diff --git ql/src/java/org/apache/hadoop/hive/ql/exec/DDLTask.java ql/src/java/org/apache/hadoop/hive/ql/exec/DDLTask.java index 254e2b0..c475c95 100644 --- ql/src/java/org/apache/hadoop/hive/ql/exec/DDLTask.java +++ ql/src/java/org/apache/hadoop/hive/ql/exec/DDLTask.java @@ -4185,11 +4185,6 @@ private int createTable(Hive db, CreateTableDesc crtTbl) throws HiveException { } } - int rc = setGenericTableAttributes(tbl); - if (rc != 0) { - return rc; - } - // create the table db.createTable(tbl, crtTbl.getIfNotExists()); work.getOutputs().add(new WriteEntity(tbl, WriteEntity.WriteType.DDL_NO_LOCK)); @@ -4292,12 +4287,6 @@ private int createTableLike(Hive db, CreateTableLikeDesc crtTbl) throws HiveExce } } - // reset owner and creation time - int rc = setGenericTableAttributes(tbl); - if (rc != 0) { - return rc; - } - // create the table db.createTable(tbl, crtTbl.getIfNotExists()); work.getOutputs().add(new WriteEntity(tbl, WriteEntity.WriteType.DDL_NO_LOCK)); @@ -4357,11 +4346,6 @@ private int createView(Hive db, CreateViewDesc crtView) throws HiveException { tbl.setPartCols(crtView.getPartCols()); } - int rc = setGenericTableAttributes(tbl); - if (rc != 0) { - return rc; - } - db.createTable(tbl, crtView.getIfNotExists()); work.getOutputs().add(new WriteEntity(tbl, WriteEntity.WriteType.DDL_NO_LOCK)); } @@ -4432,13 +4416,6 @@ private int exchangeTablePartition(Hive db, return locations; } - private int setGenericTableAttributes(Table tbl) throws HiveException { - tbl.setOwner(SessionState.getUserFromAuthenticator()); - // set create time - tbl.setCreateTime((int) (System.currentTimeMillis() / 1000)); - return 0; - } - private String escapeHiveCommand(String str) { StringBuilder sb = new StringBuilder(); for (int i = 0; i < str.length(); i ++) { diff --git ql/src/java/org/apache/hadoop/hive/ql/metadata/Hive.java ql/src/java/org/apache/hadoop/hive/ql/metadata/Hive.java index ae05f04..7ac702b 100644 --- ql/src/java/org/apache/hadoop/hive/ql/metadata/Hive.java +++ ql/src/java/org/apache/hadoop/hive/ql/metadata/Hive.java @@ -780,6 +780,15 @@ public void createIndex(String tableName, String indexName, String indexHandlerC tt.putToParameters(prop.getKey(), prop.getValue()); } } + SessionState ss = SessionState.get(); + CreateTableAutomaticGrant grants; + if (ss != null && ((grants = ss.getCreateTableGrants()) != null)) { + PrincipalPrivilegeSet principalPrivs = new PrincipalPrivilegeSet(); + principalPrivs.setUserPrivileges(grants.getUserGrants()); + principalPrivs.setGroupPrivileges(grants.getGroupGrants()); + principalPrivs.setRolePrivileges(grants.getRoleGrants()); + tt.setPrivileges(principalPrivs); + } } if(!deferredRebuild) { diff --git ql/src/java/org/apache/hadoop/hive/ql/metadata/Table.java ql/src/java/org/apache/hadoop/hive/ql/metadata/Table.java index ae3c11b..e295ad9 100644 --- ql/src/java/org/apache/hadoop/hive/ql/metadata/Table.java +++ ql/src/java/org/apache/hadoop/hive/ql/metadata/Table.java @@ -53,6 +53,7 @@ import org.apache.hadoop.hive.ql.io.HiveSequenceFileOutputFormat; import org.apache.hadoop.hive.ql.parse.SemanticAnalyzer; import org.apache.hadoop.hive.ql.parse.SemanticException; +import org.apache.hadoop.hive.ql.session.SessionState; import org.apache.hadoop.hive.serde.serdeConstants; import org.apache.hadoop.hive.serde2.Deserializer; import org.apache.hadoop.hive.serde2.MetadataTypedColumnsetSerDe; @@ -170,6 +171,10 @@ public void setTTable(org.apache.hadoop.hive.metastore.api.Table tTable) { t.setTableType(TableType.MANAGED_TABLE.toString()); t.setDbName(databaseName); t.setTableName(tableName); + t.setOwner(SessionState.getUserFromAuthenticator()); + // set create time + t.setCreateTime((int) (System.currentTimeMillis() / 1000)); + } return t; } diff --git ql/src/test/queries/clientpositive/authorization_index.q ql/src/test/queries/clientpositive/authorization_index.q new file mode 100644 index 0000000..b3a8e84 --- /dev/null +++ ql/src/test/queries/clientpositive/authorization_index.q @@ -0,0 +1,12 @@ +set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; +set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; + +set hive.security.authorization.enabled=true; +create table t1 (a int); +create index t1_index on table t1(a) as 'COMPACT' WITH DEFERRED REBUILD; +desc formatted default__t1_t1_index__; +alter index t1_index on t1 rebuild; + +drop table t1; + +set hive.security.authorization.enabled=false; diff --git ql/src/test/results/clientpositive/authorization_index.q.out ql/src/test/results/clientpositive/authorization_index.q.out new file mode 100644 index 0000000..18da2ca --- /dev/null +++ ql/src/test/results/clientpositive/authorization_index.q.out @@ -0,0 +1,66 @@ +PREHOOK: query: create table t1 (a int) +PREHOOK: type: CREATETABLE +PREHOOK: Output: database:default +POSTHOOK: query: create table t1 (a int) +POSTHOOK: type: CREATETABLE +POSTHOOK: Output: database:default +POSTHOOK: Output: default@t1 +PREHOOK: query: create index t1_index on table t1(a) as 'COMPACT' WITH DEFERRED REBUILD +PREHOOK: type: CREATEINDEX +POSTHOOK: query: create index t1_index on table t1(a) as 'COMPACT' WITH DEFERRED REBUILD +POSTHOOK: type: CREATEINDEX +POSTHOOK: Output: default@default__t1_t1_index__ +PREHOOK: query: desc formatted default__t1_t1_index__ +PREHOOK: type: DESCTABLE +PREHOOK: Input: default@default__t1_t1_index__ +POSTHOOK: query: desc formatted default__t1_t1_index__ +POSTHOOK: type: DESCTABLE +POSTHOOK: Input: default@default__t1_t1_index__ +# col_name data_type comment + +a int +_bucketname string +_offsets array + +# Detailed Table Information +Database: default +#### A masked pattern was here #### +Protect Mode: None +Retention: 0 +#### A masked pattern was here #### +Table Type: INDEX_TABLE +Table Parameters: +#### A masked pattern was here #### + +# Storage Information +SerDe Library: org.apache.hadoop.hive.serde2.lazy.LazySimpleSerDe +InputFormat: org.apache.hadoop.mapred.TextInputFormat +OutputFormat: org.apache.hadoop.hive.ql.io.IgnoreKeyTextOutputFormat +Compressed: No +Num Buckets: -1 +Bucket Columns: [] +Sort Columns: [Order(col:a, order:1)] +Storage Desc Params: + serialization.format 1 +PREHOOK: query: alter index t1_index on t1 rebuild +PREHOOK: type: ALTERINDEX_REBUILD +PREHOOK: Input: default@t1 +PREHOOK: Output: default@default__t1_t1_index__ +POSTHOOK: query: alter index t1_index on t1 rebuild +POSTHOOK: type: ALTERINDEX_REBUILD +POSTHOOK: Input: default@t1 +POSTHOOK: Output: default@default__t1_t1_index__ +POSTHOOK: Lineage: default__t1_t1_index__._bucketname SIMPLE [(t1)t1.FieldSchema(name:INPUT__FILE__NAME, type:string, comment:), ] +POSTHOOK: Lineage: default__t1_t1_index__._offsets EXPRESSION [(t1)t1.FieldSchema(name:BLOCK__OFFSET__INSIDE__FILE, type:bigint, comment:), ] +POSTHOOK: Lineage: default__t1_t1_index__.a SIMPLE [(t1)t1.FieldSchema(name:a, type:int, comment:null), ] +PREHOOK: query: drop table t1 +PREHOOK: type: DROPTABLE +PREHOOK: Input: default@t1 +PREHOOK: Output: default@t1 +POSTHOOK: query: drop table t1 +POSTHOOK: type: DROPTABLE +POSTHOOK: Input: default@t1 +POSTHOOK: Output: default@t1 +POSTHOOK: Lineage: default__t1_t1_index__._bucketname SIMPLE [(t1)t1.FieldSchema(name:INPUT__FILE__NAME, type:string, comment:), ] +POSTHOOK: Lineage: default__t1_t1_index__._offsets EXPRESSION [(t1)t1.FieldSchema(name:BLOCK__OFFSET__INSIDE__FILE, type:bigint, comment:), ] +POSTHOOK: Lineage: default__t1_t1_index__.a SIMPLE [(t1)t1.FieldSchema(name:a, type:int, comment:null), ]