Index: ql/src/java/org/apache/hadoop/hive/ql/Driver.java =================================================================== --- ql/src/java/org/apache/hadoop/hive/ql/Driver.java (revision 1075483) +++ ql/src/java/org/apache/hadoop/hive/ql/Driver.java (working copy) @@ -460,13 +460,23 @@ Map> tab2Cols = new HashMap>(); Map> part2Cols = new HashMap>(); - + + Map tableUsePartLevelAuth = new HashMap(); for (ReadEntity read : inputs) { - boolean part = read.getPartition() != null; - if (part) { - part2Cols.put(read.getPartition(), new ArrayList()); - } else { - tab2Cols.put(read.getTable(), new ArrayList()); + if (read.getPartition() != null) { + Table tbl = read.getTable(); + String tblName = tbl.getTableName(); + if (tableUsePartLevelAuth.get(tblName) == null) { + boolean usePartLevelPriv = (tbl.getParameters().get( + "PARTITION_LEVEL_PRIVILEGE") != null && ("TRUE" + .equalsIgnoreCase(tbl.getParameters().get( + "PARTITION_LEVEL_PRIVILEGE")))); + if (usePartLevelPriv) { + tableUsePartLevelAuth.put(tblName, Boolean.TRUE); + } else { + tableUsePartLevelAuth.put(tblName, Boolean.FALSE); + } + } } } @@ -495,7 +505,7 @@ cols.add(columns.get(i).getName()); } } - if (tbl.isPartitioned()) { + if (tbl.isPartitioned() && tableUsePartLevelAuth.get(tbl.getTableName())) { String alias_id = topOpMap.getKey(); PrunedPartitionList partsList = PartitionPruner.prune(parseCtx .getTopToTable().get(topOp), parseCtx.getOpToPartPruner() @@ -505,38 +515,65 @@ parts.addAll(partsList.getConfirmedPartns()); parts.addAll(partsList.getUnknownPartns()); for (Partition part : parts) { - part2Cols.put(part, cols); + List existingCols = part2Cols.get(part); + if (existingCols == null) { + existingCols = new ArrayList(); + } + existingCols.addAll(cols); + part2Cols.put(part, existingCols); } } else { - tab2Cols.put(tbl, cols); + List existingCols = tab2Cols.get(tbl); + if (existingCols == null) { + existingCols = new ArrayList(); + } + existingCols.addAll(cols); + tab2Cols.put(tbl, existingCols); } } } } - + + + //cache the results for table authorization + Set tableAuthChecked = new HashSet(); for (ReadEntity read : inputs) { + Table tbl = null; if (read.getPartition() != null) { - List cols = part2Cols.get(read.getPartition()); - if (cols != null && cols.size() > 0) { - ss.getAuthorizer().authorize(read.getPartition().getTable(), - read.getPartition(), cols, op.getInputRequiredPrivileges(), - null); - } else { - ss.getAuthorizer().authorize(read.getPartition(), - op.getInputRequiredPrivileges(), null); + tbl = read.getPartition().getTable(); + // use partition level authorization + if (tableUsePartLevelAuth.get(tbl.getTableName())) { + List cols = part2Cols.get(read.getPartition()); + if (cols != null && cols.size() > 0) { + ss.getAuthorizer().authorize(read.getPartition().getTable(), + read.getPartition(), cols, op.getInputRequiredPrivileges(), + null); + } else { + ss.getAuthorizer().authorize(read.getPartition(), + op.getInputRequiredPrivileges(), null); + } + continue; } } else if (read.getTable() != null) { - List cols = tab2Cols.get(read.getTable()); + tbl = read.getTable(); + } + + // if we reach here, it means it needs to do a table authorization + // check, and the table authorization may already happened because of other + // partitions + if (tbl != null && !tableAuthChecked.contains(tbl.getTableName())) { + List cols = tab2Cols.get(tbl); if (cols != null && cols.size() > 0) { - ss.getAuthorizer().authorize(read.getTable(), null, cols, - op.getInputRequiredPrivileges(), null); + ss.getAuthorizer().authorize(tbl, null, cols, + op.getInputRequiredPrivileges(), null); } else { - ss.getAuthorizer().authorize(read.getTable(), - op.getInputRequiredPrivileges(), null); + ss.getAuthorizer().authorize(tbl, op.getInputRequiredPrivileges(), + null); } + tableAuthChecked.add(tbl.getTableName()); } } - + } } Index: ql/src/test/queries/clientpositive/authorization_6.q =================================================================== --- ql/src/test/queries/clientpositive/authorization_6.q (revision 0) +++ ql/src/test/queries/clientpositive/authorization_6.q (revision 0) @@ -0,0 +1,40 @@ +create table src_auth_tmp as select * from src; + +create table authorization_part (key int, value string) partitioned by (ds string); +ALTER TABLE authorization_part SET TBLPROPERTIES ("PARTITION_LEVEL_PRIVILEGE"="TRUE"); +set hive.security.authorization.enabled=true; +grant select on table src_auth_tmp to user hive_test_user; + +-- column grant to user +grant Create on table authorization_part to user hive_test_user; +grant Update on table authorization_part to user hive_test_user; +grant Drop on table authorization_part to user hive_test_user; + +show grant user hive_test_user on table authorization_part; +grant select(key) on table authorization_part to user hive_test_user; +insert overwrite table authorization_part partition (ds='2010') select key, value from src_auth_tmp; +insert overwrite table authorization_part partition (ds='2011') select key, value from src_auth_tmp; +show grant user hive_test_user on table authorization_part(key) partition (ds='2010'); +show grant user hive_test_user on table authorization_part(key) partition (ds='2011'); +show grant user hive_test_user on table authorization_part(key); +select key from authorization_part where ds>='2010' order by key limit 20; + +drop table authorization_part; + +set hive.security.authorization.enabled=false; +create table authorization_part (key int, value string) partitioned by (ds string); +ALTER TABLE authorization_part SET TBLPROPERTIES ("PARTITION_LEVEL_PRIVILEGE"="FALSE"); + +set hive.security.authorization.enabled=true; +grant Create on table authorization_part to user hive_test_user; +grant Update on table authorization_part to user hive_test_user; + +show grant user hive_test_user on table authorization_part; + +grant select(key) on table authorization_part to user hive_test_user; +insert overwrite table authorization_part partition (ds='2010') select key, value from src_auth_tmp; +insert overwrite table authorization_part partition (ds='2011') select key, value from src_auth_tmp; +show grant user hive_test_user on table authorization_part(key) partition (ds='2010'); +show grant user hive_test_user on table authorization_part(key) partition (ds='2011'); +show grant user hive_test_user on table authorization_part(key); +select key from authorization_part where ds>='2010' order by key limit 20; Index: ql/src/test/results/clientpositive/authorization_6.q.out =================================================================== --- ql/src/test/results/clientpositive/authorization_6.q.out (revision 0) +++ ql/src/test/results/clientpositive/authorization_6.q.out (revision 0) @@ -0,0 +1,389 @@ +PREHOOK: query: create table src_auth_tmp as select * from src +PREHOOK: type: CREATETABLE_AS_SELECT +PREHOOK: Input: default@src +POSTHOOK: query: create table src_auth_tmp as select * from src +POSTHOOK: type: CREATETABLE_AS_SELECT +POSTHOOK: Input: default@src +POSTHOOK: Output: default@src_auth_tmp +PREHOOK: query: create table authorization_part (key int, value string) partitioned by (ds string) +PREHOOK: type: CREATETABLE +POSTHOOK: query: create table authorization_part (key int, value string) partitioned by (ds string) +POSTHOOK: type: CREATETABLE +POSTHOOK: Output: default@authorization_part +PREHOOK: query: ALTER TABLE authorization_part SET TBLPROPERTIES ("PARTITION_LEVEL_PRIVILEGE"="TRUE") +PREHOOK: type: ALTERTABLE_PROPERTIES +PREHOOK: Input: default@authorization_part +PREHOOK: Output: default@authorization_part +POSTHOOK: query: ALTER TABLE authorization_part SET TBLPROPERTIES ("PARTITION_LEVEL_PRIVILEGE"="TRUE") +POSTHOOK: type: ALTERTABLE_PROPERTIES +POSTHOOK: Input: default@authorization_part +POSTHOOK: Output: default@authorization_part +PREHOOK: query: grant select on table src_auth_tmp to user hive_test_user +PREHOOK: type: GRANT_PRIVILEGE +PREHOOK: Output: default@src_auth_tmp +POSTHOOK: query: grant select on table src_auth_tmp to user hive_test_user +POSTHOOK: type: GRANT_PRIVILEGE +POSTHOOK: Output: default@src_auth_tmp +PREHOOK: query: -- column grant to user +grant Create on table authorization_part to user hive_test_user +PREHOOK: type: GRANT_PRIVILEGE +PREHOOK: Output: default@authorization_part +POSTHOOK: query: -- column grant to user +grant Create on table authorization_part to user hive_test_user +POSTHOOK: type: GRANT_PRIVILEGE +POSTHOOK: Output: default@authorization_part +PREHOOK: query: grant Update on table authorization_part to user hive_test_user +PREHOOK: type: GRANT_PRIVILEGE +PREHOOK: Output: default@authorization_part +POSTHOOK: query: grant Update on table authorization_part to user hive_test_user +POSTHOOK: type: GRANT_PRIVILEGE +POSTHOOK: Output: default@authorization_part +PREHOOK: query: grant Drop on table authorization_part to user hive_test_user +PREHOOK: type: GRANT_PRIVILEGE +PREHOOK: Output: default@authorization_part +POSTHOOK: query: grant Drop on table authorization_part to user hive_test_user +POSTHOOK: type: GRANT_PRIVILEGE +POSTHOOK: Output: default@authorization_part +PREHOOK: query: show grant user hive_test_user on table authorization_part +PREHOOK: type: SHOW_GRANT +POSTHOOK: query: show grant user hive_test_user on table authorization_part +POSTHOOK: type: SHOW_GRANT + +database default +table authorization_part +principalName hive_test_user +principalType USER +privilege Create +grantTime 1298925581 +grantor hive_test_user + +database default +table authorization_part +principalName hive_test_user +principalType USER +privilege Update +grantTime 1298925581 +grantor hive_test_user + +database default +table authorization_part +principalName hive_test_user +principalType USER +privilege Drop +grantTime 1298925582 +grantor hive_test_user +PREHOOK: query: grant select(key) on table authorization_part to user hive_test_user +PREHOOK: type: GRANT_PRIVILEGE +PREHOOK: Output: default@authorization_part +POSTHOOK: query: grant select(key) on table authorization_part to user hive_test_user +POSTHOOK: type: GRANT_PRIVILEGE +POSTHOOK: Output: default@authorization_part +PREHOOK: query: insert overwrite table authorization_part partition (ds='2010') select key, value from src_auth_tmp +PREHOOK: type: QUERY +PREHOOK: Input: default@src_auth_tmp +PREHOOK: Output: default@authorization_part@ds=2010 +POSTHOOK: query: insert overwrite table authorization_part partition (ds='2010') select key, value from src_auth_tmp +POSTHOOK: type: QUERY +POSTHOOK: Input: default@src_auth_tmp +POSTHOOK: Output: default@authorization_part@ds=2010 +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +PREHOOK: query: insert overwrite table authorization_part partition (ds='2011') select key, value from src_auth_tmp +PREHOOK: type: QUERY +PREHOOK: Input: default@src_auth_tmp +PREHOOK: Output: default@authorization_part@ds=2011 +POSTHOOK: query: insert overwrite table authorization_part partition (ds='2011') select key, value from src_auth_tmp +POSTHOOK: type: QUERY +POSTHOOK: Input: default@src_auth_tmp +POSTHOOK: Output: default@authorization_part@ds=2011 +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +PREHOOK: query: show grant user hive_test_user on table authorization_part(key) partition (ds='2010') +PREHOOK: type: SHOW_GRANT +POSTHOOK: query: show grant user hive_test_user on table authorization_part(key) partition (ds='2010') +POSTHOOK: type: SHOW_GRANT +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] + +database default +table authorization_part +partition ds=2010 +columnName key +principalName hive_test_user +principalType USER +privilege Select +grantTime 1298925591 +grantor hive_test_user +PREHOOK: query: show grant user hive_test_user on table authorization_part(key) partition (ds='2011') +PREHOOK: type: SHOW_GRANT +POSTHOOK: query: show grant user hive_test_user on table authorization_part(key) partition (ds='2011') +POSTHOOK: type: SHOW_GRANT +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] + +database default +table authorization_part +partition ds=2011 +columnName key +principalName hive_test_user +principalType USER +privilege Select +grantTime 1298925599 +grantor hive_test_user +PREHOOK: query: show grant user hive_test_user on table authorization_part(key) +PREHOOK: type: SHOW_GRANT +POSTHOOK: query: show grant user hive_test_user on table authorization_part(key) +POSTHOOK: type: SHOW_GRANT +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] + +database default +table authorization_part +columnName key +principalName hive_test_user +principalType USER +privilege Select +grantTime 1298925582 +grantor hive_test_user +PREHOOK: query: select key from authorization_part where ds>='2010' order by key limit 20 +PREHOOK: type: QUERY +PREHOOK: Input: default@authorization_part@ds=2010 +PREHOOK: Input: default@authorization_part@ds=2011 +PREHOOK: Output: file:/var/folders/6g/6grtCwPMEf4sqHUPpy6xQG9ByHg/-Tmp-/heyongqiang/hive_2011-02-28_12-39-59_917_5170188776234665136/-mr-10000 +POSTHOOK: query: select key from authorization_part where ds>='2010' order by key limit 20 +POSTHOOK: type: QUERY +POSTHOOK: Input: default@authorization_part@ds=2010 +POSTHOOK: Input: default@authorization_part@ds=2011 +POSTHOOK: Output: file:/var/folders/6g/6grtCwPMEf4sqHUPpy6xQG9ByHg/-Tmp-/heyongqiang/hive_2011-02-28_12-39-59_917_5170188776234665136/-mr-10000 +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +0 +0 +0 +0 +0 +0 +2 +2 +4 +4 +5 +5 +5 +5 +5 +5 +8 +8 +9 +9 +PREHOOK: query: drop table authorization_part +PREHOOK: type: DROPTABLE +PREHOOK: Input: default@authorization_part +PREHOOK: Output: default@authorization_part +POSTHOOK: query: drop table authorization_part +POSTHOOK: type: DROPTABLE +POSTHOOK: Input: default@authorization_part +POSTHOOK: Output: default@authorization_part +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +PREHOOK: query: create table authorization_part (key int, value string) partitioned by (ds string) +PREHOOK: type: CREATETABLE +POSTHOOK: query: create table authorization_part (key int, value string) partitioned by (ds string) +POSTHOOK: type: CREATETABLE +POSTHOOK: Output: default@authorization_part +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +PREHOOK: query: ALTER TABLE authorization_part SET TBLPROPERTIES ("PARTITION_LEVEL_PRIVILEGE"="FALSE") +PREHOOK: type: ALTERTABLE_PROPERTIES +PREHOOK: Input: default@authorization_part +PREHOOK: Output: default@authorization_part +POSTHOOK: query: ALTER TABLE authorization_part SET TBLPROPERTIES ("PARTITION_LEVEL_PRIVILEGE"="FALSE") +POSTHOOK: type: ALTERTABLE_PROPERTIES +POSTHOOK: Input: default@authorization_part +POSTHOOK: Output: default@authorization_part +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +PREHOOK: query: grant Create on table authorization_part to user hive_test_user +PREHOOK: type: GRANT_PRIVILEGE +PREHOOK: Output: default@authorization_part +POSTHOOK: query: grant Create on table authorization_part to user hive_test_user +POSTHOOK: type: GRANT_PRIVILEGE +POSTHOOK: Output: default@authorization_part +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +PREHOOK: query: grant Update on table authorization_part to user hive_test_user +PREHOOK: type: GRANT_PRIVILEGE +PREHOOK: Output: default@authorization_part +POSTHOOK: query: grant Update on table authorization_part to user hive_test_user +POSTHOOK: type: GRANT_PRIVILEGE +POSTHOOK: Output: default@authorization_part +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +PREHOOK: query: show grant user hive_test_user on table authorization_part +PREHOOK: type: SHOW_GRANT +POSTHOOK: query: show grant user hive_test_user on table authorization_part +POSTHOOK: type: SHOW_GRANT +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] + +database default +table authorization_part +principalName hive_test_user +principalType USER +privilege Create +grantTime 1298925607 +grantor hive_test_user + +database default +table authorization_part +principalName hive_test_user +principalType USER +privilege Update +grantTime 1298925607 +grantor hive_test_user +PREHOOK: query: grant select(key) on table authorization_part to user hive_test_user +PREHOOK: type: GRANT_PRIVILEGE +PREHOOK: Output: default@authorization_part +POSTHOOK: query: grant select(key) on table authorization_part to user hive_test_user +POSTHOOK: type: GRANT_PRIVILEGE +POSTHOOK: Output: default@authorization_part +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +PREHOOK: query: insert overwrite table authorization_part partition (ds='2010') select key, value from src_auth_tmp +PREHOOK: type: QUERY +PREHOOK: Input: default@src_auth_tmp +PREHOOK: Output: default@authorization_part@ds=2010 +POSTHOOK: query: insert overwrite table authorization_part partition (ds='2010') select key, value from src_auth_tmp +POSTHOOK: type: QUERY +POSTHOOK: Input: default@src_auth_tmp +POSTHOOK: Output: default@authorization_part@ds=2010 +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +PREHOOK: query: insert overwrite table authorization_part partition (ds='2011') select key, value from src_auth_tmp +PREHOOK: type: QUERY +PREHOOK: Input: default@src_auth_tmp +PREHOOK: Output: default@authorization_part@ds=2011 +POSTHOOK: query: insert overwrite table authorization_part partition (ds='2011') select key, value from src_auth_tmp +POSTHOOK: type: QUERY +POSTHOOK: Input: default@src_auth_tmp +POSTHOOK: Output: default@authorization_part@ds=2011 +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +PREHOOK: query: show grant user hive_test_user on table authorization_part(key) partition (ds='2010') +PREHOOK: type: SHOW_GRANT +POSTHOOK: query: show grant user hive_test_user on table authorization_part(key) partition (ds='2010') +POSTHOOK: type: SHOW_GRANT +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +PREHOOK: query: show grant user hive_test_user on table authorization_part(key) partition (ds='2011') +PREHOOK: type: SHOW_GRANT +POSTHOOK: query: show grant user hive_test_user on table authorization_part(key) partition (ds='2011') +POSTHOOK: type: SHOW_GRANT +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +PREHOOK: query: show grant user hive_test_user on table authorization_part(key) +PREHOOK: type: SHOW_GRANT +POSTHOOK: query: show grant user hive_test_user on table authorization_part(key) +POSTHOOK: type: SHOW_GRANT +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] + +database default +table authorization_part +columnName key +principalName hive_test_user +principalType USER +privilege Select +grantTime 1298925608 +grantor hive_test_user +PREHOOK: query: select key from authorization_part where ds>='2010' order by key limit 20 +PREHOOK: type: QUERY +PREHOOK: Input: default@authorization_part@ds=2010 +PREHOOK: Input: default@authorization_part@ds=2011 +PREHOOK: Output: file:/var/folders/6g/6grtCwPMEf4sqHUPpy6xQG9ByHg/-Tmp-/heyongqiang/hive_2011-02-28_12-40-25_797_5158592039495944945/-mr-10000 +POSTHOOK: query: select key from authorization_part where ds>='2010' order by key limit 20 +POSTHOOK: type: QUERY +POSTHOOK: Input: default@authorization_part@ds=2010 +POSTHOOK: Input: default@authorization_part@ds=2011 +POSTHOOK: Output: file:/var/folders/6g/6grtCwPMEf4sqHUPpy6xQG9ByHg/-Tmp-/heyongqiang/hive_2011-02-28_12-40-25_797_5158592039495944945/-mr-10000 +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2010).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).key EXPRESSION [(src_auth_tmp)src_auth_tmp.FieldSchema(name:key, type:string, comment:null), ] +POSTHOOK: Lineage: authorization_part PARTITION(ds=2011).value SIMPLE [(src_auth_tmp)src_auth_tmp.FieldSchema(name:value, type:string, comment:null), ] +0 +0 +0 +0 +0 +0 +2 +2 +4 +4 +5 +5 +5 +5 +5 +5 +8 +8 +9 +9 Index: ql/src/test/results/clientpositive/keyword_1.q.out =================================================================== --- ql/src/test/results/clientpositive/keyword_1.q.out (revision 1075483) +++ ql/src/test/results/clientpositive/keyword_1.q.out (working copy) @@ -5,8 +5,10 @@ POSTHOOK: Output: default@test_user PREHOOK: query: grant select on table test_user to user hive_test PREHOOK: type: GRANT_PRIVILEGE +PREHOOK: Output: default@test_user POSTHOOK: query: grant select on table test_user to user hive_test POSTHOOK: type: GRANT_PRIVILEGE +POSTHOOK: Output: default@test_user PREHOOK: query: explain select user from test_user PREHOOK: type: QUERY POSTHOOK: query: explain select user from test_user @@ -52,7 +54,7 @@ principalName hive_test principalType USER privilege Select -grantTime 1297384137 +grantTime 1298925820 grantor hive_test_user PREHOOK: query: drop table test_user PREHOOK: type: DROPTABLE @@ -69,8 +71,10 @@ POSTHOOK: Output: default@test_user PREHOOK: query: grant select on table test_user to user hive_test PREHOOK: type: GRANT_PRIVILEGE +PREHOOK: Output: default@test_user POSTHOOK: query: grant select on table test_user to user hive_test POSTHOOK: type: GRANT_PRIVILEGE +POSTHOOK: Output: default@test_user PREHOOK: query: explain select role from test_user PREHOOK: type: QUERY POSTHOOK: query: explain select role from test_user @@ -116,7 +120,7 @@ principalName hive_test principalType USER privilege Select -grantTime 1297384137 +grantTime 1298925821 grantor hive_test_user PREHOOK: query: drop table test_user PREHOOK: type: DROPTABLE