diff --git ql/src/test/queries/clientpositive/quote_user_role.q ql/src/test/queries/clientpositive/quote_user_role.q new file mode 100644 index 0000000..895f001 --- /dev/null +++ ql/src/test/queries/clientpositive/quote_user_role.q @@ -0,0 +1,23 @@ + +set hive.users.in.admin.role=hive_admin_user; +set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; +set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; +set user.name=hive_admin_user; +set hive.security.authorization.enabled=true; + +-- enable sql standard authorization +-- role granting without role keyword +-- also test role being treated as case insensitive +set role ADMIN; +create role `src Role2`; + +create table quote_user_role1 (c1 string); +grant select on table quote_user_role1 to role `src Role2`; + +grant `SRC role2` to user `user2` ; +show role grant user `user2`; +show roles; + +set user.name=user2; +set role `SRC role2`; +select * from quote_user_role1; diff --git ql/src/test/results/clientpositive/quote_user_role.q.out ql/src/test/results/clientpositive/quote_user_role.q.out new file mode 100644 index 0000000..8c310d3 --- /dev/null +++ ql/src/test/results/clientpositive/quote_user_role.q.out @@ -0,0 +1,57 @@ +PREHOOK: query: -- enable sql standard authorization +-- role granting without role keyword +-- also test role being treated as case insensitive +set role ADMIN +PREHOOK: type: SHOW_ROLES +POSTHOOK: query: -- enable sql standard authorization +-- role granting without role keyword +-- also test role being treated as case insensitive +set role ADMIN +POSTHOOK: type: SHOW_ROLES +PREHOOK: query: create role `src Role2` +PREHOOK: type: CREATEROLE +POSTHOOK: query: create role `src Role2` +POSTHOOK: type: CREATEROLE +PREHOOK: query: create table quote_user_role1 (c1 string) +PREHOOK: type: CREATETABLE +PREHOOK: Output: database:default +POSTHOOK: query: create table quote_user_role1 (c1 string) +POSTHOOK: type: CREATETABLE +POSTHOOK: Output: database:default +POSTHOOK: Output: default@quote_user_role1 +PREHOOK: query: grant select on table quote_user_role1 to role `src Role2` +PREHOOK: type: GRANT_PRIVILEGE +PREHOOK: Output: default@quote_user_role1 +POSTHOOK: query: grant select on table quote_user_role1 to role `src Role2` +POSTHOOK: type: GRANT_PRIVILEGE +POSTHOOK: Output: default@quote_user_role1 +PREHOOK: query: grant `SRC role2` to user `user2` +PREHOOK: type: GRANT_ROLE +POSTHOOK: query: grant `SRC role2` to user `user2` +POSTHOOK: type: GRANT_ROLE +PREHOOK: query: show role grant user `user2` +PREHOOK: type: SHOW_ROLE_GRANT +POSTHOOK: query: show role grant user `user2` +POSTHOOK: type: SHOW_ROLE_GRANT +public false -1 +src role2 false -1 hive_admin_user +PREHOOK: query: show roles +PREHOOK: type: SHOW_ROLES +POSTHOOK: query: show roles +POSTHOOK: type: SHOW_ROLES +admin +public +src role2 + +PREHOOK: query: set role `SRC role2` +PREHOOK: type: SHOW_ROLES +POSTHOOK: query: set role `SRC role2` +POSTHOOK: type: SHOW_ROLES +PREHOOK: query: select * from quote_user_role1 +PREHOOK: type: QUERY +PREHOOK: Input: default@quote_user_role1 +#### A masked pattern was here #### +POSTHOOK: query: select * from quote_user_role1 +POSTHOOK: type: QUERY +POSTHOOK: Input: default@quote_user_role1 +#### A masked pattern was here ####