Mailing-List: contact commits-help@hive.apache.org; run by ezmlm
Precedence: bulk
Reply-To: hive-dev@hive.apache.org
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: thejas@apache.org
To: commits@hive.apache.org
Message-Id: <d6ddfd9362b94bcdaac1685ec5fd3e4a@git.apache.org>
Subject: hive git commit: HIVE-14262 : Inherit writetype from partition
 WriteEntity for table WriteEntity (Thejas Nair, reviewed by Sushanth Sowmyan)
Date: Tue, 19 Jul 2016 05:25:00 +0000 (UTC)
archived-at: Tue, 19 Jul 2016 05:25:02 -0000

Repository: hive
Updated Branches:
  refs/heads/master 0896025e2 -> 7e5efd0ab


HIVE-14262 : Inherit writetype from partition WriteEntity for table WriteEntity (Thejas Nair, reviewed by Sushanth Sowmyan)


Project: http://git-wip-us.apache.org/repos/asf/hive/repo
Commit: http://git-wip-us.apache.org/repos/asf/hive/commit/7e5efd0a
Tree: http://git-wip-us.apache.org/repos/asf/hive/tree/7e5efd0a
Diff: http://git-wip-us.apache.org/repos/asf/hive/diff/7e5efd0a

Branch: refs/heads/master
Commit: 7e5efd0abcb964e024c23b4f7628096e43bddc6f
Parents: 0896025
Author: Thejas Nair <thejas@hortonworks.com>
Authored: Mon Jul 18 22:24:28 2016 -0700
Committer: Thejas Nair <thejas@hortonworks.com>
Committed: Mon Jul 18 22:24:54 2016 -0700

----------------------------------------------------------------------
 .../java/org/apache/hadoop/hive/ql/Driver.java  |  9 +++-
 .../authorization_insertpart_noinspriv.q        | 15 ++++++
 .../authorization_insertpart_noinspriv.q.out    | 53 ++++++++++++++++++++
 3 files changed, 75 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hive/blob/7e5efd0a/ql/src/java/org/apache/hadoop/hive/ql/Driver.java
----------------------------------------------------------------------
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/Driver.java b/ql/src/java/org/apache/hadoop/hive/ql/Driver.java
index f27f938..e344ab5 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/Driver.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/Driver.java
@@ -582,12 +582,17 @@ public class Driver implements CommandProcessor {
     }
 
     Set<WriteEntity> additionalOutputs = new HashSet<WriteEntity>();
-    for (Entity e : sem.getOutputs()) {
+    for (WriteEntity e : sem.getOutputs()) {
       if (e.getType() == Entity.Type.PARTITION) {
-        additionalOutputs.add(new WriteEntity(e.getTable(), WriteEntity.WriteType.DDL_NO_LOCK));
+        additionalOutputs.add(new WriteEntity(e.getTable(), e.getWriteType()));
       }
     }
 
+    // The following union operation returns a union, which traverses over the
+    // first set once and then  then over each element of second set, in order, 
+    // that is not contained in first. This means it doesn't replace anything
+    // in first set, and would preserve the WriteType in WriteEntity in first
+    // set in case of outputs list.
     Set<ReadEntity> inputs = Sets.union(sem.getInputs(), additionalInputs);
     Set<WriteEntity> outputs = Sets.union(sem.getOutputs(), additionalOutputs);
 

http://git-wip-us.apache.org/repos/asf/hive/blob/7e5efd0a/ql/src/test/queries/clientnegative/authorization_insertpart_noinspriv.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientnegative/authorization_insertpart_noinspriv.q b/ql/src/test/queries/clientnegative/authorization_insertpart_noinspriv.q
new file mode 100644
index 0000000..225eff4
--- /dev/null
+++ b/ql/src/test/queries/clientnegative/authorization_insertpart_noinspriv.q
@@ -0,0 +1,15 @@
+set hive.test.authz.sstd.hs2.mode=true;
+set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
+set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
+set hive.security.authorization.enabled=true;
+
+-- check insert without select priv
+create table testp(i int) partitioned by (dt string);
+grant select on table testp to user user1;
+
+set user.name=user1;
+create table user2tab(i int);
+explain authorization insert into table testp partition (dt = '2012')  values (1);
+explain authorization insert overwrite table testp partition (dt = '2012')  values (1);
+insert into table testp partition (dt = '2012')  values (1);
+insert overwrite table testp partition (dt = '2012')  values (1);

http://git-wip-us.apache.org/repos/asf/hive/blob/7e5efd0a/ql/src/test/results/clientnegative/authorization_insertpart_noinspriv.q.out
----------------------------------------------------------------------
diff --git a/ql/src/test/results/clientnegative/authorization_insertpart_noinspriv.q.out b/ql/src/test/results/clientnegative/authorization_insertpart_noinspriv.q.out
new file mode 100644
index 0000000..f15dadc
--- /dev/null
+++ b/ql/src/test/results/clientnegative/authorization_insertpart_noinspriv.q.out
@@ -0,0 +1,53 @@
+PREHOOK: query: -- check insert without select priv
+create table testp(i int) partitioned by (dt string)
+PREHOOK: type: CREATETABLE
+PREHOOK: Output: database:default
+PREHOOK: Output: default@testp
+POSTHOOK: query: -- check insert without select priv
+create table testp(i int) partitioned by (dt string)
+POSTHOOK: type: CREATETABLE
+POSTHOOK: Output: database:default
+POSTHOOK: Output: default@testp
+PREHOOK: query: grant select on table testp to user user1
+PREHOOK: type: GRANT_PRIVILEGE
+PREHOOK: Output: default@testp
+POSTHOOK: query: grant select on table testp to user user1
+POSTHOOK: type: GRANT_PRIVILEGE
+POSTHOOK: Output: default@testp
+PREHOOK: query: create table user2tab(i int)
+PREHOOK: type: CREATETABLE
+PREHOOK: Output: database:default
+PREHOOK: Output: default@user2tab
+POSTHOOK: query: create table user2tab(i int)
+POSTHOOK: type: CREATETABLE
+POSTHOOK: Output: database:default
+POSTHOOK: Output: default@user2tab
+PREHOOK: query: explain authorization insert into table testp partition (dt = '2012')  values (1)
+PREHOOK: type: QUERY
+POSTHOOK: query: explain authorization insert into table testp partition (dt = '2012')  values (1)
+POSTHOOK: type: QUERY
+INPUTS: 
+  default@values__tmp__table__1
+OUTPUTS: 
+  default@testp@dt=2012
+CURRENT_USER: 
+  user1
+OPERATION: 
+  QUERY
+AUTHORIZATION_FAILURES: 
+  Permission denied: Principal [name=user1, type=USER] does not have following privileges for operation QUERY [[INSERT] on Object [type=TABLE_OR_VIEW, name=default.testp, action=INSERT]]
+PREHOOK: query: explain authorization insert overwrite table testp partition (dt = '2012')  values (1)
+PREHOOK: type: QUERY
+POSTHOOK: query: explain authorization insert overwrite table testp partition (dt = '2012')  values (1)
+POSTHOOK: type: QUERY
+INPUTS: 
+  default@values__tmp__table__2
+OUTPUTS: 
+  default@testp@dt=2012
+CURRENT_USER: 
+  user1
+OPERATION: 
+  QUERY
+AUTHORIZATION_FAILURES: 
+  Permission denied: Principal [name=user1, type=USER] does not have following privileges for operation QUERY [[INSERT, DELETE] on Object [type=TABLE_OR_VIEW, name=default.testp, action=INSERT_OVERWRITE]]
+FAILED: HiveAccessControlException Permission denied: Principal [name=user1, type=USER] does not have following privileges for operation QUERY [[INSERT] on Object [type=TABLE_OR_VIEW, name=default.testp, action=INSERT]]