diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/DDLSemanticAnalyzerFactory.java ql/src/java/org/apache/hadoop/hive/ql/ddl/DDLSemanticAnalyzerFactory.java index bc93d753f8..efbd90f2c5 100644 --- ql/src/java/org/apache/hadoop/hive/ql/ddl/DDLSemanticAnalyzerFactory.java +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/DDLSemanticAnalyzerFactory.java @@ -26,10 +26,13 @@ import java.util.Set; import org.apache.hadoop.hive.ql.QueryState; +import org.apache.hadoop.hive.ql.metadata.Hive; import org.apache.hadoop.hive.ql.parse.ASTNode; import org.apache.hadoop.hive.ql.parse.BaseSemanticAnalyzer; import org.reflections.Reflections; +import com.google.common.annotations.VisibleForTesting; + /** * Manages the DDL command analyzers. */ @@ -75,4 +78,17 @@ public static BaseSemanticAnalyzer getAnalyzer(ASTNode root, QueryState querySta throw new RuntimeException(e); } } + + @VisibleForTesting + public static BaseSemanticAnalyzer getAnalyzer(ASTNode root, QueryState queryState, Hive db) { + Class analyzerClass = TYPE_TO_ANALYZER.get(root.getType()); + try { + BaseSemanticAnalyzer analyzer = + analyzerClass.getConstructor(QueryState.class, Hive.class).newInstance(queryState, db); + return analyzer; + } catch (Exception e) { + e.printStackTrace(); + throw new RuntimeException(e); + } + } } diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java index ef16275785..1c78014377 100644 --- ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java @@ -16,5 +16,5 @@ * limitations under the License. */ -/** Alter Database DDL operation descriptions and operations. */ +/** Alter Database DDL operations. */ package org.apache.hadoop.hive.ql.ddl.database.alter; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/AbstractPrivilegeAnalyzer.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/AbstractPrivilegeAnalyzer.java new file mode 100644 index 0000000000..f6e5256d30 --- /dev/null +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/AbstractPrivilegeAnalyzer.java @@ -0,0 +1,64 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.hadoop.hive.ql.ddl.privilege; + +import java.lang.reflect.Constructor; + +import org.apache.hadoop.hive.conf.HiveConf; +import org.apache.hadoop.hive.ql.QueryState; +import org.apache.hadoop.hive.ql.metadata.Hive; +import org.apache.hadoop.hive.ql.parse.BaseSemanticAnalyzer; +import org.apache.hadoop.hive.ql.parse.SemanticException; +import org.apache.hadoop.hive.ql.parse.authorization.HiveAuthorizationTaskFactory; +import org.apache.hadoop.hive.ql.parse.authorization.HiveAuthorizationTaskFactoryImpl; + +import com.google.common.annotations.VisibleForTesting; + +/** + * Abstract analyzer for all privilege related commands. + */ +public abstract class AbstractPrivilegeAnalyzer extends BaseSemanticAnalyzer { + protected final HiveAuthorizationTaskFactory hiveAuthorizationTaskFactory; + + public AbstractPrivilegeAnalyzer(QueryState queryState) throws SemanticException { + super(queryState); + hiveAuthorizationTaskFactory = createAuthorizationTaskFactory(conf, db); + } + + @VisibleForTesting + public AbstractPrivilegeAnalyzer(QueryState queryState, Hive db) throws SemanticException { + super(queryState, db); + hiveAuthorizationTaskFactory = createAuthorizationTaskFactory(conf, db); + } + + private HiveAuthorizationTaskFactory createAuthorizationTaskFactory(HiveConf conf, Hive db) { + Class authProviderClass = conf.getClass( + HiveConf.ConfVars.HIVE_AUTHORIZATION_TASK_FACTORY.varname, HiveAuthorizationTaskFactoryImpl.class, + HiveAuthorizationTaskFactory.class); + + try { + Constructor constructor = + authProviderClass.getConstructor(HiveConf.class, Hive.class); + return constructor.newInstance(conf, db); + } catch (Exception e) { + throw new IllegalStateException( + "Unable to create instance of " + authProviderClass.getName() + ": " + e.getMessage(), e); + } + } +} diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/PrivilegeUtils.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/PrivilegeUtils.java index ad431454de..f0e38d5f26 100644 --- ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/PrivilegeUtils.java +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/PrivilegeUtils.java @@ -35,12 +35,12 @@ /** * Common utilities for Privilege related ddl operations. */ -final class PrivilegeUtils { +public final class PrivilegeUtils { private PrivilegeUtils() { throw new UnsupportedOperationException("PrivilegeUtils should not be instantiated"); } - static HiveAuthorizer getSessionAuthorizer(HiveConf conf) { + public static HiveAuthorizer getSessionAuthorizer(HiveConf conf) { HiveAuthorizer authorizer = SessionState.get().getAuthorizerV2(); if (authorizer == null) { authorizer = new HiveV1Authorizer(conf); @@ -49,7 +49,7 @@ static HiveAuthorizer getSessionAuthorizer(HiveConf conf) { return authorizer; } - static void writeListToFileAfterSort(List entries, String resFile, DDLOperationContext context) + public static void writeListToFileAfterSort(List entries, String resFile, DDLOperationContext context) throws IOException { Collections.sort(entries); @@ -64,7 +64,7 @@ static void writeListToFileAfterSort(List entries, String resFile, DDLOp private static final HiveAuthorizationTranslator DEFAULT_AUTHORIZATION_TRANSLATOR = new DefaultHiveAuthorizationTranslator(); - static HiveAuthorizationTranslator getAuthorizationTranslator(HiveAuthorizer authorizer) + public static HiveAuthorizationTranslator getAuthorizationTranslator(HiveAuthorizer authorizer) throws HiveAuthzPluginException { if (authorizer.getHiveAuthorizationTranslator() == null) { return DEFAULT_AUTHORIZATION_TRANSLATOR; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/grant/GrantAnalyzer.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/grant/GrantAnalyzer.java new file mode 100644 index 0000000000..c16609bc51 --- /dev/null +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/grant/GrantAnalyzer.java @@ -0,0 +1,53 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.hadoop.hive.ql.ddl.privilege.grant; + +import org.apache.hadoop.hive.ql.QueryState; +import org.apache.hadoop.hive.ql.exec.Task; +import org.apache.hadoop.hive.ql.metadata.Hive; +import org.apache.hadoop.hive.ql.ddl.DDLSemanticAnalyzerFactory.DDLType; +import org.apache.hadoop.hive.ql.ddl.privilege.AbstractPrivilegeAnalyzer; +import org.apache.hadoop.hive.ql.parse.ASTNode; +import org.apache.hadoop.hive.ql.parse.HiveParser; +import org.apache.hadoop.hive.ql.parse.SemanticException; + +import com.google.common.annotations.VisibleForTesting; + +/** + * Analyzer for granting commands. + */ +@DDLType(type=HiveParser.TOK_GRANT) +public class GrantAnalyzer extends AbstractPrivilegeAnalyzer { + public GrantAnalyzer(QueryState queryState) throws SemanticException { + super(queryState); + } + + @VisibleForTesting + public GrantAnalyzer(QueryState queryState, Hive db) throws SemanticException { + super(queryState, db); + } + + @Override + public void analyzeInternal(ASTNode root) throws SemanticException { + Task task = hiveAuthorizationTaskFactory.createGrantTask(root, getInputs(), getOutputs()); + if (task != null) { + rootTasks.add(task); + } + } +} diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/GrantDesc.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/grant/GrantDesc.java similarity index 91% rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/GrantDesc.java rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/grant/GrantDesc.java index 7182bd3d55..2f235f470f 100644 --- ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/GrantDesc.java +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/grant/GrantDesc.java @@ -16,13 +16,16 @@ * limitations under the License. */ -package org.apache.hadoop.hive.ql.ddl.privilege; +package org.apache.hadoop.hive.ql.ddl.privilege.grant; import java.io.Serializable; import java.util.List; import org.apache.hadoop.hive.metastore.api.PrincipalType; import org.apache.hadoop.hive.ql.ddl.DDLDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeObjectDesc; import org.apache.hadoop.hive.ql.plan.Explain; import org.apache.hadoop.hive.ql.plan.Explain.Level; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/GrantOperation.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/grant/GrantOperation.java similarity index 95% rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/GrantOperation.java rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/grant/GrantOperation.java index 363e45a0e0..1216298ca6 100644 --- ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/GrantOperation.java +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/grant/GrantOperation.java @@ -16,9 +16,10 @@ * limitations under the License. */ -package org.apache.hadoop.hive.ql.ddl.privilege; +package org.apache.hadoop.hive.ql.ddl.privilege.grant; import org.apache.hadoop.hive.ql.ddl.DDLOperationContext; +import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeUtils; import java.util.List; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/grant/package-info.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/grant/package-info.java new file mode 100644 index 0000000000..e08339bd68 --- /dev/null +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/grant/package-info.java @@ -0,0 +1,20 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** Granting DDL operation. */ +package org.apache.hadoop.hive.ql.ddl.privilege.grant; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/revoke/RevokeAnalyzer.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/revoke/RevokeAnalyzer.java new file mode 100644 index 0000000000..8fe16119b9 --- /dev/null +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/revoke/RevokeAnalyzer.java @@ -0,0 +1,53 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.hadoop.hive.ql.ddl.privilege.revoke; + +import org.apache.hadoop.hive.ql.QueryState; +import org.apache.hadoop.hive.ql.exec.Task; +import org.apache.hadoop.hive.ql.metadata.Hive; +import org.apache.hadoop.hive.ql.ddl.DDLSemanticAnalyzerFactory.DDLType; +import org.apache.hadoop.hive.ql.ddl.privilege.AbstractPrivilegeAnalyzer; +import org.apache.hadoop.hive.ql.parse.ASTNode; +import org.apache.hadoop.hive.ql.parse.HiveParser; +import org.apache.hadoop.hive.ql.parse.SemanticException; + +import com.google.common.annotations.VisibleForTesting; + +/** + * Analyzer for revoke commands. + */ +@DDLType(type=HiveParser.TOK_REVOKE) +public class RevokeAnalyzer extends AbstractPrivilegeAnalyzer { + public RevokeAnalyzer(QueryState queryState) throws SemanticException { + super(queryState); + } + + @VisibleForTesting + public RevokeAnalyzer(QueryState queryState, Hive db) throws SemanticException { + super(queryState, db); + } + + @Override + public void analyzeInternal(ASTNode root) throws SemanticException { + Task task = hiveAuthorizationTaskFactory.createRevokeTask(root, getInputs(), getOutputs()); + if (task != null) { + rootTasks.add(task); + } + } +} diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/RevokeDesc.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/revoke/RevokeDesc.java similarity index 90% rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/RevokeDesc.java rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/revoke/RevokeDesc.java index f0e3021e7d..8a61a02445 100644 --- ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/RevokeDesc.java +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/revoke/RevokeDesc.java @@ -16,12 +16,15 @@ * limitations under the License. */ -package org.apache.hadoop.hive.ql.ddl.privilege; +package org.apache.hadoop.hive.ql.ddl.privilege.revoke; import java.io.Serializable; import java.util.List; import org.apache.hadoop.hive.ql.ddl.DDLDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeObjectDesc; import org.apache.hadoop.hive.ql.plan.Explain; import org.apache.hadoop.hive.ql.plan.Explain.Level; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/RevokeOperation.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/revoke/RevokeOperation.java similarity index 95% rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/RevokeOperation.java rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/revoke/RevokeOperation.java index 5bd7cdab97..0d7839c91b 100644 --- ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/RevokeOperation.java +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/revoke/RevokeOperation.java @@ -16,9 +16,10 @@ * limitations under the License. */ -package org.apache.hadoop.hive.ql.ddl.privilege; +package org.apache.hadoop.hive.ql.ddl.privilege.revoke; import org.apache.hadoop.hive.ql.ddl.DDLOperationContext; +import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeUtils; import java.util.List; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/revoke/package-info.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/revoke/package-info.java new file mode 100644 index 0000000000..5e37b6951d --- /dev/null +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/revoke/package-info.java @@ -0,0 +1,20 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** Revoking DDL operation. */ +package org.apache.hadoop.hive.ql.ddl.privilege.revoke; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/create/CreateRoleAnalyzer.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/create/CreateRoleAnalyzer.java new file mode 100644 index 0000000000..d4975d16a9 --- /dev/null +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/create/CreateRoleAnalyzer.java @@ -0,0 +1,53 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.hadoop.hive.ql.ddl.privilege.role.create; + +import org.apache.hadoop.hive.ql.QueryState; +import org.apache.hadoop.hive.ql.exec.Task; +import org.apache.hadoop.hive.ql.metadata.Hive; +import org.apache.hadoop.hive.ql.ddl.DDLSemanticAnalyzerFactory.DDLType; +import org.apache.hadoop.hive.ql.ddl.privilege.AbstractPrivilegeAnalyzer; +import org.apache.hadoop.hive.ql.parse.ASTNode; +import org.apache.hadoop.hive.ql.parse.HiveParser; +import org.apache.hadoop.hive.ql.parse.SemanticException; + +import com.google.common.annotations.VisibleForTesting; + +/** + * Analyzer for role creation commands. + */ +@DDLType(type=HiveParser.TOK_CREATEROLE) +public class CreateRoleAnalyzer extends AbstractPrivilegeAnalyzer { + public CreateRoleAnalyzer(QueryState queryState) throws SemanticException { + super(queryState); + } + + @VisibleForTesting + public CreateRoleAnalyzer(QueryState queryState, Hive db) throws SemanticException { + super(queryState, db); + } + + @Override + public void analyzeInternal(ASTNode root) throws SemanticException { + Task task = hiveAuthorizationTaskFactory.createCreateRoleTask(root, getInputs(), getOutputs()); + if (task != null) { + rootTasks.add(task); + } + } +} diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/CreateRoleDesc.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/create/CreateRoleDesc.java similarity index 96% rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/CreateRoleDesc.java rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/create/CreateRoleDesc.java index 4c2e1ddf16..7a5df3edf5 100644 --- ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/CreateRoleDesc.java +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/create/CreateRoleDesc.java @@ -16,7 +16,7 @@ * limitations under the License. */ -package org.apache.hadoop.hive.ql.ddl.privilege; +package org.apache.hadoop.hive.ql.ddl.privilege.role.create; import java.io.Serializable; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/CreateRoleOperation.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/create/CreateRoleOperation.java similarity index 92% rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/CreateRoleOperation.java rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/create/CreateRoleOperation.java index e09ba6472a..3bc4930626 100644 --- ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/CreateRoleOperation.java +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/create/CreateRoleOperation.java @@ -16,10 +16,10 @@ * limitations under the License. */ -package org.apache.hadoop.hive.ql.ddl.privilege; +package org.apache.hadoop.hive.ql.ddl.privilege.role.create; import org.apache.hadoop.hive.ql.ddl.DDLOperationContext; - +import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeUtils; import org.apache.hadoop.hive.ql.ddl.DDLOperation; import org.apache.hadoop.hive.ql.metadata.HiveException; import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthorizer; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/create/package-info.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/create/package-info.java new file mode 100644 index 0000000000..6e958d7397 --- /dev/null +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/create/package-info.java @@ -0,0 +1,20 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** Role creation DDL operation. */ +package org.apache.hadoop.hive.ql.ddl.privilege.role.create; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/drop/DropRoleAnalyzer.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/drop/DropRoleAnalyzer.java new file mode 100644 index 0000000000..0b2a848d1c --- /dev/null +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/drop/DropRoleAnalyzer.java @@ -0,0 +1,53 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.hadoop.hive.ql.ddl.privilege.role.drop; + +import org.apache.hadoop.hive.ql.QueryState; +import org.apache.hadoop.hive.ql.exec.Task; +import org.apache.hadoop.hive.ql.metadata.Hive; +import org.apache.hadoop.hive.ql.ddl.DDLSemanticAnalyzerFactory.DDLType; +import org.apache.hadoop.hive.ql.ddl.privilege.AbstractPrivilegeAnalyzer; +import org.apache.hadoop.hive.ql.parse.ASTNode; +import org.apache.hadoop.hive.ql.parse.HiveParser; +import org.apache.hadoop.hive.ql.parse.SemanticException; + +import com.google.common.annotations.VisibleForTesting; + +/** + * Analyzer for role dropping commands. + */ +@DDLType(type=HiveParser.TOK_DROPROLE) +public class DropRoleAnalyzer extends AbstractPrivilegeAnalyzer { + public DropRoleAnalyzer(QueryState queryState) throws SemanticException { + super(queryState); + } + + @VisibleForTesting + public DropRoleAnalyzer(QueryState queryState, Hive db) throws SemanticException { + super(queryState, db); + } + + @Override + public void analyzeInternal(ASTNode root) throws SemanticException { + Task task = hiveAuthorizationTaskFactory.createDropRoleTask(root, getInputs(), getOutputs()); + if (task != null) { + rootTasks.add(task); + } + } +} diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/DropRoleDesc.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/drop/DropRoleDesc.java similarity index 96% rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/DropRoleDesc.java rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/drop/DropRoleDesc.java index 671a0e72b8..3280585a23 100644 --- ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/DropRoleDesc.java +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/drop/DropRoleDesc.java @@ -16,7 +16,7 @@ * limitations under the License. */ -package org.apache.hadoop.hive.ql.ddl.privilege; +package org.apache.hadoop.hive.ql.ddl.privilege.role.drop; import java.io.Serializable; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/DropRoleOperation.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/drop/DropRoleOperation.java similarity index 92% rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/DropRoleOperation.java rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/drop/DropRoleOperation.java index 096069817a..c2f8f57686 100644 --- ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/DropRoleOperation.java +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/drop/DropRoleOperation.java @@ -16,10 +16,10 @@ * limitations under the License. */ -package org.apache.hadoop.hive.ql.ddl.privilege; +package org.apache.hadoop.hive.ql.ddl.privilege.role.drop; import org.apache.hadoop.hive.ql.ddl.DDLOperationContext; - +import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeUtils; import org.apache.hadoop.hive.ql.ddl.DDLOperation; import org.apache.hadoop.hive.ql.metadata.HiveException; import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthorizer; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/drop/package-info.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/drop/package-info.java new file mode 100644 index 0000000000..37f9eae3c9 --- /dev/null +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/drop/package-info.java @@ -0,0 +1,20 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** Role dropping DDL operation. */ +package org.apache.hadoop.hive.ql.ddl.privilege.role.drop; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/grant/GrantRoleAnalyzer.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/grant/GrantRoleAnalyzer.java new file mode 100644 index 0000000000..d845c43411 --- /dev/null +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/grant/GrantRoleAnalyzer.java @@ -0,0 +1,53 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.hadoop.hive.ql.ddl.privilege.role.grant; + +import org.apache.hadoop.hive.ql.QueryState; +import org.apache.hadoop.hive.ql.exec.Task; +import org.apache.hadoop.hive.ql.metadata.Hive; +import org.apache.hadoop.hive.ql.ddl.DDLSemanticAnalyzerFactory.DDLType; +import org.apache.hadoop.hive.ql.ddl.privilege.AbstractPrivilegeAnalyzer; +import org.apache.hadoop.hive.ql.parse.ASTNode; +import org.apache.hadoop.hive.ql.parse.HiveParser; +import org.apache.hadoop.hive.ql.parse.SemanticException; + +import com.google.common.annotations.VisibleForTesting; + +/** + * Analyzer for granting to role commands. + */ +@DDLType(type=HiveParser.TOK_GRANT_ROLE) +public class GrantRoleAnalyzer extends AbstractPrivilegeAnalyzer { + public GrantRoleAnalyzer(QueryState queryState) throws SemanticException { + super(queryState); + } + + @VisibleForTesting + public GrantRoleAnalyzer(QueryState queryState, Hive db) throws SemanticException { + super(queryState, db); + } + + @Override + public void analyzeInternal(ASTNode root) throws SemanticException { + Task task = hiveAuthorizationTaskFactory.createGrantRoleTask(root, getInputs(), getOutputs()); + if (task != null) { + rootTasks.add(task); + } + } +} diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/GrantRoleDesc.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/grant/GrantRoleDesc.java similarity index 94% rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/GrantRoleDesc.java rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/grant/GrantRoleDesc.java index ec12154925..3794a70c4b 100644 --- ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/GrantRoleDesc.java +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/grant/GrantRoleDesc.java @@ -16,11 +16,12 @@ * limitations under the License. */ -package org.apache.hadoop.hive.ql.ddl.privilege; +package org.apache.hadoop.hive.ql.ddl.privilege.role.grant; import java.util.List; import org.apache.hadoop.hive.ql.ddl.DDLDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc; import org.apache.hadoop.hive.ql.plan.Explain; import org.apache.hadoop.hive.ql.plan.Explain.Level; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/GrantRoleOperation.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/grant/GrantRoleOperation.java similarity index 94% rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/GrantRoleOperation.java rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/grant/GrantRoleOperation.java index 4413906617..a8d6a9281f 100644 --- ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/GrantRoleOperation.java +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/grant/GrantRoleOperation.java @@ -16,9 +16,10 @@ * limitations under the License. */ -package org.apache.hadoop.hive.ql.ddl.privilege; +package org.apache.hadoop.hive.ql.ddl.privilege.role.grant; import org.apache.hadoop.hive.ql.ddl.DDLOperationContext; +import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeUtils; import java.util.List; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/grant/package-info.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/grant/package-info.java new file mode 100644 index 0000000000..68b215a7c8 --- /dev/null +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/grant/package-info.java @@ -0,0 +1,20 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** Granting to role DDL operation. */ +package org.apache.hadoop.hive.ql.ddl.privilege.role.grant; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/revoke/RevokeRoleAnalyzer.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/revoke/RevokeRoleAnalyzer.java new file mode 100644 index 0000000000..21f71cb630 --- /dev/null +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/revoke/RevokeRoleAnalyzer.java @@ -0,0 +1,53 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.hadoop.hive.ql.ddl.privilege.role.revoke; + +import org.apache.hadoop.hive.ql.QueryState; +import org.apache.hadoop.hive.ql.exec.Task; +import org.apache.hadoop.hive.ql.metadata.Hive; +import org.apache.hadoop.hive.ql.ddl.DDLSemanticAnalyzerFactory.DDLType; +import org.apache.hadoop.hive.ql.ddl.privilege.AbstractPrivilegeAnalyzer; +import org.apache.hadoop.hive.ql.parse.ASTNode; +import org.apache.hadoop.hive.ql.parse.HiveParser; +import org.apache.hadoop.hive.ql.parse.SemanticException; + +import com.google.common.annotations.VisibleForTesting; + +/** + * Analyzer for revoking from role commands. + */ +@DDLType(type=HiveParser.TOK_REVOKE_ROLE) +public class RevokeRoleAnalyzer extends AbstractPrivilegeAnalyzer { + public RevokeRoleAnalyzer(QueryState queryState) throws SemanticException { + super(queryState); + } + + @VisibleForTesting + public RevokeRoleAnalyzer(QueryState queryState, Hive db) throws SemanticException { + super(queryState, db); + } + + @Override + public void analyzeInternal(ASTNode root) throws SemanticException { + Task task = hiveAuthorizationTaskFactory.createRevokeRoleTask(root, getInputs(), getOutputs()); + if (task != null) { + rootTasks.add(task); + } + } +} diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/RevokeRoleDesc.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/revoke/RevokeRoleDesc.java similarity index 94% rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/RevokeRoleDesc.java rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/revoke/RevokeRoleDesc.java index 5282789ada..7871303c22 100644 --- ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/RevokeRoleDesc.java +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/revoke/RevokeRoleDesc.java @@ -16,11 +16,12 @@ * limitations under the License. */ -package org.apache.hadoop.hive.ql.ddl.privilege; +package org.apache.hadoop.hive.ql.ddl.privilege.role.revoke; import java.util.List; import org.apache.hadoop.hive.ql.ddl.DDLDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc; import org.apache.hadoop.hive.ql.plan.Explain; import org.apache.hadoop.hive.ql.plan.Explain.Level; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/RevokeRoleOperation.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/revoke/RevokeRoleOperation.java similarity index 94% rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/RevokeRoleOperation.java rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/revoke/RevokeRoleOperation.java index 4828dc8d2b..71d2ad0170 100644 --- ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/RevokeRoleOperation.java +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/revoke/RevokeRoleOperation.java @@ -16,9 +16,10 @@ * limitations under the License. */ -package org.apache.hadoop.hive.ql.ddl.privilege; +package org.apache.hadoop.hive.ql.ddl.privilege.role.revoke; import org.apache.hadoop.hive.ql.ddl.DDLOperationContext; +import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeUtils; import java.util.List; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/revoke/package-info.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/revoke/package-info.java new file mode 100644 index 0000000000..89213a6daa --- /dev/null +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/revoke/package-info.java @@ -0,0 +1,20 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** Revoking from role DDL operation. */ +package org.apache.hadoop.hive.ql.ddl.privilege.role.revoke; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/set/SetRoleAnalyzer.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/set/SetRoleAnalyzer.java new file mode 100644 index 0000000000..39d887c7a5 --- /dev/null +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/set/SetRoleAnalyzer.java @@ -0,0 +1,51 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.hadoop.hive.ql.ddl.privilege.role.set; + +import org.apache.hadoop.hive.ql.QueryState; +import org.apache.hadoop.hive.ql.ddl.DDLSemanticAnalyzerFactory.DDLType; +import org.apache.hadoop.hive.ql.ddl.privilege.AbstractPrivilegeAnalyzer; +import org.apache.hadoop.hive.ql.metadata.Hive; +import org.apache.hadoop.hive.ql.parse.ASTNode; +import org.apache.hadoop.hive.ql.parse.BaseSemanticAnalyzer; +import org.apache.hadoop.hive.ql.parse.HiveParser; +import org.apache.hadoop.hive.ql.parse.SemanticException; + +import com.google.common.annotations.VisibleForTesting; + +/** + * Analyzer for setting a role commands. + */ +@DDLType(type=HiveParser.TOK_SET_ROLE) +public class SetRoleAnalyzer extends AbstractPrivilegeAnalyzer { + public SetRoleAnalyzer(QueryState queryState) throws SemanticException { + super(queryState); + } + + @VisibleForTesting + public SetRoleAnalyzer(QueryState queryState, Hive db) throws SemanticException { + super(queryState, db); + } + + @Override + public void analyzeInternal(ASTNode root) throws SemanticException { + String roleName = BaseSemanticAnalyzer.unescapeIdentifier(root.getChild(0).getText()); + rootTasks.add(hiveAuthorizationTaskFactory.createSetRoleTask(roleName, getInputs(), getOutputs())); + } +} diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/SetRoleDesc.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/set/SetRoleDesc.java similarity index 96% rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/SetRoleDesc.java rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/set/SetRoleDesc.java index 124fd1d40d..417cd94053 100644 --- ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/SetRoleDesc.java +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/set/SetRoleDesc.java @@ -16,7 +16,7 @@ * limitations under the License. */ -package org.apache.hadoop.hive.ql.ddl.privilege; +package org.apache.hadoop.hive.ql.ddl.privilege.role.set; import java.io.Serializable; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/SetRoleOperation.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/set/SetRoleOperation.java similarity index 92% rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/SetRoleOperation.java rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/set/SetRoleOperation.java index 8169175789..4e43865e05 100644 --- ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/SetRoleOperation.java +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/set/SetRoleOperation.java @@ -16,10 +16,10 @@ * limitations under the License. */ -package org.apache.hadoop.hive.ql.ddl.privilege; +package org.apache.hadoop.hive.ql.ddl.privilege.role.set; import org.apache.hadoop.hive.ql.ddl.DDLOperationContext; - +import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeUtils; import org.apache.hadoop.hive.ql.ddl.DDLOperation; import org.apache.hadoop.hive.ql.metadata.HiveException; import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthorizer; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/set/package-info.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/set/package-info.java new file mode 100644 index 0000000000..9223f8275e --- /dev/null +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/set/package-info.java @@ -0,0 +1,21 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** Setting role DDL operation. + */ +package org.apache.hadoop.hive.ql.ddl.privilege.role.set; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowCurrentRoleAnalyzer.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowCurrentRoleAnalyzer.java new file mode 100644 index 0000000000..f4f8437d47 --- /dev/null +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowCurrentRoleAnalyzer.java @@ -0,0 +1,58 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.hadoop.hive.ql.ddl.privilege.role.show; + +import java.io.Serializable; + +import org.apache.hadoop.hive.ql.QueryState; +import org.apache.hadoop.hive.ql.exec.Task; +import org.apache.hadoop.hive.ql.metadata.Hive; +import org.apache.hadoop.hive.ql.ddl.DDLSemanticAnalyzerFactory.DDLType; +import org.apache.hadoop.hive.ql.ddl.privilege.AbstractPrivilegeAnalyzer; +import org.apache.hadoop.hive.ql.parse.ASTNode; +import org.apache.hadoop.hive.ql.parse.HiveParser; +import org.apache.hadoop.hive.ql.parse.SemanticException; + +import com.google.common.annotations.VisibleForTesting; + +/** + * Analyzer for showing the current role command. + */ +@DDLType(type=HiveParser.TOK_SHOW_CURRENT_ROLE) +public class ShowCurrentRoleAnalyzer extends AbstractPrivilegeAnalyzer { + public ShowCurrentRoleAnalyzer(QueryState queryState) throws SemanticException { + super(queryState); + } + + @VisibleForTesting + public ShowCurrentRoleAnalyzer(QueryState queryState, Hive db) throws SemanticException { + super(queryState, db); + } + + @Override + public void analyzeInternal(ASTNode root) throws SemanticException { + ctx.setResFile(ctx.getLocalTmpPath()); + Task task = + hiveAuthorizationTaskFactory.createShowCurrentRoleTask(getInputs(), getOutputs(), ctx.getResFile()); + rootTasks.add(task); + + task.setFetchSource(true); + setFetchTask(createFetchTask(ShowRolesDesc.SCHEMA)); + } +} diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowCurrentRoleDesc.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowCurrentRoleDesc.java similarity index 96% rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowCurrentRoleDesc.java rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowCurrentRoleDesc.java index 53743cd205..d13af744e2 100644 --- ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowCurrentRoleDesc.java +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowCurrentRoleDesc.java @@ -16,7 +16,7 @@ * limitations under the License. */ -package org.apache.hadoop.hive.ql.ddl.privilege; +package org.apache.hadoop.hive.ql.ddl.privilege.role.show; import java.io.Serializable; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowCurrentRoleOperation.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowCurrentRoleOperation.java similarity index 93% rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowCurrentRoleOperation.java rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowCurrentRoleOperation.java index 7f70baed29..e843a4e42f 100644 --- ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowCurrentRoleOperation.java +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowCurrentRoleOperation.java @@ -16,9 +16,10 @@ * limitations under the License. */ -package org.apache.hadoop.hive.ql.ddl.privilege; +package org.apache.hadoop.hive.ql.ddl.privilege.role.show; import org.apache.hadoop.hive.ql.ddl.DDLOperationContext; +import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeUtils; import java.io.IOException; import java.util.List; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowRolesAnalyzer.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowRolesAnalyzer.java new file mode 100644 index 0000000000..20860fd882 --- /dev/null +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowRolesAnalyzer.java @@ -0,0 +1,58 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.hadoop.hive.ql.ddl.privilege.role.show; + +import org.apache.hadoop.hive.ql.QueryState; +import org.apache.hadoop.hive.ql.exec.Task; +import org.apache.hadoop.hive.ql.metadata.Hive; +import org.apache.hadoop.hive.ql.ddl.DDLSemanticAnalyzerFactory.DDLType; +import org.apache.hadoop.hive.ql.ddl.privilege.AbstractPrivilegeAnalyzer; +import org.apache.hadoop.hive.ql.parse.ASTNode; +import org.apache.hadoop.hive.ql.parse.HiveParser; +import org.apache.hadoop.hive.ql.parse.SemanticException; + +import com.google.common.annotations.VisibleForTesting; + +/** + * Analyzer for showing roles commands. + */ +@DDLType(type=HiveParser.TOK_SHOW_ROLES) +public class ShowRolesAnalyzer extends AbstractPrivilegeAnalyzer { + public ShowRolesAnalyzer(QueryState queryState) throws SemanticException { + super(queryState); + } + + @VisibleForTesting + public ShowRolesAnalyzer(QueryState queryState, Hive db) throws SemanticException { + super(queryState, db); + } + + @Override + public void analyzeInternal(ASTNode root) throws SemanticException { + ctx.setResFile(ctx.getLocalTmpPath()); + Task task = hiveAuthorizationTaskFactory.createShowRolesTask(root, ctx.getResFile(), getInputs(), + getOutputs()); + if (task != null) { + rootTasks.add(task); + + task.setFetchSource(true); + setFetchTask(createFetchTask(ShowRolesDesc.SCHEMA)); + } + } +} diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowRolesDesc.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowRolesDesc.java similarity index 96% rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowRolesDesc.java rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowRolesDesc.java index d4eeba4bbb..d78a3d22e9 100644 --- ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowRolesDesc.java +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowRolesDesc.java @@ -16,7 +16,7 @@ * limitations under the License. */ -package org.apache.hadoop.hive.ql.ddl.privilege; +package org.apache.hadoop.hive.ql.ddl.privilege.role.show; import java.io.Serializable; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowRolesOperation.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowRolesOperation.java similarity index 93% rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowRolesOperation.java rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowRolesOperation.java index 412e0ec1f2..97797a6929 100644 --- ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowRolesOperation.java +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowRolesOperation.java @@ -16,9 +16,10 @@ * limitations under the License. */ -package org.apache.hadoop.hive.ql.ddl.privilege; +package org.apache.hadoop.hive.ql.ddl.privilege.role.show; import org.apache.hadoop.hive.ql.ddl.DDLOperationContext; +import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeUtils; import java.io.IOException; import java.util.List; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/package-info.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/package-info.java new file mode 100644 index 0000000000..cb4f169fe6 --- /dev/null +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/package-info.java @@ -0,0 +1,20 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** Role showing DDL operations. */ +package org.apache.hadoop.hive.ql.ddl.privilege.role.show; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/grant/ShowGrantAnalyzer.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/grant/ShowGrantAnalyzer.java new file mode 100644 index 0000000000..8b0f51c53c --- /dev/null +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/grant/ShowGrantAnalyzer.java @@ -0,0 +1,57 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.hadoop.hive.ql.ddl.privilege.show.grant; + +import org.apache.hadoop.hive.ql.QueryState; +import org.apache.hadoop.hive.ql.exec.Task; +import org.apache.hadoop.hive.ql.metadata.Hive; +import org.apache.hadoop.hive.ql.ddl.DDLSemanticAnalyzerFactory.DDLType; +import org.apache.hadoop.hive.ql.ddl.privilege.AbstractPrivilegeAnalyzer; +import org.apache.hadoop.hive.ql.parse.ASTNode; +import org.apache.hadoop.hive.ql.parse.HiveParser; +import org.apache.hadoop.hive.ql.parse.SemanticException; + +import com.google.common.annotations.VisibleForTesting; + +/** + * Analyzer for showing grant commands. + */ +@DDLType(type=HiveParser.TOK_SHOW_GRANT) +public class ShowGrantAnalyzer extends AbstractPrivilegeAnalyzer { + public ShowGrantAnalyzer(QueryState queryState) throws SemanticException { + super(queryState); + } + + @VisibleForTesting + public ShowGrantAnalyzer(QueryState queryState, Hive db) throws SemanticException { + super(queryState, db); + } + + @Override + public void analyzeInternal(ASTNode root) throws SemanticException { + ctx.setResFile(ctx.getLocalTmpPath()); + Task task = hiveAuthorizationTaskFactory.createShowGrantTask(root, ctx.getResFile(), getInputs(), getOutputs()); + if (task != null) { + rootTasks.add(task); + + task.setFetchSource(true); + setFetchTask(createFetchTask(ShowGrantDesc.SCHEMA)); + } + } +} diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowGrantDesc.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/grant/ShowGrantDesc.java similarity index 91% rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowGrantDesc.java rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/grant/ShowGrantDesc.java index 8a2438a71d..30fe4c4f6a 100644 --- ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowGrantDesc.java +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/grant/ShowGrantDesc.java @@ -16,9 +16,11 @@ * limitations under the License. */ -package org.apache.hadoop.hive.ql.ddl.privilege; +package org.apache.hadoop.hive.ql.ddl.privilege.show.grant; import org.apache.hadoop.hive.ql.ddl.DDLDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeObjectDesc; import org.apache.hadoop.hive.ql.plan.Explain; import org.apache.hadoop.hive.ql.plan.Explain.Level; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowGrantOperation.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/grant/ShowGrantOperation.java similarity index 97% rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowGrantOperation.java rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/grant/ShowGrantOperation.java index d1320a94d7..46f62a7be7 100644 --- ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowGrantOperation.java +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/grant/ShowGrantOperation.java @@ -16,10 +16,11 @@ * limitations under the License. */ -package org.apache.hadoop.hive.ql.ddl.privilege; +package org.apache.hadoop.hive.ql.ddl.privilege.show.grant; import org.apache.hadoop.hive.ql.ddl.DDLOperationContext; import org.apache.hadoop.hive.ql.ddl.DDLUtils; +import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeUtils; import java.io.IOException; import java.util.Collections; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/grant/package-info.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/grant/package-info.java new file mode 100644 index 0000000000..e5beecafc8 --- /dev/null +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/grant/package-info.java @@ -0,0 +1,20 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** Grant showing DDL operation. */ +package org.apache.hadoop.hive.ql.ddl.privilege.show.grant; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/principals/ShowPrincipalsAnalyzer.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/principals/ShowPrincipalsAnalyzer.java new file mode 100644 index 0000000000..7cdeef1abb --- /dev/null +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/principals/ShowPrincipalsAnalyzer.java @@ -0,0 +1,58 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.hadoop.hive.ql.ddl.privilege.show.principals; + +import org.apache.hadoop.hive.ql.QueryState; +import org.apache.hadoop.hive.ql.exec.Task; +import org.apache.hadoop.hive.ql.metadata.Hive; +import org.apache.hadoop.hive.ql.ddl.DDLSemanticAnalyzerFactory.DDLType; +import org.apache.hadoop.hive.ql.ddl.privilege.AbstractPrivilegeAnalyzer; +import org.apache.hadoop.hive.ql.parse.ASTNode; +import org.apache.hadoop.hive.ql.parse.HiveParser; +import org.apache.hadoop.hive.ql.parse.SemanticException; + +import com.google.common.annotations.VisibleForTesting; + +/** + * Analyzer for showing principals commands. + */ +@DDLType(type=HiveParser.TOK_SHOW_ROLE_PRINCIPALS) +public class ShowPrincipalsAnalyzer extends AbstractPrivilegeAnalyzer { + public ShowPrincipalsAnalyzer(QueryState queryState) throws SemanticException { + super(queryState); + } + + @VisibleForTesting + public ShowPrincipalsAnalyzer(QueryState queryState, Hive db) throws SemanticException { + super(queryState, db); + } + + @Override + public void analyzeInternal(ASTNode root) throws SemanticException { + ctx.setResFile(ctx.getLocalTmpPath()); + Task task = hiveAuthorizationTaskFactory.createShowRolePrincipalsTask(root, ctx.getResFile(), getInputs(), + getOutputs()); + if (task != null) { + rootTasks.add(task); + + task.setFetchSource(true); + setFetchTask(createFetchTask(ShowPrincipalsDesc.SCHEMA)); + } + } +} diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowPrincipalsDesc.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/principals/ShowPrincipalsDesc.java similarity index 96% rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowPrincipalsDesc.java rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/principals/ShowPrincipalsDesc.java index 0db1348add..7f6d3359f5 100644 --- ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowPrincipalsDesc.java +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/principals/ShowPrincipalsDesc.java @@ -16,7 +16,7 @@ * limitations under the License. */ -package org.apache.hadoop.hive.ql.ddl.privilege; +package org.apache.hadoop.hive.ql.ddl.privilege.show.principals; import java.io.Serializable; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowPrincipalsOperation.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/principals/ShowPrincipalsOperation.java similarity index 95% rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowPrincipalsOperation.java rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/principals/ShowPrincipalsOperation.java index 2343f6d0f2..ab30f2d0f9 100644 --- ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowPrincipalsOperation.java +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/principals/ShowPrincipalsOperation.java @@ -16,10 +16,11 @@ * limitations under the License. */ -package org.apache.hadoop.hive.ql.ddl.privilege; +package org.apache.hadoop.hive.ql.ddl.privilege.show.principals; import org.apache.hadoop.hive.ql.ddl.DDLOperationContext; import org.apache.hadoop.hive.ql.ddl.DDLUtils; +import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeUtils; import java.io.IOException; import java.util.Collections; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/principals/package-info.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/principals/package-info.java new file mode 100644 index 0000000000..0e27d31b5b --- /dev/null +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/principals/package-info.java @@ -0,0 +1,20 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** Principal showing DDL operation. */ +package org.apache.hadoop.hive.ql.ddl.privilege.show.principals; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/rolegrant/ShowRoleGrantAnalyzer.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/rolegrant/ShowRoleGrantAnalyzer.java new file mode 100644 index 0000000000..2e093e7a74 --- /dev/null +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/rolegrant/ShowRoleGrantAnalyzer.java @@ -0,0 +1,58 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.hadoop.hive.ql.ddl.privilege.show.rolegrant; + +import org.apache.hadoop.hive.ql.QueryState; +import org.apache.hadoop.hive.ql.exec.Task; +import org.apache.hadoop.hive.ql.metadata.Hive; +import org.apache.hadoop.hive.ql.ddl.DDLSemanticAnalyzerFactory.DDLType; +import org.apache.hadoop.hive.ql.ddl.privilege.AbstractPrivilegeAnalyzer; +import org.apache.hadoop.hive.ql.parse.ASTNode; +import org.apache.hadoop.hive.ql.parse.HiveParser; +import org.apache.hadoop.hive.ql.parse.SemanticException; + +import com.google.common.annotations.VisibleForTesting; + +/** + * Analyzer for showing role grant commands. + */ +@DDLType(type=HiveParser.TOK_SHOW_ROLE_GRANT) +public class ShowRoleGrantAnalyzer extends AbstractPrivilegeAnalyzer { + public ShowRoleGrantAnalyzer(QueryState queryState) throws SemanticException { + super(queryState); + } + + @VisibleForTesting + public ShowRoleGrantAnalyzer(QueryState queryState, Hive db) throws SemanticException { + super(queryState, db); + } + + @Override + public void analyzeInternal(ASTNode root) throws SemanticException { + ctx.setResFile(ctx.getLocalTmpPath()); + Task task = hiveAuthorizationTaskFactory.createShowRoleGrantTask(root, ctx.getResFile(), getInputs(), + getOutputs()); + if (task != null) { + rootTasks.add(task); + + task.setFetchSource(true); + setFetchTask(createFetchTask(ShowRoleGrantDesc.SCHEMA)); + } + } +} diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowRoleGrantDesc.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/rolegrant/ShowRoleGrantDesc.java similarity index 96% rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowRoleGrantDesc.java rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/rolegrant/ShowRoleGrantDesc.java index 713fc53ba8..ab4433d078 100644 --- ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowRoleGrantDesc.java +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/rolegrant/ShowRoleGrantDesc.java @@ -16,7 +16,7 @@ * limitations under the License. */ -package org.apache.hadoop.hive.ql.ddl.privilege; +package org.apache.hadoop.hive.ql.ddl.privilege.show.rolegrant; import java.io.Serializable; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowRoleGrantOperation.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/rolegrant/ShowRoleGrantOperation.java similarity index 95% rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowRoleGrantOperation.java rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/rolegrant/ShowRoleGrantOperation.java index 88ddf1ef08..b83da181ab 100644 --- ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowRoleGrantOperation.java +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/rolegrant/ShowRoleGrantOperation.java @@ -16,10 +16,11 @@ * limitations under the License. */ -package org.apache.hadoop.hive.ql.ddl.privilege; +package org.apache.hadoop.hive.ql.ddl.privilege.show.rolegrant; import org.apache.hadoop.hive.ql.ddl.DDLOperationContext; import org.apache.hadoop.hive.ql.ddl.DDLUtils; +import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeUtils; import java.io.IOException; import java.util.Collections; diff --git ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/rolegrant/package-info.java ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/rolegrant/package-info.java new file mode 100644 index 0000000000..ccef832a89 --- /dev/null +++ ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/rolegrant/package-info.java @@ -0,0 +1,20 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** Role grant showing DDL operation. */ +package org.apache.hadoop.hive.ql.ddl.privilege.show.rolegrant; diff --git ql/src/java/org/apache/hadoop/hive/ql/parse/DDLSemanticAnalyzer.java ql/src/java/org/apache/hadoop/hive/ql/parse/DDLSemanticAnalyzer.java index 68dfe0de99..2b8a2ba214 100644 --- ql/src/java/org/apache/hadoop/hive/ql/parse/DDLSemanticAnalyzer.java +++ ql/src/java/org/apache/hadoop/hive/ql/parse/DDLSemanticAnalyzer.java @@ -19,8 +19,6 @@ package org.apache.hadoop.hive.ql.parse; import java.io.FileNotFoundException; -import java.lang.reflect.Constructor; -import java.lang.reflect.InvocationTargetException; import java.net.URI; import java.net.URISyntaxException; import java.util.ArrayList; @@ -74,10 +72,6 @@ import org.apache.hadoop.hive.ql.ddl.misc.MsckDesc; import org.apache.hadoop.hive.ql.ddl.misc.ShowConfDesc; import org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc; -import org.apache.hadoop.hive.ql.ddl.privilege.ShowGrantDesc; -import org.apache.hadoop.hive.ql.ddl.privilege.ShowPrincipalsDesc; -import org.apache.hadoop.hive.ql.ddl.privilege.ShowRoleGrantDesc; -import org.apache.hadoop.hive.ql.ddl.privilege.ShowRolesDesc; import org.apache.hadoop.hive.ql.ddl.process.AbortTransactionsDesc; import org.apache.hadoop.hive.ql.ddl.process.KillQueriesDesc; import org.apache.hadoop.hive.ql.ddl.process.ShowCompactionsDesc; @@ -172,8 +166,6 @@ import org.apache.hadoop.hive.ql.metadata.Partition; import org.apache.hadoop.hive.ql.metadata.Table; import org.apache.hadoop.hive.ql.parse.authorization.AuthorizationParseUtils; -import org.apache.hadoop.hive.ql.parse.authorization.HiveAuthorizationTaskFactory; -import org.apache.hadoop.hive.ql.parse.authorization.HiveAuthorizationTaskFactoryImpl; import org.apache.hadoop.hive.ql.plan.BasicStatsWork; import org.apache.hadoop.hive.ql.plan.ColumnStatsUpdateWork; import org.apache.hadoop.hive.ql.plan.ExprNodeColumnDesc; @@ -217,7 +209,6 @@ private static final Map TokenToTypeName = new HashMap(); private final Set reservedPartitionValues; - private final HiveAuthorizationTaskFactory hiveAuthorizationTaskFactory; private WriteEntity alterTableOutput; // Equivalent to acidSinks, but for DDL operations that change data. private DDLDescWithWriteId ddlDescWithWriteId; @@ -290,7 +281,6 @@ public DDLSemanticAnalyzer(QueryState queryState, Hive db) throws SemanticExcept reservedPartitionValues.add(HiveConf.getVar(conf, ConfVars.METASTORE_INT_ORIGINAL)); reservedPartitionValues.add(HiveConf.getVar(conf, ConfVars.METASTORE_INT_ARCHIVED)); reservedPartitionValues.add(HiveConf.getVar(conf, ConfVars.METASTORE_INT_EXTRACTED)); - hiveAuthorizationTaskFactory = createAuthorizationTaskFactory(conf, db); } @Override @@ -499,43 +489,6 @@ public void analyzeInternal(ASTNode input) throws SemanticException { case HiveParser.TOK_UNLOCKTABLE: analyzeUnlockTable(ast); break; - case HiveParser.TOK_CREATEROLE: - analyzeCreateRole(ast); - break; - case HiveParser.TOK_DROPROLE: - analyzeDropRole(ast); - break; - case HiveParser.TOK_SHOW_ROLE_GRANT: - ctx.setResFile(ctx.getLocalTmpPath()); - analyzeShowRoleGrant(ast); - break; - case HiveParser.TOK_SHOW_ROLE_PRINCIPALS: - ctx.setResFile(ctx.getLocalTmpPath()); - analyzeShowRolePrincipals(ast); - break; - case HiveParser.TOK_SHOW_ROLES: - ctx.setResFile(ctx.getLocalTmpPath()); - analyzeShowRoles(ast); - break; - case HiveParser.TOK_GRANT_ROLE: - analyzeGrantRevokeRole(true, ast); - break; - case HiveParser.TOK_REVOKE_ROLE: - analyzeGrantRevokeRole(false, ast); - break; - case HiveParser.TOK_GRANT: - analyzeGrant(ast); - break; - case HiveParser.TOK_SHOW_GRANT: - ctx.setResFile(ctx.getLocalTmpPath()); - analyzeShowGrant(ast); - break; - case HiveParser.TOK_REVOKE: - analyzeRevoke(ast); - break; - case HiveParser.TOK_SHOW_SET_ROLE: - analyzeSetShowRole(ast); - break; case HiveParser.TOK_CACHE_METADATA: analyzeCacheMetadata(ast); break; @@ -646,106 +599,6 @@ private void analyzeAlterTableUpdateStats(ASTNode ast, String tblName, Map task; - if(grant) { - task = hiveAuthorizationTaskFactory.createGrantRoleTask(ast, getInputs(), getOutputs()); - } else { - task = hiveAuthorizationTaskFactory.createRevokeRoleTask(ast, getInputs(), getOutputs()); - } - if(task != null) { - rootTasks.add(task); - } - } - - private void analyzeShowGrant(ASTNode ast) throws SemanticException { - Task task = hiveAuthorizationTaskFactory. - createShowGrantTask(ast, ctx.getResFile(), getInputs(), getOutputs()); - if(task != null) { - rootTasks.add(task); - setFetchTask(createFetchTask(ShowGrantDesc.SCHEMA)); - } - } - - private void analyzeGrant(ASTNode ast) throws SemanticException { - Task task = hiveAuthorizationTaskFactory. - createGrantTask(ast, getInputs(), getOutputs()); - if(task != null) { - rootTasks.add(task); - } - } - - private void analyzeRevoke(ASTNode ast) throws SemanticException { - Task task = hiveAuthorizationTaskFactory. - createRevokeTask(ast, getInputs(), getOutputs()); - if(task != null) { - rootTasks.add(task); - } - } - - private void analyzeCreateRole(ASTNode ast) throws SemanticException { - Task task = hiveAuthorizationTaskFactory. - createCreateRoleTask(ast, getInputs(), getOutputs()); - if(task != null) { - rootTasks.add(task); - } - } - - private void analyzeDropRole(ASTNode ast) throws SemanticException { - Task task = hiveAuthorizationTaskFactory. - createDropRoleTask(ast, getInputs(), getOutputs()); - if(task != null) { - rootTasks.add(task); - } - } - - private void analyzeShowRoleGrant(ASTNode ast) throws SemanticException { - Task task = hiveAuthorizationTaskFactory. - createShowRoleGrantTask(ast, ctx.getResFile(), getInputs(), getOutputs()); - if(task != null) { - rootTasks.add(task); - setFetchTask(createFetchTask(ShowRoleGrantDesc.SCHEMA)); - } - } - - private void analyzeShowRolePrincipals(ASTNode ast) throws SemanticException { - Task roleDDLTask = (Task) hiveAuthorizationTaskFactory - .createShowRolePrincipalsTask(ast, ctx.getResFile(), getInputs(), getOutputs()); - - if (roleDDLTask != null) { - rootTasks.add(roleDDLTask); - setFetchTask(createFetchTask(ShowPrincipalsDesc.SCHEMA)); - } - } - - private void analyzeShowRoles(ASTNode ast) throws SemanticException { - @SuppressWarnings("unchecked") - Task roleDDLTask = (Task) hiveAuthorizationTaskFactory - .createShowRolesTask(ast, ctx.getResFile(), getInputs(), getOutputs()); - - if (roleDDLTask != null) { - rootTasks.add(roleDDLTask); - setFetchTask(createFetchTask(ShowRolesDesc.SCHEMA)); - } - } - private void analyzeExchangePartition(String[] qualified, ASTNode ast) throws SemanticException { Table destTable = getTable(qualified); Table sourceTable = getTable(getUnescapedName((ASTNode)ast.getChild(1))); @@ -3968,31 +3821,6 @@ private void validateSkewedLocationString(String newLocation) throws SemanticExc } } - private HiveAuthorizationTaskFactory createAuthorizationTaskFactory(HiveConf conf, Hive db) { - Class authProviderClass = conf. - getClass(HiveConf.ConfVars.HIVE_AUTHORIZATION_TASK_FACTORY.varname, - HiveAuthorizationTaskFactoryImpl.class, - HiveAuthorizationTaskFactory.class); - String msg = "Unable to create instance of " + authProviderClass.getName() + ": "; - try { - Constructor constructor = - authProviderClass.getConstructor(HiveConf.class, Hive.class); - return constructor.newInstance(conf, db); - } catch (NoSuchMethodException e) { - throw new IllegalStateException(msg + e.getMessage(), e); - } catch (SecurityException e) { - throw new IllegalStateException(msg + e.getMessage(), e); - } catch (InstantiationException e) { - throw new IllegalStateException(msg + e.getMessage(), e); - } catch (IllegalAccessException e) { - throw new IllegalStateException(msg + e.getMessage(), e); - } catch (IllegalArgumentException e) { - throw new IllegalStateException(msg + e.getMessage(), e); - } catch (InvocationTargetException e) { - throw new IllegalStateException(msg + e.getMessage(), e); - } - } - private void analyzeAlterMaterializedViewRewrite(String fqMvName, ASTNode ast) throws SemanticException { // Value for the flag boolean enableFlag; diff --git ql/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g ql/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g index a881944800..6e7ed4d83e 100644 --- ql/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g +++ ql/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g @@ -329,9 +329,10 @@ TOK_PRIV_OBJECT; TOK_PRIV_OBJECT_COL; TOK_GRANT_ROLE; TOK_REVOKE_ROLE; +TOK_SET_ROLE; TOK_SHOW_ROLE_GRANT; TOK_SHOW_ROLES; -TOK_SHOW_SET_ROLE; +TOK_SHOW_CURRENT_ROLE; TOK_SHOW_ROLE_PRINCIPALS; TOK_SHOWDBLOCKS; TOK_DESCDATABASE; @@ -1767,7 +1768,7 @@ showCurrentRole @init {pushMsg("show current role", state);} @after {popMsg(state);} : KW_SHOW KW_CURRENT KW_ROLES - -> ^(TOK_SHOW_SET_ROLE) + -> ^(TOK_SHOW_CURRENT_ROLE) ; setRole @@ -1775,11 +1776,11 @@ setRole @after {popMsg(state);} : KW_SET KW_ROLE ( - (KW_ALL) => (all=KW_ALL) -> ^(TOK_SHOW_SET_ROLE Identifier[$all.text]) + (KW_ALL) => (all=KW_ALL) -> ^(TOK_SET_ROLE Identifier[$all.text]) | - (KW_NONE) => (none=KW_NONE) -> ^(TOK_SHOW_SET_ROLE Identifier[$none.text]) + (KW_NONE) => (none=KW_NONE) -> ^(TOK_SET_ROLE Identifier[$none.text]) | - identifier -> ^(TOK_SHOW_SET_ROLE identifier) + identifier -> ^(TOK_SET_ROLE identifier) ) ; diff --git ql/src/java/org/apache/hadoop/hive/ql/parse/SemanticAnalyzerFactory.java ql/src/java/org/apache/hadoop/hive/ql/parse/SemanticAnalyzerFactory.java index 1a994313dd..f20e49c2d3 100644 --- ql/src/java/org/apache/hadoop/hive/ql/parse/SemanticAnalyzerFactory.java +++ ql/src/java/org/apache/hadoop/hive/ql/parse/SemanticAnalyzerFactory.java @@ -142,18 +142,7 @@ private static BaseSemanticAnalyzer getInternal(QueryState queryState, ASTNode t case HiveParser.TOK_SHOWMATERIALIZEDVIEWS: case HiveParser.TOK_LOCKTABLE: case HiveParser.TOK_UNLOCKTABLE: - case HiveParser.TOK_CREATEROLE: - case HiveParser.TOK_DROPROLE: - case HiveParser.TOK_GRANT: - case HiveParser.TOK_REVOKE: - case HiveParser.TOK_SHOW_GRANT: - case HiveParser.TOK_GRANT_ROLE: - case HiveParser.TOK_REVOKE_ROLE: - case HiveParser.TOK_SHOW_ROLE_GRANT: - case HiveParser.TOK_SHOW_ROLE_PRINCIPALS: - case HiveParser.TOK_SHOW_ROLES: case HiveParser.TOK_TRUNCATETABLE: - case HiveParser.TOK_SHOW_SET_ROLE: case HiveParser.TOK_CACHE_METADATA: case HiveParser.TOK_KILL_QUERY: case HiveParser.TOK_CREATE_RP: diff --git ql/src/java/org/apache/hadoop/hive/ql/parse/authorization/HiveAuthorizationTaskFactoryImpl.java ql/src/java/org/apache/hadoop/hive/ql/parse/authorization/HiveAuthorizationTaskFactoryImpl.java index 8f7bcf5d43..756a33afc8 100644 --- ql/src/java/org/apache/hadoop/hive/ql/parse/authorization/HiveAuthorizationTaskFactoryImpl.java +++ ql/src/java/org/apache/hadoop/hive/ql/parse/authorization/HiveAuthorizationTaskFactoryImpl.java @@ -28,21 +28,21 @@ import org.apache.hadoop.hive.metastore.api.PrincipalType; import org.apache.hadoop.hive.ql.ErrorMsg; import org.apache.hadoop.hive.ql.ddl.DDLWork; -import org.apache.hadoop.hive.ql.ddl.privilege.CreateRoleDesc; -import org.apache.hadoop.hive.ql.ddl.privilege.DropRoleDesc; -import org.apache.hadoop.hive.ql.ddl.privilege.GrantDesc; -import org.apache.hadoop.hive.ql.ddl.privilege.GrantRoleDesc; import org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc; import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeDesc; import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeObjectDesc; -import org.apache.hadoop.hive.ql.ddl.privilege.RevokeDesc; -import org.apache.hadoop.hive.ql.ddl.privilege.RevokeRoleDesc; -import org.apache.hadoop.hive.ql.ddl.privilege.SetRoleDesc; -import org.apache.hadoop.hive.ql.ddl.privilege.ShowCurrentRoleDesc; -import org.apache.hadoop.hive.ql.ddl.privilege.ShowGrantDesc; -import org.apache.hadoop.hive.ql.ddl.privilege.ShowPrincipalsDesc; -import org.apache.hadoop.hive.ql.ddl.privilege.ShowRoleGrantDesc; -import org.apache.hadoop.hive.ql.ddl.privilege.ShowRolesDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.grant.GrantDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.revoke.RevokeDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.role.create.CreateRoleDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.role.drop.DropRoleDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.role.grant.GrantRoleDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.role.revoke.RevokeRoleDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.role.set.SetRoleDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.role.show.ShowCurrentRoleDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.role.show.ShowRolesDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.show.grant.ShowGrantDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.show.principals.ShowPrincipalsDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.show.rolegrant.ShowRoleGrantDesc; import org.apache.hadoop.hive.ql.exec.Task; import org.apache.hadoop.hive.ql.exec.TaskFactory; import org.apache.hadoop.hive.ql.hooks.ReadEntity; diff --git ql/src/java/org/apache/hadoop/hive/ql/plan/HiveOperation.java ql/src/java/org/apache/hadoop/hive/ql/plan/HiveOperation.java index 62a42e1af1..f1ab99e069 100644 --- ql/src/java/org/apache/hadoop/hive/ql/plan/HiveOperation.java +++ ql/src/java/org/apache/hadoop/hive/ql/plan/HiveOperation.java @@ -129,8 +129,9 @@ SHOW_GRANT("SHOW_GRANT", HiveParser.TOK_SHOW_GRANT, null, null, true, false), GRANT_ROLE("GRANT_ROLE", HiveParser.TOK_GRANT_ROLE, null, null), REVOKE_ROLE("REVOKE_ROLE", HiveParser.TOK_REVOKE_ROLE, null, null), - SHOW_ROLES("SHOW_ROLES", new int[] {HiveParser.TOK_SHOW_ROLES, HiveParser.TOK_SHOW_SET_ROLE}, null, null, true, - false), + SHOW_ROLES("SHOW_ROLES", + new int[] {HiveParser.TOK_SHOW_ROLES, HiveParser.TOK_SHOW_CURRENT_ROLE, HiveParser.TOK_SET_ROLE}, + null, null, true, false), SHOW_ROLE_PRINCIPALS("SHOW_ROLE_PRINCIPALS", HiveParser.TOK_SHOW_ROLE_PRINCIPALS, null, null, true, false), SHOW_ROLE_GRANT("SHOW_ROLE_GRANT", HiveParser.TOK_SHOW_ROLE_GRANT, null, null, true, false), ALTERTABLE_FILEFORMAT("ALTERTABLE_FILEFORMAT", HiveParser.TOK_ALTERTABLE_FILEFORMAT, diff --git ql/src/test/org/apache/hadoop/hive/ql/parse/authorization/AuthorizationTestUtil.java ql/src/test/org/apache/hadoop/hive/ql/parse/authorization/AuthorizationTestUtil.java index 5276b5892c..72a6c66aed 100644 --- ql/src/test/org/apache/hadoop/hive/ql/parse/authorization/AuthorizationTestUtil.java +++ ql/src/test/org/apache/hadoop/hive/ql/parse/authorization/AuthorizationTestUtil.java @@ -21,10 +21,12 @@ import org.apache.hadoop.hive.ql.Context; import org.apache.hadoop.hive.ql.QueryState; +import org.apache.hadoop.hive.ql.ddl.DDLSemanticAnalyzerFactory; import org.apache.hadoop.hive.ql.ddl.DDLWork; import org.apache.hadoop.hive.ql.exec.Task; import org.apache.hadoop.hive.ql.metadata.Hive; import org.apache.hadoop.hive.ql.parse.ASTNode; +import org.apache.hadoop.hive.ql.parse.BaseSemanticAnalyzer; import org.apache.hadoop.hive.ql.parse.DDLSemanticAnalyzer; import org.apache.hadoop.hive.ql.parse.ParseUtils; import org.apache.hadoop.hive.ql.session.SessionState; @@ -36,7 +38,10 @@ public class AuthorizationTestUtil { public static DDLWork analyze(ASTNode ast, QueryState queryState, Hive db) throws Exception { - DDLSemanticAnalyzer analyzer = new DDLSemanticAnalyzer(queryState, db); + BaseSemanticAnalyzer analyzer = DDLSemanticAnalyzerFactory.getAnalyzer(ast, queryState, db); + if (analyzer == null) { + analyzer = new DDLSemanticAnalyzer(queryState, db); + } SessionState.start(queryState.getConf()); analyzer.analyze(ast, new Context(queryState.getConf())); List> rootTasks = analyzer.getRootTasks(); diff --git ql/src/test/org/apache/hadoop/hive/ql/parse/authorization/PrivilegesTestBase.java ql/src/test/org/apache/hadoop/hive/ql/parse/authorization/PrivilegesTestBase.java index 7339e08717..6fd07a00e3 100644 --- ql/src/test/org/apache/hadoop/hive/ql/parse/authorization/PrivilegesTestBase.java +++ ql/src/test/org/apache/hadoop/hive/ql/parse/authorization/PrivilegesTestBase.java @@ -20,9 +20,9 @@ import org.apache.hadoop.hive.metastore.api.PrincipalType; import org.apache.hadoop.hive.ql.QueryState; import org.apache.hadoop.hive.ql.ddl.DDLWork; -import org.apache.hadoop.hive.ql.ddl.privilege.GrantDesc; import org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc; import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.grant.GrantDesc; import org.apache.hadoop.hive.ql.metadata.Hive; import org.apache.hadoop.hive.ql.security.authorization.PrivilegeType; import org.junit.Assert; diff --git ql/src/test/org/apache/hadoop/hive/ql/parse/authorization/TestHiveAuthorizationTaskFactory.java ql/src/test/org/apache/hadoop/hive/ql/parse/authorization/TestHiveAuthorizationTaskFactory.java index f67867e191..54ce8f3553 100644 --- ql/src/test/org/apache/hadoop/hive/ql/parse/authorization/TestHiveAuthorizationTaskFactory.java +++ ql/src/test/org/apache/hadoop/hive/ql/parse/authorization/TestHiveAuthorizationTaskFactory.java @@ -26,17 +26,17 @@ import org.apache.hadoop.hive.metastore.api.PrincipalType; import org.apache.hadoop.hive.ql.QueryState; import org.apache.hadoop.hive.ql.ddl.DDLWork; -import org.apache.hadoop.hive.ql.ddl.privilege.CreateRoleDesc; -import org.apache.hadoop.hive.ql.ddl.privilege.DropRoleDesc; -import org.apache.hadoop.hive.ql.ddl.privilege.GrantDesc; -import org.apache.hadoop.hive.ql.ddl.privilege.GrantRoleDesc; import org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc; import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeDesc; import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeObjectDesc; -import org.apache.hadoop.hive.ql.ddl.privilege.RevokeDesc; -import org.apache.hadoop.hive.ql.ddl.privilege.RevokeRoleDesc; -import org.apache.hadoop.hive.ql.ddl.privilege.ShowGrantDesc; -import org.apache.hadoop.hive.ql.ddl.privilege.ShowRoleGrantDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.grant.GrantDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.revoke.RevokeDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.role.create.CreateRoleDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.role.drop.DropRoleDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.role.grant.GrantRoleDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.role.revoke.RevokeRoleDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.show.grant.ShowGrantDesc; +import org.apache.hadoop.hive.ql.ddl.privilege.show.rolegrant.ShowRoleGrantDesc; import org.apache.hadoop.hive.ql.metadata.Hive; import org.apache.hadoop.hive.ql.metadata.Partition; import org.apache.hadoop.hive.ql.metadata.Table;