diff --git a/ql/src/java/org/apache/hadoop/hive/ql/Driver.java b/ql/src/java/org/apache/hadoop/hive/ql/Driver.java index f01edf8156..1943c6d84e 100644 --- a/ql/src/java/org/apache/hadoop/hive/ql/Driver.java +++ b/ql/src/java/org/apache/hadoop/hive/ql/Driver.java @@ -1103,6 +1103,7 @@ private static void doAuthorizationV2(SessionState ss, HiveOperation op, Set partKeys = null; List columns = null; + String className = null; switch(privObject.getType()){ case DATABASE: dbname = privObject.getDatabase().getName(); @@ -1122,6 +1123,7 @@ private static void doAuthorizationV2(SessionState ss, HiveOperation op, Set resources) throws SemanticException { // If the function is being added under a database 'namespace', then add an entity representing // the database (only applicable to permanent/metastore functions). @@ -192,7 +191,7 @@ private void addEntities(String functionName, boolean isTemporaryFunction, } // Add the function name as a WriteEntity - outputs.add(new WriteEntity(database, functionName, Type.FUNCTION, + outputs.add(new WriteEntity(database, functionName, className, Type.FUNCTION, WriteEntity.WriteType.DDL_NO_LOCK)); if (resources != null) { diff --git a/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAuthorizerImpl.java b/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAuthorizerImpl.java index 570571b274..3a51d1b0a1 100644 --- a/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAuthorizerImpl.java +++ b/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAuthorizerImpl.java @@ -23,7 +23,6 @@ import org.apache.hadoop.hive.common.classification.InterfaceStability.Evolving; import org.apache.hadoop.hive.conf.HiveConf; import org.apache.hadoop.hive.ql.parse.SemanticException; -import org.apache.hadoop.hive.ql.security.HiveAuthenticationProvider; /** * Convenience implementation of HiveAuthorizer. diff --git a/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HivePrivilegeObject.java b/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HivePrivilegeObject.java index fb4c3206be..7783679670 100644 --- a/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HivePrivilegeObject.java +++ b/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HivePrivilegeObject.java @@ -17,7 +17,6 @@ */ package org.apache.hadoop.hive.ql.security.authorization.plugin; -import java.util.ArrayList; import java.util.Arrays; import java.util.Collection; import java.util.Iterator; @@ -61,6 +60,12 @@ public int compareTo(HivePrivilegeObject o) { (o.columns != null ? compare(columns, o.columns) : 1) : (o.columns != null ? -1 : 0); } + if (compare == 0) { + compare = className != null ? + (o.className != null ? className.compareTo(o.className) : 1) : + (o.className != null ? -1 : 0); + } + return compare; } @@ -112,6 +117,7 @@ private int compare(Collection o1, Collection o2) { private final List partKeys; private final List columns; private final HivePrivObjectActionType actionType; + private final String className; // cellValueTransformers is corresponding to the columns. // Its size should be the same as columns. // For example, if a table has two columns, "key" and "value" @@ -129,14 +135,14 @@ public HivePrivilegeObject(HivePrivilegeObjectType type, String dbname, String o public HivePrivilegeObject(HivePrivilegeObjectType type, String dbname, String objectName , HivePrivObjectActionType actionType) { - this(type, dbname, objectName, null, null, actionType, null); + this(type, dbname, objectName, null, null, actionType, null, null); } public HivePrivilegeObject(HivePrivilegeObjectType type, String dbname, String objectName, List partKeys, String column) { this(type, dbname, objectName, partKeys, column == null ? null : Arrays.asList(column), - HivePrivObjectActionType.OTHER, null); + HivePrivObjectActionType.OTHER, null, null); } /** @@ -151,7 +157,7 @@ public static HivePrivilegeObject createHivePrivilegeObject(List cmdPara public HivePrivilegeObject(HivePrivilegeObjectType type, String dbname, String objectName, List partKeys, List columns, List commandParams) { - this(type, dbname, objectName, partKeys, columns, HivePrivObjectActionType.OTHER, commandParams); + this(type, dbname, objectName, partKeys, columns, HivePrivObjectActionType.OTHER, commandParams, null); } public HivePrivilegeObject(String dbname, String objectName, List columns) { @@ -160,7 +166,7 @@ public HivePrivilegeObject(String dbname, String objectName, List column public HivePrivilegeObject(HivePrivilegeObjectType type, String dbname, String objectName, List partKeys, List columns, HivePrivObjectActionType actionType, - List commandParams) { + List commandParams, String className) { this.type = type; this.dbname = dbname; this.objectName = objectName; @@ -168,6 +174,7 @@ public HivePrivilegeObject(HivePrivilegeObjectType type, String dbname, String o this.columns = columns; this.actionType = actionType; this.commandParams = commandParams; + this.className = className; } public HivePrivilegeObjectType getType() { @@ -217,6 +224,14 @@ public HivePrivObjectActionType getActionType() { return columns; } + /** + * The class name when the type is {@link HivePrivilegeObjectType.FUNCTION} + * @return the class name + */ + public String getClassName() { + return className; + } + @Override public String toString() { String name = null;