diff --git a/metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java b/metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java index ecba324..d9601e8 100644 --- a/metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java +++ b/metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java @@ -80,6 +80,7 @@ import org.apache.hadoop.hive.metastore.api.PrincipalType; import org.apache.hadoop.hive.metastore.api.PrivilegeBag; import org.apache.hadoop.hive.metastore.api.PrivilegeGrantInfo; import org.apache.hadoop.hive.metastore.api.Role; +import org.apache.hadoop.hive.metastore.api.StorageDescriptor; import org.apache.hadoop.hive.metastore.api.Table; import org.apache.hadoop.hive.metastore.api.ThriftHiveMetastore; import org.apache.hadoop.hive.metastore.api.Type; @@ -520,7 +521,7 @@ public class HiveMetaStore extends ThriftHiveMetastore { } private void create_database_core(RawStore ms, final Database db) - throws AlreadyExistsException, InvalidObjectException, MetaException { + throws AlreadyExistsException, IOException, InvalidObjectException, MetaException, TException { if (!validateName(db.getName())) { throw new InvalidObjectException(db.getName() + " is not a valid database name"); } @@ -547,6 +548,16 @@ public class HiveMetaStore extends ThriftHiveMetastore { ms.openTransaction(); ms.createDatabase(db); + + UserGroupInformation ugi = UserGroupInformation.getCurrentUser(); + + HiveObjectRef ref = new HiveObjectRef(HiveObjectType.DATABASE, db.getName(), null, null, null); + PrivilegeGrantInfo grant = new PrivilegeGrantInfo("All", 0, ugi.getShortUserName(), PrincipalType.USER, true); + HiveObjectPrivilege priv = new HiveObjectPrivilege(ref, ugi.getShortUserName(), PrincipalType.USER, grant); + PrivilegeBag privs = new PrivilegeBag(); + privs.addToPrivileges(priv); + grant_privileges_core(ms, privs); + success = ms.commitTransaction(); } finally { if (!success) { @@ -647,7 +658,7 @@ public class HiveMetaStore extends ThriftHiveMetastore { private void drop_database_core(RawStore ms, final String name, final boolean deleteData, final boolean cascade) throws NoSuchObjectException, InvalidOperationException, MetaException, - IOException, InvalidObjectException, InvalidInputException { + IOException, InvalidObjectException, InvalidInputException, TException { boolean success = false; Database db = null; List tablePaths = new ArrayList(); @@ -722,6 +733,15 @@ public class HiveMetaStore extends ThriftHiveMetastore { } } + UserGroupInformation ugi = UserGroupInformation.getCurrentUser(); + + HiveObjectRef ref = new HiveObjectRef(HiveObjectType.DATABASE, name, null, null, null); + PrivilegeGrantInfo grant = new PrivilegeGrantInfo("All", 0, ugi.getShortUserName(), PrincipalType.USER, true); + HiveObjectPrivilege priv = new HiveObjectPrivilege(ref, ugi.getShortUserName(), PrincipalType.USER, grant); + PrivilegeBag privs = new PrivilegeBag(); + privs.addToPrivileges(priv); + revoke_privileges_core(ms, privs); + if (ms.dropDatabase(name)) { success = ms.commitTransaction(); } @@ -979,7 +999,7 @@ public class HiveMetaStore extends ThriftHiveMetastore { private void create_table_core(final RawStore ms, final Table tbl, final EnvironmentContext envContext) throws AlreadyExistsException, MetaException, - InvalidObjectException, NoSuchObjectException { + IOException, InvalidObjectException, NoSuchObjectException, TException { if (!MetaStoreUtils.validateName(tbl.getTableName()) || !MetaStoreUtils.validateColNames(tbl.getSd().getCols()) @@ -1046,6 +1066,16 @@ public class HiveMetaStore extends ThriftHiveMetastore { tbl.putToParameters(hive_metastoreConstants.DDL_TIME, Long.toString(time)); } ms.createTable(tbl); + + UserGroupInformation ugi = UserGroupInformation.getCurrentUser(); + + HiveObjectRef ref = new HiveObjectRef(HiveObjectType.TABLE, tbl.getDbName(), tbl.getTableName(), null, null); + PrivilegeGrantInfo grant = new PrivilegeGrantInfo("All", 0, ugi.getShortUserName(), PrincipalType.USER, true); + HiveObjectPrivilege priv = new HiveObjectPrivilege(ref, ugi.getShortUserName(), PrincipalType.USER, grant); + PrivilegeBag privs = new PrivilegeBag(); + privs.addToPrivileges(priv); + grant_privileges_core(ms, privs); + success = ms.commitTransaction(); } finally { @@ -1114,7 +1144,7 @@ public class HiveMetaStore extends ThriftHiveMetastore { private void drop_table_core(final RawStore ms, final String dbname, final String name, final boolean deleteData) throws NoSuchObjectException, MetaException, IOException, - InvalidObjectException, InvalidInputException { + InvalidObjectException, InvalidInputException, TException { boolean success = false; boolean isExternal = false; Path tblPath = null; @@ -1168,6 +1198,15 @@ public class HiveMetaStore extends ThriftHiveMetastore { partPaths = dropPartitionsAndGetLocations(ms, dbname, name, tblPath, tbl.getPartitionKeys(), deleteData && !isExternal); + UserGroupInformation ugi = UserGroupInformation.getCurrentUser(); + + HiveObjectRef ref = new HiveObjectRef(HiveObjectType.TABLE, dbname, name, null, null); + PrivilegeGrantInfo grant = new PrivilegeGrantInfo("All", 0, ugi.getShortUserName(), PrincipalType.USER, true); + HiveObjectPrivilege priv = new HiveObjectPrivilege(ref, ugi.getShortUserName(), PrincipalType.USER, grant); + PrivilegeBag privs = new PrivilegeBag(); + privs.addToPrivileges(priv); + revoke_privileges_core(ms, privs); + if (!ms.dropTable(dbname, name)) { throw new MetaException("Unable to drop table"); } @@ -1477,7 +1516,7 @@ public class HiveMetaStore extends ThriftHiveMetastore { "Cannot append a partition to a view"); } - part.setSd(tbl.getSd()); + part.setSd(new StorageDescriptor(tbl.getSd())); partLocation = new Path(tbl.getSd().getLocation(), Warehouse .makePartName(tbl.getPartitionKeys(), part_vals)); part.getSd().setLocation(partLocation.toString()); @@ -3558,6 +3597,12 @@ public class HiveMetaStore extends ThriftHiveMetastore { return ret; } + private boolean grant_privileges_core(RawStore ms, final PrivilegeBag privileges) throws MetaException, + TException { + + return ms.grantPrivileges(privileges); + } + @Override public boolean grant_privileges(final PrivilegeBag privileges) throws MetaException, TException { @@ -3565,7 +3610,7 @@ public class HiveMetaStore extends ThriftHiveMetastore { Boolean ret = null; try { - ret = getMS().grantPrivileges(privileges); + ret = grant_privileges_core(getMS(), privileges); } catch (MetaException e) { throw e; } catch (Exception e) { @@ -3579,7 +3624,7 @@ public class HiveMetaStore extends ThriftHiveMetastore { final PrincipalType principalType) throws MetaException, TException { incrementCounter("remove_role_member"); - Boolean ret = null; + boolean ret = false; try { RawStore ms = getMS(); Role mRole = ms.getRole(roleName); @@ -3592,14 +3637,19 @@ public class HiveMetaStore extends ThriftHiveMetastore { return ret; } + private boolean revoke_privileges_core(RawStore ms, final PrivilegeBag privileges) + throws MetaException, TException { + return ms.revokePrivileges(privileges); + } + @Override public boolean revoke_privileges(final PrivilegeBag privileges) throws MetaException, TException { incrementCounter("revoke_privileges"); - Boolean ret = null; + boolean ret = false; try { - ret = getMS().revokePrivileges(privileges); + ret = revoke_privileges_core(getMS(), privileges); } catch (MetaException e) { throw e; } catch (Exception e) {