diff --git a/ql/src/java/org/apache/hadoop/hive/ql/parse/DDLSemanticAnalyzer.java b/ql/src/java/org/apache/hadoop/hive/ql/parse/DDLSemanticAnalyzer.java index 9355d25..9329e00 100644 --- a/ql/src/java/org/apache/hadoop/hive/ql/parse/DDLSemanticAnalyzer.java +++ b/ql/src/java/org/apache/hadoop/hive/ql/parse/DDLSemanticAnalyzer.java @@ -761,7 +761,6 @@ private void analyzeExchangePartition(String[] qualified, ASTNode ast) throws Se alterTableExchangePartition), conf)); inputs.add(new ReadEntity(sourceTable)); - outputs.add(new WriteEntity(sourceTable, WriteType.DDL_SHARED)); outputs.add(new WriteEntity(destTable, WriteType.DDL_SHARED)); } diff --git a/ql/src/java/org/apache/hadoop/hive/ql/parse/SemanticAnalyzerFactory.java b/ql/src/java/org/apache/hadoop/hive/ql/parse/SemanticAnalyzerFactory.java index efb0ef0..cc731bf 100644 --- a/ql/src/java/org/apache/hadoop/hive/ql/parse/SemanticAnalyzerFactory.java +++ b/ql/src/java/org/apache/hadoop/hive/ql/parse/SemanticAnalyzerFactory.java @@ -61,7 +61,8 @@ commandType.put(HiveParser.TOK_ALTERTABLE_UNARCHIVE, HiveOperation.ALTERTABLE_UNARCHIVE); commandType.put(HiveParser.TOK_ALTERTABLE_PROPERTIES, HiveOperation.ALTERTABLE_PROPERTIES); commandType.put(HiveParser.TOK_ALTERTABLE_DROPPROPERTIES, HiveOperation.ALTERTABLE_PROPERTIES); - commandType.put(HiveParser.TOK_ALTERTABLE_EXCHANGEPARTITION, HiveOperation.ALTERTABLE_EXCHANGEPARTITION); + commandType.put(HiveParser.TOK_ALTERTABLE_EXCHANGEPARTITION, + HiveOperation.ALTERTABLE_EXCHANGEPARTITION); commandType.put(HiveParser.TOK_ALTERTABLE_DROPCONSTRAINT, HiveOperation.ALTERTABLE_DROPCONSTRAINT); commandType.put(HiveParser.TOK_ALTERTABLE_ADDCONSTRAINT, HiveOperation.ALTERTABLE_ADDCONSTRAINT); commandType.put(HiveParser.TOK_SHOWDATABASES, HiveOperation.SHOWDATABASES); diff --git a/ql/src/java/org/apache/hadoop/hive/ql/plan/HiveOperation.java b/ql/src/java/org/apache/hadoop/hive/ql/plan/HiveOperation.java index c2895dc..d2746ae 100644 --- a/ql/src/java/org/apache/hadoop/hive/ql/plan/HiveOperation.java +++ b/ql/src/java/org/apache/hadoop/hive/ql/plan/HiveOperation.java @@ -114,7 +114,9 @@ ALTERTBLPART_SKEWED_LOCATION("ALTERTBLPART_SKEWED_LOCATION", new Privilege[] {Privilege.ALTER_DATA}, null), ALTERTABLE_PARTCOLTYPE("ALTERTABLE_PARTCOLTYPE", new Privilege[] { Privilege.SELECT }, new Privilege[] { Privilege.ALTER_DATA }), - ALTERTABLE_EXCHANGEPARTITION("ALTERTABLE_EXCHANGEPARTITION", null, null), + ALTERTABLE_EXCHANGEPARTITION( + "ALTERTABLE_EXCHANGEPARTITION", new Privilege[] { Privilege.SELECT, Privilege.DELETE }, + new Privilege[] { Privilege.INSERT }), ALTERTABLE_DROPCONSTRAINT("ALTERTABLE_DROPCONSTRAINT", new Privilege[]{Privilege.ALTER_METADATA}, null), ALTERTABLE_ADDCONSTRAINT("ALTERTABLE_ADDCONSTRAINT", diff --git a/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/Operation2Privilege.java b/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/Operation2Privilege.java index 21ae8fb..bbe28ab 100644 --- a/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/Operation2Privilege.java +++ b/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/Operation2Privilege.java @@ -426,8 +426,11 @@ public HivePrivilegeObjectType getObjectType() { (null, null)); op2Priv.put(HiveOperationType.SET_AUTOCOMMIT, PrivRequirement.newIOPrivRequirement (null, null)); - op2Priv.put(HiveOperationType.ALTERTABLE_EXCHANGEPARTITION, - PrivRequirement.newIOPrivRequirement(null, null)); + // For alter table exchange partition, we need select & delete on input & insert on output + op2Priv.put( + HiveOperationType.ALTERTABLE_EXCHANGEPARTITION, + PrivRequirement.newIOPrivRequirement( + arr(SQLPrivTypeGrant.SELECT_NOGRANT, SQLPrivTypeGrant.DELETE_NOGRANT), INS_NOGRANT_AR)); op2Priv.put(HiveOperationType.ABORT_TRANSACTIONS, PrivRequirement.newIOPrivRequirement (null, null)); } diff --git a/ql/src/test/queries/clientnegative/authorization_alter_table_exchange_partition_fail.q b/ql/src/test/queries/clientnegative/authorization_alter_table_exchange_partition_fail.q new file mode 100644 index 0000000..1ff1679 --- /dev/null +++ b/ql/src/test/queries/clientnegative/authorization_alter_table_exchange_partition_fail.q @@ -0,0 +1,40 @@ +set hive.test.authz.sstd.hs2.mode=true; +set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; +set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; +set hive.security.authorization.enabled=true; + +set user.name=user1; + +-- create a table owned by user1 + +create table exchange_partition_test_1(a int) partitioned by (b int); + +show grant user user1 on table exchange_partition_test_1; + +set user.name=hive_admin_user; + +set role admin; + +-- add data to exchange_partition_test_1 + +insert overwrite table exchange_partition_test_1 partition (b=1) select key from src; + +set role all; + +set user.name=user2; + +-- switch user + +-- create a table owned by user2 (as a result user2 will have insert privilege on exchange_partition_test_2 but no select + delete previlege on exchange_partition_test_1) + +create table exchange_partition_test_2(a int) partitioned by (b int); + +show grant user user2 on table exchange_partition_test_2; + + +-- execute alter table exchange partition to add data to exchange_partition_test_2 (this should fail) + + explain authorization alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1; + + alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1; + diff --git a/ql/src/test/queries/clientnegative/authorization_alter_table_exchange_partition_fail2.q b/ql/src/test/queries/clientnegative/authorization_alter_table_exchange_partition_fail2.q new file mode 100644 index 0000000..cdb4b45 --- /dev/null +++ b/ql/src/test/queries/clientnegative/authorization_alter_table_exchange_partition_fail2.q @@ -0,0 +1,45 @@ +set hive.test.authz.sstd.hs2.mode=true; +set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; +set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; +set hive.security.authorization.enabled=true; + +set user.name=user1; + +-- create a table owned by user1 + +create table exchange_partition_test_1(a int) partitioned by (b int); + +show grant user user1 on table exchange_partition_test_1; + +set user.name=hive_admin_user; + +set role admin; + +-- add data to exchange_partition_test_1 + +insert overwrite table exchange_partition_test_1 partition (b=1) select key from src; + +set role all; + +set user.name=user2; + +-- switch user + +-- create a table owned by user2 + +create table exchange_partition_test_2(a int) partitioned by (b int); + +show grant user user2 on table exchange_partition_test_2; + +set user.name=user1; + +-- switch user + +show grant user user1 on table exchange_partition_test_2; + +-- execute alter table exchange partition to add data to exchange_partition_test_2 (this should fail) + + explain authorization alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1; + + alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1; + diff --git a/ql/src/test/queries/clientpositive/authorization_alter_table_exchange_partition.q b/ql/src/test/queries/clientpositive/authorization_alter_table_exchange_partition.q new file mode 100644 index 0000000..c5bc152 --- /dev/null +++ b/ql/src/test/queries/clientpositive/authorization_alter_table_exchange_partition.q @@ -0,0 +1,45 @@ +set hive.test.authz.sstd.hs2.mode=true; +set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; +set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; +set hive.security.authorization.enabled=true; + + +set user.name=user1; + +-- create a table owned by user1 + +create table exchange_partition_test_1(a int) partitioned by (b int); + +show grant user user1 on table exchange_partition_test_1; + +set user.name=hive_admin_user; + +set role admin; + +-- add data to exchange_partition_test_1 + +insert overwrite table exchange_partition_test_1 partition (b=1) select key from src; + +-- grant select, delete privileges to user2 on exchange_partition_test_1 + +grant select, delete on exchange_partition_test_1 to user user2; + +set role all; + +set user.name=user2; + +show grant user user2 on table exchange_partition_test_1; + +-- switch user + +-- create a table owned by user2 (as a result user2 will have insert privilege) + +create table exchange_partition_test_2(a int) partitioned by (b int); + +show grant user user2 on table exchange_partition_test_2; + +-- execute alter table exchange partition to add data to exchange_partition_test_2 + +explain authorization alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1; + +alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1; \ No newline at end of file diff --git a/ql/src/test/results/clientnegative/authorization_alter_table_exchange_partition_fail.q.out b/ql/src/test/results/clientnegative/authorization_alter_table_exchange_partition_fail.q.out new file mode 100644 index 0000000..15dc079 --- /dev/null +++ b/ql/src/test/results/clientnegative/authorization_alter_table_exchange_partition_fail.q.out @@ -0,0 +1,84 @@ +PREHOOK: query: -- create a table owned by user1 + +create table exchange_partition_test_1(a int) partitioned by (b int) +PREHOOK: type: CREATETABLE +PREHOOK: Output: database:default +PREHOOK: Output: default@exchange_partition_test_1 +POSTHOOK: query: -- create a table owned by user1 + +create table exchange_partition_test_1(a int) partitioned by (b int) +POSTHOOK: type: CREATETABLE +POSTHOOK: Output: database:default +POSTHOOK: Output: default@exchange_partition_test_1 +PREHOOK: query: show grant user user1 on table exchange_partition_test_1 +PREHOOK: type: SHOW_GRANT +POSTHOOK: query: show grant user user1 on table exchange_partition_test_1 +POSTHOOK: type: SHOW_GRANT +default exchange_partition_test_1 user1 USER DELETE true -1 user1 +default exchange_partition_test_1 user1 USER INSERT true -1 user1 +default exchange_partition_test_1 user1 USER SELECT true -1 user1 +default exchange_partition_test_1 user1 USER UPDATE true -1 user1 +PREHOOK: query: set role admin +PREHOOK: type: SHOW_ROLES +POSTHOOK: query: set role admin +POSTHOOK: type: SHOW_ROLES +PREHOOK: query: -- add data to exchange_partition_test_1 + +insert overwrite table exchange_partition_test_1 partition (b=1) select key from src +PREHOOK: type: QUERY +PREHOOK: Input: default@src +PREHOOK: Output: default@exchange_partition_test_1@b=1 +POSTHOOK: query: -- add data to exchange_partition_test_1 + +insert overwrite table exchange_partition_test_1 partition (b=1) select key from src +POSTHOOK: type: QUERY +POSTHOOK: Input: default@src +POSTHOOK: Output: default@exchange_partition_test_1@b=1 +POSTHOOK: Lineage: exchange_partition_test_1 PARTITION(b=1).a EXPRESSION [(src)src.FieldSchema(name:key, type:string, comment:default), ] +PREHOOK: query: set role all +PREHOOK: type: SHOW_ROLES +POSTHOOK: query: set role all +POSTHOOK: type: SHOW_ROLES +PREHOOK: query: -- switch user + +-- create a table owned by user2 (as a result user2 will have insert privilege on exchange_partition_test_2 but no select + delete previlege on exchange_partition_test_1) + +create table exchange_partition_test_2(a int) partitioned by (b int) +PREHOOK: type: CREATETABLE +PREHOOK: Output: database:default +PREHOOK: Output: default@exchange_partition_test_2 +POSTHOOK: query: -- switch user + +-- create a table owned by user2 (as a result user2 will have insert privilege on exchange_partition_test_2 but no select + delete previlege on exchange_partition_test_1) + +create table exchange_partition_test_2(a int) partitioned by (b int) +POSTHOOK: type: CREATETABLE +POSTHOOK: Output: database:default +POSTHOOK: Output: default@exchange_partition_test_2 +PREHOOK: query: show grant user user2 on table exchange_partition_test_2 +PREHOOK: type: SHOW_GRANT +POSTHOOK: query: show grant user user2 on table exchange_partition_test_2 +POSTHOOK: type: SHOW_GRANT +default exchange_partition_test_2 user2 USER DELETE true -1 user1 +default exchange_partition_test_2 user2 USER INSERT true -1 user1 +default exchange_partition_test_2 user2 USER SELECT true -1 user1 +default exchange_partition_test_2 user2 USER UPDATE true -1 user1 +PREHOOK: query: -- execute alter table exchange partition to add data to exchange_partition_test_2 (this should fail) + + explain authorization alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1 +PREHOOK: type: ALTERTABLE_EXCHANGEPARTITION +POSTHOOK: query: -- execute alter table exchange partition to add data to exchange_partition_test_2 (this should fail) + + explain authorization alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1 +POSTHOOK: type: ALTERTABLE_EXCHANGEPARTITION +INPUTS: + default@exchange_partition_test_1 +OUTPUTS: + default@exchange_partition_test_2 +CURRENT_USER: + user2 +OPERATION: + ALTERTABLE_EXCHANGEPARTITION +AUTHORIZATION_FAILURES: + Permission denied: Principal [name=user2, type=USER] does not have following privileges for operation ALTERTABLE_EXCHANGEPARTITION [[SELECT, DELETE] on Object [type=TABLE_OR_VIEW, name=default.exchange_partition_test_1]] +FAILED: HiveAccessControlException Permission denied: Principal [name=user2, type=USER] does not have following privileges for operation ALTERTABLE_EXCHANGEPARTITION [[SELECT, DELETE] on Object [type=TABLE_OR_VIEW, name=default.exchange_partition_test_1]] diff --git a/ql/src/test/results/clientnegative/authorization_alter_table_exchange_partition_fail2.q.out b/ql/src/test/results/clientnegative/authorization_alter_table_exchange_partition_fail2.q.out new file mode 100644 index 0000000..280673c --- /dev/null +++ b/ql/src/test/results/clientnegative/authorization_alter_table_exchange_partition_fail2.q.out @@ -0,0 +1,92 @@ +PREHOOK: query: -- create a table owned by user1 + +create table exchange_partition_test_1(a int) partitioned by (b int) +PREHOOK: type: CREATETABLE +PREHOOK: Output: database:default +PREHOOK: Output: default@exchange_partition_test_1 +POSTHOOK: query: -- create a table owned by user1 + +create table exchange_partition_test_1(a int) partitioned by (b int) +POSTHOOK: type: CREATETABLE +POSTHOOK: Output: database:default +POSTHOOK: Output: default@exchange_partition_test_1 +PREHOOK: query: show grant user user1 on table exchange_partition_test_1 +PREHOOK: type: SHOW_GRANT +POSTHOOK: query: show grant user user1 on table exchange_partition_test_1 +POSTHOOK: type: SHOW_GRANT +default exchange_partition_test_1 user1 USER DELETE true -1 user1 +default exchange_partition_test_1 user1 USER INSERT true -1 user1 +default exchange_partition_test_1 user1 USER SELECT true -1 user1 +default exchange_partition_test_1 user1 USER UPDATE true -1 user1 +PREHOOK: query: set role admin +PREHOOK: type: SHOW_ROLES +POSTHOOK: query: set role admin +POSTHOOK: type: SHOW_ROLES +PREHOOK: query: -- add data to exchange_partition_test_1 + +insert overwrite table exchange_partition_test_1 partition (b=1) select key from src +PREHOOK: type: QUERY +PREHOOK: Input: default@src +PREHOOK: Output: default@exchange_partition_test_1@b=1 +POSTHOOK: query: -- add data to exchange_partition_test_1 + +insert overwrite table exchange_partition_test_1 partition (b=1) select key from src +POSTHOOK: type: QUERY +POSTHOOK: Input: default@src +POSTHOOK: Output: default@exchange_partition_test_1@b=1 +POSTHOOK: Lineage: exchange_partition_test_1 PARTITION(b=1).a EXPRESSION [(src)src.FieldSchema(name:key, type:string, comment:default), ] +PREHOOK: query: set role all +PREHOOK: type: SHOW_ROLES +POSTHOOK: query: set role all +POSTHOOK: type: SHOW_ROLES +PREHOOK: query: -- switch user + +-- create a table owned by user2 + +create table exchange_partition_test_2(a int) partitioned by (b int) +PREHOOK: type: CREATETABLE +PREHOOK: Output: database:default +PREHOOK: Output: default@exchange_partition_test_2 +POSTHOOK: query: -- switch user + +-- create a table owned by user2 + +create table exchange_partition_test_2(a int) partitioned by (b int) +POSTHOOK: type: CREATETABLE +POSTHOOK: Output: database:default +POSTHOOK: Output: default@exchange_partition_test_2 +PREHOOK: query: show grant user user2 on table exchange_partition_test_2 +PREHOOK: type: SHOW_GRANT +POSTHOOK: query: show grant user user2 on table exchange_partition_test_2 +POSTHOOK: type: SHOW_GRANT +default exchange_partition_test_2 user2 USER DELETE true -1 user1 +default exchange_partition_test_2 user2 USER INSERT true -1 user1 +default exchange_partition_test_2 user2 USER SELECT true -1 user1 +default exchange_partition_test_2 user2 USER UPDATE true -1 user1 +PREHOOK: query: -- switch user + +show grant user user1 on table exchange_partition_test_2 +PREHOOK: type: SHOW_GRANT +POSTHOOK: query: -- switch user + +show grant user user1 on table exchange_partition_test_2 +POSTHOOK: type: SHOW_GRANT +PREHOOK: query: -- execute alter table exchange partition to add data to exchange_partition_test_2 (this should fail) + + explain authorization alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1 +PREHOOK: type: ALTERTABLE_EXCHANGEPARTITION +POSTHOOK: query: -- execute alter table exchange partition to add data to exchange_partition_test_2 (this should fail) + + explain authorization alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1 +POSTHOOK: type: ALTERTABLE_EXCHANGEPARTITION +INPUTS: + default@exchange_partition_test_1 +OUTPUTS: + default@exchange_partition_test_2 +CURRENT_USER: + user1 +OPERATION: + ALTERTABLE_EXCHANGEPARTITION +AUTHORIZATION_FAILURES: + Permission denied: Principal [name=user1, type=USER] does not have following privileges for operation ALTERTABLE_EXCHANGEPARTITION [[INSERT] on Object [type=TABLE_OR_VIEW, name=default.exchange_partition_test_2]] +FAILED: HiveAccessControlException Permission denied: Principal [name=user1, type=USER] does not have following privileges for operation ALTERTABLE_EXCHANGEPARTITION [[INSERT] on Object [type=TABLE_OR_VIEW, name=default.exchange_partition_test_2]] diff --git a/ql/src/test/results/clientnegative/exchange_partition.q.out b/ql/src/test/results/clientnegative/exchange_partition.q.out index 47393ec..bfdf413 100644 --- a/ql/src/test/results/clientnegative/exchange_partition.q.out +++ b/ql/src/test/results/clientnegative/exchange_partition.q.out @@ -53,5 +53,4 @@ PREHOOK: query: ALTER TABLE ex_table1 EXCHANGE PARTITION (part='part1') WITH TAB PREHOOK: type: ALTERTABLE_EXCHANGEPARTITION PREHOOK: Input: default@ex_table2 PREHOOK: Output: default@ex_table1 -PREHOOK: Output: default@ex_table2 FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. MetaException(message:Got exception: java.io.IOException Cannot rename the source path. The destination path already exists.) diff --git a/ql/src/test/results/clientpositive/authorization_alter_table_exchange_partition.q.out b/ql/src/test/results/clientpositive/authorization_alter_table_exchange_partition.q.out new file mode 100644 index 0000000..22b66d1 --- /dev/null +++ b/ql/src/test/results/clientpositive/authorization_alter_table_exchange_partition.q.out @@ -0,0 +1,108 @@ +PREHOOK: query: -- create a table owned by user1 + +create table exchange_partition_test_1(a int) partitioned by (b int) +PREHOOK: type: CREATETABLE +PREHOOK: Output: database:default +PREHOOK: Output: default@exchange_partition_test_1 +POSTHOOK: query: -- create a table owned by user1 + +create table exchange_partition_test_1(a int) partitioned by (b int) +POSTHOOK: type: CREATETABLE +POSTHOOK: Output: database:default +POSTHOOK: Output: default@exchange_partition_test_1 +PREHOOK: query: show grant user user1 on table exchange_partition_test_1 +PREHOOK: type: SHOW_GRANT +POSTHOOK: query: show grant user user1 on table exchange_partition_test_1 +POSTHOOK: type: SHOW_GRANT +default exchange_partition_test_1 user1 USER DELETE true -1 user1 +default exchange_partition_test_1 user1 USER INSERT true -1 user1 +default exchange_partition_test_1 user1 USER SELECT true -1 user1 +default exchange_partition_test_1 user1 USER UPDATE true -1 user1 +PREHOOK: query: set role admin +PREHOOK: type: SHOW_ROLES +POSTHOOK: query: set role admin +POSTHOOK: type: SHOW_ROLES +PREHOOK: query: -- add data to exchange_partition_test_1 + +insert overwrite table exchange_partition_test_1 partition (b=1) select key from src +PREHOOK: type: QUERY +PREHOOK: Input: default@src +PREHOOK: Output: default@exchange_partition_test_1@b=1 +POSTHOOK: query: -- add data to exchange_partition_test_1 + +insert overwrite table exchange_partition_test_1 partition (b=1) select key from src +POSTHOOK: type: QUERY +POSTHOOK: Input: default@src +POSTHOOK: Output: default@exchange_partition_test_1@b=1 +POSTHOOK: Lineage: exchange_partition_test_1 PARTITION(b=1).a EXPRESSION [(src)src.FieldSchema(name:key, type:string, comment:default), ] +PREHOOK: query: -- grant select, delete privileges to user2 on exchange_partition_test_1 + +grant select, delete on exchange_partition_test_1 to user user2 +PREHOOK: type: GRANT_PRIVILEGE +PREHOOK: Output: default@exchange_partition_test_1 +POSTHOOK: query: -- grant select, delete privileges to user2 on exchange_partition_test_1 + +grant select, delete on exchange_partition_test_1 to user user2 +POSTHOOK: type: GRANT_PRIVILEGE +POSTHOOK: Output: default@exchange_partition_test_1 +PREHOOK: query: set role all +PREHOOK: type: SHOW_ROLES +POSTHOOK: query: set role all +POSTHOOK: type: SHOW_ROLES +PREHOOK: query: show grant user user2 on table exchange_partition_test_1 +PREHOOK: type: SHOW_GRANT +POSTHOOK: query: show grant user user2 on table exchange_partition_test_1 +POSTHOOK: type: SHOW_GRANT +default exchange_partition_test_1 user2 USER DELETE false -1 hive_admin_user +default exchange_partition_test_1 user2 USER SELECT false -1 hive_admin_user +PREHOOK: query: -- switch user + +-- create a table owned by user2 (as a result user2 will have insert privilege) + +create table exchange_partition_test_2(a int) partitioned by (b int) +PREHOOK: type: CREATETABLE +PREHOOK: Output: database:default +PREHOOK: Output: default@exchange_partition_test_2 +POSTHOOK: query: -- switch user + +-- create a table owned by user2 (as a result user2 will have insert privilege) + +create table exchange_partition_test_2(a int) partitioned by (b int) +POSTHOOK: type: CREATETABLE +POSTHOOK: Output: database:default +POSTHOOK: Output: default@exchange_partition_test_2 +PREHOOK: query: show grant user user2 on table exchange_partition_test_2 +PREHOOK: type: SHOW_GRANT +POSTHOOK: query: show grant user user2 on table exchange_partition_test_2 +POSTHOOK: type: SHOW_GRANT +default exchange_partition_test_2 user2 USER DELETE true -1 user1 +default exchange_partition_test_2 user2 USER INSERT true -1 user1 +default exchange_partition_test_2 user2 USER SELECT true -1 user1 +default exchange_partition_test_2 user2 USER UPDATE true -1 user1 +PREHOOK: query: -- execute alter table exchange partition to add data to exchange_partition_test_2 + +explain authorization alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1 +PREHOOK: type: ALTERTABLE_EXCHANGEPARTITION +POSTHOOK: query: -- execute alter table exchange partition to add data to exchange_partition_test_2 + +explain authorization alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1 +POSTHOOK: type: ALTERTABLE_EXCHANGEPARTITION +INPUTS: + default@exchange_partition_test_1 +OUTPUTS: + default@exchange_partition_test_2 +CURRENT_USER: + user2 +OPERATION: + ALTERTABLE_EXCHANGEPARTITION +PREHOOK: query: alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1 +PREHOOK: type: ALTERTABLE_EXCHANGEPARTITION +PREHOOK: Input: default@exchange_partition_test_1 +PREHOOK: Output: default@exchange_partition_test_2 +POSTHOOK: query: alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1 +POSTHOOK: type: ALTERTABLE_EXCHANGEPARTITION +POSTHOOK: Input: default@exchange_partition_test_1 +POSTHOOK: Input: default@exchange_partition_test_1@b=1 +POSTHOOK: Output: default@exchange_partition_test_1@b=1 +POSTHOOK: Output: default@exchange_partition_test_2 +POSTHOOK: Output: default@exchange_partition_test_2@b=1 diff --git a/ql/src/test/results/clientpositive/exchange_partition.q.out b/ql/src/test/results/clientpositive/exchange_partition.q.out index 0097450..7dbc6c2 100644 --- a/ql/src/test/results/clientpositive/exchange_partition.q.out +++ b/ql/src/test/results/clientpositive/exchange_partition.q.out @@ -62,14 +62,12 @@ PREHOOK: query: ALTER TABLE ex1.exchange_part_test1 EXCHANGE PARTITION (ds='2013 PREHOOK: type: ALTERTABLE_EXCHANGEPARTITION PREHOOK: Input: ex2@exchange_part_test2 PREHOOK: Output: ex1@exchange_part_test1 -PREHOOK: Output: ex2@exchange_part_test2 POSTHOOK: query: ALTER TABLE ex1.exchange_part_test1 EXCHANGE PARTITION (ds='2013-04-05') WITH TABLE ex2.exchange_part_test2 POSTHOOK: type: ALTERTABLE_EXCHANGEPARTITION POSTHOOK: Input: ex2@exchange_part_test2 POSTHOOK: Input: ex2@exchange_part_test2@ds=2013-04-05 POSTHOOK: Output: ex1@exchange_part_test1 POSTHOOK: Output: ex1@exchange_part_test1@ds=2013-04-05 -POSTHOOK: Output: ex2@exchange_part_test2 POSTHOOK: Output: ex2@exchange_part_test2@ds=2013-04-05 PREHOOK: query: SHOW PARTITIONS ex1.exchange_part_test1 PREHOOK: type: SHOWPARTITIONS diff --git a/ql/src/test/results/clientpositive/exchange_partition2.q.out b/ql/src/test/results/clientpositive/exchange_partition2.q.out index ed7c956..64e6066 100644 --- a/ql/src/test/results/clientpositive/exchange_partition2.q.out +++ b/ql/src/test/results/clientpositive/exchange_partition2.q.out @@ -50,14 +50,12 @@ PREHOOK: query: ALTER TABLE exchange_part_test1 EXCHANGE PARTITION (ds='2013-04- PREHOOK: type: ALTERTABLE_EXCHANGEPARTITION PREHOOK: Input: default@exchange_part_test2 PREHOOK: Output: default@exchange_part_test1 -PREHOOK: Output: default@exchange_part_test2 POSTHOOK: query: ALTER TABLE exchange_part_test1 EXCHANGE PARTITION (ds='2013-04-05', hr='1') WITH TABLE exchange_part_test2 POSTHOOK: type: ALTERTABLE_EXCHANGEPARTITION POSTHOOK: Input: default@exchange_part_test2 POSTHOOK: Input: default@exchange_part_test2@ds=2013-04-05/hr=1 POSTHOOK: Output: default@exchange_part_test1 POSTHOOK: Output: default@exchange_part_test1@ds=2013-04-05/hr=1 -POSTHOOK: Output: default@exchange_part_test2 POSTHOOK: Output: default@exchange_part_test2@ds=2013-04-05/hr=1 PREHOOK: query: SHOW PARTITIONS exchange_part_test1 PREHOOK: type: SHOWPARTITIONS diff --git a/ql/src/test/results/clientpositive/exchange_partition3.q.out b/ql/src/test/results/clientpositive/exchange_partition3.q.out index 7e431fc..b7c62e2 100644 --- a/ql/src/test/results/clientpositive/exchange_partition3.q.out +++ b/ql/src/test/results/clientpositive/exchange_partition3.q.out @@ -67,7 +67,6 @@ ALTER TABLE exchange_part_test1 EXCHANGE PARTITION (ds='2013-04-05') WITH TABLE PREHOOK: type: ALTERTABLE_EXCHANGEPARTITION PREHOOK: Input: default@exchange_part_test2 PREHOOK: Output: default@exchange_part_test1 -PREHOOK: Output: default@exchange_part_test2 POSTHOOK: query: -- This will exchange both partitions hr=1 and hr=2 ALTER TABLE exchange_part_test1 EXCHANGE PARTITION (ds='2013-04-05') WITH TABLE exchange_part_test2 POSTHOOK: type: ALTERTABLE_EXCHANGEPARTITION @@ -77,7 +76,6 @@ POSTHOOK: Input: default@exchange_part_test2@ds=2013-04-05/hr=2 POSTHOOK: Output: default@exchange_part_test1 POSTHOOK: Output: default@exchange_part_test1@ds=2013-04-05/hr=1 POSTHOOK: Output: default@exchange_part_test1@ds=2013-04-05/hr=2 -POSTHOOK: Output: default@exchange_part_test2 POSTHOOK: Output: default@exchange_part_test2@ds=2013-04-05/hr=1 POSTHOOK: Output: default@exchange_part_test2@ds=2013-04-05/hr=2 PREHOOK: query: SHOW PARTITIONS exchange_part_test1