Index: metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java =================================================================== --- metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java (revision 1161232) +++ metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java (working copy) @@ -2678,6 +2678,8 @@ } else if (hiveObject.getObjectType() == HiveObjectType.TABLE) { return this.get_table_privilege_set(hiveObject.getDbName(), hiveObject .getObjectName(), userName, groupNames); + } else if (hiveObject.getObjectType() == HiveObjectType.GLOBAL) { + return this.get_user_privilege_set(userName, groupNames); } return null; } Index: ql/src/test/results/clientpositive/authorization_7.q.out =================================================================== --- ql/src/test/results/clientpositive/authorization_7.q.out (revision 0) +++ ql/src/test/results/clientpositive/authorization_7.q.out (revision 0) @@ -0,0 +1,54 @@ +PREHOOK: query: GRANT ALL TO USER hive_test_user +PREHOOK: type: GRANT_PRIVILEGE +POSTHOOK: query: GRANT ALL TO USER hive_test_user +POSTHOOK: type: GRANT_PRIVILEGE +PREHOOK: query: CREATE TABLE src_authorization_7 (key int, value string) +PREHOOK: type: CREATETABLE +POSTHOOK: query: CREATE TABLE src_authorization_7 (key int, value string) +POSTHOOK: type: CREATETABLE +POSTHOOK: Output: default@src_authorization_7 +PREHOOK: query: DESCRIBE src_authorization_7 +PREHOOK: type: DESCTABLE +POSTHOOK: query: DESCRIBE src_authorization_7 +POSTHOOK: type: DESCTABLE +key int +value string +PREHOOK: query: DROP TABLE src_authorization_7 +PREHOOK: type: DROPTABLE +PREHOOK: Input: default@src_authorization_7 +PREHOOK: Output: default@src_authorization_7 +POSTHOOK: query: DROP TABLE src_authorization_7 +POSTHOOK: type: DROPTABLE +POSTHOOK: Input: default@src_authorization_7 +POSTHOOK: Output: default@src_authorization_7 +PREHOOK: query: REVOKE ALL FROM USER hive_test_user +PREHOOK: type: REVOKE_PRIVILEGE +POSTHOOK: query: REVOKE ALL FROM USER hive_test_user +POSTHOOK: type: REVOKE_PRIVILEGE +PREHOOK: query: GRANT ALL TO GROUP hive_test_group1 +PREHOOK: type: GRANT_PRIVILEGE +POSTHOOK: query: GRANT ALL TO GROUP hive_test_group1 +POSTHOOK: type: GRANT_PRIVILEGE +PREHOOK: query: CREATE TABLE src_authorization_7 (key int, value string) +PREHOOK: type: CREATETABLE +POSTHOOK: query: CREATE TABLE src_authorization_7 (key int, value string) +POSTHOOK: type: CREATETABLE +POSTHOOK: Output: default@src_authorization_7 +PREHOOK: query: DESCRIBE src_authorization_7 +PREHOOK: type: DESCTABLE +POSTHOOK: query: DESCRIBE src_authorization_7 +POSTHOOK: type: DESCTABLE +key int +value string +PREHOOK: query: DROP TABLE src_authorization_7 +PREHOOK: type: DROPTABLE +PREHOOK: Input: default@src_authorization_7 +PREHOOK: Output: default@src_authorization_7 +POSTHOOK: query: DROP TABLE src_authorization_7 +POSTHOOK: type: DROPTABLE +POSTHOOK: Input: default@src_authorization_7 +POSTHOOK: Output: default@src_authorization_7 +PREHOOK: query: REVOKE ALL FROM GROUP hive_test_group1 +PREHOOK: type: REVOKE_PRIVILEGE +POSTHOOK: query: REVOKE ALL FROM GROUP hive_test_group1 +POSTHOOK: type: REVOKE_PRIVILEGE Index: ql/src/test/queries/clientpositive/authorization_7.q =================================================================== --- ql/src/test/queries/clientpositive/authorization_7.q (revision 0) +++ ql/src/test/queries/clientpositive/authorization_7.q (revision 0) @@ -0,0 +1,15 @@ +GRANT ALL TO USER hive_test_user; +SET hive.security.authorization.enabled=true; +CREATE TABLE src_authorization_7 (key int, value string); +DESCRIBE src_authorization_7; +DROP TABLE src_authorization_7; +REVOKE ALL FROM USER hive_test_user; + +SET hive.security.authorization.enabled=false; + +GRANT ALL TO GROUP hive_test_group1; +SET hive.security.authorization.enabled=true; +CREATE TABLE src_authorization_7 (key int, value string); +DESCRIBE src_authorization_7; +DROP TABLE src_authorization_7; +REVOKE ALL FROM GROUP hive_test_group1; \ No newline at end of file