diff --git a/ql/src/java/org/apache/hadoop/hive/ql/Driver.java b/ql/src/java/org/apache/hadoop/hive/ql/Driver.java index 218b9c8..9bf289a 100644 --- a/ql/src/java/org/apache/hadoop/hive/ql/Driver.java +++ b/ql/src/java/org/apache/hadoop/hive/ql/Driver.java @@ -38,6 +38,7 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.hadoop.fs.FSDataInputStream; +import org.apache.hadoop.fs.Path; import org.apache.hadoop.hive.common.ValidTxnList; import org.apache.hadoop.hive.conf.HiveConf; import org.apache.hadoop.hive.conf.HiveConf.ConfVars; @@ -107,6 +108,7 @@ import org.apache.hadoop.hive.ql.processors.CommandProcessorResponse; import org.apache.hadoop.hive.ql.security.authorization.AuthorizationUtils; import org.apache.hadoop.hive.ql.security.authorization.HiveAuthorizationProvider; +import org.apache.hadoop.hive.ql.security.authorization.StorageBasedAuthorizationProvider; import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzContext; import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveOperationType; import org.apache.hadoop.hive.ql.security.authorization.plugin.HivePrivilegeObject; @@ -590,8 +592,40 @@ public static void doAuthorization(BaseSemanticAnalyzer sem, String command) } HiveAuthorizationProvider authorizer = ss.getAuthorizer(); if (op.equals(HiveOperation.CREATEDATABASE)) { - authorizer.authorize( - op.getInputRequiredPrivileges(), op.getOutputRequiredPrivileges()); + Path path = null; + String cmd = ss.getCmd().trim().toLowerCase(); + StringBuilder standardCmd = new StringBuilder();// Remove extra spaces + boolean space = false; + for (int i = 0; i < cmd.length(); i++) { + if (cmd.charAt(i) != ' ') { + space = false; + standardCmd.append(cmd.charAt(i)); + } else if (!space) { + space = true; + standardCmd.append(cmd.charAt(i)); + } + } + String[] elements = standardCmd.toString().split(" "); + for (int i = 0; i < elements.length; i++) { + if (elements[i].equals("location") + && ((i + 1) < elements.length) + && (elements[i + 1].startsWith("'") || elements[i + 1] + .startsWith("\""))) { + if (elements[i + 1].length() > 1) { + path = new Path(elements[i + 1].substring(1, + elements[i + 1].length() - 1)); + } + } + } + if (path != null + && ss.getAuthorizer() instanceof StorageBasedAuthorizationProvider) { + ((StorageBasedAuthorizationProvider) ss.getAuthorizer()).authorize( + path, op.getInputRequiredPrivileges(), + op.getOutputRequiredPrivileges()); + } else { + ss.getAuthorizer().authorize(op.getInputRequiredPrivileges(), + op.getOutputRequiredPrivileges()); + } } else if (op.equals(HiveOperation.CREATETABLE_AS_SELECT) || op.equals(HiveOperation.CREATETABLE)) { authorizer.authorize(