diff --git metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java index 27077b4..18e62d8 100644 --- metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java +++ metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java @@ -202,8 +202,8 @@ * default port on which to start the Hive server */ private static final int DEFAULT_HIVE_METASTORE_PORT = 9083; - public static final String ADMIN = "ADMIN"; - public static final String PUBLIC = "PUBLIC"; + public static final String ADMIN = "admin"; + public static final String PUBLIC = "public"; private static HadoopThriftAuthBridge.Server saslServer; private static boolean useSasl; diff --git ql/src/java/org/apache/hadoop/hive/ql/parse/authorization/HiveAuthorizationTaskFactoryImpl.java ql/src/java/org/apache/hadoop/hive/ql/parse/authorization/HiveAuthorizationTaskFactoryImpl.java index f4dd97b..9f7d8f7 100644 --- ql/src/java/org/apache/hadoop/hive/ql/parse/authorization/HiveAuthorizationTaskFactoryImpl.java +++ ql/src/java/org/apache/hadoop/hive/ql/parse/authorization/HiveAuthorizationTaskFactoryImpl.java @@ -219,7 +219,7 @@ public HiveAuthorizationTaskFactoryImpl(HiveConf conf, Hive db) { List roles = new ArrayList(); for (int i = rolesStartPos; i < ast.getChildCount(); i++) { - roles.add(BaseSemanticAnalyzer.unescapeIdentifier(ast.getChild(i).getText())); + roles.add(BaseSemanticAnalyzer.unescapeIdentifier(ast.getChild(i).getText()).toLowerCase()); } String roleOwnerName = SessionState.getUserFromAuthenticator(); diff --git ql/src/java/org/apache/hadoop/hive/ql/plan/GrantRevokeRoleDDL.java ql/src/java/org/apache/hadoop/hive/ql/plan/GrantRevokeRoleDDL.java index d8488a7..3ab311f 100644 --- ql/src/java/org/apache/hadoop/hive/ql/plan/GrantRevokeRoleDDL.java +++ ql/src/java/org/apache/hadoop/hive/ql/plan/GrantRevokeRoleDDL.java @@ -24,19 +24,19 @@ @Explain(displayName="grant or revoke roles") public class GrantRevokeRoleDDL { - + private boolean grant; - + private List principalDesc; - + private List roles; - + private String grantor; - + private PrincipalType grantorType; - + private boolean grantOption; - + public GrantRevokeRoleDDL() { } @@ -47,7 +47,7 @@ public GrantRevokeRoleDDL(boolean grant, List roles, this.grant = grant; this.principalDesc = principalDesc; this.roles = roles; - this.grantor = grantor; + this.grantor = grantor.toLowerCase(); this.grantorType = grantorType; this.grantOption = grantOption; } @@ -93,7 +93,7 @@ public String getGrantor() { } public void setGrantor(String grantor) { - this.grantor = grantor; + this.grantor = grantor.toLowerCase(); } public PrincipalType getGrantorType() { @@ -110,6 +110,6 @@ public boolean isGrantOption() { public void setGrantOption(boolean grantOption) { this.grantOption = grantOption; - } + } } diff --git ql/src/java/org/apache/hadoop/hive/ql/plan/PrincipalDesc.java ql/src/java/org/apache/hadoop/hive/ql/plan/PrincipalDesc.java index 7dc0ded..d2eb98a 100644 --- ql/src/java/org/apache/hadoop/hive/ql/plan/PrincipalDesc.java +++ ql/src/java/org/apache/hadoop/hive/ql/plan/PrincipalDesc.java @@ -26,14 +26,14 @@ public class PrincipalDesc implements Serializable, Cloneable { private static final long serialVersionUID = 1L; - + private String name; - + private PrincipalType type; public PrincipalDesc(String name, PrincipalType type) { super(); - this.name = name; + this.name = name.toLowerCase(); this.type = type; } diff --git ql/src/java/org/apache/hadoop/hive/ql/plan/RoleDDLDesc.java ql/src/java/org/apache/hadoop/hive/ql/plan/RoleDDLDesc.java index b4da3d1..1c49931 100644 --- ql/src/java/org/apache/hadoop/hive/ql/plan/RoleDDLDesc.java +++ ql/src/java/org/apache/hadoop/hive/ql/plan/RoleDDLDesc.java @@ -102,10 +102,10 @@ public RoleDDLDesc(String roleName, RoleOperation operation) { public RoleDDLDesc(String principalName, PrincipalType principalType, RoleOperation operation, String roleOwnerName) { - this.name = principalName; + this.name = principalName == null ? null : principalName.toLowerCase(); this.principalType = principalType; this.operation = operation; - this.roleOwnerName = roleOwnerName; + this.roleOwnerName = roleOwnerName == null ? null : roleOwnerName.toLowerCase(); } @Explain(displayName = "name") @@ -114,7 +114,7 @@ public String getName() { } public void setName(String roleName) { - this.name = roleName; + this.name = roleName.toLowerCase(); } @Explain(displayName = "role operation") @@ -155,7 +155,7 @@ public String getRoleOwnerName() { } public void setRoleOwnerName(String roleOwnerName) { - this.roleOwnerName = roleOwnerName; + this.roleOwnerName = roleOwnerName.toLowerCase(); } } diff --git ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HivePrincipal.java ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HivePrincipal.java index 62b8994..ec7d522 100644 --- ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HivePrincipal.java +++ ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HivePrincipal.java @@ -40,7 +40,7 @@ public String toString() { private final HivePrincipalType type; public HivePrincipal(String name, HivePrincipalType type){ - this.name = name; + this.name = name == null ? null : name.toLowerCase(); this.type = type; } public String getName() { diff --git ql/src/test/results/clientnegative/authorization_drop_db_cascade.q.out ql/src/test/results/clientnegative/authorization_drop_db_cascade.q.out index eda2146..74ab4c8 100644 --- ql/src/test/results/clientnegative/authorization_drop_db_cascade.q.out +++ ql/src/test/results/clientnegative/authorization_drop_db_cascade.q.out @@ -48,6 +48,6 @@ PREHOOK: query: show current roles PREHOOK: type: SHOW_ROLES POSTHOOK: query: show current roles POSTHOOK: type: SHOW_ROLES -PUBLIC +public FAILED: HiveAccessControlException Permission denied. Principal [name=user2, type=USER] does not have following privileges on Object [type=TABLE_OR_VIEW, name=dba2.tab2] : [OBJECT OWNERSHIP] diff --git ql/src/test/results/clientnegative/authorization_drop_db_empty.q.out ql/src/test/results/clientnegative/authorization_drop_db_empty.q.out index 27a6822..bd7447f 100644 --- ql/src/test/results/clientnegative/authorization_drop_db_empty.q.out +++ ql/src/test/results/clientnegative/authorization_drop_db_empty.q.out @@ -18,7 +18,7 @@ PREHOOK: query: show current roles PREHOOK: type: SHOW_ROLES POSTHOOK: query: show current roles POSTHOOK: type: SHOW_ROLES -PUBLIC +public PREHOOK: query: drop database dba1 PREHOOK: type: DROPDATABASE @@ -34,7 +34,7 @@ PREHOOK: type: SHOW_ROLES POSTHOOK: query: -- check if dropping db as another user fails show current roles POSTHOOK: type: SHOW_ROLES -PUBLIC +public PREHOOK: query: create database dba2 PREHOOK: type: CREATEDATABASE @@ -44,6 +44,6 @@ PREHOOK: query: show current roles PREHOOK: type: SHOW_ROLES POSTHOOK: query: show current roles POSTHOOK: type: SHOW_ROLES -PUBLIC +public FAILED: HiveAccessControlException Permission denied. Principal [name=user2, type=USER] does not have following privileges on Object [type=DATABASE, name=dba2] : [OBJECT OWNERSHIP] diff --git ql/src/test/results/clientnegative/authorization_drop_role_no_admin.q.out ql/src/test/results/clientnegative/authorization_drop_role_no_admin.q.out index c03876d..05b4119 100644 --- ql/src/test/results/clientnegative/authorization_drop_role_no_admin.q.out +++ ql/src/test/results/clientnegative/authorization_drop_role_no_admin.q.out @@ -6,7 +6,7 @@ PREHOOK: query: show current roles PREHOOK: type: SHOW_ROLES POSTHOOK: query: show current roles POSTHOOK: type: SHOW_ROLES -ADMIN +admin PREHOOK: query: create role r1 PREHOOK: type: CREATEROLE @@ -20,7 +20,7 @@ PREHOOK: query: show current roles PREHOOK: type: SHOW_ROLES POSTHOOK: query: show current roles POSTHOOK: type: SHOW_ROLES -PUBLIC +public PREHOOK: query: drop role r1 PREHOOK: type: DROPROLE diff --git ql/src/test/results/clientnegative/authorization_fail_7.q.out ql/src/test/results/clientnegative/authorization_fail_7.q.out index ffff69d..e9b7c35 100644 --- ql/src/test/results/clientnegative/authorization_fail_7.q.out +++ ql/src/test/results/clientnegative/authorization_fail_7.q.out @@ -27,8 +27,8 @@ PREHOOK: query: show role grant user hive_test_user PREHOOK: type: SHOW_ROLE_GRANT POSTHOOK: query: show role grant user hive_test_user POSTHOOK: type: SHOW_ROLE_GRANT -PUBLIC false -1 hive_test_role_fail false -1 hive_test_user +public false -1 PREHOOK: query: show grant role hive_test_role_fail on table authorization_fail PREHOOK: type: SHOW_GRANT POSTHOOK: query: show grant role hive_test_role_fail on table authorization_fail diff --git ql/src/test/results/clientnegative/authorization_priv_current_role_neg.q.out ql/src/test/results/clientnegative/authorization_priv_current_role_neg.q.out index 7f983ba..a62b7b3 100644 --- ql/src/test/results/clientnegative/authorization_priv_current_role_neg.q.out +++ ql/src/test/results/clientnegative/authorization_priv_current_role_neg.q.out @@ -39,7 +39,7 @@ POSTHOOK: query: -- switch to user2 -- by default all roles should be in current roles, and grant to new user should work show current roles POSTHOOK: type: SHOW_ROLES -PUBLIC +public role2 PREHOOK: query: grant all on table tpriv_current_role to user user3 diff --git ql/src/test/results/clientnegative/authorization_public_create.q.out ql/src/test/results/clientnegative/authorization_public_create.q.out index bccdc53..0318a8b 100644 --- ql/src/test/results/clientnegative/authorization_public_create.q.out +++ ql/src/test/results/clientnegative/authorization_public_create.q.out @@ -1,4 +1,4 @@ PREHOOK: query: create role PUBLIC PREHOOK: type: CREATEROLE -Error in role operation create_role on role name PUBLIC, error message MetaException(message:PUBLIC role implictly exists. It can't be created.) +Error in role operation create_role on role name public, error message MetaException(message:public role implictly exists. It can't be created.) FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask diff --git ql/src/test/results/clientnegative/authorization_public_drop.q.out ql/src/test/results/clientnegative/authorization_public_drop.q.out index 14f6b3a..912589d 100644 --- ql/src/test/results/clientnegative/authorization_public_drop.q.out +++ ql/src/test/results/clientnegative/authorization_public_drop.q.out @@ -1,4 +1,4 @@ PREHOOK: query: drop role PUBLIC PREHOOK: type: DROPROLE -Error in role operation drop_role on role name PUBLIC, error message MetaException(message:PUBLIC/ADMIN role can't be dropped.) +Error in role operation drop_role on role name public, error message MetaException(message:public/admin role can't be dropped.) FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask diff --git ql/src/test/results/clientnegative/authorization_role_grant.q.out ql/src/test/results/clientnegative/authorization_role_grant.q.out index 0f88444..0e5e724 100644 --- ql/src/test/results/clientnegative/authorization_role_grant.q.out +++ ql/src/test/results/clientnegative/authorization_role_grant.q.out @@ -32,7 +32,7 @@ PREHOOK: query: show role grant user user2 PREHOOK: type: SHOW_ROLE_GRANT POSTHOOK: query: show role grant user user2 POSTHOOK: type: SHOW_ROLE_GRANT -PUBLIC false -1 +public false -1 role_noadmin false -1 hive_admin_user src_role_wadmin true -1 hive_admin_user PREHOOK: query: set role role_noadmin diff --git ql/src/test/results/clientnegative/authorization_rolehierarchy_privs.q.out ql/src/test/results/clientnegative/authorization_rolehierarchy_privs.q.out index 7268370..9f99d6f 100644 --- ql/src/test/results/clientnegative/authorization_rolehierarchy_privs.q.out +++ ql/src/test/results/clientnegative/authorization_rolehierarchy_privs.q.out @@ -2,7 +2,7 @@ PREHOOK: query: show current roles PREHOOK: type: SHOW_ROLES POSTHOOK: query: show current roles POSTHOOK: type: SHOW_ROLES -PUBLIC +public PREHOOK: query: set role ADMIN PREHOOK: type: SHOW_ROLES @@ -59,7 +59,7 @@ PREHOOK: query: show current roles PREHOOK: type: SHOW_ROLES POSTHOOK: query: show current roles POSTHOOK: type: SHOW_ROLES -PUBLIC +public role1 role2 role3 @@ -76,7 +76,7 @@ PREHOOK: query: show current roles PREHOOK: type: SHOW_ROLES POSTHOOK: query: show current roles POSTHOOK: type: SHOW_ROLES -PUBLIC +public PREHOOK: query: grant select on t1 to role role2 PREHOOK: type: GRANT_PRIVILEGE @@ -88,7 +88,7 @@ PREHOOK: query: show current roles PREHOOK: type: SHOW_ROLES POSTHOOK: query: show current roles POSTHOOK: type: SHOW_ROLES -PUBLIC +public role1 role2 role3 @@ -109,7 +109,7 @@ PREHOOK: query: show current roles PREHOOK: type: SHOW_ROLES POSTHOOK: query: show current roles POSTHOOK: type: SHOW_ROLES -ADMIN +admin PREHOOK: query: revoke select on table t1 from role role2 PREHOOK: type: REVOKE_PRIVILEGE @@ -133,7 +133,7 @@ PREHOOK: query: show current roles PREHOOK: type: SHOW_ROLES POSTHOOK: query: show current roles POSTHOOK: type: SHOW_ROLES -PUBLIC +public role1 role2 role3 @@ -151,7 +151,7 @@ PREHOOK: query: show current roles PREHOOK: type: SHOW_ROLES POSTHOOK: query: show current roles POSTHOOK: type: SHOW_ROLES -PUBLIC +public PREHOOK: query: set role ADMIN PREHOOK: type: SHOW_ROLES @@ -169,7 +169,7 @@ PREHOOK: query: show current roles PREHOOK: type: SHOW_ROLES POSTHOOK: query: show current roles POSTHOOK: type: SHOW_ROLES -PUBLIC +public role1 role2 role3 @@ -187,7 +187,7 @@ PREHOOK: query: show current roles PREHOOK: type: SHOW_ROLES POSTHOOK: query: show current roles POSTHOOK: type: SHOW_ROLES -PUBLIC +public PREHOOK: query: set role ADMIN PREHOOK: type: SHOW_ROLES @@ -201,7 +201,7 @@ PREHOOK: query: show current roles PREHOOK: type: SHOW_ROLES POSTHOOK: query: show current roles POSTHOOK: type: SHOW_ROLES -PUBLIC +public role1 role2 role4 diff --git ql/src/test/results/clientnegative/authorize_grant_public.q.out ql/src/test/results/clientnegative/authorize_grant_public.q.out index dae4331..ef4a1b1 100644 --- ql/src/test/results/clientnegative/authorize_grant_public.q.out +++ ql/src/test/results/clientnegative/authorize_grant_public.q.out @@ -1,3 +1,3 @@ PREHOOK: query: grant role PUBLIC to user hive_test_user PREHOOK: type: GRANT_ROLE -FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. org.apache.hadoop.hive.ql.metadata.HiveException: MetaException(message:No user can be added to PUBLIC. Since all users implictly belong to PUBLIC role.) +FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. org.apache.hadoop.hive.ql.metadata.HiveException: MetaException(message:No user can be added to public. Since all users implictly belong to public role.) diff --git ql/src/test/results/clientnegative/authorize_revoke_public.q.out ql/src/test/results/clientnegative/authorize_revoke_public.q.out index cff88ca..618fedd 100644 --- ql/src/test/results/clientnegative/authorize_revoke_public.q.out +++ ql/src/test/results/clientnegative/authorize_revoke_public.q.out @@ -1,3 +1,3 @@ PREHOOK: query: revoke role PUBLIC from user hive_test_user PREHOOK: type: REVOKE_ROLE -FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. org.apache.hadoop.hive.ql.metadata.HiveException: MetaException(message:PUBLIC role can't be revoked.) +FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. org.apache.hadoop.hive.ql.metadata.HiveException: MetaException(message:public role can't be revoked.) diff --git ql/src/test/results/clientpositive/authorization_1.q.out ql/src/test/results/clientpositive/authorization_1.q.out index 1c52151..0ff4b04 100644 --- ql/src/test/results/clientpositive/authorization_1.q.out +++ ql/src/test/results/clientpositive/authorization_1.q.out @@ -267,7 +267,7 @@ PREHOOK: query: show role grant user hive_test_user PREHOOK: type: SHOW_ROLE_GRANT POSTHOOK: query: show role grant user hive_test_user POSTHOOK: type: SHOW_ROLE_GRANT -PUBLIC false -1 +public false -1 src_role false -1 hive_test_user PREHOOK: query: --column grant to role diff --git ql/src/test/results/clientpositive/authorization_1_sql_std.q.out ql/src/test/results/clientpositive/authorization_1_sql_std.q.out index 3e39801..718ff31 100644 --- ql/src/test/results/clientpositive/authorization_1_sql_std.q.out +++ ql/src/test/results/clientpositive/authorization_1_sql_std.q.out @@ -48,7 +48,7 @@ PREHOOK: query: show role grant user user_sauth PREHOOK: type: SHOW_ROLE_GRANT POSTHOOK: query: show role grant user user_sauth POSTHOOK: type: SHOW_ROLE_GRANT -PUBLIC false -1 +public false -1 src_role false -1 hive_admin_user PREHOOK: query: --table grant to role diff --git ql/src/test/results/clientpositive/authorization_5.q.out ql/src/test/results/clientpositive/authorization_5.q.out index 3353adf..6f75dd1 100644 --- ql/src/test/results/clientpositive/authorization_5.q.out +++ ql/src/test/results/clientpositive/authorization_5.q.out @@ -38,8 +38,8 @@ PREHOOK: query: SHOW ROLE GRANT USER hive_test_user PREHOOK: type: SHOW_ROLE_GRANT POSTHOOK: query: SHOW ROLE GRANT USER hive_test_user POSTHOOK: type: SHOW_ROLE_GRANT -PUBLIC false -1 db_test_role false -1 hive_test_user +public false -1 PREHOOK: query: GRANT drop ON DATABASE test_db TO ROLE db_test_role PREHOOK: type: GRANT_PRIVILEGE POSTHOOK: query: GRANT drop ON DATABASE test_db TO ROLE db_test_role diff --git ql/src/test/results/clientpositive/authorization_9.q.out ql/src/test/results/clientpositive/authorization_9.q.out index 3ec988c..226ce28 100644 --- ql/src/test/results/clientpositive/authorization_9.q.out +++ ql/src/test/results/clientpositive/authorization_9.q.out @@ -63,7 +63,7 @@ PREHOOK: query: show grant on all PREHOOK: type: SHOW_GRANT POSTHOOK: query: show grant on all POSTHOOK: type: SHOW_GRANT - ADMIN ROLE All true -1 ADMIN + admin ROLE All true -1 admin default hive_test_user USER Select false -1 hive_test_user default hive_test_user2 USER Select false -1 hive_test_user default dummy hive_test_user USER Select false -1 hive_test_user diff --git ql/src/test/results/clientpositive/authorization_admin_almighty1.q.out ql/src/test/results/clientpositive/authorization_admin_almighty1.q.out index df0d5c4..d4f9555 100644 --- ql/src/test/results/clientpositive/authorization_admin_almighty1.q.out +++ ql/src/test/results/clientpositive/authorization_admin_almighty1.q.out @@ -13,7 +13,7 @@ PREHOOK: query: show current roles PREHOOK: type: SHOW_ROLES POSTHOOK: query: show current roles POSTHOOK: type: SHOW_ROLES -PUBLIC +public PREHOOK: query: set role ADMIN PREHOOK: type: SHOW_ROLES @@ -23,7 +23,7 @@ PREHOOK: query: show current roles PREHOOK: type: SHOW_ROLES POSTHOOK: query: show current roles POSTHOOK: type: SHOW_ROLES -ADMIN +admin PREHOOK: query: select * from t1 PREHOOK: type: QUERY diff --git ql/src/test/results/clientpositive/authorization_role_grant1.q.out ql/src/test/results/clientpositive/authorization_role_grant1.q.out index 305dd9d..3c846eb 100644 --- ql/src/test/results/clientpositive/authorization_role_grant1.q.out +++ ql/src/test/results/clientpositive/authorization_role_grant1.q.out @@ -18,14 +18,14 @@ PREHOOK: query: show role grant user user2 PREHOOK: type: SHOW_ROLE_GRANT POSTHOOK: query: show role grant user user2 POSTHOOK: type: SHOW_ROLE_GRANT -PUBLIC false -1 +public false -1 src_role2 false -1 hive_admin_user PREHOOK: query: show roles PREHOOK: type: SHOW_ROLES POSTHOOK: query: show roles POSTHOOK: type: SHOW_ROLES -ADMIN -PUBLIC +admin +public src_role2 PREHOOK: query: -- revoke role without role keyword @@ -38,13 +38,13 @@ PREHOOK: query: show role grant user user2 PREHOOK: type: SHOW_ROLE_GRANT POSTHOOK: query: show role grant user user2 POSTHOOK: type: SHOW_ROLE_GRANT -PUBLIC false -1 +public false -1 PREHOOK: query: show roles PREHOOK: type: SHOW_ROLES POSTHOOK: query: show roles POSTHOOK: type: SHOW_ROLES -ADMIN -PUBLIC +admin +public src_role2 PREHOOK: query: ---------------------------------------- @@ -67,7 +67,7 @@ PREHOOK: query: show role grant user user2 PREHOOK: type: SHOW_ROLE_GRANT POSTHOOK: query: show role grant user user2 POSTHOOK: type: SHOW_ROLE_GRANT -PUBLIC false -1 +public false -1 src_role_wadmin true -1 hive_admin_user PREHOOK: query: -- revoke role without role keyword revoke src_role_wadmin from user user2 @@ -79,15 +79,15 @@ PREHOOK: query: show role grant user user2 PREHOOK: type: SHOW_ROLE_GRANT POSTHOOK: query: show role grant user user2 POSTHOOK: type: SHOW_ROLE_GRANT -PUBLIC false -1 +public false -1 PREHOOK: query: -- drop roles show roles PREHOOK: type: SHOW_ROLES POSTHOOK: query: -- drop roles show roles POSTHOOK: type: SHOW_ROLES -ADMIN -PUBLIC +admin +public src_role2 src_role_wadmin @@ -99,8 +99,8 @@ PREHOOK: query: show roles PREHOOK: type: SHOW_ROLES POSTHOOK: query: show roles POSTHOOK: type: SHOW_ROLES -ADMIN -PUBLIC +admin +public src_role_wadmin PREHOOK: query: drop role src_role_wadmin @@ -111,6 +111,6 @@ PREHOOK: query: show roles PREHOOK: type: SHOW_ROLES POSTHOOK: query: show roles POSTHOOK: type: SHOW_ROLES -ADMIN -PUBLIC +admin +public diff --git ql/src/test/results/clientpositive/authorization_role_grant2.q.out ql/src/test/results/clientpositive/authorization_role_grant2.q.out index f294311..1e8f88a 100644 --- ql/src/test/results/clientpositive/authorization_role_grant2.q.out +++ ql/src/test/results/clientpositive/authorization_role_grant2.q.out @@ -23,7 +23,7 @@ PREHOOK: type: SHOW_ROLE_GRANT POSTHOOK: query: show role grant user user2 POSTHOOK: type: SHOW_ROLE_GRANT role grant_option grant_time grantor -PUBLIC false -1 +public false -1 src_role_wadmin true -1 hive_admin_user PREHOOK: query: show principals src_role_wadmin PREHOOK: type: SHOW_ROLE_PRINCIPALS @@ -44,7 +44,7 @@ PREHOOK: type: SHOW_ROLE_GRANT POSTHOOK: query: show role grant user user3 POSTHOOK: type: SHOW_ROLE_GRANT role grant_option grant_time grantor -PUBLIC false -1 +public false -1 src_role_wadmin false -1 user2 PREHOOK: query: set role ADMIN PREHOOK: type: SHOW_ROLES @@ -70,7 +70,7 @@ PREHOOK: type: SHOW_ROLE_GRANT POSTHOOK: query: show role grant user user3 POSTHOOK: type: SHOW_ROLE_GRANT role grant_option grant_time grantor -PUBLIC false -1 +public false -1 PREHOOK: query: set role ADMIN PREHOOK: type: SHOW_ROLES POSTHOOK: query: set role ADMIN diff --git ql/src/test/results/clientpositive/authorization_set_show_current_role.q.out ql/src/test/results/clientpositive/authorization_set_show_current_role.q.out index d5fbc48..8449813 100644 --- ql/src/test/results/clientpositive/authorization_set_show_current_role.q.out +++ ql/src/test/results/clientpositive/authorization_set_show_current_role.q.out @@ -6,7 +6,7 @@ PREHOOK: query: show current roles PREHOOK: type: SHOW_ROLES POSTHOOK: query: show current roles POSTHOOK: type: SHOW_ROLES -ADMIN +admin PREHOOK: query: create role r1 PREHOOK: type: CREATEROLE @@ -34,7 +34,7 @@ PREHOOK: query: show current roles PREHOOK: type: SHOW_ROLES POSTHOOK: query: show current roles POSTHOOK: type: SHOW_ROLES -PUBLIC +public PREHOOK: query: set role ALL PREHOOK: type: SHOW_ROLES @@ -44,7 +44,7 @@ PREHOOK: query: show current roles PREHOOK: type: SHOW_ROLES POSTHOOK: query: show current roles POSTHOOK: type: SHOW_ROLES -PUBLIC +public r1 PREHOOK: query: set role ADMIN diff --git ql/src/test/results/clientpositive/authorization_view_sqlstd.q.out ql/src/test/results/clientpositive/authorization_view_sqlstd.q.out index b431c35..50c0247 100644 --- ql/src/test/results/clientpositive/authorization_view_sqlstd.q.out +++ ql/src/test/results/clientpositive/authorization_view_sqlstd.q.out @@ -155,7 +155,7 @@ PREHOOK: query: show current roles PREHOOK: type: SHOW_ROLES POSTHOOK: query: show current roles POSTHOOK: type: SHOW_ROLES -PUBLIC +public PREHOOK: query: set role ADMIN PREHOOK: type: SHOW_ROLES @@ -173,14 +173,14 @@ PREHOOK: query: show role grant user user4 PREHOOK: type: SHOW_ROLE_GRANT POSTHOOK: query: show role grant user user4 POSTHOOK: type: SHOW_ROLE_GRANT -PUBLIC false -1 +public false -1 role_v false -1 hive_admin_user PREHOOK: query: show roles PREHOOK: type: SHOW_ROLES POSTHOOK: query: show roles POSTHOOK: type: SHOW_ROLES -ADMIN -PUBLIC +admin +public role_v PREHOOK: query: grant all on table vt2 to role role_v