diff --git common/src/java/org/apache/hadoop/hive/conf/HiveConf.java common/src/java/org/apache/hadoop/hive/conf/HiveConf.java index ae7cd53..a6c05bb 100644 --- common/src/java/org/apache/hadoop/hive/conf/HiveConf.java +++ common/src/java/org/apache/hadoop/hive/conf/HiveConf.java @@ -108,7 +108,6 @@ HiveConf.ConfVars.METASTOREPWD, HiveConf.ConfVars.METASTORECONNECTURLHOOK, HiveConf.ConfVars.METASTORECONNECTURLKEY, - HiveConf.ConfVars.METASTOREFORCERELOADCONF, HiveConf.ConfVars.METASTORESERVERMINTHREADS, HiveConf.ConfVars.METASTORESERVERMAXTHREADS, HiveConf.ConfVars.METASTORE_TCP_KEEP_ALIVE, @@ -352,11 +351,6 @@ "jdbc:derby:;databaseName=metastore_db;create=true", "JDBC connect string for a JDBC metastore"), - METASTOREFORCERELOADCONF("hive.metastore.force.reload.conf", false, - "Whether to force reloading of the metastore configuration (including\n" + - "the connection URL, before the next metastore query that accesses the\n" + - "datastore. Once reloaded, this value is reset to false. Used for\n" + - "testing only."), HMSHANDLERATTEMPTS("hive.hmshandler.retry.attempts", 1, "The number of times to retry a HMSHandler call if there were a connection error"), HMSHANDLERINTERVAL("hive.hmshandler.retry.interval", 1000, @@ -1549,7 +1543,7 @@ "Comma separated list of non-SQL Hive commands users are authorized to execute"), HIVE_CONF_RESTRICTED_LIST("hive.conf.restricted.list", - "hive.security.authenticator.manager,hive.security.authorization.manager", + "hive.security.authenticator.manager,hive.security.authorization.manager,hive.users.in.admin.role", "Comma separated list of configuration options which are immutable at runtime"), // If this is set all move tasks at the end of a multi-insert query will only begin once all diff --git contrib/src/java/org/apache/hadoop/hive/contrib/metastore/hooks/TestURLHook.java contrib/src/java/org/apache/hadoop/hive/contrib/metastore/hooks/TestURLHook.java index 39562ea..07c5d98 100644 --- contrib/src/java/org/apache/hadoop/hive/contrib/metastore/hooks/TestURLHook.java +++ contrib/src/java/org/apache/hadoop/hive/contrib/metastore/hooks/TestURLHook.java @@ -28,7 +28,8 @@ */ public class TestURLHook implements JDOConnectionURLHook { - static String originalUrl = null; + private String originalUrl; + @Override public String getJdoConnectionUrl(Configuration conf) throws Exception { if (originalUrl == null) { diff --git contrib/src/test/queries/clientnegative/url_hook.q contrib/src/test/queries/clientnegative/url_hook.q deleted file mode 100644 index c346432..0000000 --- contrib/src/test/queries/clientnegative/url_hook.q +++ /dev/null @@ -1,9 +0,0 @@ -add jar ${system:maven.local.repository}/org/apache/hive/hive-contrib/${system:hive.version}/hive-contrib-${system:hive.version}.jar; -set hive.metastore.force.reload.conf=true; -SHOW TABLES 'src'; -set hive.metastore.ds.connection.url.hook=org.apache.hadoop.hive.contrib.metastore.hooks.TestURLHook; -SHOW TABLES 'src'; -SHOW TABLES 'src'; -set hive.metastore.force.reload.conf=false; -set hive.metastore.ds.connection.url.hook=; -SHOW TABLES 'src'; diff --git contrib/src/test/queries/clientpositive/url_hook.q contrib/src/test/queries/clientpositive/url_hook.q new file mode 100644 index 0000000..db21432 --- /dev/null +++ contrib/src/test/queries/clientpositive/url_hook.q @@ -0,0 +1,6 @@ +add jar ${system:maven.local.repository}/org/apache/hive/hive-contrib/${system:hive.version}/hive-contrib-${system:hive.version}.jar; +SHOW TABLES 'src'; + +set hive.metastore.ds.connection.url.hook=org.apache.hadoop.hive.contrib.metastore.hooks.TestURLHook; +-- changes to dummy derby store.. should return empty result +SHOW TABLES 'src'; diff --git contrib/src/test/results/clientnegative/url_hook.q.out contrib/src/test/results/clientnegative/url_hook.q.out deleted file mode 100644 index 601fd93..0000000 --- contrib/src/test/results/clientnegative/url_hook.q.out +++ /dev/null @@ -1,8 +0,0 @@ -PREHOOK: query: SHOW TABLES 'src' -PREHOOK: type: SHOWTABLES -POSTHOOK: query: SHOW TABLES 'src' -POSTHOOK: type: SHOWTABLES -src -PREHOOK: query: SHOW TABLES 'src' -PREHOOK: type: SHOWTABLES -FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. Database does not exist: default diff --git contrib/src/test/results/clientpositive/url_hook.q.out contrib/src/test/results/clientpositive/url_hook.q.out new file mode 100644 index 0000000..971da8e --- /dev/null +++ contrib/src/test/results/clientpositive/url_hook.q.out @@ -0,0 +1,11 @@ +PREHOOK: query: SHOW TABLES 'src' +PREHOOK: type: SHOWTABLES +POSTHOOK: query: SHOW TABLES 'src' +POSTHOOK: type: SHOWTABLES +src +PREHOOK: query: -- changes to dummy derby store.. should return empty result +SHOW TABLES 'src' +PREHOOK: type: SHOWTABLES +POSTHOOK: query: -- changes to dummy derby store.. should return empty result +SHOW TABLES 'src' +POSTHOOK: type: SHOWTABLES diff --git data/conf/hive-site.xml data/conf/hive-site.xml index fe8080a..128e08f 100644 --- data/conf/hive-site.xml +++ data/conf/hive-site.xml @@ -240,4 +240,9 @@ minimal + + hive.users.in.admin.role + hive_admin_user + + diff --git itests/hive-unit/src/main/java/org/apache/hive/jdbc/miniHS2/MiniHS2.java itests/hive-unit/src/main/java/org/apache/hive/jdbc/miniHS2/MiniHS2.java index e8d405d..4502439 100644 --- itests/hive-unit/src/main/java/org/apache/hive/jdbc/miniHS2/MiniHS2.java +++ itests/hive-unit/src/main/java/org/apache/hive/jdbc/miniHS2/MiniHS2.java @@ -178,7 +178,6 @@ private MiniHS2(HiveConf hiveConf, boolean useMiniMR, boolean useMiniKdc, String hiveConf.setVar(ConfVars.HIVE_SERVER2_THRIFT_BIND_HOST, getHost()); hiveConf.setIntVar(ConfVars.HIVE_SERVER2_THRIFT_PORT, getBinaryPort()); hiveConf.setIntVar(ConfVars.HIVE_SERVER2_THRIFT_HTTP_PORT, getHttpPort()); - HiveMetaStore.HMSHandler.resetDefaultDBFlag(); Path scratchDir = new Path(baseDfsDir, "scratch"); fs.mkdirs(scratchDir); diff --git itests/hive-unit/src/test/java/org/apache/hadoop/hive/metastore/TestMetastoreVersion.java itests/hive-unit/src/test/java/org/apache/hadoop/hive/metastore/TestMetastoreVersion.java index 0bb022e..95c1413 100644 --- itests/hive-unit/src/test/java/org/apache/hadoop/hive/metastore/TestMetastoreVersion.java +++ itests/hive-unit/src/test/java/org/apache/hadoop/hive/metastore/TestMetastoreVersion.java @@ -42,9 +42,9 @@ @Override protected void setUp() throws Exception { super.setUp(); - Field defDb = HiveMetaStore.HMSHandler.class.getDeclaredField("createDefaultDB"); + Field defDb = HiveMetaStore.HMSHandler.class.getDeclaredField("currentUrl"); defDb.setAccessible(true); - defDb.setBoolean(null, false); + defDb.set(null, null); hiveConf = new HiveConf(this.getClass()); System.setProperty("hive.metastore.event.listeners", DummyListener.class.getName()); diff --git itests/util/src/main/java/org/apache/hadoop/hive/ql/QTestUtil.java itests/util/src/main/java/org/apache/hadoop/hive/ql/QTestUtil.java index 2fefa06..ccfb58f 100644 --- itests/util/src/main/java/org/apache/hadoop/hive/ql/QTestUtil.java +++ itests/util/src/main/java/org/apache/hadoop/hive/ql/QTestUtil.java @@ -1738,10 +1738,10 @@ public void failed(int ecode, String fname, String debugHint) { (command != null ? " running " + command : "") + (debugHint != null ? debugHint : "")); } + // for negative tests, which is succeeded.. no need to print the query string public void failed(String fname, String debugHint) { - String command = SessionState.get() != null ? SessionState.get().getLastCommand() : null; Assert.fail("Client Execution was expected to fail, but succeeded with error code 0 " + - (command != null ? " running " + command : "") + (debugHint != null ? debugHint : "")); + (debugHint != null ? debugHint : "")); } public void failedDiff(int ecode, String fname, String debugHint) { @@ -1755,7 +1755,9 @@ public void failed(Throwable e, String fname, String debugHint) { e.printStackTrace(); System.err.println("Failed query: " + fname); System.err.flush(); - Assert.fail("Unexpected exception" + (command != null ? " running " + command : "") + + Assert.fail("Unexpected exception " + + org.apache.hadoop.util.StringUtils.stringifyException(e) + "\n" + + (command != null ? " running " + command : "") + (debugHint != null ? debugHint : "")); } } diff --git metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java index 5cc1cd8..b74868b 100644 --- metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java +++ metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java @@ -89,7 +89,6 @@ import org.apache.hadoop.hive.metastore.api.GrantRevokePrivilegeResponse; import org.apache.hadoop.hive.metastore.api.GrantRevokeRoleRequest; import org.apache.hadoop.hive.metastore.api.GrantRevokeRoleResponse; -import org.apache.hadoop.hive.metastore.api.GrantRevokeType; import org.apache.hadoop.hive.metastore.api.HeartbeatRequest; import org.apache.hadoop.hive.metastore.api.HeartbeatTxnRangeRequest; import org.apache.hadoop.hive.metastore.api.HeartbeatTxnRangeResponse; @@ -241,13 +240,12 @@ public TTransport getTransport(TTransport trans) { public static class HMSHandler extends FacebookBase implements IHMSHandler { public static final Log LOG = HiveMetaStore.LOG; - private static boolean createDefaultDB = false; - private static boolean defaultRolesCreated = false; - private static boolean adminUsersAdded = false; private String rawStoreClassName; private final HiveConf hiveConf; // stores datastore (jpox) properties, // right now they come from jpox.properties + private static String currentUrl; + private Warehouse wh; // hdfs warehouse private final ThreadLocal threadLocalMS = new ThreadLocal() { @@ -316,8 +314,6 @@ private final void logAuditEvent(String cmd) { address, cmd).toString()); } - // The next serial number to be assigned - private boolean checkForDefaultDb; private static int nextSerialNum = 0; private static ThreadLocal threadLocalId = new ThreadLocal() { @Override @@ -350,10 +346,6 @@ public static Integer get() { return threadLocalId.get(); } - public static void resetDefaultDBFlag() { - createDefaultDB = false; - } - public HMSHandler(String name) throws MetaException { super(name); hiveConf = new HiveConf(this.getClass()); @@ -387,8 +379,6 @@ public HiveConf getHiveConf() { private boolean init() throws MetaException { rawStoreClassName = hiveConf.getVar(HiveConf.ConfVars.METASTORE_RAW_STORE_IMPL); - checkForDefaultDb = hiveConf.getBoolean( - "hive.metastore.checkForDefaultDb", true); initListeners = MetaStoreUtils.getMetaStoreListeners( MetaStoreInitListener.class, hiveConf, hiveConf.getVar(HiveConf.ConfVars.METASTORE_INIT_HOOKS)); @@ -404,9 +394,12 @@ private boolean init() throws MetaException { wh = new Warehouse(hiveConf); synchronized (HMSHandler.class) { - createDefaultDB(); - createDefaultRoles(); - addAdminUsers(); + if (currentUrl == null || !currentUrl.equals(MetaStoreInit.getConnectionURL(hiveConf))) { + createDefaultDB(); + createDefaultRoles(); + addAdminUsers(); + currentUrl = MetaStoreInit.getConnectionURL(hiveConf); + } } if (hiveConf.getBoolean("hive.metastore.metrics.enabled", false)) { @@ -517,7 +510,6 @@ private void createDefaultDB_core(RawStore ms) throws MetaException, InvalidObje db.setOwnerType(PrincipalType.ROLE); ms.createDatabase(db); } - HMSHandler.createDefaultDB = true; } /** @@ -526,9 +518,6 @@ private void createDefaultDB_core(RawStore ms) throws MetaException, InvalidObje * @throws MetaException */ private void createDefaultDB() throws MetaException { - if (HMSHandler.createDefaultDB || !checkForDefaultDb) { - return; - } try { createDefaultDB_core(getMS()); } catch (InvalidObjectException e) { @@ -541,11 +530,6 @@ private void createDefaultDB() throws MetaException { private void createDefaultRoles() throws MetaException { - if(defaultRolesCreated) { - LOG.debug("Admin role already created previously."); - return; - } - RawStore ms = getMS(); try { ms.addRole(ADMIN, ADMIN); @@ -579,16 +563,10 @@ private void createDefaultRoles() throws MetaException { // Unlikely to be thrown. LOG.warn("Failed while granting global privs to admin", e); } - - defaultRolesCreated = true; } private void addAdminUsers() throws MetaException { - if(adminUsersAdded) { - LOG.debug("Admin users already added."); - return; - } // now add pre-configured users to admin role String userStr = HiveConf.getVar(hiveConf,ConfVars.USERS_IN_ADMIN_ROLE,"").trim(); if (userStr.isEmpty()) { @@ -623,7 +601,6 @@ private void addAdminUsers() throws MetaException { LOG.debug(userName + " already in admin role", e); } } - adminUsersAdded = true; } private void logInfo(String m) { diff --git metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStoreClient.java metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStoreClient.java index d26183b..c13d832 100644 --- metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStoreClient.java +++ metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStoreClient.java @@ -34,6 +34,7 @@ import java.util.ArrayList; import java.util.Arrays; import java.util.Collection; +import java.util.HashMap; import java.util.LinkedHashMap; import java.util.List; import java.util.Map; @@ -144,6 +145,8 @@ private String tokenStrForm; private final boolean localMetaStore; + private Map currentMetaVars; + // for thrift connects private int retries = 5; private int retryDelaySeconds = 0; @@ -171,6 +174,7 @@ public HiveMetaStoreClient(HiveConf conf, HiveMetaHookLoader hookLoader) // through the network client = HiveMetaStore.newHMSHandler("hive client", conf); isConnected = true; + snapshotActiveConf(); return; } @@ -231,6 +235,25 @@ private void promoteRandomMetaStoreURI() { } @Override + public boolean isCompatibleWith(HiveConf conf) { + if (currentMetaVars == null) { + return false; // recreate + } + boolean compatible = true; + for (ConfVars oneVar : HiveConf.metaVars) { + // Since metaVars are all of different types, use string for comparison + String oldVar = currentMetaVars.get(oneVar.varname); + String newVar = conf.get(oneVar.varname, ""); + if (!oldVar.equalsIgnoreCase(newVar)) { + LOG.info("Mestastore configuration " + oneVar.varname + + " changed from " + oldVar + " to " + newVar); + compatible = false; + } + } + return compatible; + } + + @Override public void reconnect() throws MetaException { if (localMetaStore) { // For direct DB connections we don't yet support reestablishing connections. @@ -383,9 +406,19 @@ private void open() throws MetaException { throw new MetaException("Could not connect to meta store using any of the URIs provided." + " Most recent failure: " + StringUtils.stringifyException(tte)); } + + snapshotActiveConf(); + LOG.info("Connected to metastore."); } + private void snapshotActiveConf() { + currentMetaVars = new HashMap(HiveConf.metaVars.length); + for (ConfVars oneVar : HiveConf.metaVars) { + currentMetaVars.put(oneVar.varname, conf.get(oneVar.varname, "")); + } + } + public String getTokenStrForm() throws IOException { return tokenStrForm; } @@ -393,6 +426,7 @@ public String getTokenStrForm() throws IOException { @Override public void close() { isConnected = false; + currentMetaVars = null; try { if (null != client) { client.shutdown(); diff --git metastore/src/java/org/apache/hadoop/hive/metastore/IMetaStoreClient.java metastore/src/java/org/apache/hadoop/hive/metastore/IMetaStoreClient.java index 5add436..d6e849f 100644 --- metastore/src/java/org/apache/hadoop/hive/metastore/IMetaStoreClient.java +++ metastore/src/java/org/apache/hadoop/hive/metastore/IMetaStoreClient.java @@ -19,9 +19,9 @@ package org.apache.hadoop.hive.metastore; import org.apache.hadoop.hive.common.ValidTxnList; +import org.apache.hadoop.hive.conf.HiveConf; import org.apache.hadoop.hive.metastore.api.CompactionType; import org.apache.hadoop.hive.metastore.api.GetOpenTxnsInfoResponse; -import org.apache.hadoop.hive.metastore.api.GetOpenTxnsResponse; import org.apache.hadoop.hive.metastore.api.HeartbeatTxnRangeResponse; import org.apache.hadoop.hive.metastore.api.LockRequest; import org.apache.hadoop.hive.metastore.api.LockResponse; @@ -41,19 +41,14 @@ import org.apache.hadoop.hive.metastore.api.AlreadyExistsException; import org.apache.hadoop.hive.metastore.api.ColumnStatistics; import org.apache.hadoop.hive.metastore.api.ColumnStatisticsObj; -import org.apache.hadoop.hive.metastore.api.CompactionType; import org.apache.hadoop.hive.metastore.api.ConfigValSecurityException; import org.apache.hadoop.hive.metastore.api.Database; import org.apache.hadoop.hive.metastore.api.FieldSchema; import org.apache.hadoop.hive.metastore.api.Function; -import org.apache.hadoop.hive.metastore.api.GetOpenTxnsInfoResponse; -import org.apache.hadoop.hive.metastore.api.GetOpenTxnsResponse; import org.apache.hadoop.hive.metastore.api.GetPrincipalsInRoleRequest; import org.apache.hadoop.hive.metastore.api.GetPrincipalsInRoleResponse; import org.apache.hadoop.hive.metastore.api.GetRoleGrantsForPrincipalRequest; import org.apache.hadoop.hive.metastore.api.GetRoleGrantsForPrincipalResponse; -import org.apache.hadoop.hive.metastore.api.GrantRevokePrivilegeRequest; -import org.apache.hadoop.hive.metastore.api.GrantRevokePrivilegeResponse; import org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege; import org.apache.hadoop.hive.metastore.api.HiveObjectRef; import org.apache.hadoop.hive.metastore.api.Index; @@ -61,28 +56,18 @@ import org.apache.hadoop.hive.metastore.api.InvalidObjectException; import org.apache.hadoop.hive.metastore.api.InvalidOperationException; import org.apache.hadoop.hive.metastore.api.InvalidPartitionException; -import org.apache.hadoop.hive.metastore.api.LockRequest; -import org.apache.hadoop.hive.metastore.api.LockResponse; import org.apache.hadoop.hive.metastore.api.MetaException; -import org.apache.hadoop.hive.metastore.api.NoSuchLockException; import org.apache.hadoop.hive.metastore.api.NoSuchObjectException; -import org.apache.hadoop.hive.metastore.api.NoSuchTxnException; -import org.apache.hadoop.hive.metastore.api.OpenTxnsResponse; import org.apache.hadoop.hive.metastore.api.Partition; import org.apache.hadoop.hive.metastore.api.PartitionEventType; import org.apache.hadoop.hive.metastore.api.PrincipalPrivilegeSet; import org.apache.hadoop.hive.metastore.api.PrincipalType; import org.apache.hadoop.hive.metastore.api.PrivilegeBag; import org.apache.hadoop.hive.metastore.api.Role; -import org.apache.hadoop.hive.metastore.api.ShowCompactResponse; -import org.apache.hadoop.hive.metastore.api.ShowLocksResponse; import org.apache.hadoop.hive.metastore.api.Table; -import org.apache.hadoop.hive.metastore.api.TxnAbortedException; -import org.apache.hadoop.hive.metastore.api.TxnOpenException; import org.apache.hadoop.hive.metastore.api.UnknownDBException; import org.apache.hadoop.hive.metastore.api.UnknownPartitionException; import org.apache.hadoop.hive.metastore.api.UnknownTableException; -import org.apache.thrift.TException; /** * TODO Unnecessary when the server sides for both dbstore and filestore are @@ -91,6 +76,12 @@ public interface IMetaStoreClient { /** + * Returns whether current client is convertible with conf or not + * @return + */ + public boolean isCompatibleWith(HiveConf conf); + + /** * Tries to reconnect this MetaStoreClient to the MetaStore. */ public void reconnect() throws MetaException; diff --git metastore/src/java/org/apache/hadoop/hive/metastore/RawStoreProxy.java metastore/src/java/org/apache/hadoop/hive/metastore/RawStoreProxy.java index 1cf09d4..7c9bedb 100644 --- metastore/src/java/org/apache/hadoop/hive/metastore/RawStoreProxy.java +++ metastore/src/java/org/apache/hadoop/hive/metastore/RawStoreProxy.java @@ -26,8 +26,6 @@ import java.util.List; import org.apache.commons.lang.ClassUtils; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; import org.apache.hadoop.conf.Configuration; import org.apache.hadoop.hive.common.classification.InterfaceAudience; import org.apache.hadoop.hive.common.classification.InterfaceStability; @@ -55,7 +53,7 @@ protected RawStoreProxy(HiveConf hiveConf, Configuration conf, // This has to be called before initializing the instance of RawStore init(); - this.base = (RawStore) ReflectionUtils.newInstance(rawStoreClass, conf); + this.base = ReflectionUtils.newInstance(rawStoreClass, conf); } public static RawStore getProxy(HiveConf hiveConf, Configuration conf, String rawStoreClassName, @@ -96,14 +94,6 @@ private void initMS() { public Object invoke(Object proxy, Method method, Object[] args) throws Throwable { Object ret = null; - boolean reloadConf = HiveConf.getBoolVar(hiveConf, - HiveConf.ConfVars.METASTOREFORCERELOADCONF); - - if (reloadConf) { - MetaStoreInit.updateConnectionURL(hiveConf, getConf(), null, metaStoreInitData); - initMS(); - } - try { ret = method.invoke(base, args); } catch (UndeclaredThrowableException e) { diff --git ql/src/java/org/apache/hadoop/hive/ql/metadata/Hive.java ql/src/java/org/apache/hadoop/hive/ql/metadata/Hive.java index 81323f6..a7e50ad 100644 --- ql/src/java/org/apache/hadoop/hive/ql/metadata/Hive.java +++ ql/src/java/org/apache/hadoop/hive/ql/metadata/Hive.java @@ -43,6 +43,7 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.apache.hadoop.conf.Configuration; import org.apache.hadoop.fs.FileStatus; import org.apache.hadoop.fs.FileSystem; import org.apache.hadoop.fs.Path; @@ -141,6 +142,10 @@ public synchronized void remove() { } }; + public static Hive get(Configuration c, Class clazz) throws HiveException { + return get(c instanceof HiveConf ? (HiveConf)c : new HiveConf(c, clazz)); + } + /** * Gets hive object for the current thread. If one is not initialized then a * new one is created If the new configuration is different in metadata conf @@ -153,20 +158,13 @@ public synchronized void remove() { * */ public static Hive get(HiveConf c) throws HiveException { - boolean needsRefresh = false; Hive db = hiveDB.get(); - if (db != null) { - for (HiveConf.ConfVars oneVar : HiveConf.metaVars) { - // Since metaVars are all of different types, use string for comparison - String oldVar = db.getConf().get(oneVar.varname, ""); - String newVar = c.get(oneVar.varname, ""); - if (oldVar.compareToIgnoreCase(newVar) != 0) { - needsRefresh = true; - break; - } - } + if (db == null || + (db.metaStoreClient != null && !db.metaStoreClient.isCompatibleWith(c))) { + return get(c, true); } - return get(c, needsRefresh); + db.conf = c; + return db; } /** @@ -195,7 +193,8 @@ public static Hive get(HiveConf c, boolean needsRefresh) throws HiveException { public static Hive get() throws HiveException { Hive db = hiveDB.get(); if (db == null) { - db = new Hive(new HiveConf(Hive.class)); + SessionState session = SessionState.get(); + db = new Hive(session == null ? new HiveConf(Hive.class) : session.getConf()); hiveDB.set(db); } return db; diff --git ql/src/java/org/apache/hadoop/hive/ql/security/authorization/DefaultHiveAuthorizationProvider.java ql/src/java/org/apache/hadoop/hive/ql/security/authorization/DefaultHiveAuthorizationProvider.java index 2fa512c..f26d1a2 100644 --- ql/src/java/org/apache/hadoop/hive/ql/security/authorization/DefaultHiveAuthorizationProvider.java +++ ql/src/java/org/apache/hadoop/hive/ql/security/authorization/DefaultHiveAuthorizationProvider.java @@ -19,7 +19,6 @@ package org.apache.hadoop.hive.ql.security.authorization; import org.apache.hadoop.conf.Configuration; -import org.apache.hadoop.hive.conf.HiveConf; import org.apache.hadoop.hive.ql.metadata.Hive; import org.apache.hadoop.hive.ql.metadata.HiveException; @@ -27,7 +26,7 @@ BitSetCheckedAuthorizationProvider { public void init(Configuration conf) throws HiveException { - hive_db = new HiveProxy(Hive.get(new HiveConf(conf, HiveAuthorizationProvider.class))); + hive_db = new HiveProxy(Hive.get(conf, HiveAuthorizationProvider.class)); } } diff --git ql/src/java/org/apache/hadoop/hive/ql/security/authorization/StorageBasedAuthorizationProvider.java ql/src/java/org/apache/hadoop/hive/ql/security/authorization/StorageBasedAuthorizationProvider.java index 0dfd997..f803cc4 100644 --- ql/src/java/org/apache/hadoop/hive/ql/security/authorization/StorageBasedAuthorizationProvider.java +++ ql/src/java/org/apache/hadoop/hive/ql/security/authorization/StorageBasedAuthorizationProvider.java @@ -35,7 +35,6 @@ import org.apache.hadoop.fs.permission.FsAction; import org.apache.hadoop.fs.permission.FsPermission; import org.apache.hadoop.hdfs.DFSConfigKeys; -import org.apache.hadoop.hive.conf.HiveConf; import org.apache.hadoop.hive.metastore.HiveMetaStore.HMSHandler; import org.apache.hadoop.hive.metastore.Warehouse; import org.apache.hadoop.hive.metastore.api.Database; @@ -83,7 +82,7 @@ private void initWh() throws MetaException, HiveException { // till we explicitly initialize it as being from the client side. So, we have a // chicken-and-egg problem. So, we now track whether or not we're running from client-side // in the SBAP itself. - hive_db = new HiveProxy(Hive.get(new HiveConf(getConf(), StorageBasedAuthorizationProvider.class))); + hive_db = new HiveProxy(Hive.get(getConf(), StorageBasedAuthorizationProvider.class)); this.wh = new Warehouse(getConf()); if (this.wh == null){ // If wh is still null after just having initialized it, bail out - something's very wrong. @@ -117,7 +116,7 @@ public void authorize(Privilege[] readRequiredPriv, Privilege[] writeRequiredPri // Update to previous comment: there does seem to be one place that uses this // and that is to authorize "show databases" in hcat commandline, which is used - // by webhcat. And user-level auth seems to be a resonable default in this case. + // by webhcat. And user-level auth seems to be a reasonable default in this case. // The now deprecated HdfsAuthorizationProvider in hcatalog approached this in // another way, and that was to see if the user had said above appropriate requested // privileges for the hive root warehouse directory. That seems to be the best diff --git ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveRoleGrant.java ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveRoleGrant.java index ce07f32..eb3bd8e 100644 --- ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveRoleGrant.java +++ ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveRoleGrant.java @@ -123,5 +123,7 @@ public int compareTo(HiveRoleGrant other) { } - + public String toString() { + return roleName + "[" + principalName + ":" + principalType + (grantOption ? ":WITH GRANT]" : "]"); + } } diff --git ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java index ce12edb..5fea760 100644 --- ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java +++ ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java @@ -105,6 +105,7 @@ private void initUserRoles() throws HiveAuthzPluginException { } this.currentUserName = newUserName; this.currentRoles = getRolesFromMS(); + LOG.warn(currentUserName + ":" + currentRoles); } private List getRolesFromMS() throws HiveAuthzPluginException { @@ -532,6 +533,7 @@ public void setCurrentRole(String roleName) throws HiveAccessControlException, currentRoles.add(adminRole); return; } + LOG.warn(currentUserName + ":" + currentRoles); // If we are here it means, user is requesting a role he doesn't belong to. throw new HiveAccessControlException(currentUserName +" doesn't belong to role " +roleName); diff --git ql/src/test/org/apache/hadoop/hive/ql/metadata/TestHive.java ql/src/test/org/apache/hadoop/hive/ql/metadata/TestHive.java index d218271..98c2924 100755 --- ql/src/test/org/apache/hadoop/hive/ql/metadata/TestHive.java +++ ql/src/test/org/apache/hadoop/hive/ql/metadata/TestHive.java @@ -509,6 +509,7 @@ public void testIndex() throws Throwable { public void testHiveRefreshOnConfChange() throws Throwable{ Hive prevHiveObj = Hive.get(); + prevHiveObj.getDatabaseCurrent(); Hive newHiveObj; //if HiveConf has not changed, same object should be returned @@ -522,6 +523,7 @@ public void testHiveRefreshOnConfChange() throws Throwable{ //if HiveConf has changed, new object should be returned prevHiveObj = Hive.get(); + prevHiveObj.getDatabaseCurrent(); //change value of a metavar config param in new hive conf newHconf = new HiveConf(hiveConf); newHconf.setIntVar(ConfVars.METASTORETHRIFTCONNECTIONRETRIES, diff --git ql/src/test/queries/clientnegative/authorization_cannot_create_all_role.q ql/src/test/queries/clientnegative/authorization_cannot_create_all_role.q index de91e91..9bbd655 100644 --- ql/src/test/queries/clientnegative/authorization_cannot_create_all_role.q +++ ql/src/test/queries/clientnegative/authorization_cannot_create_all_role.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; set user.name=hive_admin_user; diff --git ql/src/test/queries/clientnegative/authorization_cannot_create_default_role.q ql/src/test/queries/clientnegative/authorization_cannot_create_default_role.q index 42a42f6..32045e4 100644 --- ql/src/test/queries/clientnegative/authorization_cannot_create_default_role.q +++ ql/src/test/queries/clientnegative/authorization_cannot_create_default_role.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; set user.name=hive_admin_user; diff --git ql/src/test/queries/clientnegative/authorization_cannot_create_none_role.q ql/src/test/queries/clientnegative/authorization_cannot_create_none_role.q index 0d14cde..42369d8 100644 --- ql/src/test/queries/clientnegative/authorization_cannot_create_none_role.q +++ ql/src/test/queries/clientnegative/authorization_cannot_create_none_role.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; set user.name=hive_admin_user; diff --git ql/src/test/queries/clientnegative/authorization_caseinsensitivity.q ql/src/test/queries/clientnegative/authorization_caseinsensitivity.q index d5ea284..7b47b65 100644 --- ql/src/test/queries/clientnegative/authorization_caseinsensitivity.q +++ ql/src/test/queries/clientnegative/authorization_caseinsensitivity.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; set user.name=hive_admin_user; diff --git ql/src/test/queries/clientnegative/authorization_drop_db_cascade.q ql/src/test/queries/clientnegative/authorization_drop_db_cascade.q index edeae9b..78ec078 100644 --- ql/src/test/queries/clientnegative/authorization_drop_db_cascade.q +++ ql/src/test/queries/clientnegative/authorization_drop_db_cascade.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; set hive.security.authorization.enabled=true; diff --git ql/src/test/queries/clientnegative/authorization_drop_db_empty.q ql/src/test/queries/clientnegative/authorization_drop_db_empty.q index 46d4d0f..993a2a3 100644 --- ql/src/test/queries/clientnegative/authorization_drop_db_empty.q +++ ql/src/test/queries/clientnegative/authorization_drop_db_empty.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; set hive.security.authorization.enabled=true; diff --git ql/src/test/queries/clientnegative/authorization_drop_role_no_admin.q ql/src/test/queries/clientnegative/authorization_drop_role_no_admin.q index a7aa17f..2593e9e 100644 --- ql/src/test/queries/clientnegative/authorization_drop_role_no_admin.q +++ ql/src/test/queries/clientnegative/authorization_drop_role_no_admin.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; set user.name=hive_admin_user; diff --git ql/src/test/queries/clientnegative/authorization_priv_current_role_neg.q ql/src/test/queries/clientnegative/authorization_priv_current_role_neg.q index 463358a..29a06a8 100644 --- ql/src/test/queries/clientnegative/authorization_priv_current_role_neg.q +++ ql/src/test/queries/clientnegative/authorization_priv_current_role_neg.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; set user.name=hive_admin_user; diff --git ql/src/test/queries/clientnegative/authorization_role_cycles1.q ql/src/test/queries/clientnegative/authorization_role_cycles1.q index a819d20..fa3fc19 100644 --- ql/src/test/queries/clientnegative/authorization_role_cycles1.q +++ ql/src/test/queries/clientnegative/authorization_role_cycles1.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; set user.name=hive_admin_user; diff --git ql/src/test/queries/clientnegative/authorization_role_cycles2.q ql/src/test/queries/clientnegative/authorization_role_cycles2.q index 423f030..069a663 100644 --- ql/src/test/queries/clientnegative/authorization_role_cycles2.q +++ ql/src/test/queries/clientnegative/authorization_role_cycles2.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; diff --git ql/src/test/queries/clientnegative/authorization_role_grant.q ql/src/test/queries/clientnegative/authorization_role_grant.q index c5c500a..3f1a7b8 100644 --- ql/src/test/queries/clientnegative/authorization_role_grant.q +++ ql/src/test/queries/clientnegative/authorization_role_grant.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; set user.name=hive_admin_user; diff --git ql/src/test/queries/clientnegative/authorization_role_grant2.q ql/src/test/queries/clientnegative/authorization_role_grant2.q index 7fdf157..7d439cb 100644 --- ql/src/test/queries/clientnegative/authorization_role_grant2.q +++ ql/src/test/queries/clientnegative/authorization_role_grant2.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; set user.name=hive_admin_user; diff --git ql/src/test/queries/clientnegative/authorization_role_grant_nosuchrole.q ql/src/test/queries/clientnegative/authorization_role_grant_nosuchrole.q index f456165..51ca345 100644 --- ql/src/test/queries/clientnegative/authorization_role_grant_nosuchrole.q +++ ql/src/test/queries/clientnegative/authorization_role_grant_nosuchrole.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; set user.name=hive_admin_user; diff --git ql/src/test/queries/clientnegative/authorization_role_grant_otherrole.q ql/src/test/queries/clientnegative/authorization_role_grant_otherrole.q index f91abdb..9440c45 100644 --- ql/src/test/queries/clientnegative/authorization_role_grant_otherrole.q +++ ql/src/test/queries/clientnegative/authorization_role_grant_otherrole.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; diff --git ql/src/test/queries/clientnegative/authorization_role_grant_otheruser.q ql/src/test/queries/clientnegative/authorization_role_grant_otheruser.q index a530043..1db2806 100644 --- ql/src/test/queries/clientnegative/authorization_role_grant_otheruser.q +++ ql/src/test/queries/clientnegative/authorization_role_grant_otheruser.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; diff --git ql/src/test/queries/clientnegative/authorization_rolehierarchy_privs.q ql/src/test/queries/clientnegative/authorization_rolehierarchy_privs.q index d9f4c7c..8bb776e 100644 --- ql/src/test/queries/clientnegative/authorization_rolehierarchy_privs.q +++ ql/src/test/queries/clientnegative/authorization_rolehierarchy_privs.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; set hive.security.authorization.enabled=true; diff --git ql/src/test/queries/clientnegative/authorization_set_role_neg2.q ql/src/test/queries/clientnegative/authorization_set_role_neg2.q index 03f748f..a810f1a 100644 --- ql/src/test/queries/clientnegative/authorization_set_role_neg2.q +++ ql/src/test/queries/clientnegative/authorization_set_role_neg2.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; set user.name=hive_admin_user; diff --git ql/src/test/queries/clientnegative/authorization_show_grant_otherrole.q ql/src/test/queries/clientnegative/authorization_show_grant_otherrole.q index a709d16..e131766 100644 --- ql/src/test/queries/clientnegative/authorization_show_grant_otherrole.q +++ ql/src/test/queries/clientnegative/authorization_show_grant_otherrole.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; set hive.security.authorization.enabled=true; diff --git ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_all.q ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_all.q index 2073cda..4ef501d 100644 --- ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_all.q +++ ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_all.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; set hive.security.authorization.enabled=true; diff --git ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_alltabs.q ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_alltabs.q index 672b81b..8cfc790 100644 --- ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_alltabs.q +++ ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_alltabs.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; set hive.security.authorization.enabled=true; diff --git ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_wtab.q ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_wtab.q index 7d95a9d..4c3892c 100644 --- ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_wtab.q +++ ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_wtab.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; set hive.security.authorization.enabled=true; diff --git ql/src/test/queries/clientpositive/authorization_1_sql_std.q ql/src/test/queries/clientpositive/authorization_1_sql_std.q index 381937c..34a9b68 100644 --- ql/src/test/queries/clientpositive/authorization_1_sql_std.q +++ ql/src/test/queries/clientpositive/authorization_1_sql_std.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; set user.name=hive_admin_user; diff --git ql/src/test/queries/clientpositive/authorization_admin_almighty1.q ql/src/test/queries/clientpositive/authorization_admin_almighty1.q index 45c4a7d..380f506 100644 --- ql/src/test/queries/clientpositive/authorization_admin_almighty1.q +++ ql/src/test/queries/clientpositive/authorization_admin_almighty1.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; set user.name=hive_test_user; diff --git ql/src/test/queries/clientpositive/authorization_admin_almighty2.q ql/src/test/queries/clientpositive/authorization_admin_almighty2.q index ce99670..ba43e40 100644 --- ql/src/test/queries/clientpositive/authorization_admin_almighty2.q +++ ql/src/test/queries/clientpositive/authorization_admin_almighty2.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactory; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; set user.name=hive_admin_user; diff --git ql/src/test/queries/clientpositive/authorization_create_func1.q ql/src/test/queries/clientpositive/authorization_create_func1.q index 65a7b33..1f48deb 100644 --- ql/src/test/queries/clientpositive/authorization_create_func1.q +++ ql/src/test/queries/clientpositive/authorization_create_func1.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; set hive.security.authorization.enabled=true; diff --git ql/src/test/queries/clientpositive/authorization_create_macro1.q ql/src/test/queries/clientpositive/authorization_create_macro1.q index fb60500..741fa92 100644 --- ql/src/test/queries/clientpositive/authorization_create_macro1.q +++ ql/src/test/queries/clientpositive/authorization_create_macro1.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; set hive.security.authorization.enabled=true; diff --git ql/src/test/queries/clientpositive/authorization_insert.q ql/src/test/queries/clientpositive/authorization_insert.q index 6cce469..c1e4c1f 100644 --- ql/src/test/queries/clientpositive/authorization_insert.q +++ ql/src/test/queries/clientpositive/authorization_insert.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; diff --git ql/src/test/queries/clientpositive/authorization_owner_actions_db.q ql/src/test/queries/clientpositive/authorization_owner_actions_db.q index 36ab260..14a8d7c 100644 --- ql/src/test/queries/clientpositive/authorization_owner_actions_db.q +++ ql/src/test/queries/clientpositive/authorization_owner_actions_db.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; set hive.security.authorization.enabled=true; diff --git ql/src/test/queries/clientpositive/authorization_role_grant1.q ql/src/test/queries/clientpositive/authorization_role_grant1.q index c062ef2..1e8a6af 100644 --- ql/src/test/queries/clientpositive/authorization_role_grant1.q +++ ql/src/test/queries/clientpositive/authorization_role_grant1.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; set user.name=hive_admin_user; diff --git ql/src/test/queries/clientpositive/authorization_role_grant2.q ql/src/test/queries/clientpositive/authorization_role_grant2.q index 34e19a2..d87d96f 100644 --- ql/src/test/queries/clientpositive/authorization_role_grant2.q +++ ql/src/test/queries/clientpositive/authorization_role_grant2.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; diff --git ql/src/test/queries/clientpositive/authorization_set_show_current_role.q ql/src/test/queries/clientpositive/authorization_set_show_current_role.q index 6b5af6e..4132370 100644 --- ql/src/test/queries/clientpositive/authorization_set_show_current_role.q +++ ql/src/test/queries/clientpositive/authorization_set_show_current_role.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; set user.name=hive_admin_user; diff --git ql/src/test/queries/clientpositive/authorization_show_grant.q ql/src/test/queries/clientpositive/authorization_show_grant.q index 5f7a33b..bad1f07 100644 --- ql/src/test/queries/clientpositive/authorization_show_grant.q +++ ql/src/test/queries/clientpositive/authorization_show_grant.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; set hive.security.authorization.enabled=true; diff --git ql/src/test/queries/clientpositive/authorization_view_sqlstd.q ql/src/test/queries/clientpositive/authorization_view_sqlstd.q index b04f6d6..91acd39 100644 --- ql/src/test/queries/clientpositive/authorization_view_sqlstd.q +++ ql/src/test/queries/clientpositive/authorization_view_sqlstd.q @@ -1,4 +1,3 @@ -set hive.users.in.admin.role=hive_admin_user; set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; set hive.security.authorization.enabled=true;