short)8);
 
   private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
   static {
@@ -47,12 +52,22 @@ public class Role implements org.apache.
   private String roleName; // required
   private int createTime; // required
   private String ownerName; // required
+  private String principalName; // optional
+  private String principalType; // optional
+  private boolean grantOption; // optional
+  private int grantTime; // optional
+  private String grantor; // optional
 
   /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
   public enum _Fields implements org.apache.thrift.TFieldIdEnum {
     ROLE_NAME((short)1, "roleName"),
     CREATE_TIME((short)2, "createTime"),
-    OWNER_NAME((short)3, "ownerName");
+    OWNER_NAME((short)3, "ownerName"),
+    PRINCIPAL_NAME((short)4, "principalName"),
+    PRINCIPAL_TYPE((short)5, "principalType"),
+    GRANT_OPTION((short)6, "grantOption"),
+    GRANT_TIME((short)7, "grantTime"),
+    GRANTOR((short)8, "grantor");
 
     private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
 
@@ -73,6 +88,16 @@ public class Role implements org.apache.
           return CREATE_TIME;
         case 3: // OWNER_NAME
           return OWNER_NAME;
+        case 4: // PRINCIPAL_NAME
+          return PRINCIPAL_NAME;
+        case 5: // PRINCIPAL_TYPE
+          return PRINCIPAL_TYPE;
+        case 6: // GRANT_OPTION
+          return GRANT_OPTION;
+        case 7: // GRANT_TIME
+          return GRANT_TIME;
+        case 8: // GRANTOR
+          return GRANTOR;
         default:
           return null;
       }
@@ -114,7 +139,10 @@ public class Role implements org.apache.
 
   // isset id assignments
   private static final int __CREATETIME_ISSET_ID = 0;
+  private static final int __GRANTOPTION_ISSET_ID = 1;
+  private static final int __GRANTTIME_ISSET_ID = 2;
   private byte __isset_bitfield = 0;
+  private _Fields optionals[] = {_Fields.PRINCIPAL_NAME,_Fields.PRINCIPAL_TYPE,_Fields.GRANT_OPTION,_Fields.GRANT_TIME,_Fields.GRANTOR};
   public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
   static {
     Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
@@ -124,6 +152,16 @@ public class Role implements org.apache.
         new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
     tmpMap.put(_Fields.OWNER_NAME, new org.apache.thrift.meta_data.FieldMetaData("ownerName", org.apache.thrift.TFieldRequirementType.DEFAULT, 
         new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
+    tmpMap.put(_Fields.PRINCIPAL_NAME, new org.apache.thrift.meta_data.FieldMetaData("principalName", org.apache.thrift.TFieldRequirementType.OPTIONAL, 
+        new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
+    tmpMap.put(_Fields.PRINCIPAL_TYPE, new org.apache.thrift.meta_data.FieldMetaData("principalType", org.apache.thrift.TFieldRequirementType.OPTIONAL, 
+        new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
+    tmpMap.put(_Fields.GRANT_OPTION, new org.apache.thrift.meta_data.FieldMetaData("grantOption", org.apache.thrift.TFieldRequirementType.OPTIONAL, 
+        new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.BOOL)));
+    tmpMap.put(_Fields.GRANT_TIME, new org.apache.thrift.meta_data.FieldMetaData("grantTime", org.apache.thrift.TFieldRequirementType.OPTIONAL, 
+        new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
+    tmpMap.put(_Fields.GRANTOR, new org.apache.thrift.meta_data.FieldMetaData("grantor", org.apache.thrift.TFieldRequirementType.OPTIONAL, 
+        new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
     metaDataMap = Collections.unmodifiableMap(tmpMap);
     org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(Role.class, metaDataMap);
   }
@@ -155,6 +193,17 @@ public class Role implements org.apache.
     if (other.isSetOwnerName()) {
       this.ownerName = other.ownerName;
     }
+    if (other.isSetPrincipalName()) {
+      this.principalName = other.principalName;
+    }
+    if (other.isSetPrincipalType()) {
+      this.principalType = other.principalType;
+    }
+    this.grantOption = other.grantOption;
+    this.grantTime = other.grantTime;
+    if (other.isSetGrantor()) {
+      this.grantor = other.grantor;
+    }
   }
 
   public Role deepCopy() {
@@ -167,6 +216,13 @@ public class Role implements org.apache.
     setCreateTimeIsSet(false);
     this.createTime = 0;
     this.ownerName = null;
+    this.principalName = null;
+    this.principalType = null;
+    setGrantOptionIsSet(false);
+    this.grantOption = false;
+    setGrantTimeIsSet(false);
+    this.grantTime = 0;
+    this.grantor = null;
   }
 
   public String getRoleName() {
@@ -237,6 +293,119 @@ public class Role implements org.apache.
     }
   }
 
+  public String getPrincipalName() {
+    return this.principalName;
+  }
+
+  public void setPrincipalName(String principalName) {
+    this.principalName = principalName;
+  }
+
+  public void unsetPrincipalName() {
+    this.principalName = null;
+  }
+
+  /** Returns true if field principalName is set (has been assigned a value) and false otherwise */
+  public boolean isSetPrincipalName() {
+    return this.principalName != null;
+  }
+
+  public void setPrincipalNameIsSet(boolean value) {
+    if (!value) {
+      this.principalName = null;
+    }
+  }
+
+  public String getPrincipalType() {
+    return this.principalType;
+  }
+
+  public void setPrincipalType(String principalType) {
+    this.principalType = principalType;
+  }
+
+  public void unsetPrincipalType() {
+    this.principalType = null;
+  }
+
+  /** Returns true if field principalType is set (has been assigned a value) and false otherwise */
+  public boolean isSetPrincipalType() {
+    return this.principalType != null;
+  }
+
+  public void setPrincipalTypeIsSet(boolean value) {
+    if (!value) {
+      this.principalType = null;
+    }
+  }
+
+  public boolean isGrantOption() {
+    return this.grantOption;
+  }
+
+  public void setGrantOption(boolean grantOption) {
+    this.grantOption = grantOption;
+    setGrantOptionIsSet(true);
+  }
+
+  public void unsetGrantOption() {
+    __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __GRANTOPTION_ISSET_ID);
+  }
+
+  /** Returns true if field grantOption is set (has been assigned a value) and false otherwise */
+  public boolean isSetGrantOption() {
+    return EncodingUtils.testBit(__isset_bitfield, __GRANTOPTION_ISSET_ID);
+  }
+
+  public void setGrantOptionIsSet(boolean value) {
+    __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __GRANTOPTION_ISSET_ID, value);
+  }
+
+  public int getGrantTime() {
+    return this.grantTime;
+  }
+
+  public void setGrantTime(int grantTime) {
+    this.grantTime = grantTime;
+    setGrantTimeIsSet(true);
+  }
+
+  public void unsetGrantTime() {
+    __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __GRANTTIME_ISSET_ID);
+  }
+
+  /** Returns true if field grantTime is set (has been assigned a value) and false otherwise */
+  public boolean isSetGrantTime() {
+    return EncodingUtils.testBit(__isset_bitfield, __GRANTTIME_ISSET_ID);
+  }
+
+  public void setGrantTimeIsSet(boolean value) {
+    __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __GRANTTIME_ISSET_ID, value);
+  }
+
+  public String getGrantor() {
+    return this.grantor;
+  }
+
+  public void setGrantor(String grantor) {
+    this.grantor = grantor;
+  }
+
+  public void unsetGrantor() {
+    this.grantor = null;
+  }
+
+  /** Returns true if field grantor is set (has been assigned a value) and false otherwise */
+  public boolean isSetGrantor() {
+    return this.grantor != null;
+  }
+
+  public void setGrantorIsSet(boolean value) {
+    if (!value) {
+      this.grantor = null;
+    }
+  }
+
   public void setFieldValue(_Fields field, Object value) {
     switch (field) {
     case ROLE_NAME:
@@ -263,6 +432,46 @@ public class Role implements org.apache.
       }
       break;
 
+    case PRINCIPAL_NAME:
+      if (value == null) {
+        unsetPrincipalName();
+      } else {
+        setPrincipalName((String)value);
+      }
+      break;
+
+    case PRINCIPAL_TYPE:
+      if (value == null) {
+        unsetPrincipalType();
+      } else {
+        setPrincipalType((String)value);
+      }
+      break;
+
+    case GRANT_OPTION:
+      if (value == null) {
+        unsetGrantOption();
+      } else {
+        setGrantOption((Boolean)value);
+      }
+      break;
+
+    case GRANT_TIME:
+      if (value == null) {
+        unsetGrantTime();
+      } else {
+        setGrantTime((Integer)value);
+      }
+      break;
+
+    case GRANTOR:
+      if (value == null) {
+        unsetGrantor();
+      } else {
+        setGrantor((String)value);
+      }
+      break;
+
     }
   }
 
@@ -277,6 +486,21 @@ public class Role implements org.apache.
     case OWNER_NAME:
       return getOwnerName();
 
+    case PRINCIPAL_NAME:
+      return getPrincipalName();
+
+    case PRINCIPAL_TYPE:
+      return getPrincipalType();
+
+    case GRANT_OPTION:
+      return Boolean.valueOf(isGrantOption());
+
+    case GRANT_TIME:
+      return Integer.valueOf(getGrantTime());
+
+    case GRANTOR:
+      return getGrantor();
+
     }
     throw new IllegalStateException();
   }
@@ -294,6 +518,16 @@ public class Role implements org.apache.
       return isSetCreateTime();
     case OWNER_NAME:
       return isSetOwnerName();
+    case PRINCIPAL_NAME:
+      return isSetPrincipalName();
+    case PRINCIPAL_TYPE:
+      return isSetPrincipalType();
+    case GRANT_OPTION:
+      return isSetGrantOption();
+    case GRANT_TIME:
+      return isSetGrantTime();
+    case GRANTOR:
+      return isSetGrantor();
     }
     throw new IllegalStateException();
   }
@@ -338,6 +572,51 @@ public class Role implements org.apache.
         return false;
     }
 
+    boolean this_present_principalName = true && this.isSetPrincipalName();
+    boolean that_present_principalName = true && that.isSetPrincipalName();
+    if (this_present_principalName || that_present_principalName) {
+      if (!(this_present_principalName && that_present_principalName))
+        return false;
+      if (!this.principalName.equals(that.principalName))
+        return false;
+    }
+
+    boolean this_present_principalType = true && this.isSetPrincipalType();
+    boolean that_present_principalType = true && that.isSetPrincipalType();
+    if (this_present_principalType || that_present_principalType) {
+      if (!(this_present_principalType && that_present_principalType))
+        return false;
+      if (!this.principalType.equals(that.principalType))
+        return false;
+    }
+
+    boolean this_present_grantOption = true && this.isSetGrantOption();
+    boolean that_present_grantOption = true && that.isSetGrantOption();
+    if (this_present_grantOption || that_present_grantOption) {
+      if (!(this_present_grantOption && that_present_grantOption))
+        return false;
+      if (this.grantOption != that.grantOption)
+        return false;
+    }
+
+    boolean this_present_grantTime = true && this.isSetGrantTime();
+    boolean that_present_grantTime = true && that.isSetGrantTime();
+    if (this_present_grantTime || that_present_grantTime) {
+      if (!(this_present_grantTime && that_present_grantTime))
+        return false;
+      if (this.grantTime != that.grantTime)
+        return false;
+    }
+
+    boolean this_present_grantor = true && this.isSetGrantor();
+    boolean that_present_grantor = true && that.isSetGrantor();
+    if (this_present_grantor || that_present_grantor) {
+      if (!(this_present_grantor && that_present_grantor))
+        return false;
+      if (!this.grantor.equals(that.grantor))
+        return false;
+    }
+
     return true;
   }
 
@@ -360,6 +639,31 @@ public class Role implements org.apache.
     if (present_ownerName)
       builder.append(ownerName);
 
+    boolean present_principalName = true && (isSetPrincipalName());
+    builder.append(present_principalName);
+    if (present_principalName)
+      builder.append(principalName);
+
+    boolean present_principalType = true && (isSetPrincipalType());
+    builder.append(present_principalType);
+    if (present_principalType)
+      builder.append(principalType);
+
+    boolean present_grantOption = true && (isSetGrantOption());
+    builder.append(present_grantOption);
+    if (present_grantOption)
+      builder.append(grantOption);
+
+    boolean present_grantTime = true && (isSetGrantTime());
+    builder.append(present_grantTime);
+    if (present_grantTime)
+      builder.append(grantTime);
+
+    boolean present_grantor = true && (isSetGrantor());
+    builder.append(present_grantor);
+    if (present_grantor)
+      builder.append(grantor);
+
     return builder.toHashCode();
   }
 
@@ -401,6 +705,56 @@ public class Role implements org.apache.
         return lastComparison;
       }
     }
+    lastComparison = Boolean.valueOf(isSetPrincipalName()).compareTo(typedOther.isSetPrincipalName());
+    if (lastComparison != 0) {
+      return lastComparison;
+    }
+    if (isSetPrincipalName()) {
+      lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.principalName, typedOther.principalName);
+      if (lastComparison != 0) {
+        return lastComparison;
+      }
+    }
+    lastComparison = Boolean.valueOf(isSetPrincipalType()).compareTo(typedOther.isSetPrincipalType());
+    if (lastComparison != 0) {
+      return lastComparison;
+    }
+    if (isSetPrincipalType()) {
+      lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.principalType, typedOther.principalType);
+      if (lastComparison != 0) {
+        return lastComparison;
+      }
+    }
+    lastComparison = Boolean.valueOf(isSetGrantOption()).compareTo(typedOther.isSetGrantOption());
+    if (lastComparison != 0) {
+      return lastComparison;
+    }
+    if (isSetGrantOption()) {
+      lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.grantOption, typedOther.grantOption);
+      if (lastComparison != 0) {
+        return lastComparison;
+      }
+    }
+    lastComparison = Boolean.valueOf(isSetGrantTime()).compareTo(typedOther.isSetGrantTime());
+    if (lastComparison != 0) {
+      return lastComparison;
+    }
+    if (isSetGrantTime()) {
+      lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.grantTime, typedOther.grantTime);
+      if (lastComparison != 0) {
+        return lastComparison;
+      }
+    }
+    lastComparison = Boolean.valueOf(isSetGrantor()).compareTo(typedOther.isSetGrantor());
+    if (lastComparison != 0) {
+      return lastComparison;
+    }
+    if (isSetGrantor()) {
+      lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.grantor, typedOther.grantor);
+      if (lastComparison != 0) {
+        return lastComparison;
+      }
+    }
     return 0;
   }
 
@@ -440,6 +794,48 @@ public class Role implements org.apache.
       sb.append(this.ownerName);
     }
     first = false;
+    if (isSetPrincipalName()) {
+      if (!first) sb.append(", ");
+      sb.append("principalName:");
+      if (this.principalName == null) {
+        sb.append("null");
+      } else {
+        sb.append(this.principalName);
+      }
+      first = false;
+    }
+    if (isSetPrincipalType()) {
+      if (!first) sb.append(", ");
+      sb.append("principalType:");
+      if (this.principalType == null) {
+        sb.append("null");
+      } else {
+        sb.append(this.principalType);
+      }
+      first = false;
+    }
+    if (isSetGrantOption()) {
+      if (!first) sb.append(", ");
+      sb.append("grantOption:");
+      sb.append(this.grantOption);
+      first = false;
+    }
+    if (isSetGrantTime()) {
+      if (!first) sb.append(", ");
+      sb.append("grantTime:");
+      sb.append(this.grantTime);
+      first = false;
+    }
+    if (isSetGrantor()) {
+      if (!first) sb.append(", ");
+      sb.append("grantor:");
+      if (this.grantor == null) {
+        sb.append("null");
+      } else {
+        sb.append(this.grantor);
+      }
+      first = false;
+    }
     sb.append(")");
     return sb.toString();
   }
@@ -509,6 +905,46 @@ public class Role implements org.apache.
               org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
             }
             break;
+          case 4: // PRINCIPAL_NAME
+            if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
+              struct.principalName = iprot.readString();
+              struct.setPrincipalNameIsSet(true);
+            } else { 
+              org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+            }
+            break;
+          case 5: // PRINCIPAL_TYPE
+            if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
+              struct.principalType = iprot.readString();
+              struct.setPrincipalTypeIsSet(true);
+            } else { 
+              org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+            }
+            break;
+          case 6: // GRANT_OPTION
+            if (schemeField.type == org.apache.thrift.protocol.TType.BOOL) {
+              struct.grantOption = iprot.readBool();
+              struct.setGrantOptionIsSet(true);
+            } else { 
+              org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+            }
+            break;
+          case 7: // GRANT_TIME
+            if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
+              struct.grantTime = iprot.readI32();
+              struct.setGrantTimeIsSet(true);
+            } else { 
+              org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+            }
+            break;
+          case 8: // GRANTOR
+            if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
+              struct.grantor = iprot.readString();
+              struct.setGrantorIsSet(true);
+            } else { 
+              org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+            }
+            break;
           default:
             org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
         }
@@ -535,6 +971,37 @@ public class Role implements org.apache.
         oprot.writeString(struct.ownerName);
         oprot.writeFieldEnd();
       }
+      if (struct.principalName != null) {
+        if (struct.isSetPrincipalName()) {
+          oprot.writeFieldBegin(PRINCIPAL_NAME_FIELD_DESC);
+          oprot.writeString(struct.principalName);
+          oprot.writeFieldEnd();
+        }
+      }
+      if (struct.principalType != null) {
+        if (struct.isSetPrincipalType()) {
+          oprot.writeFieldBegin(PRINCIPAL_TYPE_FIELD_DESC);
+          oprot.writeString(struct.principalType);
+          oprot.writeFieldEnd();
+        }
+      }
+      if (struct.isSetGrantOption()) {
+        oprot.writeFieldBegin(GRANT_OPTION_FIELD_DESC);
+        oprot.writeBool(struct.grantOption);
+        oprot.writeFieldEnd();
+      }
+      if (struct.isSetGrantTime()) {
+        oprot.writeFieldBegin(GRANT_TIME_FIELD_DESC);
+        oprot.writeI32(struct.grantTime);
+        oprot.writeFieldEnd();
+      }
+      if (struct.grantor != null) {
+        if (struct.isSetGrantor()) {
+          oprot.writeFieldBegin(GRANTOR_FIELD_DESC);
+          oprot.writeString(struct.grantor);
+          oprot.writeFieldEnd();
+        }
+      }
       oprot.writeFieldStop();
       oprot.writeStructEnd();
     }
@@ -562,7 +1029,22 @@ public class Role implements org.apache.
       if (struct.isSetOwnerName()) {
         optionals.set(2);
       }
-      oprot.writeBitSet(optionals, 3);
+      if (struct.isSetPrincipalName()) {
+        optionals.set(3);
+      }
+      if (struct.isSetPrincipalType()) {
+        optionals.set(4);
+      }
+      if (struct.isSetGrantOption()) {
+        optionals.set(5);
+      }
+      if (struct.isSetGrantTime()) {
+        optionals.set(6);
+      }
+      if (struct.isSetGrantor()) {
+        optionals.set(7);
+      }
+      oprot.writeBitSet(optionals, 8);
       if (struct.isSetRoleName()) {
         oprot.writeString(struct.roleName);
       }
@@ -572,12 +1054,27 @@ public class Role implements org.apache.
       if (struct.isSetOwnerName()) {
         oprot.writeString(struct.ownerName);
       }
+      if (struct.isSetPrincipalName()) {
+        oprot.writeString(struct.principalName);
+      }
+      if (struct.isSetPrincipalType()) {
+        oprot.writeString(struct.principalType);
+      }
+      if (struct.isSetGrantOption()) {
+        oprot.writeBool(struct.grantOption);
+      }
+      if (struct.isSetGrantTime()) {
+        oprot.writeI32(struct.grantTime);
+      }
+      if (struct.isSetGrantor()) {
+        oprot.writeString(struct.grantor);
+      }
     }
 
     @Override
     public void read(org.apache.thrift.protocol.TProtocol prot, Role struct) throws org.apache.thrift.TException {
       TTupleProtocol iprot = (TTupleProtocol) prot;
-      BitSet incoming = iprot.readBitSet(3);
+      BitSet incoming = iprot.readBitSet(8);
       if (incoming.get(0)) {
         struct.roleName = iprot.readString();
         struct.setRoleNameIsSet(true);
@@ -590,6 +1087,26 @@ public class Role implements org.apache.
         struct.ownerName = iprot.readString();
         struct.setOwnerNameIsSet(true);
       }
+      if (incoming.get(3)) {
+        struct.principalName = iprot.readString();
+        struct.setPrincipalNameIsSet(true);
+      }
+      if (incoming.get(4)) {
+        struct.principalType = iprot.readString();
+        struct.setPrincipalTypeIsSet(true);
+      }
+      if (incoming.get(5)) {
+        struct.grantOption = iprot.readBool();
+        struct.setGrantOptionIsSet(true);
+      }
+      if (incoming.get(6)) {
+        struct.grantTime = iprot.readI32();
+        struct.setGrantTimeIsSet(true);
+      }
+      if (incoming.get(7)) {
+        struct.grantor = iprot.readString();
+        struct.setGrantorIsSet(true);
+      }
     }
   }
 

Modified: hive/trunk/metastore/src/gen/thrift/gen-php/metastore/Types.php
URL: http://svn.apache.org/viewvc/hive/trunk/metastore/src/gen/thrift/gen-php/metastore/Types.php?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/metastore/src/gen/thrift/gen-php/metastore/Types.php (original)
+++ hive/trunk/metastore/src/gen/thrift/gen-php/metastore/Types.php Thu Feb  6 23:11:12 2014
@@ -1280,6 +1280,11 @@ class Role {
   public $roleName = null;
   public $createTime = null;
   public $ownerName = null;
+  public $principalName = null;
+  public $principalType = null;
+  public $grantOption = null;
+  public $grantTime = null;
+  public $grantor = null;
 
   public function __construct($vals=null) {
     if (!isset(self::$_TSPEC)) {
@@ -1296,6 +1301,26 @@ class Role {
           'var' => 'ownerName',
           'type' => TType::STRING,
           ),
+        4 => array(
+          'var' => 'principalName',
+          'type' => TType::STRING,
+          ),
+        5 => array(
+          'var' => 'principalType',
+          'type' => TType::STRING,
+          ),
+        6 => array(
+          'var' => 'grantOption',
+          'type' => TType::BOOL,
+          ),
+        7 => array(
+          'var' => 'grantTime',
+          'type' => TType::I32,
+          ),
+        8 => array(
+          'var' => 'grantor',
+          'type' => TType::STRING,
+          ),
         );
     }
     if (is_array($vals)) {
@@ -1308,6 +1333,21 @@ class Role {
       if (isset($vals['ownerName'])) {
         $this->ownerName = $vals['ownerName'];
       }
+      if (isset($vals['principalName'])) {
+        $this->principalName = $vals['principalName'];
+      }
+      if (isset($vals['principalType'])) {
+        $this->principalType = $vals['principalType'];
+      }
+      if (isset($vals['grantOption'])) {
+        $this->grantOption = $vals['grantOption'];
+      }
+      if (isset($vals['grantTime'])) {
+        $this->grantTime = $vals['grantTime'];
+      }
+      if (isset($vals['grantor'])) {
+        $this->grantor = $vals['grantor'];
+      }
     }
   }
 
@@ -1351,6 +1391,41 @@ class Role {
             $xfer += $input->skip($ftype);
           }
           break;
+        case 4:
+          if ($ftype == TType::STRING) {
+            $xfer += $input->readString($this->principalName);
+          } else {
+            $xfer += $input->skip($ftype);
+          }
+          break;
+        case 5:
+          if ($ftype == TType::STRING) {
+            $xfer += $input->readString($this->principalType);
+          } else {
+            $xfer += $input->skip($ftype);
+          }
+          break;
+        case 6:
+          if ($ftype == TType::BOOL) {
+            $xfer += $input->readBool($this->grantOption);
+          } else {
+            $xfer += $input->skip($ftype);
+          }
+          break;
+        case 7:
+          if ($ftype == TType::I32) {
+            $xfer += $input->readI32($this->grantTime);
+          } else {
+            $xfer += $input->skip($ftype);
+          }
+          break;
+        case 8:
+          if ($ftype == TType::STRING) {
+            $xfer += $input->readString($this->grantor);
+          } else {
+            $xfer += $input->skip($ftype);
+          }
+          break;
         default:
           $xfer += $input->skip($ftype);
           break;
@@ -1379,6 +1454,31 @@ class Role {
       $xfer += $output->writeString($this->ownerName);
       $xfer += $output->writeFieldEnd();
     }
+    if ($this->principalName !== null) {
+      $xfer += $output->writeFieldBegin('principalName', TType::STRING, 4);
+      $xfer += $output->writeString($this->principalName);
+      $xfer += $output->writeFieldEnd();
+    }
+    if ($this->principalType !== null) {
+      $xfer += $output->writeFieldBegin('principalType', TType::STRING, 5);
+      $xfer += $output->writeString($this->principalType);
+      $xfer += $output->writeFieldEnd();
+    }
+    if ($this->grantOption !== null) {
+      $xfer += $output->writeFieldBegin('grantOption', TType::BOOL, 6);
+      $xfer += $output->writeBool($this->grantOption);
+      $xfer += $output->writeFieldEnd();
+    }
+    if ($this->grantTime !== null) {
+      $xfer += $output->writeFieldBegin('grantTime', TType::I32, 7);
+      $xfer += $output->writeI32($this->grantTime);
+      $xfer += $output->writeFieldEnd();
+    }
+    if ($this->grantor !== null) {
+      $xfer += $output->writeFieldBegin('grantor', TType::STRING, 8);
+      $xfer += $output->writeString($this->grantor);
+      $xfer += $output->writeFieldEnd();
+    }
     $xfer += $output->writeFieldStop();
     $xfer += $output->writeStructEnd();
     return $xfer;

Modified: hive/trunk/metastore/src/gen/thrift/gen-py/hive_metastore/ttypes.py
URL: http://svn.apache.org/viewvc/hive/trunk/metastore/src/gen/thrift/gen-py/hive_metastore/ttypes.py?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/metastore/src/gen/thrift/gen-py/hive_metastore/ttypes.py (original)
+++ hive/trunk/metastore/src/gen/thrift/gen-py/hive_metastore/ttypes.py Thu Feb  6 23:11:12 2014
@@ -869,6 +869,11 @@ class Role:
    - roleName
    - createTime
    - ownerName
+   - principalName
+   - principalType
+   - grantOption
+   - grantTime
+   - grantor
   """
 
   thrift_spec = (
@@ -876,12 +881,22 @@ class Role:
     (1, TType.STRING, 'roleName', None, None, ), # 1
     (2, TType.I32, 'createTime', None, None, ), # 2
     (3, TType.STRING, 'ownerName', None, None, ), # 3
+    (4, TType.STRING, 'principalName', None, None, ), # 4
+    (5, TType.STRING, 'principalType', None, None, ), # 5
+    (6, TType.BOOL, 'grantOption', None, None, ), # 6
+    (7, TType.I32, 'grantTime', None, None, ), # 7
+    (8, TType.STRING, 'grantor', None, None, ), # 8
   )
 
-  def __init__(self, roleName=None, createTime=None, ownerName=None,):
+  def __init__(self, roleName=None, createTime=None, ownerName=None, principalName=None, principalType=None, grantOption=None, grantTime=None, grantor=None,):
     self.roleName = roleName
     self.createTime = createTime
     self.ownerName = ownerName
+    self.principalName = principalName
+    self.principalType = principalType
+    self.grantOption = grantOption
+    self.grantTime = grantTime
+    self.grantor = grantor
 
   def read(self, iprot):
     if iprot.__class__ == TBinaryProtocol.TBinaryProtocolAccelerated and isinstance(iprot.trans, TTransport.CReadableTransport) and self.thrift_spec is not None and fastbinary is not None:
@@ -907,6 +922,31 @@ class Role:
           self.ownerName = iprot.readString();
         else:
           iprot.skip(ftype)
+      elif fid == 4:
+        if ftype == TType.STRING:
+          self.principalName = iprot.readString();
+        else:
+          iprot.skip(ftype)
+      elif fid == 5:
+        if ftype == TType.STRING:
+          self.principalType = iprot.readString();
+        else:
+          iprot.skip(ftype)
+      elif fid == 6:
+        if ftype == TType.BOOL:
+          self.grantOption = iprot.readBool();
+        else:
+          iprot.skip(ftype)
+      elif fid == 7:
+        if ftype == TType.I32:
+          self.grantTime = iprot.readI32();
+        else:
+          iprot.skip(ftype)
+      elif fid == 8:
+        if ftype == TType.STRING:
+          self.grantor = iprot.readString();
+        else:
+          iprot.skip(ftype)
       else:
         iprot.skip(ftype)
       iprot.readFieldEnd()
@@ -929,6 +969,26 @@ class Role:
       oprot.writeFieldBegin('ownerName', TType.STRING, 3)
       oprot.writeString(self.ownerName)
       oprot.writeFieldEnd()
+    if self.principalName is not None:
+      oprot.writeFieldBegin('principalName', TType.STRING, 4)
+      oprot.writeString(self.principalName)
+      oprot.writeFieldEnd()
+    if self.principalType is not None:
+      oprot.writeFieldBegin('principalType', TType.STRING, 5)
+      oprot.writeString(self.principalType)
+      oprot.writeFieldEnd()
+    if self.grantOption is not None:
+      oprot.writeFieldBegin('grantOption', TType.BOOL, 6)
+      oprot.writeBool(self.grantOption)
+      oprot.writeFieldEnd()
+    if self.grantTime is not None:
+      oprot.writeFieldBegin('grantTime', TType.I32, 7)
+      oprot.writeI32(self.grantTime)
+      oprot.writeFieldEnd()
+    if self.grantor is not None:
+      oprot.writeFieldBegin('grantor', TType.STRING, 8)
+      oprot.writeString(self.grantor)
+      oprot.writeFieldEnd()
     oprot.writeFieldStop()
     oprot.writeStructEnd()
 

Modified: hive/trunk/metastore/src/gen/thrift/gen-rb/hive_metastore_types.rb
URL: http://svn.apache.org/viewvc/hive/trunk/metastore/src/gen/thrift/gen-rb/hive_metastore_types.rb?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/metastore/src/gen/thrift/gen-rb/hive_metastore_types.rb (original)
+++ hive/trunk/metastore/src/gen/thrift/gen-rb/hive_metastore_types.rb Thu Feb  6 23:11:12 2014
@@ -212,11 +212,21 @@ class Role
   ROLENAME = 1
   CREATETIME = 2
   OWNERNAME = 3
+  PRINCIPALNAME = 4
+  PRINCIPALTYPE = 5
+  GRANTOPTION = 6
+  GRANTTIME = 7
+  GRANTOR = 8
 
   FIELDS = {
     ROLENAME => {:type => ::Thrift::Types::STRING, :name => 'roleName'},
     CREATETIME => {:type => ::Thrift::Types::I32, :name => 'createTime'},
-    OWNERNAME => {:type => ::Thrift::Types::STRING, :name => 'ownerName'}
+    OWNERNAME => {:type => ::Thrift::Types::STRING, :name => 'ownerName'},
+    PRINCIPALNAME => {:type => ::Thrift::Types::STRING, :name => 'principalName', :optional => true},
+    PRINCIPALTYPE => {:type => ::Thrift::Types::STRING, :name => 'principalType', :optional => true},
+    GRANTOPTION => {:type => ::Thrift::Types::BOOL, :name => 'grantOption', :optional => true},
+    GRANTTIME => {:type => ::Thrift::Types::I32, :name => 'grantTime', :optional => true},
+    GRANTOR => {:type => ::Thrift::Types::STRING, :name => 'grantor', :optional => true}
   }
 
   def struct_fields; FIELDS; end

Modified: hive/trunk/metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java
URL: http://svn.apache.org/viewvc/hive/trunk/metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java (original)
+++ hive/trunk/metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java Thu Feb  6 23:11:12 2014
@@ -3773,12 +3773,17 @@ public class HiveMetaStore extends Thrif
 
       List<Role> result = new ArrayList<Role>();
       try {
-        List<MRoleMap> roleMap = getMS().listRoles(principalName, principalType);
-        if (roleMap != null) {
-          for (MRoleMap role : roleMap) {
-            MRole r = role.getRole();
-            result.add(new Role(r.getRoleName(), r
-                .getCreateTime(), r.getOwnerName()));
+        List<MRoleMap> roleMaps = getMS().listRoles(principalName, principalType);
+        if (roleMaps != null) {
+          for (MRoleMap roleMap : roleMaps) {
+            MRole mrole = roleMap.getRole();
+            Role role = new Role(mrole.getRoleName(), mrole.getCreateTime(), mrole.getOwnerName());
+            role.setPrincipalName(roleMap.getPrincipalName());
+            role.setPrincipalType(roleMap.getPrincipalType());
+            role.setGrantOption(roleMap.getGrantOption());
+            role.setGrantTime(roleMap.getAddTime());
+            role.setGrantor(roleMap.getGrantor());
+            result.add(role);
           }
         }
         // all users by default belongs to public role

Modified: hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/Context.java
URL: http://svn.apache.org/viewvc/hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/Context.java?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/Context.java (original)
+++ hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/Context.java Thu Feb  6 23:11:12 2014
@@ -49,7 +49,6 @@ import org.apache.hadoop.hive.ql.lockmgr
 import org.apache.hadoop.hive.ql.plan.LoadTableDesc;
 import org.apache.hadoop.hive.shims.ShimLoader;
 import org.apache.hadoop.util.StringUtils;
-import org.apache.velocity.runtime.parser.node.GetExecutor;
 
 /**
  * Context for Semantic Analyzers. Usage: not reusable - construct a new one for

Modified: hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/exec/DDLTask.java
URL: http://svn.apache.org/viewvc/hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/exec/DDLTask.java?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/exec/DDLTask.java (original)
+++ hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/exec/DDLTask.java Thu Feb  6 23:11:12 2014
@@ -34,7 +34,6 @@ import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collections;
 import java.util.Comparator;
-import java.util.Date;
 import java.util.HashMap;
 import java.util.Iterator;
 import java.util.List;
@@ -164,6 +163,7 @@ import org.apache.hadoop.hive.ql.securit
 import org.apache.hadoop.hive.ql.security.authorization.plugin.HivePrivilegeInfo;
 import org.apache.hadoop.hive.ql.security.authorization.plugin.HivePrivilegeObject;
 import org.apache.hadoop.hive.ql.security.authorization.plugin.HivePrivilegeObject.HivePrivilegeObjectType;
+import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveRole;
 import org.apache.hadoop.hive.ql.session.SessionState;
 import org.apache.hadoop.hive.serde.serdeConstants;
 import org.apache.hadoop.hive.serde2.Deserializer;
@@ -622,7 +622,8 @@ public class DDLTask extends Task<DDLWor
           }
         }
       }
-      writeToFile(writeGrantInfo(privs), showGrantDesc.getResFile());
+      boolean testMode = conf.getBoolVar(HiveConf.ConfVars.HIVE_IN_TEST);
+      writeToFile(writeGrantInfo(privs, testMode), showGrantDesc.getResFile());
     } catch (FileNotFoundException e) {
       LOG.info("show table status: " + stringifyException(e));
       return 1;
@@ -660,7 +661,8 @@ public class DDLTask extends Task<DDLWor
           AuthorizationUtils.getThriftPrincipalType(principal.getType()), grantInfo);
         privList.add(thriftObjectPriv);
       }
-      writeToFile(writeGrantInfo(privList), showGrantDesc.getResFile());
+      boolean testMode = conf.getBoolVar(HiveConf.ConfVars.HIVE_IN_TEST);
+      writeToFile(writeGrantInfo(privList, testMode), showGrantDesc.getResFile());
     } catch (IOException e) {
       throw new HiveException("Error in show grant statement", e);
     }
@@ -914,19 +916,9 @@ public class DDLTask extends Task<DDLWor
       } else if (operation.equals(RoleDDLDesc.RoleOperation.DROP_ROLE)) {
         db.dropRole(roleDDLDesc.getName());
       } else if (operation.equals(RoleDDLDesc.RoleOperation.SHOW_ROLE_GRANT)) {
-        List<Role> roles = db.showRoleGrant(roleDDLDesc.getName(), roleDDLDesc
-            .getPrincipalType());
-        if (roles != null && roles.size() > 0) {
-          Path resFile = new Path(roleDDLDesc.getResFile());
-          FileSystem fs = resFile.getFileSystem(conf);
-          outStream = fs.create(resFile);
-          for (Role role : roles) {
-            outStream.writeBytes(role.getRoleName());
-            outStream.write(terminator);
-          }
-          outStream.close();
-          outStream = null;
-        }
+        boolean testMode = conf.getBoolVar(HiveConf.ConfVars.HIVE_IN_TEST);
+        List<Role> roles = db.showRoleGrant(roleDDLDesc.getName(), roleDDLDesc.getPrincipalType());
+        writeToFile(writeRoleInfo(roles, testMode), roleDDLDesc.getResFile());
       } else if (operation.equals(RoleDDLDesc.RoleOperation.SHOW_ROLES)) {
         List<String> roleNames = db.getAllRoleNames();
         Path resFile = new Path(roleDDLDesc.getResFile());
@@ -969,9 +961,10 @@ public class DDLTask extends Task<DDLWor
       authorizer.dropRole(roleDDLDesc.getName());
       break;
     case SHOW_ROLE_GRANT:
-      List<String> roles = authorizer.getRoles(new HivePrincipal(roleDDLDesc.getName(),
+      boolean testMode = conf.getBoolVar(HiveConf.ConfVars.HIVE_IN_TEST);
+      List<HiveRole> roles = authorizer.getRoles(new HivePrincipal(roleDDLDesc.getName(),
           getHivePrincipalType(roleDDLDesc.getPrincipalType())));
-      writeListToFile(roles, roleDDLDesc.getResFile());
+      writeToFile(writeHiveRoleInfo(roles, testMode), roleDDLDesc.getResFile());
       break;
     case SHOW_ROLES:
       List<String> allRoles = authorizer.getAllRoles();
@@ -2498,23 +2491,23 @@ public class DDLTask extends Task<DDLWor
 
       Collections.sort(locks, new Comparator<HiveLock>() {
 
-          @Override
-            public int compare(HiveLock o1, HiveLock o2) {
-            int cmp = o1.getHiveLockObject().getName().compareTo(o2.getHiveLockObject().getName());
-            if (cmp == 0) {
-              if (o1.getHiveLockMode() == o2.getHiveLockMode()) {
-                return cmp;
-              }
-              // EXCLUSIVE locks occur before SHARED locks
-              if (o1.getHiveLockMode() == HiveLockMode.EXCLUSIVE) {
-                return -1;
-              }
-              return +1;
+        @Override
+        public int compare(HiveLock o1, HiveLock o2) {
+          int cmp = o1.getHiveLockObject().getName().compareTo(o2.getHiveLockObject().getName());
+          if (cmp == 0) {
+            if (o1.getHiveLockMode() == o2.getHiveLockMode()) {
+              return cmp;
             }
-            return cmp;
+            // EXCLUSIVE locks occur before SHARED locks
+            if (o1.getHiveLockMode() == HiveLockMode.EXCLUSIVE) {
+              return -1;
+            }
+            return +1;
           }
+          return cmp;
+        }
 
-        });
+      });
 
       Iterator<HiveLock> locksIter = locks.iterator();
 
@@ -2923,8 +2916,9 @@ public class DDLTask extends Task<DDLWor
       }
       else {
         Map<String, String> properties = tbl.getParameters();
-        for (String key : properties.keySet()) {
-          writeKeyValuePair(builder, key, properties.get(key));
+        for (Entry<String, String> entry : properties.entrySet()) {
+          appendNonNull(builder, entry.getKey(), true);
+          appendNonNull(builder, entry.getValue());
         }
       }
 
@@ -3060,61 +3054,77 @@ public class DDLTask extends Task<DDLWor
     }
   }
 
-  static String writeGrantInfo(List<HiveObjectPrivilege> privileges) {
+  static String writeGrantInfo(List<HiveObjectPrivilege> privileges, boolean testMode) {
     if (privileges == null || privileges.isEmpty()) {
       return "";
     }
-
     StringBuilder builder = new StringBuilder();
     for (HiveObjectPrivilege privilege : privileges) {
-      PrivilegeGrantInfo grantInfo = privilege.getGrantInfo();
       HiveObjectRef resource = privilege.getHiveObject();
-      String privName = grantInfo.getPrivilege();
-      long unixTimestamp = grantInfo.getCreateTime() * 1000L;
-      Date createTime = new Date(unixTimestamp);
-      String grantor = grantInfo.getGrantor();
-
-      switch (resource.getObjectType()) {
-        case DATABASE:
-          writeKeyValuePair(builder, "database", resource.getDbName());
-          break;
-        case TABLE:
-          writeKeyValuePair(builder, "database", resource.getDbName());
-          writeKeyValuePair(builder, "table", resource.getObjectName());
-          break;
-        case PARTITION:
-          writeKeyValuePair(builder, "database", resource.getDbName());
-          writeKeyValuePair(builder, "table", resource.getObjectName());
-          writeKeyValuePair(builder, "partition", String.valueOf(resource.getPartValues()));
-          break;
-        case COLUMN:
-          writeKeyValuePair(builder, "database", resource.getDbName());
-          writeKeyValuePair(builder, "table", resource.getObjectName());
-          if (resource.getPartValues() != null && !resource.getPartValues().isEmpty()) {
-            writeKeyValuePair(builder, "partition", String.valueOf(resource.getPartValues()));
-          }
-          writeKeyValuePair(builder, "columnName", resource.getColumnName());
-          break;
-      }
-
-      writeKeyValuePair(builder, "principalName", privilege.getPrincipalName());
-      writeKeyValuePair(builder, "principalType", "" + privilege.getPrincipalType());
-      writeKeyValuePair(builder, "privilege", privName);
-      writeKeyValuePair(builder, "grantTime", "" + createTime);
-      if (grantor != null) {
-        writeKeyValuePair(builder, "grantor", grantor);
-      }
+      PrivilegeGrantInfo grantInfo = privilege.getGrantInfo();
+
+      appendNonNull(builder, resource.getDbName(), true);
+      appendNonNull(builder, resource.getObjectName());
+      appendNonNull(builder, resource.getPartValues());
+      appendNonNull(builder, resource.getColumnName());
+      appendNonNull(builder, privilege.getPrincipalName());
+      appendNonNull(builder, privilege.getPrincipalType());
+      appendNonNull(builder, grantInfo.getPrivilege());
+      appendNonNull(builder, grantInfo.isGrantOption());
+      appendNonNull(builder, testMode ? -1 : grantInfo.getCreateTime() * 1000L);
+      appendNonNull(builder, grantInfo.getGrantor());
     }
     return builder.toString();
   }
 
-  private static void writeKeyValuePair(StringBuilder builder, String key, String value) {
-    if (builder.length() > 0) {
+  static String writeRoleInfo(List<Role> roles, boolean testMode) {
+    if (roles == null || roles.isEmpty()) {
+      return "";
+    }
+    StringBuilder builder = new StringBuilder();
+    for (Role role : roles) {
+      appendNonNull(builder, role.getRoleName(), true);
+      appendNonNull(builder, testMode ? -1 : role.getCreateTime() * 1000L);
+      appendNonNull(builder, role.getPrincipalName());
+      appendNonNull(builder, role.getPrincipalType());
+      appendNonNull(builder, role.isGrantOption());
+      appendNonNull(builder, testMode ? -1 : role.getGrantTime() * 1000L);
+      appendNonNull(builder, role.getGrantor());
+    }
+    return builder.toString();
+  }
+
+  static String writeHiveRoleInfo(List<HiveRole> roles, boolean testMode) {
+    if (roles == null || roles.isEmpty()) {
+      return "";
+    }
+    StringBuilder builder = new StringBuilder();
+    for (HiveRole role : roles) {
+      appendNonNull(builder, role.getRoleName(), true);
+      appendNonNull(builder, testMode ? -1 : role.getCreateTime() * 1000L);
+      appendNonNull(builder, role.getPrincipalName());
+      appendNonNull(builder, role.getPrincipalType());
+      appendNonNull(builder, role.isGrantOption());
+      appendNonNull(builder, testMode ? -1 : role.getGrantTime() * 1000L);
+      appendNonNull(builder, role.getGrantor());
+    }
+    return builder.toString();
+  }
+
+  static StringBuilder appendNonNull(StringBuilder builder, Object value) {
+    return appendNonNull(builder, value, false);
+  }
+
+  static StringBuilder appendNonNull(StringBuilder builder, Object value, boolean firstColumn) {
+    if (!firstColumn) {
+      builder.append((char)separator);
+    } else if (builder.length() > 0) {
       builder.append((char)terminator);
     }
-    builder.append(key);
-    builder.append((char)separator);
-    builder.append(value);
+    if (value != null) {
+      builder.append(value);
+    }
+    return builder;
   }
 
   private void setAlterProtectMode(boolean protectModeEnable,

Modified: hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/parse/DDLSemanticAnalyzer.java
URL: http://svn.apache.org/viewvc/hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/parse/DDLSemanticAnalyzer.java?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/parse/DDLSemanticAnalyzer.java (original)
+++ hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/parse/DDLSemanticAnalyzer.java Thu Feb  6 23:11:12 2014
@@ -515,7 +515,7 @@ public class DDLSemanticAnalyzer extends
         createShowRoleGrantTask(ast, ctx.getResFile(), getInputs(), getOutputs());
     if(task != null) {
       rootTasks.add(task);
-      setFetchTask(createFetchTask(RoleDDLDesc.getSchema()));
+      setFetchTask(createFetchTask(RoleDDLDesc.getRoleDescSchema()));
     }
   }
 
@@ -525,7 +525,7 @@ public class DDLSemanticAnalyzer extends
     showRolesDesc.setResFile(ctx.getResFile().toString());
     rootTasks.add(TaskFactory.get(new DDLWork(getInputs(), getOutputs(),
         showRolesDesc), conf));
-    setFetchTask(createFetchTask(RoleDDLDesc.getSchema()));
+    setFetchTask(createFetchTask(RoleDDLDesc.getRoleNameSchema()));
   }
 
   private void analyzeAlterDatabase(ASTNode ast) throws SemanticException {

Modified: hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/plan/RoleDDLDesc.java
URL: http://svn.apache.org/viewvc/hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/plan/RoleDDLDesc.java?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/plan/RoleDDLDesc.java (original)
+++ hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/plan/RoleDDLDesc.java Thu Feb  6 23:11:12 2014
@@ -40,12 +40,23 @@ public class RoleDDLDesc extends DDLDesc
   private String roleOwnerName;
 
   /**
+   * thrift ddl for the result of show roles.
+   */
+  private static final String roleNameSchema = "role#string";
+
+  /**
    * thrift ddl for the result of show role.
    */
-  private static String schema = "role#string";
+  private static final String roleDescSchema =
+      "role,create_time,principal_name,principal_type,grant_option,grant_time,grantor#" +
+      "string:bigint:string:string:boolean:bigint:string";
+
+  public static String getRoleNameSchema() {
+    return roleNameSchema;
+  }
 
-  public static String getSchema() {
-    return schema;
+  public static String getRoleDescSchema() {
+    return roleDescSchema;
   }
 
   public static enum RoleOperation {

Modified: hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/plan/ShowGrantDesc.java
URL: http://svn.apache.org/viewvc/hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/plan/ShowGrantDesc.java?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/plan/ShowGrantDesc.java (original)
+++ hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/plan/ShowGrantDesc.java Thu Feb  6 23:11:12 2014
@@ -33,7 +33,10 @@ public class ShowGrantDesc {
   /**
    * thrift ddl for the result of show grant.
    */
-  private static final String schema = "property,value#string:string";
+  private static final String tabularSchema =
+      "database,table,partition,column,principal_name,principal_type,privilege," +
+      "grant_option,grant_time,grantor#" +
+      "string:string:string:string:string:string:string:boolean:bigint:string";
 
   public ShowGrantDesc(){
   }
@@ -47,7 +50,7 @@ public class ShowGrantDesc {
   }
 
   public static String getSchema() {
-    return schema;
+    return tabularSchema;
   }
 
   @Explain(displayName="principal desc")
@@ -83,5 +86,4 @@ public class ShowGrantDesc {
   public void setColumns(List<String> columns) {
     this.columns = columns;
   }
-  
 }

Modified: hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAccessController.java
URL: http://svn.apache.org/viewvc/hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAccessController.java?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAccessController.java (original)
+++ hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAccessController.java Thu Feb  6 23:11:12 2014
@@ -40,7 +40,7 @@ public interface HiveAccessController {
   void dropRole(String roleName)
       throws HiveAuthorizationPluginException;
 
-  List<String> getRoles(HivePrincipal hivePrincipal)
+  List<HiveRole> getRoles(HivePrincipal hivePrincipal)
       throws HiveAuthorizationPluginException;
 
   void grantRole(List<HivePrincipal> hivePrincipals, List<String> roles, boolean grantOption,

Modified: hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAuthorizer.java
URL: http://svn.apache.org/viewvc/hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAuthorizer.java?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAuthorizer.java (original)
+++ hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAuthorizer.java Thu Feb  6 23:11:12 2014
@@ -94,7 +94,7 @@ public interface HiveAuthorizer {
    * @return list of roles
    * @throws HiveAuthorizationPluginException
    */
-  List<String> getRoles(HivePrincipal hivePrincipal)
+  List<HiveRole> getRoles(HivePrincipal hivePrincipal)
       throws HiveAuthorizationPluginException;
 
   /**

Modified: hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAuthorizerImpl.java
URL: http://svn.apache.org/viewvc/hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAuthorizerImpl.java?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAuthorizerImpl.java (original)
+++ hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAuthorizerImpl.java Thu Feb  6 23:11:12 2014
@@ -66,7 +66,7 @@ public class HiveAuthorizerImpl implemen
   }
 
   @Override
-  public List<String> getRoles(HivePrincipal hivePrincipal) throws HiveAuthorizationPluginException {
+  public List<HiveRole> getRoles(HivePrincipal hivePrincipal) throws HiveAuthorizationPluginException {
     return accessController.getRoles(hivePrincipal);
   }
 

Added: hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveRole.java
URL: http://svn.apache.org/viewvc/hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveRole.java?rev=1565475&view=auto
==============================================================================
--- hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveRole.java (added)
+++ hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveRole.java Thu Feb  6 23:11:12 2014
@@ -0,0 +1,110 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.hive.ql.security.authorization.plugin;
+
+import org.apache.hadoop.hive.metastore.api.Role;
+
+// same with thrift.Role
+public class HiveRole {
+
+  private String roleName;
+  private int createTime;
+  private String ownerName;
+  private String principalName;
+  private String principalType;
+  private boolean grantOption;
+  private int grantTime;
+  private String grantor;
+
+  public HiveRole() {}
+
+  public HiveRole(Role role) {
+    roleName = role.getRoleName();
+    createTime = role.getCreateTime();
+    ownerName = role.getOwnerName();
+    principalName = role.getPrincipalName();
+    principalType = role.getPrincipalType();
+    grantOption = role.isGrantOption();
+    grantTime = role.getGrantTime();
+    grantor = role.getGrantor();
+  }
+
+  public String getRoleName() {
+    return roleName;
+  }
+
+  public void setRoleName(String roleName) {
+    this.roleName = roleName;
+  }
+
+  public int getCreateTime() {
+    return createTime;
+  }
+
+  public void setCreateTime(int createTime) {
+    this.createTime = createTime;
+  }
+
+  public String getOwnerName() {
+    return ownerName;
+  }
+
+  public void setOwnerName(String ownerName) {
+    this.ownerName = ownerName;
+  }
+
+  public String getPrincipalName() {
+    return principalName;
+  }
+
+  public void setPrincipalName(String principalName) {
+    this.principalName = principalName;
+  }
+
+  public String getPrincipalType() {
+    return principalType;
+  }
+
+  public void setPrincipalType(String principalType) {
+    this.principalType = principalType;
+  }
+
+  public boolean isGrantOption() {
+    return grantOption;
+  }
+
+  public void setGrantOption(boolean grantOption) {
+    this.grantOption = grantOption;
+  }
+
+  public int getGrantTime() {
+    return grantTime;
+  }
+
+  public void setGrantTime(int grantTime) {
+    this.grantTime = grantTime;
+  }
+
+  public String getGrantor() {
+    return grantor;
+  }
+
+  public void setGrantor(String grantor) {
+    this.grantor = grantor;
+  }
+}

Modified: hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java
URL: http://svn.apache.org/viewvc/hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java (original)
+++ hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java Thu Feb  6 23:11:12 2014
@@ -44,6 +44,7 @@ import org.apache.hadoop.hive.ql.securit
 import org.apache.hadoop.hive.ql.security.authorization.plugin.HivePrivilegeInfo;
 import org.apache.hadoop.hive.ql.security.authorization.plugin.HivePrivilegeObject;
 import org.apache.hadoop.hive.ql.security.authorization.plugin.HivePrivilegeObject.HivePrivilegeObjectType;
+import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveRole;
 
 
 /**
@@ -174,13 +175,14 @@ public class SQLStdHiveAccessController 
   }
 
   @Override
-  public List<String> getRoles(HivePrincipal hivePrincipal) throws HiveAuthorizationPluginException {
+  public List<HiveRole> getRoles(HivePrincipal hivePrincipal) throws HiveAuthorizationPluginException {
     try {
       List<Role> roles = metastoreClientFactory.getHiveMetastoreClient().list_roles(
           hivePrincipal.getName(), AuthorizationUtils.getThriftPrincipalType(hivePrincipal.getType()));
-      List<String> roleNames = new ArrayList<String>(roles.size());
-      for(Role role : roles){
-        roleNames.add(role.getRoleName());
+      List<HiveRole> roleNames = new ArrayList<HiveRole>(roles.size());
+      for (Role role : roles){
+        ;
+        roleNames.add(new HiveRole(role));
       }
       return roleNames;
     } catch (Exception e) {

Modified: hive/trunk/ql/src/test/results/clientnegative/authorization_fail_3.q.out
URL: http://svn.apache.org/viewvc/hive/trunk/ql/src/test/results/clientnegative/authorization_fail_3.q.out?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/ql/src/test/results/clientnegative/authorization_fail_3.q.out (original)
+++ hive/trunk/ql/src/test/results/clientnegative/authorization_fail_3.q.out Thu Feb  6 23:11:12 2014
@@ -24,13 +24,7 @@ PREHOOK: query: show grant user hive_tes
 PREHOOK: type: SHOW_GRANT
 POSTHOOK: query: show grant user hive_test_user on table authorization_fail_3
 POSTHOOK: type: SHOW_GRANT
-database	default
-table	authorization_fail_3
-principalName	hive_test_user
-principalType	USER
-privilege	Create
-#### A masked pattern was here ####
-grantor	hive_test_user
+default	authorization_fail_3			hive_test_user	USER	Create	false	-1	hive_test_user
 PREHOOK: query: show grant user hive_test_user on table authorization_fail_3 partition (ds='2010')
 PREHOOK: type: SHOW_GRANT
 POSTHOOK: query: show grant user hive_test_user on table authorization_fail_3 partition (ds='2010')

Modified: hive/trunk/ql/src/test/results/clientnegative/authorization_fail_4.q.out
URL: http://svn.apache.org/viewvc/hive/trunk/ql/src/test/results/clientnegative/authorization_fail_4.q.out?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/ql/src/test/results/clientnegative/authorization_fail_4.q.out (original)
+++ hive/trunk/ql/src/test/results/clientnegative/authorization_fail_4.q.out Thu Feb  6 23:11:12 2014
@@ -38,38 +38,12 @@ PREHOOK: query: show grant user hive_tes
 PREHOOK: type: SHOW_GRANT
 POSTHOOK: query: show grant user hive_test_user on table authorization_fail_4
 POSTHOOK: type: SHOW_GRANT
-database	default
-table	authorization_fail_4
-principalName	hive_test_user
-principalType	USER
-privilege	Alter
-#### A masked pattern was here ####
-grantor	hive_test_user
-database	default
-table	authorization_fail_4
-principalName	hive_test_user
-principalType	USER
-privilege	Create
-#### A masked pattern was here ####
-grantor	hive_test_user
+default	authorization_fail_4			hive_test_user	USER	Alter	false	-1	hive_test_user
+default	authorization_fail_4			hive_test_user	USER	Create	false	-1	hive_test_user
 PREHOOK: query: show grant user hive_test_user on table authorization_fail_4 partition (ds='2010')
 PREHOOK: type: SHOW_GRANT
 POSTHOOK: query: show grant user hive_test_user on table authorization_fail_4 partition (ds='2010')
 POSTHOOK: type: SHOW_GRANT
-database	default
-table	authorization_fail_4
-partition	[2010]
-principalName	hive_test_user
-principalType	USER
-privilege	Alter
-#### A masked pattern was here ####
-grantor	hive_test_user
-database	default
-table	authorization_fail_4
-partition	[2010]
-principalName	hive_test_user
-principalType	USER
-privilege	Create
-#### A masked pattern was here ####
-grantor	hive_test_user
+default	authorization_fail_4	[2010]		hive_test_user	USER	Alter	false	-1	hive_test_user
+default	authorization_fail_4	[2010]		hive_test_user	USER	Create	false	-1	hive_test_user
 Authorization failed:No privilege 'Select' found for inputs { database:default, table:authorization_fail_4, partitionName:ds=2010, columnName:key}. Use SHOW GRANT to get more details.

Modified: hive/trunk/ql/src/test/results/clientnegative/authorization_fail_5.q.out
URL: http://svn.apache.org/viewvc/hive/trunk/ql/src/test/results/clientnegative/authorization_fail_5.q.out?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/ql/src/test/results/clientnegative/authorization_fail_5.q.out (original)
+++ hive/trunk/ql/src/test/results/clientnegative/authorization_fail_5.q.out Thu Feb  6 23:11:12 2014
@@ -44,55 +44,16 @@ PREHOOK: query: show grant user hive_tes
 PREHOOK: type: SHOW_GRANT
 POSTHOOK: query: show grant user hive_test_user on table authorization_fail
 POSTHOOK: type: SHOW_GRANT
-database	default
-table	authorization_fail
-principalName	hive_test_user
-principalType	USER
-privilege	Alter
-#### A masked pattern was here ####
-grantor	hive_test_user
-database	default
-table	authorization_fail
-principalName	hive_test_user
-principalType	USER
-privilege	Create
-#### A masked pattern was here ####
-grantor	hive_test_user
-database	default
-table	authorization_fail
-principalName	hive_test_user
-principalType	USER
-privilege	Select
-#### A masked pattern was here ####
-grantor	hive_test_user
+default	authorization_fail			hive_test_user	USER	Alter	false	-1	hive_test_user
+default	authorization_fail			hive_test_user	USER	Create	false	-1	hive_test_user
+default	authorization_fail			hive_test_user	USER	Select	false	-1	hive_test_user
 PREHOOK: query: show grant user hive_test_user on table authorization_fail partition (ds='2010')
 PREHOOK: type: SHOW_GRANT
 POSTHOOK: query: show grant user hive_test_user on table authorization_fail partition (ds='2010')
 POSTHOOK: type: SHOW_GRANT
-database	default
-table	authorization_fail
-partition	[2010]
-principalName	hive_test_user
-principalType	USER
-privilege	Alter
-#### A masked pattern was here ####
-grantor	hive_test_user
-database	default
-table	authorization_fail
-partition	[2010]
-principalName	hive_test_user
-principalType	USER
-privilege	Create
-#### A masked pattern was here ####
-grantor	hive_test_user
-database	default
-table	authorization_fail
-partition	[2010]
-principalName	hive_test_user
-principalType	USER
-privilege	Select
-#### A masked pattern was here ####
-grantor	hive_test_user
+default	authorization_fail	[2010]		hive_test_user	USER	Alter	false	-1	hive_test_user
+default	authorization_fail	[2010]		hive_test_user	USER	Create	false	-1	hive_test_user
+default	authorization_fail	[2010]		hive_test_user	USER	Select	false	-1	hive_test_user
 PREHOOK: query: revoke Select on table authorization_fail partition (ds='2010') from user hive_test_user
 PREHOOK: type: REVOKE_PRIVILEGE
 PREHOOK: Output: default@authorization_fail@ds=2010
@@ -103,20 +64,6 @@ PREHOOK: query: show grant user hive_tes
 PREHOOK: type: SHOW_GRANT
 POSTHOOK: query: show grant user hive_test_user on table authorization_fail partition (ds='2010')
 POSTHOOK: type: SHOW_GRANT
-database	default
-table	authorization_fail
-partition	[2010]
-principalName	hive_test_user
-principalType	USER
-privilege	Alter
-#### A masked pattern was here ####
-grantor	hive_test_user
-database	default
-table	authorization_fail
-partition	[2010]
-principalName	hive_test_user
-principalType	USER
-privilege	Create
-#### A masked pattern was here ####
-grantor	hive_test_user
+default	authorization_fail	[2010]		hive_test_user	USER	Alter	false	-1	hive_test_user
+default	authorization_fail	[2010]		hive_test_user	USER	Create	false	-1	hive_test_user
 Authorization failed:No privilege 'Select' found for inputs { database:default, table:authorization_fail, partitionName:ds=2010, columnName:key}. Use SHOW GRANT to get more details.

Modified: hive/trunk/ql/src/test/results/clientnegative/authorization_fail_7.q.out
URL: http://svn.apache.org/viewvc/hive/trunk/ql/src/test/results/clientnegative/authorization_fail_7.q.out?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/ql/src/test/results/clientnegative/authorization_fail_7.q.out (original)
+++ hive/trunk/ql/src/test/results/clientnegative/authorization_fail_7.q.out Thu Feb  6 23:11:12 2014
@@ -25,19 +25,13 @@ PREHOOK: query: show role grant user hiv
 PREHOOK: type: SHOW_ROLE_GRANT
 POSTHOOK: query: show role grant user hive_test_user
 POSTHOOK: type: SHOW_ROLE_GRANT
-hive_test_role_fail
-PUBLIC
+hive_test_role_fail	-1	hive_test_user	USER	true	-1	hive_test_user
+PUBLIC	-1			false	-1	
 PREHOOK: query: show grant role hive_test_role_fail on table authorization_fail
 PREHOOK: type: SHOW_GRANT
 POSTHOOK: query: show grant role hive_test_role_fail on table authorization_fail
 POSTHOOK: type: SHOW_GRANT
-database	default
-table	authorization_fail
-principalName	hive_test_role_fail
-principalType	ROLE
-privilege	Select
-#### A masked pattern was here ####
-grantor	hive_test_user
+default	authorization_fail			hive_test_role_fail	ROLE	Select	false	-1	hive_test_user
 PREHOOK: query: drop role hive_test_role_fail
 PREHOOK: type: DROPROLE
 POSTHOOK: query: drop role hive_test_role_fail



Mime
View raw message