diff --git a/itests/src/test/resources/testconfiguration.properties b/itests/src/test/resources/testconfiguration.properties index fa6a2aaea0..7ff6426d43 100644 --- a/itests/src/test/resources/testconfiguration.properties +++ b/itests/src/test/resources/testconfiguration.properties @@ -86,6 +86,7 @@ minillap.shared.query.files=insert_into1.q,\ minillaplocal.shared.query.files=alter_merge_2_orc.q,\ alter_merge_orc.q,\ alter_merge_stats_orc.q,\ + authorization_view_8.q,\ auto_join0.q,\ auto_join1.q,\ auto_join21.q,\ @@ -461,6 +462,7 @@ minillaplocal.query.files=\ acid_globallimit.q,\ acid_vectorization_missing_cols.q,\ alter_merge_stats_orc.q,\ + authorization_view_8.q,\ auto_join30.q,\ auto_join_filters.q,\ auto_join_nulls.q,\ diff --git a/ql/src/java/org/apache/hadoop/hive/ql/parse/SemanticAnalyzer.java b/ql/src/java/org/apache/hadoop/hive/ql/parse/SemanticAnalyzer.java index e8acabefa5..6f379da1e3 100644 --- a/ql/src/java/org/apache/hadoop/hive/ql/parse/SemanticAnalyzer.java +++ b/ql/src/java/org/apache/hadoop/hive/ql/parse/SemanticAnalyzer.java @@ -92,6 +92,7 @@ import org.apache.hadoop.hive.ql.exec.FunctionRegistry; import org.apache.hadoop.hive.ql.exec.GroupByOperator; import org.apache.hadoop.hive.ql.exec.JoinOperator; +import org.apache.hadoop.hive.ql.exec.LimitOperator; import org.apache.hadoop.hive.ql.exec.Operator; import org.apache.hadoop.hive.ql.exec.OperatorFactory; import org.apache.hadoop.hive.ql.exec.RecordReader; @@ -10547,10 +10548,15 @@ public Operator genPlan(QB qb, boolean skipAmbiguityCheck) // Recurse over the subqueries to fill the subquery part of the plan for (String alias : qb.getSubqAliases()) { QBExpr qbexpr = qb.getSubqForAlias(alias); - Operator operator = genPlan(qb, qbexpr); + Operator operator = genPlan(qb, qbexpr); aliasToOpInfo.put(alias, operator); if (qb.getViewToTabSchema().containsKey(alias)) { // we set viewProjectToTableSchema so that we can leverage ColumnPruner. + if (operator instanceof LimitOperator) { + // If create view has LIMIT operator, this can happen + // Fetch parent operator + operator = operator.getParentOperators().get(0); + } if (operator instanceof SelectOperator) { if (this.viewProjectToTableSchema == null) { this.viewProjectToTableSchema = new LinkedHashMap<>(); diff --git a/ql/src/test/queries/clientpositive/authorization_view_8.q b/ql/src/test/queries/clientpositive/authorization_view_8.q new file mode 100644 index 0000000000..82fc97b5d2 --- /dev/null +++ b/ql/src/test/queries/clientpositive/authorization_view_8.q @@ -0,0 +1,23 @@ +set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider; + +create table my_passwd ( +username string, +uid int); + +insert into my_passwd values + ("Deepak", 1), + ("Gunther", 2), + ("Jason", 3), + ("Prasanth", 4), + ("Gopal", 5), + ("Sergey", 6); + + +set hive.cbo.enable=false; +create view my_passwd_vw as select * from my_passwd limit 3; + +set hive.security.authorization.enabled=true; +grant select on table my_passwd to user hive_test_user; +grant select on table my_passwd_vw to user hive_test_user; + +select * from my_passwd_vw; \ No newline at end of file diff --git a/ql/src/test/results/clientpositive/llap/authorization_view_8.q.out b/ql/src/test/results/clientpositive/llap/authorization_view_8.q.out new file mode 100644 index 0000000000..67ddb32277 --- /dev/null +++ b/ql/src/test/results/clientpositive/llap/authorization_view_8.q.out @@ -0,0 +1,69 @@ +PREHOOK: query: create table my_passwd ( +username string, +uid int) +PREHOOK: type: CREATETABLE +PREHOOK: Output: database:default +PREHOOK: Output: default@my_passwd +POSTHOOK: query: create table my_passwd ( +username string, +uid int) +POSTHOOK: type: CREATETABLE +POSTHOOK: Output: database:default +POSTHOOK: Output: default@my_passwd +PREHOOK: query: insert into my_passwd values + ("Deepak", 1), + ("Gunther", 2), + ("Jason", 3), + ("Prasanth", 4), + ("Gopal", 5), + ("Sergey", 6) +PREHOOK: type: QUERY +PREHOOK: Output: default@my_passwd +POSTHOOK: query: insert into my_passwd values + ("Deepak", 1), + ("Gunther", 2), + ("Jason", 3), + ("Prasanth", 4), + ("Gopal", 5), + ("Sergey", 6) +POSTHOOK: type: QUERY +POSTHOOK: Output: default@my_passwd +POSTHOOK: Lineage: my_passwd.uid EXPRESSION [(values__tmp__table__1)values__tmp__table__1.FieldSchema(name:tmp_values_col2, type:string, comment:), ] +POSTHOOK: Lineage: my_passwd.username SIMPLE [(values__tmp__table__1)values__tmp__table__1.FieldSchema(name:tmp_values_col1, type:string, comment:), ] +PREHOOK: query: create view my_passwd_vw as select * from my_passwd limit 3 +PREHOOK: type: CREATEVIEW +PREHOOK: Input: default@my_passwd +PREHOOK: Output: database:default +PREHOOK: Output: default@my_passwd_vw +POSTHOOK: query: create view my_passwd_vw as select * from my_passwd limit 3 +POSTHOOK: type: CREATEVIEW +POSTHOOK: Input: default@my_passwd +POSTHOOK: Output: database:default +POSTHOOK: Output: default@my_passwd_vw +POSTHOOK: Lineage: my_passwd_vw.uid SIMPLE [(my_passwd)my_passwd.FieldSchema(name:uid, type:int, comment:null), ] +POSTHOOK: Lineage: my_passwd_vw.username SIMPLE [(my_passwd)my_passwd.FieldSchema(name:username, type:string, comment:null), ] +PREHOOK: query: grant select on table my_passwd to user hive_test_user +PREHOOK: type: GRANT_PRIVILEGE +PREHOOK: Output: default@my_passwd +POSTHOOK: query: grant select on table my_passwd to user hive_test_user +POSTHOOK: type: GRANT_PRIVILEGE +POSTHOOK: Output: default@my_passwd +PREHOOK: query: grant select on table my_passwd_vw to user hive_test_user +PREHOOK: type: GRANT_PRIVILEGE +PREHOOK: Output: default@my_passwd_vw +POSTHOOK: query: grant select on table my_passwd_vw to user hive_test_user +POSTHOOK: type: GRANT_PRIVILEGE +POSTHOOK: Output: default@my_passwd_vw +PREHOOK: query: select * from my_passwd_vw +PREHOOK: type: QUERY +PREHOOK: Input: default@my_passwd +PREHOOK: Input: default@my_passwd_vw +#### A masked pattern was here #### +POSTHOOK: query: select * from my_passwd_vw +POSTHOOK: type: QUERY +POSTHOOK: Input: default@my_passwd +POSTHOOK: Input: default@my_passwd_vw +#### A masked pattern was here #### +Deepak 1 +Gunther 2 +Jason 3