diff --git a/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/StorageBasedAuthorizationProvider.java b/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/StorageBasedAuthorizationProvider.java index 4d005c1..cb4c1a1 100644 --- a/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/StorageBasedAuthorizationProvider.java +++ b/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/StorageBasedAuthorizationProvider.java @@ -32,11 +32,13 @@ import org.apache.hadoop.fs.Path; import org.apache.hadoop.fs.permission.FsAction; import org.apache.hadoop.fs.permission.FsPermission; +import org.apache.hadoop.hive.conf.HiveConf; import org.apache.hadoop.hive.metastore.HiveMetaStore.HMSHandler; import org.apache.hadoop.hive.metastore.Warehouse; import org.apache.hadoop.hive.metastore.api.Database; import org.apache.hadoop.hive.metastore.api.MetaException; import org.apache.hadoop.hive.ql.metadata.AuthorizationException; +import org.apache.hadoop.hive.ql.metadata.Hive; import org.apache.hadoop.hive.ql.metadata.HiveException; import org.apache.hadoop.hive.ql.metadata.Partition; import org.apache.hadoop.hive.ql.metadata.Table; @@ -62,19 +64,30 @@ implements HiveMetastoreAuthorizationProvider { private Warehouse wh; + private boolean isRunFromMetaStore = false; /** * Make sure that the warehouse variable is set up properly. * @throws MetaException if unable to instantiate */ - private void initWh() throws MetaException { + private void initWh() throws MetaException, HiveException { if (wh == null){ - if(!hive_db.isRunFromMetaStore()){ + if(!isRunFromMetaStore){ + // Note, although HiveProxy has a method that allows us to check if we're being + // called from the metastore or from the client, we don't have an initialized HiveProxy + // till we explicitly initialize it as being from the client side. So, we have a + // chicken-and-egg problem. So, we now track whether or not we're running from client-side + // in the SBAP itself. + hive_db = new HiveProxy(Hive.get(new HiveConf(getConf(), StorageBasedAuthorizationProvider.class))); this.wh = new Warehouse(getConf()); + if (this.wh == null){ + // If wh is still null after just having initialized it, bail out - something's very wrong. + throw new IllegalStateException("Unable to initialize Warehouse from clientside."); + } }else{ // not good if we reach here, this was initialized at setMetaStoreHandler() time. // this means handler.getWh() is returning null. Error out. - throw new IllegalStateException("Unitialized Warehouse from MetastoreHandler"); + throw new IllegalStateException("Uninitialized Warehouse from MetastoreHandler"); } } } @@ -164,6 +177,7 @@ public void authorize(Table table, Partition part, List columns, public void setMetaStoreHandler(HMSHandler handler) { hive_db.setHandler(handler); this.wh = handler.getWh(); + this.isRunFromMetaStore = true; } /**