diff --git common/src/java/org/apache/hadoop/hive/conf/HiveConf.java common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
index 635891f..9c17c77 100644
--- common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
+++ common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
@@ -108,7 +108,6 @@
HiveConf.ConfVars.METASTOREPWD,
HiveConf.ConfVars.METASTORECONNECTURLHOOK,
HiveConf.ConfVars.METASTORECONNECTURLKEY,
- HiveConf.ConfVars.METASTOREFORCERELOADCONF,
HiveConf.ConfVars.METASTORESERVERMINTHREADS,
HiveConf.ConfVars.METASTORESERVERMAXTHREADS,
HiveConf.ConfVars.METASTORE_TCP_KEEP_ALIVE,
@@ -352,11 +351,6 @@
"jdbc:derby:;databaseName=metastore_db;create=true",
"JDBC connect string for a JDBC metastore"),
- METASTOREFORCERELOADCONF("hive.metastore.force.reload.conf", false,
- "Whether to force reloading of the metastore configuration (including\n" +
- "the connection URL, before the next metastore query that accesses the\n" +
- "datastore. Once reloaded, this value is reset to false. Used for\n" +
- "testing only."),
HMSHANDLERATTEMPTS("hive.hmshandler.retry.attempts", 1,
"The number of times to retry a HMSHandler call if there were a connection error"),
HMSHANDLERINTERVAL("hive.hmshandler.retry.interval", 1000,
@@ -1548,7 +1542,7 @@
"Comma separated list of non-SQL Hive commands users are authorized to execute"),
HIVE_CONF_RESTRICTED_LIST("hive.conf.restricted.list",
- "hive.security.authenticator.manager,hive.security.authorization.manager",
+ "hive.security.authenticator.manager,hive.security.authorization.manager,hive.users.in.admin.role",
"Comma separated list of configuration options which are immutable at runtime"),
// If this is set all move tasks at the end of a multi-insert query will only begin once all
diff --git contrib/src/java/org/apache/hadoop/hive/contrib/metastore/hooks/TestURLHook.java contrib/src/java/org/apache/hadoop/hive/contrib/metastore/hooks/TestURLHook.java
index 39562ea..07c5d98 100644
--- contrib/src/java/org/apache/hadoop/hive/contrib/metastore/hooks/TestURLHook.java
+++ contrib/src/java/org/apache/hadoop/hive/contrib/metastore/hooks/TestURLHook.java
@@ -28,7 +28,8 @@
*/
public class TestURLHook implements JDOConnectionURLHook {
- static String originalUrl = null;
+ private String originalUrl;
+
@Override
public String getJdoConnectionUrl(Configuration conf) throws Exception {
if (originalUrl == null) {
diff --git contrib/src/test/queries/clientnegative/url_hook.q contrib/src/test/queries/clientnegative/url_hook.q
deleted file mode 100644
index c346432..0000000
--- contrib/src/test/queries/clientnegative/url_hook.q
+++ /dev/null
@@ -1,9 +0,0 @@
-add jar ${system:maven.local.repository}/org/apache/hive/hive-contrib/${system:hive.version}/hive-contrib-${system:hive.version}.jar;
-set hive.metastore.force.reload.conf=true;
-SHOW TABLES 'src';
-set hive.metastore.ds.connection.url.hook=org.apache.hadoop.hive.contrib.metastore.hooks.TestURLHook;
-SHOW TABLES 'src';
-SHOW TABLES 'src';
-set hive.metastore.force.reload.conf=false;
-set hive.metastore.ds.connection.url.hook=;
-SHOW TABLES 'src';
diff --git contrib/src/test/queries/clientpositive/url_hook.q contrib/src/test/queries/clientpositive/url_hook.q
new file mode 100644
index 0000000..db21432
--- /dev/null
+++ contrib/src/test/queries/clientpositive/url_hook.q
@@ -0,0 +1,6 @@
+add jar ${system:maven.local.repository}/org/apache/hive/hive-contrib/${system:hive.version}/hive-contrib-${system:hive.version}.jar;
+SHOW TABLES 'src';
+
+set hive.metastore.ds.connection.url.hook=org.apache.hadoop.hive.contrib.metastore.hooks.TestURLHook;
+-- changes to dummy derby store.. should return empty result
+SHOW TABLES 'src';
diff --git contrib/src/test/results/clientnegative/url_hook.q.out contrib/src/test/results/clientnegative/url_hook.q.out
deleted file mode 100644
index 601fd93..0000000
--- contrib/src/test/results/clientnegative/url_hook.q.out
+++ /dev/null
@@ -1,8 +0,0 @@
-PREHOOK: query: SHOW TABLES 'src'
-PREHOOK: type: SHOWTABLES
-POSTHOOK: query: SHOW TABLES 'src'
-POSTHOOK: type: SHOWTABLES
-src
-PREHOOK: query: SHOW TABLES 'src'
-PREHOOK: type: SHOWTABLES
-FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. Database does not exist: default
diff --git contrib/src/test/results/clientpositive/url_hook.q.out contrib/src/test/results/clientpositive/url_hook.q.out
new file mode 100644
index 0000000..971da8e
--- /dev/null
+++ contrib/src/test/results/clientpositive/url_hook.q.out
@@ -0,0 +1,11 @@
+PREHOOK: query: SHOW TABLES 'src'
+PREHOOK: type: SHOWTABLES
+POSTHOOK: query: SHOW TABLES 'src'
+POSTHOOK: type: SHOWTABLES
+src
+PREHOOK: query: -- changes to dummy derby store.. should return empty result
+SHOW TABLES 'src'
+PREHOOK: type: SHOWTABLES
+POSTHOOK: query: -- changes to dummy derby store.. should return empty result
+SHOW TABLES 'src'
+POSTHOOK: type: SHOWTABLES
diff --git data/conf/hive-site.xml data/conf/hive-site.xml
index fe8080a..128e08f 100644
--- data/conf/hive-site.xml
+++ data/conf/hive-site.xml
@@ -240,4 +240,9 @@
minimal
+
+ hive.users.in.admin.role
+ hive_admin_user
+
+
diff --git itests/hive-unit/src/main/java/org/apache/hive/jdbc/miniHS2/MiniHS2.java itests/hive-unit/src/main/java/org/apache/hive/jdbc/miniHS2/MiniHS2.java
index e8d405d..4502439 100644
--- itests/hive-unit/src/main/java/org/apache/hive/jdbc/miniHS2/MiniHS2.java
+++ itests/hive-unit/src/main/java/org/apache/hive/jdbc/miniHS2/MiniHS2.java
@@ -178,7 +178,6 @@ private MiniHS2(HiveConf hiveConf, boolean useMiniMR, boolean useMiniKdc, String
hiveConf.setVar(ConfVars.HIVE_SERVER2_THRIFT_BIND_HOST, getHost());
hiveConf.setIntVar(ConfVars.HIVE_SERVER2_THRIFT_PORT, getBinaryPort());
hiveConf.setIntVar(ConfVars.HIVE_SERVER2_THRIFT_HTTP_PORT, getHttpPort());
- HiveMetaStore.HMSHandler.resetDefaultDBFlag();
Path scratchDir = new Path(baseDfsDir, "scratch");
fs.mkdirs(scratchDir);
diff --git itests/hive-unit/src/test/java/org/apache/hadoop/hive/metastore/TestMetastoreVersion.java itests/hive-unit/src/test/java/org/apache/hadoop/hive/metastore/TestMetastoreVersion.java
index 0bb022e..95c1413 100644
--- itests/hive-unit/src/test/java/org/apache/hadoop/hive/metastore/TestMetastoreVersion.java
+++ itests/hive-unit/src/test/java/org/apache/hadoop/hive/metastore/TestMetastoreVersion.java
@@ -42,9 +42,9 @@
@Override
protected void setUp() throws Exception {
super.setUp();
- Field defDb = HiveMetaStore.HMSHandler.class.getDeclaredField("createDefaultDB");
+ Field defDb = HiveMetaStore.HMSHandler.class.getDeclaredField("currentUrl");
defDb.setAccessible(true);
- defDb.setBoolean(null, false);
+ defDb.set(null, null);
hiveConf = new HiveConf(this.getClass());
System.setProperty("hive.metastore.event.listeners",
DummyListener.class.getName());
diff --git itests/util/src/main/java/org/apache/hadoop/hive/ql/QTestUtil.java itests/util/src/main/java/org/apache/hadoop/hive/ql/QTestUtil.java
index 2fefa06..ccfb58f 100644
--- itests/util/src/main/java/org/apache/hadoop/hive/ql/QTestUtil.java
+++ itests/util/src/main/java/org/apache/hadoop/hive/ql/QTestUtil.java
@@ -1738,10 +1738,10 @@ public void failed(int ecode, String fname, String debugHint) {
(command != null ? " running " + command : "") + (debugHint != null ? debugHint : ""));
}
+ // for negative tests, which is succeeded.. no need to print the query string
public void failed(String fname, String debugHint) {
- String command = SessionState.get() != null ? SessionState.get().getLastCommand() : null;
Assert.fail("Client Execution was expected to fail, but succeeded with error code 0 " +
- (command != null ? " running " + command : "") + (debugHint != null ? debugHint : ""));
+ (debugHint != null ? debugHint : ""));
}
public void failedDiff(int ecode, String fname, String debugHint) {
@@ -1755,7 +1755,9 @@ public void failed(Throwable e, String fname, String debugHint) {
e.printStackTrace();
System.err.println("Failed query: " + fname);
System.err.flush();
- Assert.fail("Unexpected exception" + (command != null ? " running " + command : "") +
+ Assert.fail("Unexpected exception " +
+ org.apache.hadoop.util.StringUtils.stringifyException(e) + "\n" +
+ (command != null ? " running " + command : "") +
(debugHint != null ? debugHint : ""));
}
}
diff --git metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java
index 5cc1cd8..b74868b 100644
--- metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java
+++ metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java
@@ -89,7 +89,6 @@
import org.apache.hadoop.hive.metastore.api.GrantRevokePrivilegeResponse;
import org.apache.hadoop.hive.metastore.api.GrantRevokeRoleRequest;
import org.apache.hadoop.hive.metastore.api.GrantRevokeRoleResponse;
-import org.apache.hadoop.hive.metastore.api.GrantRevokeType;
import org.apache.hadoop.hive.metastore.api.HeartbeatRequest;
import org.apache.hadoop.hive.metastore.api.HeartbeatTxnRangeRequest;
import org.apache.hadoop.hive.metastore.api.HeartbeatTxnRangeResponse;
@@ -241,13 +240,12 @@ public TTransport getTransport(TTransport trans) {
public static class HMSHandler extends FacebookBase implements
IHMSHandler {
public static final Log LOG = HiveMetaStore.LOG;
- private static boolean createDefaultDB = false;
- private static boolean defaultRolesCreated = false;
- private static boolean adminUsersAdded = false;
private String rawStoreClassName;
private final HiveConf hiveConf; // stores datastore (jpox) properties,
// right now they come from jpox.properties
+ private static String currentUrl;
+
private Warehouse wh; // hdfs warehouse
private final ThreadLocal threadLocalMS =
new ThreadLocal() {
@@ -316,8 +314,6 @@ private final void logAuditEvent(String cmd) {
address, cmd).toString());
}
- // The next serial number to be assigned
- private boolean checkForDefaultDb;
private static int nextSerialNum = 0;
private static ThreadLocal threadLocalId = new ThreadLocal() {
@Override
@@ -350,10 +346,6 @@ public static Integer get() {
return threadLocalId.get();
}
- public static void resetDefaultDBFlag() {
- createDefaultDB = false;
- }
-
public HMSHandler(String name) throws MetaException {
super(name);
hiveConf = new HiveConf(this.getClass());
@@ -387,8 +379,6 @@ public HiveConf getHiveConf() {
private boolean init() throws MetaException {
rawStoreClassName = hiveConf.getVar(HiveConf.ConfVars.METASTORE_RAW_STORE_IMPL);
- checkForDefaultDb = hiveConf.getBoolean(
- "hive.metastore.checkForDefaultDb", true);
initListeners = MetaStoreUtils.getMetaStoreListeners(
MetaStoreInitListener.class, hiveConf,
hiveConf.getVar(HiveConf.ConfVars.METASTORE_INIT_HOOKS));
@@ -404,9 +394,12 @@ private boolean init() throws MetaException {
wh = new Warehouse(hiveConf);
synchronized (HMSHandler.class) {
- createDefaultDB();
- createDefaultRoles();
- addAdminUsers();
+ if (currentUrl == null || !currentUrl.equals(MetaStoreInit.getConnectionURL(hiveConf))) {
+ createDefaultDB();
+ createDefaultRoles();
+ addAdminUsers();
+ currentUrl = MetaStoreInit.getConnectionURL(hiveConf);
+ }
}
if (hiveConf.getBoolean("hive.metastore.metrics.enabled", false)) {
@@ -517,7 +510,6 @@ private void createDefaultDB_core(RawStore ms) throws MetaException, InvalidObje
db.setOwnerType(PrincipalType.ROLE);
ms.createDatabase(db);
}
- HMSHandler.createDefaultDB = true;
}
/**
@@ -526,9 +518,6 @@ private void createDefaultDB_core(RawStore ms) throws MetaException, InvalidObje
* @throws MetaException
*/
private void createDefaultDB() throws MetaException {
- if (HMSHandler.createDefaultDB || !checkForDefaultDb) {
- return;
- }
try {
createDefaultDB_core(getMS());
} catch (InvalidObjectException e) {
@@ -541,11 +530,6 @@ private void createDefaultDB() throws MetaException {
private void createDefaultRoles() throws MetaException {
- if(defaultRolesCreated) {
- LOG.debug("Admin role already created previously.");
- return;
- }
-
RawStore ms = getMS();
try {
ms.addRole(ADMIN, ADMIN);
@@ -579,16 +563,10 @@ private void createDefaultRoles() throws MetaException {
// Unlikely to be thrown.
LOG.warn("Failed while granting global privs to admin", e);
}
-
- defaultRolesCreated = true;
}
private void addAdminUsers() throws MetaException {
- if(adminUsersAdded) {
- LOG.debug("Admin users already added.");
- return;
- }
// now add pre-configured users to admin role
String userStr = HiveConf.getVar(hiveConf,ConfVars.USERS_IN_ADMIN_ROLE,"").trim();
if (userStr.isEmpty()) {
@@ -623,7 +601,6 @@ private void addAdminUsers() throws MetaException {
LOG.debug(userName + " already in admin role", e);
}
}
- adminUsersAdded = true;
}
private void logInfo(String m) {
diff --git metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStoreClient.java metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStoreClient.java
index d26183b..0890e03 100644
--- metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStoreClient.java
+++ metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStoreClient.java
@@ -34,6 +34,7 @@
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
+import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
@@ -144,6 +145,8 @@
private String tokenStrForm;
private final boolean localMetaStore;
+ private Map currentMetaVars;
+
// for thrift connects
private int retries = 5;
private int retryDelaySeconds = 0;
@@ -171,6 +174,7 @@ public HiveMetaStoreClient(HiveConf conf, HiveMetaHookLoader hookLoader)
// through the network
client = HiveMetaStore.newHMSHandler("hive client", conf);
isConnected = true;
+ snapshotActiveConf();
return;
}
@@ -231,6 +235,25 @@ private void promoteRandomMetaStoreURI() {
}
@Override
+ public boolean isCompatibleWith(HiveConf conf) {
+ if (currentMetaVars == null) {
+ return false; // recreate
+ }
+ boolean compatible = true;
+ for (ConfVars oneVar : HiveConf.metaVars) {
+ // Since metaVars are all of different types, use string for comparison
+ String oldVar = currentMetaVars.get(oneVar.varname);
+ String newVar = conf.get(oneVar.varname, "");
+ if (oldVar == null || !oldVar.equals(newVar)) {
+ LOG.info("Mestastore configuration " + oneVar.varname +
+ " changed from " + oldVar + " to " + newVar);
+ compatible = false;
+ }
+ }
+ return compatible;
+ }
+
+ @Override
public void reconnect() throws MetaException {
if (localMetaStore) {
// For direct DB connections we don't yet support reestablishing connections.
@@ -383,9 +406,19 @@ private void open() throws MetaException {
throw new MetaException("Could not connect to meta store using any of the URIs provided." +
" Most recent failure: " + StringUtils.stringifyException(tte));
}
+
+ snapshotActiveConf();
+
LOG.info("Connected to metastore.");
}
+ private void snapshotActiveConf() {
+ currentMetaVars = new HashMap(HiveConf.metaVars.length);
+ for (ConfVars oneVar : HiveConf.metaVars) {
+ currentMetaVars.put(oneVar.varname, conf.get(oneVar.varname, ""));
+ }
+ }
+
public String getTokenStrForm() throws IOException {
return tokenStrForm;
}
@@ -393,6 +426,7 @@ public String getTokenStrForm() throws IOException {
@Override
public void close() {
isConnected = false;
+ currentMetaVars = null;
try {
if (null != client) {
client.shutdown();
diff --git metastore/src/java/org/apache/hadoop/hive/metastore/IMetaStoreClient.java metastore/src/java/org/apache/hadoop/hive/metastore/IMetaStoreClient.java
index 5add436..d6e849f 100644
--- metastore/src/java/org/apache/hadoop/hive/metastore/IMetaStoreClient.java
+++ metastore/src/java/org/apache/hadoop/hive/metastore/IMetaStoreClient.java
@@ -19,9 +19,9 @@
package org.apache.hadoop.hive.metastore;
import org.apache.hadoop.hive.common.ValidTxnList;
+import org.apache.hadoop.hive.conf.HiveConf;
import org.apache.hadoop.hive.metastore.api.CompactionType;
import org.apache.hadoop.hive.metastore.api.GetOpenTxnsInfoResponse;
-import org.apache.hadoop.hive.metastore.api.GetOpenTxnsResponse;
import org.apache.hadoop.hive.metastore.api.HeartbeatTxnRangeResponse;
import org.apache.hadoop.hive.metastore.api.LockRequest;
import org.apache.hadoop.hive.metastore.api.LockResponse;
@@ -41,19 +41,14 @@
import org.apache.hadoop.hive.metastore.api.AlreadyExistsException;
import org.apache.hadoop.hive.metastore.api.ColumnStatistics;
import org.apache.hadoop.hive.metastore.api.ColumnStatisticsObj;
-import org.apache.hadoop.hive.metastore.api.CompactionType;
import org.apache.hadoop.hive.metastore.api.ConfigValSecurityException;
import org.apache.hadoop.hive.metastore.api.Database;
import org.apache.hadoop.hive.metastore.api.FieldSchema;
import org.apache.hadoop.hive.metastore.api.Function;
-import org.apache.hadoop.hive.metastore.api.GetOpenTxnsInfoResponse;
-import org.apache.hadoop.hive.metastore.api.GetOpenTxnsResponse;
import org.apache.hadoop.hive.metastore.api.GetPrincipalsInRoleRequest;
import org.apache.hadoop.hive.metastore.api.GetPrincipalsInRoleResponse;
import org.apache.hadoop.hive.metastore.api.GetRoleGrantsForPrincipalRequest;
import org.apache.hadoop.hive.metastore.api.GetRoleGrantsForPrincipalResponse;
-import org.apache.hadoop.hive.metastore.api.GrantRevokePrivilegeRequest;
-import org.apache.hadoop.hive.metastore.api.GrantRevokePrivilegeResponse;
import org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege;
import org.apache.hadoop.hive.metastore.api.HiveObjectRef;
import org.apache.hadoop.hive.metastore.api.Index;
@@ -61,28 +56,18 @@
import org.apache.hadoop.hive.metastore.api.InvalidObjectException;
import org.apache.hadoop.hive.metastore.api.InvalidOperationException;
import org.apache.hadoop.hive.metastore.api.InvalidPartitionException;
-import org.apache.hadoop.hive.metastore.api.LockRequest;
-import org.apache.hadoop.hive.metastore.api.LockResponse;
import org.apache.hadoop.hive.metastore.api.MetaException;
-import org.apache.hadoop.hive.metastore.api.NoSuchLockException;
import org.apache.hadoop.hive.metastore.api.NoSuchObjectException;
-import org.apache.hadoop.hive.metastore.api.NoSuchTxnException;
-import org.apache.hadoop.hive.metastore.api.OpenTxnsResponse;
import org.apache.hadoop.hive.metastore.api.Partition;
import org.apache.hadoop.hive.metastore.api.PartitionEventType;
import org.apache.hadoop.hive.metastore.api.PrincipalPrivilegeSet;
import org.apache.hadoop.hive.metastore.api.PrincipalType;
import org.apache.hadoop.hive.metastore.api.PrivilegeBag;
import org.apache.hadoop.hive.metastore.api.Role;
-import org.apache.hadoop.hive.metastore.api.ShowCompactResponse;
-import org.apache.hadoop.hive.metastore.api.ShowLocksResponse;
import org.apache.hadoop.hive.metastore.api.Table;
-import org.apache.hadoop.hive.metastore.api.TxnAbortedException;
-import org.apache.hadoop.hive.metastore.api.TxnOpenException;
import org.apache.hadoop.hive.metastore.api.UnknownDBException;
import org.apache.hadoop.hive.metastore.api.UnknownPartitionException;
import org.apache.hadoop.hive.metastore.api.UnknownTableException;
-import org.apache.thrift.TException;
/**
* TODO Unnecessary when the server sides for both dbstore and filestore are
@@ -91,6 +76,12 @@
public interface IMetaStoreClient {
/**
+ * Returns whether current client is convertible with conf or not
+ * @return
+ */
+ public boolean isCompatibleWith(HiveConf conf);
+
+ /**
* Tries to reconnect this MetaStoreClient to the MetaStore.
*/
public void reconnect() throws MetaException;
diff --git metastore/src/java/org/apache/hadoop/hive/metastore/RawStoreProxy.java metastore/src/java/org/apache/hadoop/hive/metastore/RawStoreProxy.java
index 1cf09d4..7c9bedb 100644
--- metastore/src/java/org/apache/hadoop/hive/metastore/RawStoreProxy.java
+++ metastore/src/java/org/apache/hadoop/hive/metastore/RawStoreProxy.java
@@ -26,8 +26,6 @@
import java.util.List;
import org.apache.commons.lang.ClassUtils;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hive.common.classification.InterfaceAudience;
import org.apache.hadoop.hive.common.classification.InterfaceStability;
@@ -55,7 +53,7 @@ protected RawStoreProxy(HiveConf hiveConf, Configuration conf,
// This has to be called before initializing the instance of RawStore
init();
- this.base = (RawStore) ReflectionUtils.newInstance(rawStoreClass, conf);
+ this.base = ReflectionUtils.newInstance(rawStoreClass, conf);
}
public static RawStore getProxy(HiveConf hiveConf, Configuration conf, String rawStoreClassName,
@@ -96,14 +94,6 @@ private void initMS() {
public Object invoke(Object proxy, Method method, Object[] args) throws Throwable {
Object ret = null;
- boolean reloadConf = HiveConf.getBoolVar(hiveConf,
- HiveConf.ConfVars.METASTOREFORCERELOADCONF);
-
- if (reloadConf) {
- MetaStoreInit.updateConnectionURL(hiveConf, getConf(), null, metaStoreInitData);
- initMS();
- }
-
try {
ret = method.invoke(base, args);
} catch (UndeclaredThrowableException e) {
diff --git ql/src/java/org/apache/hadoop/hive/ql/metadata/Hive.java ql/src/java/org/apache/hadoop/hive/ql/metadata/Hive.java
index 81323f6..a7e50ad 100644
--- ql/src/java/org/apache/hadoop/hive/ql/metadata/Hive.java
+++ ql/src/java/org/apache/hadoop/hive/ql/metadata/Hive.java
@@ -43,6 +43,7 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.FileStatus;
import org.apache.hadoop.fs.FileSystem;
import org.apache.hadoop.fs.Path;
@@ -141,6 +142,10 @@ public synchronized void remove() {
}
};
+ public static Hive get(Configuration c, Class> clazz) throws HiveException {
+ return get(c instanceof HiveConf ? (HiveConf)c : new HiveConf(c, clazz));
+ }
+
/**
* Gets hive object for the current thread. If one is not initialized then a
* new one is created If the new configuration is different in metadata conf
@@ -153,20 +158,13 @@ public synchronized void remove() {
*
*/
public static Hive get(HiveConf c) throws HiveException {
- boolean needsRefresh = false;
Hive db = hiveDB.get();
- if (db != null) {
- for (HiveConf.ConfVars oneVar : HiveConf.metaVars) {
- // Since metaVars are all of different types, use string for comparison
- String oldVar = db.getConf().get(oneVar.varname, "");
- String newVar = c.get(oneVar.varname, "");
- if (oldVar.compareToIgnoreCase(newVar) != 0) {
- needsRefresh = true;
- break;
- }
- }
+ if (db == null ||
+ (db.metaStoreClient != null && !db.metaStoreClient.isCompatibleWith(c))) {
+ return get(c, true);
}
- return get(c, needsRefresh);
+ db.conf = c;
+ return db;
}
/**
@@ -195,7 +193,8 @@ public static Hive get(HiveConf c, boolean needsRefresh) throws HiveException {
public static Hive get() throws HiveException {
Hive db = hiveDB.get();
if (db == null) {
- db = new Hive(new HiveConf(Hive.class));
+ SessionState session = SessionState.get();
+ db = new Hive(session == null ? new HiveConf(Hive.class) : session.getConf());
hiveDB.set(db);
}
return db;
diff --git ql/src/java/org/apache/hadoop/hive/ql/security/authorization/DefaultHiveAuthorizationProvider.java ql/src/java/org/apache/hadoop/hive/ql/security/authorization/DefaultHiveAuthorizationProvider.java
index 2fa512c..f26d1a2 100644
--- ql/src/java/org/apache/hadoop/hive/ql/security/authorization/DefaultHiveAuthorizationProvider.java
+++ ql/src/java/org/apache/hadoop/hive/ql/security/authorization/DefaultHiveAuthorizationProvider.java
@@ -19,7 +19,6 @@
package org.apache.hadoop.hive.ql.security.authorization;
import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.hive.conf.HiveConf;
import org.apache.hadoop.hive.ql.metadata.Hive;
import org.apache.hadoop.hive.ql.metadata.HiveException;
@@ -27,7 +26,7 @@
BitSetCheckedAuthorizationProvider {
public void init(Configuration conf) throws HiveException {
- hive_db = new HiveProxy(Hive.get(new HiveConf(conf, HiveAuthorizationProvider.class)));
+ hive_db = new HiveProxy(Hive.get(conf, HiveAuthorizationProvider.class));
}
}
diff --git ql/src/java/org/apache/hadoop/hive/ql/security/authorization/StorageBasedAuthorizationProvider.java ql/src/java/org/apache/hadoop/hive/ql/security/authorization/StorageBasedAuthorizationProvider.java
index 0dfd997..f803cc4 100644
--- ql/src/java/org/apache/hadoop/hive/ql/security/authorization/StorageBasedAuthorizationProvider.java
+++ ql/src/java/org/apache/hadoop/hive/ql/security/authorization/StorageBasedAuthorizationProvider.java
@@ -35,7 +35,6 @@
import org.apache.hadoop.fs.permission.FsAction;
import org.apache.hadoop.fs.permission.FsPermission;
import org.apache.hadoop.hdfs.DFSConfigKeys;
-import org.apache.hadoop.hive.conf.HiveConf;
import org.apache.hadoop.hive.metastore.HiveMetaStore.HMSHandler;
import org.apache.hadoop.hive.metastore.Warehouse;
import org.apache.hadoop.hive.metastore.api.Database;
@@ -83,7 +82,7 @@ private void initWh() throws MetaException, HiveException {
// till we explicitly initialize it as being from the client side. So, we have a
// chicken-and-egg problem. So, we now track whether or not we're running from client-side
// in the SBAP itself.
- hive_db = new HiveProxy(Hive.get(new HiveConf(getConf(), StorageBasedAuthorizationProvider.class)));
+ hive_db = new HiveProxy(Hive.get(getConf(), StorageBasedAuthorizationProvider.class));
this.wh = new Warehouse(getConf());
if (this.wh == null){
// If wh is still null after just having initialized it, bail out - something's very wrong.
@@ -117,7 +116,7 @@ public void authorize(Privilege[] readRequiredPriv, Privilege[] writeRequiredPri
// Update to previous comment: there does seem to be one place that uses this
// and that is to authorize "show databases" in hcat commandline, which is used
- // by webhcat. And user-level auth seems to be a resonable default in this case.
+ // by webhcat. And user-level auth seems to be a reasonable default in this case.
// The now deprecated HdfsAuthorizationProvider in hcatalog approached this in
// another way, and that was to see if the user had said above appropriate requested
// privileges for the hive root warehouse directory. That seems to be the best
diff --git ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveRoleGrant.java ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveRoleGrant.java
index ce07f32..eb3bd8e 100644
--- ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveRoleGrant.java
+++ ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveRoleGrant.java
@@ -123,5 +123,7 @@ public int compareTo(HiveRoleGrant other) {
}
-
+ public String toString() {
+ return roleName + "[" + principalName + ":" + principalType + (grantOption ? ":WITH GRANT]" : "]");
+ }
}
diff --git ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java
index ce12edb..63d658d 100644
--- ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java
+++ ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java
@@ -105,6 +105,7 @@ private void initUserRoles() throws HiveAuthzPluginException {
}
this.currentUserName = newUserName;
this.currentRoles = getRolesFromMS();
+ LOG.info("Current user : " + currentUserName + ", Current Roles : " + currentRoles);
}
private List getRolesFromMS() throws HiveAuthzPluginException {
@@ -114,7 +115,7 @@ private void initUserRoles() throws HiveAuthzPluginException {
getAllRoleAncestors(name2Rolesmap, roles);
List currentRoles = new ArrayList(roles.size());
for (HiveRoleGrant role : name2Rolesmap.values()) {
- if (!HiveMetaStore.ADMIN.equalsIgnoreCase(role.getRoleName())) {
+ if (!HiveMetaStore.ADMIN.equals(role.getRoleName())) {
currentRoles.add(role);
} else {
this.adminRole = role;
@@ -532,6 +533,7 @@ public void setCurrentRole(String roleName) throws HiveAccessControlException,
currentRoles.add(adminRole);
return;
}
+ LOG.info("Current user : " + currentUserName + ", Current Roles : " + currentRoles);
// If we are here it means, user is requesting a role he doesn't belong to.
throw new HiveAccessControlException(currentUserName +" doesn't belong to role "
+roleName);
diff --git ql/src/test/org/apache/hadoop/hive/ql/metadata/TestHive.java ql/src/test/org/apache/hadoop/hive/ql/metadata/TestHive.java
index d218271..98c2924 100755
--- ql/src/test/org/apache/hadoop/hive/ql/metadata/TestHive.java
+++ ql/src/test/org/apache/hadoop/hive/ql/metadata/TestHive.java
@@ -509,6 +509,7 @@ public void testIndex() throws Throwable {
public void testHiveRefreshOnConfChange() throws Throwable{
Hive prevHiveObj = Hive.get();
+ prevHiveObj.getDatabaseCurrent();
Hive newHiveObj;
//if HiveConf has not changed, same object should be returned
@@ -522,6 +523,7 @@ public void testHiveRefreshOnConfChange() throws Throwable{
//if HiveConf has changed, new object should be returned
prevHiveObj = Hive.get();
+ prevHiveObj.getDatabaseCurrent();
//change value of a metavar config param in new hive conf
newHconf = new HiveConf(hiveConf);
newHconf.setIntVar(ConfVars.METASTORETHRIFTCONNECTIONRETRIES,
diff --git ql/src/test/queries/clientnegative/authorization_cannot_create_all_role.q ql/src/test/queries/clientnegative/authorization_cannot_create_all_role.q
index de91e91..9bbd655 100644
--- ql/src/test/queries/clientnegative/authorization_cannot_create_all_role.q
+++ ql/src/test/queries/clientnegative/authorization_cannot_create_all_role.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
set user.name=hive_admin_user;
diff --git ql/src/test/queries/clientnegative/authorization_cannot_create_default_role.q ql/src/test/queries/clientnegative/authorization_cannot_create_default_role.q
index 42a42f6..32045e4 100644
--- ql/src/test/queries/clientnegative/authorization_cannot_create_default_role.q
+++ ql/src/test/queries/clientnegative/authorization_cannot_create_default_role.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
set user.name=hive_admin_user;
diff --git ql/src/test/queries/clientnegative/authorization_cannot_create_none_role.q ql/src/test/queries/clientnegative/authorization_cannot_create_none_role.q
index 0d14cde..42369d8 100644
--- ql/src/test/queries/clientnegative/authorization_cannot_create_none_role.q
+++ ql/src/test/queries/clientnegative/authorization_cannot_create_none_role.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
set user.name=hive_admin_user;
diff --git ql/src/test/queries/clientnegative/authorization_caseinsensitivity.q ql/src/test/queries/clientnegative/authorization_caseinsensitivity.q
index d5ea284..7b47b65 100644
--- ql/src/test/queries/clientnegative/authorization_caseinsensitivity.q
+++ ql/src/test/queries/clientnegative/authorization_caseinsensitivity.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
set user.name=hive_admin_user;
diff --git ql/src/test/queries/clientnegative/authorization_drop_db_cascade.q ql/src/test/queries/clientnegative/authorization_drop_db_cascade.q
index edeae9b..78ec078 100644
--- ql/src/test/queries/clientnegative/authorization_drop_db_cascade.q
+++ ql/src/test/queries/clientnegative/authorization_drop_db_cascade.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
set hive.security.authorization.enabled=true;
diff --git ql/src/test/queries/clientnegative/authorization_drop_db_empty.q ql/src/test/queries/clientnegative/authorization_drop_db_empty.q
index 46d4d0f..993a2a3 100644
--- ql/src/test/queries/clientnegative/authorization_drop_db_empty.q
+++ ql/src/test/queries/clientnegative/authorization_drop_db_empty.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
set hive.security.authorization.enabled=true;
diff --git ql/src/test/queries/clientnegative/authorization_drop_role_no_admin.q ql/src/test/queries/clientnegative/authorization_drop_role_no_admin.q
index a7aa17f..2593e9e 100644
--- ql/src/test/queries/clientnegative/authorization_drop_role_no_admin.q
+++ ql/src/test/queries/clientnegative/authorization_drop_role_no_admin.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
set user.name=hive_admin_user;
diff --git ql/src/test/queries/clientnegative/authorization_priv_current_role_neg.q ql/src/test/queries/clientnegative/authorization_priv_current_role_neg.q
index 463358a..29a06a8 100644
--- ql/src/test/queries/clientnegative/authorization_priv_current_role_neg.q
+++ ql/src/test/queries/clientnegative/authorization_priv_current_role_neg.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
set user.name=hive_admin_user;
diff --git ql/src/test/queries/clientnegative/authorization_role_cycles1.q ql/src/test/queries/clientnegative/authorization_role_cycles1.q
index a819d20..fa3fc19 100644
--- ql/src/test/queries/clientnegative/authorization_role_cycles1.q
+++ ql/src/test/queries/clientnegative/authorization_role_cycles1.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
set user.name=hive_admin_user;
diff --git ql/src/test/queries/clientnegative/authorization_role_cycles2.q ql/src/test/queries/clientnegative/authorization_role_cycles2.q
index 423f030..069a663 100644
--- ql/src/test/queries/clientnegative/authorization_role_cycles2.q
+++ ql/src/test/queries/clientnegative/authorization_role_cycles2.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
diff --git ql/src/test/queries/clientnegative/authorization_role_grant.q ql/src/test/queries/clientnegative/authorization_role_grant.q
index c5c500a..3f1a7b8 100644
--- ql/src/test/queries/clientnegative/authorization_role_grant.q
+++ ql/src/test/queries/clientnegative/authorization_role_grant.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
set user.name=hive_admin_user;
diff --git ql/src/test/queries/clientnegative/authorization_role_grant2.q ql/src/test/queries/clientnegative/authorization_role_grant2.q
index 7fdf157..7d439cb 100644
--- ql/src/test/queries/clientnegative/authorization_role_grant2.q
+++ ql/src/test/queries/clientnegative/authorization_role_grant2.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
set user.name=hive_admin_user;
diff --git ql/src/test/queries/clientnegative/authorization_role_grant_nosuchrole.q ql/src/test/queries/clientnegative/authorization_role_grant_nosuchrole.q
index f456165..51ca345 100644
--- ql/src/test/queries/clientnegative/authorization_role_grant_nosuchrole.q
+++ ql/src/test/queries/clientnegative/authorization_role_grant_nosuchrole.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
set user.name=hive_admin_user;
diff --git ql/src/test/queries/clientnegative/authorization_role_grant_otherrole.q ql/src/test/queries/clientnegative/authorization_role_grant_otherrole.q
index f91abdb..9440c45 100644
--- ql/src/test/queries/clientnegative/authorization_role_grant_otherrole.q
+++ ql/src/test/queries/clientnegative/authorization_role_grant_otherrole.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
diff --git ql/src/test/queries/clientnegative/authorization_role_grant_otheruser.q ql/src/test/queries/clientnegative/authorization_role_grant_otheruser.q
index a530043..1db2806 100644
--- ql/src/test/queries/clientnegative/authorization_role_grant_otheruser.q
+++ ql/src/test/queries/clientnegative/authorization_role_grant_otheruser.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
diff --git ql/src/test/queries/clientnegative/authorization_rolehierarchy_privs.q ql/src/test/queries/clientnegative/authorization_rolehierarchy_privs.q
index d9f4c7c..8bb776e 100644
--- ql/src/test/queries/clientnegative/authorization_rolehierarchy_privs.q
+++ ql/src/test/queries/clientnegative/authorization_rolehierarchy_privs.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
set hive.security.authorization.enabled=true;
diff --git ql/src/test/queries/clientnegative/authorization_set_role_neg2.q ql/src/test/queries/clientnegative/authorization_set_role_neg2.q
index 03f748f..a810f1a 100644
--- ql/src/test/queries/clientnegative/authorization_set_role_neg2.q
+++ ql/src/test/queries/clientnegative/authorization_set_role_neg2.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
set user.name=hive_admin_user;
diff --git ql/src/test/queries/clientnegative/authorization_show_grant_otherrole.q ql/src/test/queries/clientnegative/authorization_show_grant_otherrole.q
index a709d16..e131766 100644
--- ql/src/test/queries/clientnegative/authorization_show_grant_otherrole.q
+++ ql/src/test/queries/clientnegative/authorization_show_grant_otherrole.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
set hive.security.authorization.enabled=true;
diff --git ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_all.q ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_all.q
index 2073cda..4ef501d 100644
--- ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_all.q
+++ ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_all.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
set hive.security.authorization.enabled=true;
diff --git ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_alltabs.q ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_alltabs.q
index 672b81b..8cfc790 100644
--- ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_alltabs.q
+++ ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_alltabs.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
set hive.security.authorization.enabled=true;
diff --git ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_wtab.q ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_wtab.q
index 7d95a9d..4c3892c 100644
--- ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_wtab.q
+++ ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_wtab.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
set hive.security.authorization.enabled=true;
diff --git ql/src/test/queries/clientpositive/authorization_1_sql_std.q ql/src/test/queries/clientpositive/authorization_1_sql_std.q
index 381937c..34a9b68 100644
--- ql/src/test/queries/clientpositive/authorization_1_sql_std.q
+++ ql/src/test/queries/clientpositive/authorization_1_sql_std.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
set user.name=hive_admin_user;
diff --git ql/src/test/queries/clientpositive/authorization_admin_almighty1.q ql/src/test/queries/clientpositive/authorization_admin_almighty1.q
index 45c4a7d..380f506 100644
--- ql/src/test/queries/clientpositive/authorization_admin_almighty1.q
+++ ql/src/test/queries/clientpositive/authorization_admin_almighty1.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
set user.name=hive_test_user;
diff --git ql/src/test/queries/clientpositive/authorization_admin_almighty2.q ql/src/test/queries/clientpositive/authorization_admin_almighty2.q
index ce99670..ba43e40 100644
--- ql/src/test/queries/clientpositive/authorization_admin_almighty2.q
+++ ql/src/test/queries/clientpositive/authorization_admin_almighty2.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactory;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
set user.name=hive_admin_user;
diff --git ql/src/test/queries/clientpositive/authorization_create_func1.q ql/src/test/queries/clientpositive/authorization_create_func1.q
index 65a7b33..1f48deb 100644
--- ql/src/test/queries/clientpositive/authorization_create_func1.q
+++ ql/src/test/queries/clientpositive/authorization_create_func1.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
set hive.security.authorization.enabled=true;
diff --git ql/src/test/queries/clientpositive/authorization_create_macro1.q ql/src/test/queries/clientpositive/authorization_create_macro1.q
index fb60500..741fa92 100644
--- ql/src/test/queries/clientpositive/authorization_create_macro1.q
+++ ql/src/test/queries/clientpositive/authorization_create_macro1.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
set hive.security.authorization.enabled=true;
diff --git ql/src/test/queries/clientpositive/authorization_insert.q ql/src/test/queries/clientpositive/authorization_insert.q
index 6cce469..c1e4c1f 100644
--- ql/src/test/queries/clientpositive/authorization_insert.q
+++ ql/src/test/queries/clientpositive/authorization_insert.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
diff --git ql/src/test/queries/clientpositive/authorization_owner_actions_db.q ql/src/test/queries/clientpositive/authorization_owner_actions_db.q
index 36ab260..14a8d7c 100644
--- ql/src/test/queries/clientpositive/authorization_owner_actions_db.q
+++ ql/src/test/queries/clientpositive/authorization_owner_actions_db.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
set hive.security.authorization.enabled=true;
diff --git ql/src/test/queries/clientpositive/authorization_role_grant1.q ql/src/test/queries/clientpositive/authorization_role_grant1.q
index c062ef2..1e8a6af 100644
--- ql/src/test/queries/clientpositive/authorization_role_grant1.q
+++ ql/src/test/queries/clientpositive/authorization_role_grant1.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
set user.name=hive_admin_user;
diff --git ql/src/test/queries/clientpositive/authorization_role_grant2.q ql/src/test/queries/clientpositive/authorization_role_grant2.q
index 34e19a2..d87d96f 100644
--- ql/src/test/queries/clientpositive/authorization_role_grant2.q
+++ ql/src/test/queries/clientpositive/authorization_role_grant2.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
diff --git ql/src/test/queries/clientpositive/authorization_set_show_current_role.q ql/src/test/queries/clientpositive/authorization_set_show_current_role.q
index 6b5af6e..4132370 100644
--- ql/src/test/queries/clientpositive/authorization_set_show_current_role.q
+++ ql/src/test/queries/clientpositive/authorization_set_show_current_role.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
set user.name=hive_admin_user;
diff --git ql/src/test/queries/clientpositive/authorization_show_grant.q ql/src/test/queries/clientpositive/authorization_show_grant.q
index 5f7a33b..bad1f07 100644
--- ql/src/test/queries/clientpositive/authorization_show_grant.q
+++ ql/src/test/queries/clientpositive/authorization_show_grant.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
set hive.security.authorization.enabled=true;
diff --git ql/src/test/queries/clientpositive/authorization_view_sqlstd.q ql/src/test/queries/clientpositive/authorization_view_sqlstd.q
index b04f6d6..91acd39 100644
--- ql/src/test/queries/clientpositive/authorization_view_sqlstd.q
+++ ql/src/test/queries/clientpositive/authorization_view_sqlstd.q
@@ -1,4 +1,3 @@
-set hive.users.in.admin.role=hive_admin_user;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
set hive.security.authorization.enabled=true;