hive-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From the...@apache.org
Subject svn commit: r1577427 - in /hive/branches/branch-0.13/ql/src: java/org/apache/hadoop/hive/ql/exec/ java/org/apache/hadoop/hive/ql/security/authorization/ java/org/apache/hadoop/hive/ql/security/authorization/plugin/ java/org/apache/hadoop/hive/ql/securi...
Date Fri, 14 Mar 2014 04:52:48 GMT
Author: thejas
Date: Fri Mar 14 04:52:47 2014
New Revision: 1577427

URL: http://svn.apache.org/r1577427
Log:
HIVE-6567 : "show grant ... on all" fails with NPE (Thejas Nair, reviewed by Ashutosh Chauhan)

Modified:
    hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/exec/DDLTask.java
    hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/exec/Utilities.java
    hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/AuthorizationUtils.java
    hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HivePrivilegeInfo.java
    hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLAuthorizationUtils.java
    hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java
    hive/branches/branch-0.13/ql/src/test/queries/clientpositive/authorization_revoke_table_priv.q
    hive/branches/branch-0.13/ql/src/test/queries/clientpositive/authorization_view_sqlstd.q
    hive/branches/branch-0.13/ql/src/test/results/clientpositive/authorization_revoke_table_priv.q.out
    hive/branches/branch-0.13/ql/src/test/results/clientpositive/authorization_view_sqlstd.q.out

Modified: hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/exec/DDLTask.java
URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/exec/DDLTask.java?rev=1577427&r1=1577426&r2=1577427&view=diff
==============================================================================
--- hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/exec/DDLTask.java (original)
+++ hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/exec/DDLTask.java Fri
Mar 14 04:52:47 2014
@@ -657,7 +657,7 @@ public class DDLTask extends Task<DDLWor
 
         PrivilegeGrantInfo grantInfo =
             AuthorizationUtils.getThriftPrivilegeGrantInfo(priv, privInfo.getGrantorPrincipal(),
-                privInfo.isGrantOption());
+                privInfo.isGrantOption(), privInfo.getGrantTime());
 
         //only grantInfo is used
         HiveObjectPrivilege thriftObjectPriv = new HiveObjectPrivilege(new HiveObjectRef(
@@ -674,18 +674,6 @@ public class DDLTask extends Task<DDLWor
     return 0;
   }
 
-  private static void sortPrivileges(List<HiveObjectPrivilege> privileges) {
-    Collections.sort(privileges, new Comparator<HiveObjectPrivilege>() {
-
-      @Override
-      public int compare(HiveObjectPrivilege one, HiveObjectPrivilege other) {
-        return one.getGrantInfo().getPrivilege().compareTo(other.getGrantInfo().getPrivilege());
-      }
-
-    });
-
-  }
-
   private int grantOrRevokePrivileges(List<PrincipalDesc> principals,
       List<PrivilegeDesc> privileges, PrivilegeObjectDesc privSubjectDesc,
       String grantor, PrincipalType grantorType, boolean grantOption, boolean isGrant)
@@ -854,6 +842,7 @@ public class DDLTask extends Task<DDLWor
 
   private HivePrivilegeObject getHivePrivilegeObject(PrivilegeObjectDesc privSubjectDesc)
       throws HiveException {
+
     String [] dbTable = Utilities.getDbTableName(privSubjectDesc.getObject());
     return new HivePrivilegeObject(getPrivObjectType(privSubjectDesc), dbTable[0], dbTable[1]);
   }
@@ -877,6 +866,9 @@ public class DDLTask extends Task<DDLWor
   }
 
   private HivePrivilegeObjectType getPrivObjectType(PrivilegeObjectDesc privSubjectDesc)
{
+    if (privSubjectDesc.getObject() == null) {
+      return null;
+    }
     return privSubjectDesc.getTable() ? HivePrivilegeObjectType.TABLE_OR_VIEW : HivePrivilegeObjectType.DATABASE;
   }
 

Modified: hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/exec/Utilities.java
URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/exec/Utilities.java?rev=1577427&r1=1577426&r2=1577427&view=diff
==============================================================================
--- hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/exec/Utilities.java (original)
+++ hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/exec/Utilities.java Fri
Mar 14 04:52:47 2014
@@ -70,9 +70,6 @@ import java.util.Properties;
 import java.util.Random;
 import java.util.Set;
 import java.util.UUID;
-import java.util.zip.Deflater;
-import java.util.zip.DeflaterOutputStream;
-import java.util.zip.InflaterInputStream;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.ExecutionException;
 import java.util.concurrent.Future;
@@ -81,6 +78,9 @@ import java.util.concurrent.ThreadPoolEx
 import java.util.concurrent.TimeUnit;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
+import java.util.zip.Deflater;
+import java.util.zip.DeflaterOutputStream;
+import java.util.zip.InflaterInputStream;
 
 import org.antlr.runtime.CommonToken;
 import org.apache.commons.codec.binary.Base64;
@@ -2029,6 +2029,9 @@ public final class Utilities {
    * @throws HiveException
    */
   public static String[] getDbTableName(String dbtable) throws HiveException{
+    if(dbtable == null){
+      return new String[2];
+    }
     String[] names =  dbtable.split("\\.");
     switch (names.length) {
     case 2:

Modified: hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/AuthorizationUtils.java
URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/AuthorizationUtils.java?rev=1577427&r1=1577426&r2=1577427&view=diff
==============================================================================
--- hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/AuthorizationUtils.java
(original)
+++ hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/AuthorizationUtils.java
Fri Mar 14 04:52:47 2014
@@ -108,12 +108,13 @@ public class AuthorizationUtils {
    * @param privilege
    * @param grantorPrincipal
    * @param grantOption
+   * @param grantTime
    * @return
    * @throws HiveException
    */
   public static PrivilegeGrantInfo getThriftPrivilegeGrantInfo(HivePrivilege privilege,
-      HivePrincipal grantorPrincipal, boolean grantOption) throws HiveException {
-    return new PrivilegeGrantInfo(privilege.getName(), 0 /* time gets added by server */,
+      HivePrincipal grantorPrincipal, boolean grantOption, int grantTime) throws HiveException
{
+    return new PrivilegeGrantInfo(privilege.getName(), grantTime,
         grantorPrincipal.getName(), getThriftPrincipalType(grantorPrincipal.getType()), grantOption);
   }
 
@@ -125,6 +126,9 @@ public class AuthorizationUtils {
    * @throws HiveException
    */
   public static HiveObjectType getThriftHiveObjType(HivePrivilegeObjectType type) throws
HiveException {
+    if (type == null) {
+      return null;
+    }
     switch(type){
     case DATABASE:
       return HiveObjectType.DATABASE;

Modified: hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HivePrivilegeInfo.java
URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HivePrivilegeInfo.java?rev=1577427&r1=1577426&r2=1577427&view=diff
==============================================================================
--- hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HivePrivilegeInfo.java
(original)
+++ hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HivePrivilegeInfo.java
Fri Mar 14 04:52:47 2014
@@ -31,14 +31,17 @@ public class HivePrivilegeInfo{
   private final HivePrivilegeObject object;
   private final HivePrincipal grantorPrincipal;
   private final boolean grantOption;
+  private final int grantTime;
 
   public HivePrivilegeInfo(HivePrincipal principal, HivePrivilege privilege,
-      HivePrivilegeObject object, HivePrincipal grantorPrincipal, boolean grantOption){
+      HivePrivilegeObject object, HivePrincipal grantorPrincipal, boolean grantOption,
+      int grantTime){
     this.principal = principal;
     this.privilege = privilege;
     this.object = object;
     this.grantorPrincipal = grantorPrincipal;
     this.grantOption = grantOption;
+    this.grantTime = grantTime;
   }
 
   public HivePrincipal getPrincipal() {
@@ -61,5 +64,9 @@ public class HivePrivilegeInfo{
     return grantOption;
   }
 
+  public int getGrantTime() {
+    return grantTime;
+  }
+
 
 }
\ No newline at end of file

Modified: hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLAuthorizationUtils.java
URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLAuthorizationUtils.java?rev=1577427&r1=1577426&r2=1577427&view=diff
==============================================================================
--- hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLAuthorizationUtils.java
(original)
+++ hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLAuthorizationUtils.java
Fri Mar 14 04:52:47 2014
@@ -35,7 +35,6 @@ import org.apache.hadoop.fs.Path;
 import org.apache.hadoop.fs.permission.FsAction;
 import org.apache.hadoop.hive.common.FileUtils;
 import org.apache.hadoop.hive.conf.HiveConf;
-import org.apache.hadoop.hive.metastore.HiveMetaStore;
 import org.apache.hadoop.hive.metastore.IMetaStoreClient;
 import org.apache.hadoop.hive.metastore.MetaStoreUtils;
 import org.apache.hadoop.hive.metastore.api.Database;
@@ -43,7 +42,6 @@ import org.apache.hadoop.hive.metastore.
 import org.apache.hadoop.hive.metastore.api.HiveObjectRef;
 import org.apache.hadoop.hive.metastore.api.HiveObjectType;
 import org.apache.hadoop.hive.metastore.api.MetaException;
-import org.apache.hadoop.hive.metastore.api.NoSuchObjectException;
 import org.apache.hadoop.hive.metastore.api.PrincipalPrivilegeSet;
 import org.apache.hadoop.hive.metastore.api.PrivilegeBag;
 import org.apache.hadoop.hive.metastore.api.PrivilegeGrantInfo;
@@ -91,7 +89,7 @@ public class SQLAuthorizationUtils {
             + " is not supported in sql standard authorization mode");
       }
       PrivilegeGrantInfo grantInfo = getThriftPrivilegeGrantInfo(privilege, grantorPrincipal,
-          grantOption);
+          grantOption, 0 /*real grant time added by metastore*/);
       for (HivePrincipal principal : hivePrincipals) {
         HiveObjectPrivilege objPriv = new HiveObjectPrivilege(privObj, principal.getName(),
             AuthorizationUtils.getThriftPrincipalType(principal.getType()), grantInfo);
@@ -102,10 +100,11 @@ public class SQLAuthorizationUtils {
   }
 
   static PrivilegeGrantInfo getThriftPrivilegeGrantInfo(HivePrivilege privilege,
-      HivePrincipal grantorPrincipal, boolean grantOption) throws HiveAuthzPluginException
{
+      HivePrincipal grantorPrincipal, boolean grantOption, int grantTime)
+          throws HiveAuthzPluginException {
     try {
       return AuthorizationUtils.getThriftPrivilegeGrantInfo(privilege, grantorPrincipal,
-          grantOption);
+          grantOption, grantTime);
     } catch (HiveException e) {
       throw new HiveAuthzPluginException(e);
     }

Modified: hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java
URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java?rev=1577427&r1=1577426&r2=1577427&view=diff
==============================================================================
--- hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java
(original)
+++ hive/branches/branch-0.13/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java
Fri Mar 14 04:52:47 2014
@@ -39,7 +39,6 @@ import org.apache.hadoop.hive.metastore.
 import org.apache.hadoop.hive.metastore.api.PrivilegeGrantInfo;
 import org.apache.hadoop.hive.metastore.api.Role;
 import org.apache.hadoop.hive.metastore.api.RolePrincipalGrant;
-import org.apache.hadoop.hive.ql.metadata.HiveException;
 import org.apache.hadoop.hive.ql.security.HiveAuthenticationProvider;
 import org.apache.hadoop.hive.ql.security.authorization.AuthorizationUtils;
 import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAccessControlException;
@@ -156,7 +155,7 @@ public class SQLStdHiveAccessController 
         metastoreClient, authenticator.getUserName(), getCurrentRoles(), isUserAdmin());
 
     // grant
-    PrivilegeBag privBag = getThriftPrivilegesBag(hivePrincipals, hivePrivileges, hivePrivObject,
+    PrivilegeBag privBag = SQLAuthorizationUtils.getThriftPrivilegesBag(hivePrincipals, hivePrivileges,
hivePrivObject,
         grantorPrincipal, grantOption);
     try {
       metastoreClient.grant_privileges(privBag);
@@ -188,49 +187,6 @@ public class SQLStdHiveAccessController 
     return new ArrayList<HivePrivilege>(hivePrivSet);
   }
 
-  /**
-   * Create thrift privileges bag
-   *
-   * @param hivePrincipals
-   * @param hivePrivileges
-   * @param hivePrivObject
-   * @param grantorPrincipal
-   * @param grantOption
-   * @return
-   * @throws HiveAuthzPluginException
-   */
-  private PrivilegeBag getThriftPrivilegesBag(List<HivePrincipal> hivePrincipals,
-      List<HivePrivilege> hivePrivileges, HivePrivilegeObject hivePrivObject,
-      HivePrincipal grantorPrincipal, boolean grantOption) throws HiveAuthzPluginException
{
-
-    HiveObjectRef privObj = SQLAuthorizationUtils.getThriftHiveObjectRef(hivePrivObject);
-    PrivilegeBag privBag = new PrivilegeBag();
-    for (HivePrivilege privilege : hivePrivileges) {
-      if (privilege.getColumns() != null && privilege.getColumns().size() > 0)
{
-        throw new HiveAuthzPluginException("Privileges on columns not supported currently"
-            + " in sql standard authorization mode");
-      }
-
-      PrivilegeGrantInfo grantInfo = getThriftPrivilegeGrantInfo(privilege, grantorPrincipal,
-          grantOption);
-      for (HivePrincipal principal : hivePrincipals) {
-        HiveObjectPrivilege objPriv = new HiveObjectPrivilege(privObj, principal.getName(),
-            AuthorizationUtils.getThriftPrincipalType(principal.getType()), grantInfo);
-        privBag.addToPrivileges(objPriv);
-      }
-    }
-    return privBag;
-  }
-
-  private PrivilegeGrantInfo getThriftPrivilegeGrantInfo(HivePrivilege privilege,
-      HivePrincipal grantorPrincipal, boolean grantOption) throws HiveAuthzPluginException
{
-    try {
-      return AuthorizationUtils.getThriftPrivilegeGrantInfo(privilege, grantorPrincipal,
-          grantOption);
-    } catch (HiveException e) {
-      throw new HiveAuthzPluginException(e);
-    }
-  }
 
   @Override
   public void revokePrivileges(List<HivePrincipal> hivePrincipals,
@@ -430,7 +386,7 @@ public class SQLStdHiveAccessController 
             AuthorizationUtils.getHivePrincipalType(msGrantInfo.getGrantorType()));
 
         HivePrivilegeInfo resPrivInfo = new HivePrivilegeInfo(resPrincipal, resPrivilege,
-            resPrivObj, grantorPrincipal, msGrantInfo.isGrantOption());
+            resPrivObj, grantorPrincipal, msGrantInfo.isGrantOption(), msGrantInfo.getCreateTime());
         resPrivInfos.add(resPrivInfo);
       }
       return resPrivInfos;

Modified: hive/branches/branch-0.13/ql/src/test/queries/clientpositive/authorization_revoke_table_priv.q
URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/ql/src/test/queries/clientpositive/authorization_revoke_table_priv.q?rev=1577427&r1=1577426&r2=1577427&view=diff
==============================================================================
--- hive/branches/branch-0.13/ql/src/test/queries/clientpositive/authorization_revoke_table_priv.q
(original)
+++ hive/branches/branch-0.13/ql/src/test/queries/clientpositive/authorization_revoke_table_priv.q
Fri Mar 14 04:52:47 2014
@@ -9,6 +9,7 @@ CREATE TABLE table_priv_rev(i int);
 -- grant insert privilege to user2
 GRANT INSERT ON table_priv_rev TO USER user2;
 SHOW GRANT USER user2 ON TABLE table_priv_rev;
+SHOW GRANT USER user2 ON ALL;
 
 -- revoke insert privilege from user2
 REVOKE INSERT ON TABLE table_priv_rev FROM USER user2;
@@ -18,6 +19,7 @@ SHOW GRANT USER user2 ON TABLE table_pri
 -- grant insert privilege to user2
 GRANT INSERT ON table_priv_rev TO USER user2;
 SHOW GRANT USER user2 ON TABLE table_priv_rev;
+SHOW GRANT USER user2 ON ALL;
 
 -- grant select privilege to user2, with grant option
 GRANT SELECT ON table_priv_rev TO USER user2 WITH GRANT OPTION;
@@ -31,10 +33,12 @@ SHOW GRANT USER user2 ON TABLE table_pri
 GRANT DELETE ON table_priv_rev TO USER user2;
 SHOW GRANT USER user2 ON TABLE table_priv_rev;
 
+
 -- start revoking --
 -- revoke update privilege from user2
 REVOKE UPDATE ON TABLE table_priv_rev FROM USER user2;
 SHOW GRANT USER user2 ON TABLE table_priv_rev;
+SHOW GRANT USER user2 ON ALL;
 
 -- revoke DELETE privilege from user2
 REVOKE DELETE ON TABLE table_priv_rev FROM USER user2;
@@ -47,7 +51,7 @@ SHOW GRANT USER user2 ON TABLE table_pri
 -- revoke select privilege from user2
 REVOKE SELECT ON TABLE table_priv_rev FROM USER user2;
 SHOW GRANT USER user2 ON TABLE table_priv_rev;
-
+SHOW GRANT USER user2 ON ALL;
 
 -- grant all followed by revoke all
 GRANT ALL ON table_priv_rev TO USER user2;

Modified: hive/branches/branch-0.13/ql/src/test/queries/clientpositive/authorization_view_sqlstd.q
URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/ql/src/test/queries/clientpositive/authorization_view_sqlstd.q?rev=1577427&r1=1577426&r2=1577427&view=diff
==============================================================================
--- hive/branches/branch-0.13/ql/src/test/queries/clientpositive/authorization_view_sqlstd.q
(original)
+++ hive/branches/branch-0.13/ql/src/test/queries/clientpositive/authorization_view_sqlstd.q
Fri Mar 14 04:52:47 2014
@@ -12,6 +12,8 @@ create view vt1 as select i,k from t1;
 -- protecting certain rows
 create view vt2 as select * from t1 where i > 1;
 
+show grant user user1 on all;
+
 --view grant to user
 -- try with and without table keyword
 
@@ -21,6 +23,7 @@ grant insert on table vt1 to user user3;
 show grant user user2 on table vt1;
 show grant user user3 on table vt1;
 
+
 set user.name=user2;
 select * from vt1;
 
@@ -28,6 +31,7 @@ set user.name=user1;
 
 grant all on table vt2 to user user2;
 show grant user user2 on table vt2;
+show grant user user2 on all;
 
 revoke all on vt2 from user user2;
 show grant user user2 on table vt2;
@@ -35,6 +39,8 @@ show grant user user2 on table vt2;
 revoke select on table vt1 from user user2;
 show grant user user2 on table vt1;
 
+show grant user user2 on all;
+
 -- grant privileges on roles for view, after next statement
 show grant user user3 on table vt1;
 

Modified: hive/branches/branch-0.13/ql/src/test/results/clientpositive/authorization_revoke_table_priv.q.out
URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/ql/src/test/results/clientpositive/authorization_revoke_table_priv.q.out?rev=1577427&r1=1577426&r2=1577427&view=diff
==============================================================================
--- hive/branches/branch-0.13/ql/src/test/results/clientpositive/authorization_revoke_table_priv.q.out
(original)
+++ hive/branches/branch-0.13/ql/src/test/results/clientpositive/authorization_revoke_table_priv.q.out
Fri Mar 14 04:52:47 2014
@@ -22,6 +22,11 @@ PREHOOK: type: SHOW_GRANT
 POSTHOOK: query: SHOW GRANT USER user2 ON TABLE table_priv_rev
 POSTHOOK: type: SHOW_GRANT
 default	table_priv_rev			user2	USER	INSERT	false	-1	user1
+PREHOOK: query: SHOW GRANT USER user2 ON ALL
+PREHOOK: type: SHOW_GRANT
+POSTHOOK: query: SHOW GRANT USER user2 ON ALL
+POSTHOOK: type: SHOW_GRANT
+default	table_priv_rev			user2	USER	INSERT	false	-1	user1
 PREHOOK: query: -- revoke insert privilege from user2
 REVOKE INSERT ON TABLE table_priv_rev FROM USER user2
 PREHOOK: type: REVOKE_PRIVILEGE
@@ -49,6 +54,11 @@ PREHOOK: type: SHOW_GRANT
 POSTHOOK: query: SHOW GRANT USER user2 ON TABLE table_priv_rev
 POSTHOOK: type: SHOW_GRANT
 default	table_priv_rev			user2	USER	INSERT	false	-1	user1
+PREHOOK: query: SHOW GRANT USER user2 ON ALL
+PREHOOK: type: SHOW_GRANT
+POSTHOOK: query: SHOW GRANT USER user2 ON ALL
+POSTHOOK: type: SHOW_GRANT
+default	table_priv_rev			user2	USER	INSERT	false	-1	user1
 PREHOOK: query: -- grant select privilege to user2, with grant option
 GRANT SELECT ON table_priv_rev TO USER user2 WITH GRANT OPTION
 PREHOOK: type: GRANT_PRIVILEGE
@@ -111,6 +121,13 @@ POSTHOOK: type: SHOW_GRANT
 default	table_priv_rev			user2	USER	DELETE	false	-1	user1
 default	table_priv_rev			user2	USER	INSERT	false	-1	user1
 default	table_priv_rev			user2	USER	SELECT	true	-1	user1
+PREHOOK: query: SHOW GRANT USER user2 ON ALL
+PREHOOK: type: SHOW_GRANT
+POSTHOOK: query: SHOW GRANT USER user2 ON ALL
+POSTHOOK: type: SHOW_GRANT
+default	table_priv_rev			user2	USER	DELETE	false	-1	user1
+default	table_priv_rev			user2	USER	INSERT	false	-1	user1
+default	table_priv_rev			user2	USER	SELECT	true	-1	user1
 PREHOOK: query: -- revoke DELETE privilege from user2
 REVOKE DELETE ON TABLE table_priv_rev FROM USER user2
 PREHOOK: type: REVOKE_PRIVILEGE
@@ -150,6 +167,10 @@ PREHOOK: query: SHOW GRANT USER user2 ON
 PREHOOK: type: SHOW_GRANT
 POSTHOOK: query: SHOW GRANT USER user2 ON TABLE table_priv_rev
 POSTHOOK: type: SHOW_GRANT
+PREHOOK: query: SHOW GRANT USER user2 ON ALL
+PREHOOK: type: SHOW_GRANT
+POSTHOOK: query: SHOW GRANT USER user2 ON ALL
+POSTHOOK: type: SHOW_GRANT
 PREHOOK: query: -- grant all followed by revoke all
 GRANT ALL ON table_priv_rev TO USER user2
 PREHOOK: type: GRANT_PRIVILEGE

Modified: hive/branches/branch-0.13/ql/src/test/results/clientpositive/authorization_view_sqlstd.q.out
URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/ql/src/test/results/clientpositive/authorization_view_sqlstd.q.out?rev=1577427&r1=1577426&r2=1577427&view=diff
==============================================================================
--- hive/branches/branch-0.13/ql/src/test/results/clientpositive/authorization_view_sqlstd.q.out
(original)
+++ hive/branches/branch-0.13/ql/src/test/results/clientpositive/authorization_view_sqlstd.q.out
Fri Mar 14 04:52:47 2014
@@ -23,6 +23,22 @@ create view vt2 as select * from t1 wher
 POSTHOOK: type: CREATEVIEW
 POSTHOOK: Input: default@t1
 POSTHOOK: Output: default@vt2
+PREHOOK: query: show grant user user1 on all
+PREHOOK: type: SHOW_GRANT
+POSTHOOK: query: show grant user user1 on all
+POSTHOOK: type: SHOW_GRANT
+default	t1			user1	USER	DELETE	true	-1	user1
+default	t1			user1	USER	INSERT	true	-1	user1
+default	t1			user1	USER	SELECT	true	-1	user1
+default	t1			user1	USER	UPDATE	true	-1	user1
+default	vt1			user1	USER	DELETE	true	-1	user1
+default	vt1			user1	USER	INSERT	true	-1	user1
+default	vt1			user1	USER	SELECT	true	-1	user1
+default	vt1			user1	USER	UPDATE	true	-1	user1
+default	vt2			user1	USER	DELETE	true	-1	user1
+default	vt2			user1	USER	INSERT	true	-1	user1
+default	vt2			user1	USER	SELECT	true	-1	user1
+default	vt2			user1	USER	UPDATE	true	-1	user1
 PREHOOK: query: --view grant to user
 -- try with and without table keyword
 
@@ -75,6 +91,15 @@ default	vt2			user2	USER	DELETE	false	-1
 default	vt2			user2	USER	INSERT	false	-1	user1
 default	vt2			user2	USER	SELECT	false	-1	user1
 default	vt2			user2	USER	UPDATE	false	-1	user1
+PREHOOK: query: show grant user user2 on all
+PREHOOK: type: SHOW_GRANT
+POSTHOOK: query: show grant user user2 on all
+POSTHOOK: type: SHOW_GRANT
+default	vt1			user2	USER	SELECT	false	-1	user1
+default	vt2			user2	USER	DELETE	false	-1	user1
+default	vt2			user2	USER	INSERT	false	-1	user1
+default	vt2			user2	USER	SELECT	false	-1	user1
+default	vt2			user2	USER	UPDATE	false	-1	user1
 PREHOOK: query: revoke all on vt2 from user user2
 PREHOOK: type: REVOKE_PRIVILEGE
 PREHOOK: Output: default@vt2
@@ -95,6 +120,10 @@ PREHOOK: query: show grant user user2 on
 PREHOOK: type: SHOW_GRANT
 POSTHOOK: query: show grant user user2 on table vt1
 POSTHOOK: type: SHOW_GRANT
+PREHOOK: query: show grant user user2 on all
+PREHOOK: type: SHOW_GRANT
+POSTHOOK: query: show grant user user2 on all
+POSTHOOK: type: SHOW_GRANT
 PREHOOK: query: -- grant privileges on roles for view, after next statement
 show grant user user3 on table vt1
 PREHOOK: type: SHOW_GRANT



Mime
View raw message