diff --git data/conf/llap/hive-site.xml data/conf/llap/hive-site.xml
index 0c5d030..d37c1b5 100644
--- data/conf/llap/hive-site.xml
+++ data/conf/llap/hive-site.xml
@@ -373,4 +373,9 @@
org.apache.hadoop.hive.ql.hooks.ScheduledQueryCreationRegistryHook
+
+ hive.users.in.admin.role
+ hive_admin_user
+
+
diff --git itests/util/src/main/java/org/apache/hadoop/hive/ql/QTestUtil.java itests/util/src/main/java/org/apache/hadoop/hive/ql/QTestUtil.java
index 953253f..321161f 100644
--- itests/util/src/main/java/org/apache/hadoop/hive/ql/QTestUtil.java
+++ itests/util/src/main/java/org/apache/hadoop/hive/ql/QTestUtil.java
@@ -76,6 +76,7 @@
import org.apache.hadoop.hive.ql.processors.CommandProcessorFactory;
import org.apache.hadoop.hive.ql.processors.CommandProcessorResponse;
import org.apache.hadoop.hive.ql.processors.HiveCommand;
+import org.apache.hadoop.hive.ql.qoption.QTestAuthorizerHandler;
import org.apache.hadoop.hive.ql.qoption.QTestOptionDispatcher;
import org.apache.hadoop.hive.ql.qoption.QTestReplaceHandler;
import org.apache.hadoop.hive.ql.qoption.QTestSysDbHandler;
@@ -211,6 +212,7 @@
testFiles = datasetHandler.getDataDir(conf);
conf.set("test.data.dir", datasetHandler.getDataDir(conf));
conf.setVar(ConfVars.HIVE_QUERY_RESULTS_CACHE_DIRECTORY, "/tmp/hive/_resultscache_" + ProcessUtils.getPid());
+ dispatcher.register("authorizer", new QTestAuthorizerHandler());
dispatcher.register("dataset", datasetHandler);
dispatcher.register("replace", replaceHandler);
dispatcher.register("sysdb", new QTestSysDbHandler());
diff --git itests/util/src/main/java/org/apache/hadoop/hive/ql/qoption/QTestAuthorizerHandler.java itests/util/src/main/java/org/apache/hadoop/hive/ql/qoption/QTestAuthorizerHandler.java
new file mode 100644
index 0000000..c74f72c
--- /dev/null
+++ itests/util/src/main/java/org/apache/hadoop/hive/ql/qoption/QTestAuthorizerHandler.java
@@ -0,0 +1,56 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.hadoop.hive.ql.qoption;
+
+import org.apache.hadoop.hive.ql.QTestUtil;
+
+/**
+ * QTest authorizer option
+ *
+ * Enables authorization for the qtest.
+ *
+ * Example:
+ * --! qt:authorizer
+ */
+public class QTestAuthorizerHandler implements QTestOptionHandler {
+ private boolean enabled;
+
+ @Override
+ public void processArguments(String arguments) {
+ enabled = true;
+ }
+
+ @Override
+ public void beforeTest(QTestUtil qt) throws Exception {
+ if (enabled) {
+ qt.getConf().set("hive.test.authz.sstd.hs2.mode", "true");
+ qt.getConf().set("hive.security.authorization.manager",
+ "org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest");
+ qt.getConf().set("hive.security.authenticator.manager",
+ "org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator");
+ qt.getConf().set("hive.security.authorization.enabled", "true");
+ }
+ }
+
+ @Override
+ public void afterTest(QTestUtil qt) throws Exception {
+ enabled = false;
+ }
+
+}
diff --git ql/src/test/queries/clientnegative/authorization_addpartition.q ql/src/test/queries/clientnegative/authorization_addpartition.q
index f84ab98..eff19cc 100644
--- ql/src/test/queries/clientnegative/authorization_addpartition.q
+++ ql/src/test/queries/clientnegative/authorization_addpartition.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=user1;
-- check add partition without insert privilege
diff --git ql/src/test/queries/clientnegative/authorization_alter_db_owner.q ql/src/test/queries/clientnegative/authorization_alter_db_owner.q
index 83a0efa..f0bee46 100644
--- ql/src/test/queries/clientnegative/authorization_alter_db_owner.q
+++ ql/src/test/queries/clientnegative/authorization_alter_db_owner.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=user1;
-- check if alter table owner fails
diff --git ql/src/test/queries/clientnegative/authorization_alter_db_owner_default.q ql/src/test/queries/clientnegative/authorization_alter_db_owner_default.q
index 2140eca..7283f5c 100644
--- ql/src/test/queries/clientnegative/authorization_alter_db_owner_default.q
+++ ql/src/test/queries/clientnegative/authorization_alter_db_owner_default.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=user1;
-- check if alter table owner fails
diff --git ql/src/test/queries/clientnegative/authorization_alter_drop_ptn.q ql/src/test/queries/clientnegative/authorization_alter_drop_ptn.q
index 5b2c1ed..3a8b2a9 100644
--- ql/src/test/queries/clientnegative/authorization_alter_drop_ptn.q
+++ ql/src/test/queries/clientnegative/authorization_alter_drop_ptn.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
-- check alter-drop on partition
create table auth_trunc2(i int) partitioned by (j int);
diff --git ql/src/test/queries/clientnegative/authorization_alter_table_exchange_partition_fail.q ql/src/test/queries/clientnegative/authorization_alter_table_exchange_partition_fail.q
index 4bdc27b..8a89d97 100644
--- ql/src/test/queries/clientnegative/authorization_alter_table_exchange_partition_fail.q
+++ ql/src/test/queries/clientnegative/authorization_alter_table_exchange_partition_fail.q
@@ -1,8 +1,5 @@
+--! qt:authorizer
--! qt:dataset:src
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
set user.name=user1;
@@ -38,8 +35,4 @@
explain authorization alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1;
alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1;
-
- set hive.security.authorization.enabled=false;
-
-
diff --git ql/src/test/queries/clientnegative/authorization_alter_table_exchange_partition_fail2.q ql/src/test/queries/clientnegative/authorization_alter_table_exchange_partition_fail2.q
index 3b7dffa..e6d9123 100644
--- ql/src/test/queries/clientnegative/authorization_alter_table_exchange_partition_fail2.q
+++ ql/src/test/queries/clientnegative/authorization_alter_table_exchange_partition_fail2.q
@@ -1,8 +1,5 @@
+--! qt:authorizer
--! qt:dataset:src
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
set user.name=user1;
@@ -43,8 +40,3 @@
explain authorization alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1;
alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1;
-
- set hive.security.authorization.enabled=false;
-
-
-
diff --git ql/src/test/queries/clientnegative/authorization_create_func1.q ql/src/test/queries/clientnegative/authorization_create_func1.q
index 1154ce8..0162446 100644
--- ql/src/test/queries/clientnegative/authorization_create_func1.q
+++ ql/src/test/queries/clientnegative/authorization_create_func1.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=hive_test_user;
-- permanent function creation should fail for non-admin roles
diff --git ql/src/test/queries/clientnegative/authorization_create_func2.q ql/src/test/queries/clientnegative/authorization_create_func2.q
index 0d273fa..2c41380 100644
--- ql/src/test/queries/clientnegative/authorization_create_func2.q
+++ ql/src/test/queries/clientnegative/authorization_create_func2.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=hive_test_user;
-- temp function creation should fail for non-admin roles
diff --git ql/src/test/queries/clientnegative/authorization_create_macro1.q ql/src/test/queries/clientnegative/authorization_create_macro1.q
index f965426..b3dbcd7 100644
--- ql/src/test/queries/clientnegative/authorization_create_macro1.q
+++ ql/src/test/queries/clientnegative/authorization_create_macro1.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=hive_test_user;
-- temp macro creation should fail for non-admin roles
diff --git ql/src/test/queries/clientnegative/authorization_create_tbl.q ql/src/test/queries/clientnegative/authorization_create_tbl.q
index f0f398f..adad4b5 100644
--- ql/src/test/queries/clientnegative/authorization_create_tbl.q
+++ ql/src/test/queries/clientnegative/authorization_create_tbl.q
@@ -1,8 +1,5 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
+--! qt:authorizer
-set hive.security.authorization.enabled=true;
set user.name=user33;
create database db23221;
use db23221;
diff --git ql/src/test/queries/clientnegative/authorization_create_view.q ql/src/test/queries/clientnegative/authorization_create_view.q
index 6438cdd..1ef8ef1 100644
--- ql/src/test/queries/clientnegative/authorization_create_view.q
+++ ql/src/test/queries/clientnegative/authorization_create_view.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=user3;
create database db1;
diff --git ql/src/test/queries/clientnegative/authorization_createview.q ql/src/test/queries/clientnegative/authorization_createview.q
index 4c91c70..04a92b7 100644
--- ql/src/test/queries/clientnegative/authorization_createview.q
+++ ql/src/test/queries/clientnegative/authorization_createview.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
-- check create view without select privileges
create table t1(i int);
diff --git ql/src/test/queries/clientnegative/authorization_ctas.q ql/src/test/queries/clientnegative/authorization_ctas.q
index 13e25f5..2556fc0 100644
--- ql/src/test/queries/clientnegative/authorization_ctas.q
+++ ql/src/test/queries/clientnegative/authorization_ctas.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
-- check query without select privilege fails
create table t1(i int);
diff --git ql/src/test/queries/clientnegative/authorization_ctas2.q ql/src/test/queries/clientnegative/authorization_ctas2.q
index 0bf634c..f92bf51 100644
--- ql/src/test/queries/clientnegative/authorization_ctas2.q
+++ ql/src/test/queries/clientnegative/authorization_ctas2.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=user_dbowner;
-- check ctas without db ownership
diff --git ql/src/test/queries/clientnegative/authorization_delete_nodeletepriv.q ql/src/test/queries/clientnegative/authorization_delete_nodeletepriv.q
index 28c256e..778b845 100644
--- ql/src/test/queries/clientnegative/authorization_delete_nodeletepriv.q
+++ ql/src/test/queries/clientnegative/authorization_delete_nodeletepriv.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set hive.support.concurrency=true;
set hive.txn.manager=org.apache.hadoop.hive.ql.lockmgr.DbTxnManager;
diff --git ql/src/test/queries/clientnegative/authorization_desc_table_nosel.q ql/src/test/queries/clientnegative/authorization_desc_table_nosel.q
index 598cc75..fdc8593 100644
--- ql/src/test/queries/clientnegative/authorization_desc_table_nosel.q
+++ ql/src/test/queries/clientnegative/authorization_desc_table_nosel.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=user1;
-- check if alter table fails as different user
diff --git ql/src/test/queries/clientnegative/authorization_drop_db_cascade.q ql/src/test/queries/clientnegative/authorization_drop_db_cascade.q
index eb573f4..0d3baea 100644
--- ql/src/test/queries/clientnegative/authorization_drop_db_cascade.q
+++ ql/src/test/queries/clientnegative/authorization_drop_db_cascade.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=user1;
-- ensure that drop database cascade works
diff --git ql/src/test/queries/clientnegative/authorization_drop_db_empty.q ql/src/test/queries/clientnegative/authorization_drop_db_empty.q
index 570a0fa..14ed4de 100644
--- ql/src/test/queries/clientnegative/authorization_drop_db_empty.q
+++ ql/src/test/queries/clientnegative/authorization_drop_db_empty.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=user1;
-- check if changing owner and dropping as other user works
diff --git ql/src/test/queries/clientnegative/authorization_droppartition.q ql/src/test/queries/clientnegative/authorization_droppartition.q
index 29a27ce..d24a04c 100644
--- ql/src/test/queries/clientnegative/authorization_droppartition.q
+++ ql/src/test/queries/clientnegative/authorization_droppartition.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
dfs ${system:test.dfs.mkdir} ${system:test.tmp.dir}/authz_drop_part_1;
diff --git ql/src/test/queries/clientnegative/authorization_export_ptn.q ql/src/test/queries/clientnegative/authorization_export_ptn.q
index c9b4675..1681134 100644
--- ql/src/test/queries/clientnegative/authorization_export_ptn.q
+++ ql/src/test/queries/clientnegative/authorization_export_ptn.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
dfs ${system:test.dfs.mkdir} ${system:test.tmp.dir}/hive-12875-export/temp;
dfs -rmr ${system:test.tmp.dir}/hive-12875-export;
@@ -12,8 +9,3 @@
alter table auth_export_ptn add partition (j=42);
set user.name=user1;
export table auth_export_ptn partition (j=42) to 'pfile://${system:test.tmp.dir}/hive-12875-export';
-
-set hive.security.authorization.enabled=false;
-
-drop table auth_export_ptn;
-
diff --git ql/src/test/queries/clientnegative/authorization_import.q ql/src/test/queries/clientnegative/authorization_import.q
index e296411..1bf923f 100644
--- ql/src/test/queries/clientnegative/authorization_import.q
+++ ql/src/test/queries/clientnegative/authorization_import.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set test.hive.authz.sstd.validator.bypassObjTypes=DFS_URI;
diff --git ql/src/test/queries/clientnegative/authorization_import_ptn.q ql/src/test/queries/clientnegative/authorization_import_ptn.q
index 70c3a36..c959a12 100644
--- ql/src/test/queries/clientnegative/authorization_import_ptn.q
+++ ql/src/test/queries/clientnegative/authorization_import_ptn.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
dfs ${system:test.dfs.mkdir} ${system:test.tmp.dir}/hive-12875-import/temp;
dfs -rmr ${system:test.tmp.dir}/hive-12875-import;
@@ -16,8 +13,3 @@
set user.name=user1;
import table auth_import_ptn partition (j=42) from 'pfile://${system:test.tmp.dir}/hive-12875-import';
-
-set hive.security.authorization.enabled=false;
-
-drop table auth_import_ptn;
-
diff --git ql/src/test/queries/clientnegative/authorization_insert_noinspriv.q ql/src/test/queries/clientnegative/authorization_insert_noinspriv.q
index 0ab5c08..13f1e64 100644
--- ql/src/test/queries/clientnegative/authorization_insert_noinspriv.q
+++ ql/src/test/queries/clientnegative/authorization_insert_noinspriv.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
-- check insert without select priv
create table t1(i int);
diff --git ql/src/test/queries/clientnegative/authorization_insert_noselectpriv.q ql/src/test/queries/clientnegative/authorization_insert_noselectpriv.q
index 7b60d56..7addb68 100644
--- ql/src/test/queries/clientnegative/authorization_insert_noselectpriv.q
+++ ql/src/test/queries/clientnegative/authorization_insert_noselectpriv.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
-- check insert without select priv
create table t1(i int);
diff --git ql/src/test/queries/clientnegative/authorization_insertoverwrite_nodel.q ql/src/test/queries/clientnegative/authorization_insertoverwrite_nodel.q
index d891ca2..16387cc 100644
--- ql/src/test/queries/clientnegative/authorization_insertoverwrite_nodel.q
+++ ql/src/test/queries/clientnegative/authorization_insertoverwrite_nodel.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=hive_test_user;
-- check insert overwrite without delete priv
diff --git ql/src/test/queries/clientnegative/authorization_insertpart_noinspriv.q ql/src/test/queries/clientnegative/authorization_insertpart_noinspriv.q
index 225eff4..2452201 100644
--- ql/src/test/queries/clientnegative/authorization_insertpart_noinspriv.q
+++ ql/src/test/queries/clientnegative/authorization_insertpart_noinspriv.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
-- check insert without select priv
create table testp(i int) partitioned by (dt string);
diff --git ql/src/test/queries/clientnegative/authorization_jdbc_keystore.q ql/src/test/queries/clientnegative/authorization_jdbc_keystore.q
index 63288f7..8aacbd4 100644
--- ql/src/test/queries/clientnegative/authorization_jdbc_keystore.q
+++ ql/src/test/queries/clientnegative/authorization_jdbc_keystore.q
@@ -1,9 +1,6 @@
+--! qt:authorizer
--! qt:dataset:
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
dfs -cp ${system:test.tmp.dir}/../../../../data/files/test.jceks ${system:test.tmp.dir}/test.jceks;
dfs -chmod 555 ${system:test.tmp.dir}/test.jceks;
diff --git ql/src/test/queries/clientnegative/authorization_msck.q ql/src/test/queries/clientnegative/authorization_msck.q
index 8c7edce..80bd7b6 100644
--- ql/src/test/queries/clientnegative/authorization_msck.q
+++ ql/src/test/queries/clientnegative/authorization_msck.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=user1;
-- check if alter table fails as different user
diff --git ql/src/test/queries/clientnegative/authorization_not_owner_alter_tab_rename.q ql/src/test/queries/clientnegative/authorization_not_owner_alter_tab_rename.q
index fe5c1f6..284ee3f 100644
--- ql/src/test/queries/clientnegative/authorization_not_owner_alter_tab_rename.q
+++ ql/src/test/queries/clientnegative/authorization_not_owner_alter_tab_rename.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=user1;
-- check if alter table fails as different user
diff --git ql/src/test/queries/clientnegative/authorization_not_owner_alter_tab_serdeprop.q ql/src/test/queries/clientnegative/authorization_not_owner_alter_tab_serdeprop.q
index 2eb4180..8b1b494 100644
--- ql/src/test/queries/clientnegative/authorization_not_owner_alter_tab_serdeprop.q
+++ ql/src/test/queries/clientnegative/authorization_not_owner_alter_tab_serdeprop.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=user1;
-- check if alter table fails as different user
diff --git ql/src/test/queries/clientnegative/authorization_not_owner_drop_tab.q ql/src/test/queries/clientnegative/authorization_not_owner_drop_tab.q
index aa8b684..6180109 100644
--- ql/src/test/queries/clientnegative/authorization_not_owner_drop_tab.q
+++ ql/src/test/queries/clientnegative/authorization_not_owner_drop_tab.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=user1;
-- check if create table fails as different user
diff --git ql/src/test/queries/clientnegative/authorization_not_owner_drop_tab2.q ql/src/test/queries/clientnegative/authorization_not_owner_drop_tab2.q
index c4ef868..45c2de9 100644
--- ql/src/test/queries/clientnegative/authorization_not_owner_drop_tab2.q
+++ ql/src/test/queries/clientnegative/authorization_not_owner_drop_tab2.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=user1;
create database db1;
diff --git ql/src/test/queries/clientnegative/authorization_not_owner_drop_view.q ql/src/test/queries/clientnegative/authorization_not_owner_drop_view.q
index 8e611a0..77991bd 100644
--- ql/src/test/queries/clientnegative/authorization_not_owner_drop_view.q
+++ ql/src/test/queries/clientnegative/authorization_not_owner_drop_view.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=user1;
-- check if create table fails as different user
diff --git ql/src/test/queries/clientnegative/authorization_rolehierarchy_privs.q ql/src/test/queries/clientnegative/authorization_rolehierarchy_privs.q
index ede7dfd..c07a5d3 100644
--- ql/src/test/queries/clientnegative/authorization_rolehierarchy_privs.q
+++ ql/src/test/queries/clientnegative/authorization_rolehierarchy_privs.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=hive_admin_user;
show current roles;
diff --git ql/src/test/queries/clientnegative/authorization_select.q ql/src/test/queries/clientnegative/authorization_select.q
index d4cc148..e77c810 100644
--- ql/src/test/queries/clientnegative/authorization_select.q
+++ ql/src/test/queries/clientnegative/authorization_select.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
-- check query without select privilege fails
create table t1(i int);
diff --git ql/src/test/queries/clientnegative/authorization_select_view.q ql/src/test/queries/clientnegative/authorization_select_view.q
index 365f239..25b7dd0 100644
--- ql/src/test/queries/clientnegative/authorization_select_view.q
+++ ql/src/test/queries/clientnegative/authorization_select_view.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
-- check create view without select privileges
create table t1(i int);
diff --git ql/src/test/queries/clientnegative/authorization_show_columns.q ql/src/test/queries/clientnegative/authorization_show_columns.q
index a6597af..8a2590f 100644
--- ql/src/test/queries/clientnegative/authorization_show_columns.q
+++ ql/src/test/queries/clientnegative/authorization_show_columns.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
create database db1;
use db1;
diff --git ql/src/test/queries/clientnegative/authorization_show_grant_otherrole.q ql/src/test/queries/clientnegative/authorization_show_grant_otherrole.q
index e689c60..9baf194 100644
--- ql/src/test/queries/clientnegative/authorization_show_grant_otherrole.q
+++ ql/src/test/queries/clientnegative/authorization_show_grant_otherrole.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=hive_admin_user;
set role admin;
diff --git ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_all.q ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_all.q
index 8b55f8d..d29b8d6 100644
--- ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_all.q
+++ ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_all.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=user1;
show grant;
diff --git ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_alltabs.q ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_alltabs.q
index 912842e..f2c2ac8 100644
--- ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_alltabs.q
+++ ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_alltabs.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=user1;
show grant user user2;
diff --git ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_wtab.q ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_wtab.q
index 3558c4d..5024e54 100644
--- ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_wtab.q
+++ ql/src/test/queries/clientnegative/authorization_show_grant_otheruser_wtab.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=user1;
create table t1(i int, j int, k int);
diff --git ql/src/test/queries/clientnegative/authorization_show_parts_nosel.q ql/src/test/queries/clientnegative/authorization_show_parts_nosel.q
index e63dfd8..e8bc3e2 100644
--- ql/src/test/queries/clientnegative/authorization_show_parts_nosel.q
+++ ql/src/test/queries/clientnegative/authorization_show_parts_nosel.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=user1;
-- check if alter table fails as different user
diff --git ql/src/test/queries/clientnegative/authorization_truncate.q ql/src/test/queries/clientnegative/authorization_truncate.q
index da96c61..e446bad 100644
--- ql/src/test/queries/clientnegative/authorization_truncate.q
+++ ql/src/test/queries/clientnegative/authorization_truncate.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
-- check add partition without insert privilege
create table t1(i int, j int);
diff --git ql/src/test/queries/clientnegative/authorization_truncate_2.q ql/src/test/queries/clientnegative/authorization_truncate_2.q
index 120cf5d..91d31a2 100644
--- ql/src/test/queries/clientnegative/authorization_truncate_2.q
+++ ql/src/test/queries/clientnegative/authorization_truncate_2.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
-- check truncate on partition
create table auth_trunc2(i int) partitioned by (j int);
diff --git ql/src/test/queries/clientnegative/authorization_update_noupdatepriv.q ql/src/test/queries/clientnegative/authorization_update_noupdatepriv.q
index 674ad1e..316f25a 100644
--- ql/src/test/queries/clientnegative/authorization_update_noupdatepriv.q
+++ ql/src/test/queries/clientnegative/authorization_update_noupdatepriv.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set hive.support.concurrency=true;
set hive.txn.manager=org.apache.hadoop.hive.ql.lockmgr.DbTxnManager;
diff --git ql/src/test/queries/clientnegative/authorization_uri_add_partition.q ql/src/test/queries/clientnegative/authorization_uri_add_partition.q
index 5b2e486..ad42aff 100644
--- ql/src/test/queries/clientnegative/authorization_uri_add_partition.q
+++ ql/src/test/queries/clientnegative/authorization_uri_add_partition.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
dfs ${system:test.dfs.mkdir} ${system:test.tmp.dir}/a_uri_add_part;
dfs -touchz ${system:test.tmp.dir}/a_uri_add_part/1.txt;
diff --git ql/src/test/queries/clientnegative/authorization_uri_alterpart_loc.q ql/src/test/queries/clientnegative/authorization_uri_alterpart_loc.q
index b7ad814..f1df486 100644
--- ql/src/test/queries/clientnegative/authorization_uri_alterpart_loc.q
+++ ql/src/test/queries/clientnegative/authorization_uri_alterpart_loc.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
dfs ${system:test.dfs.mkdir} ${system:test.tmp.dir}/az_uri_alterpart_loc_perm;
dfs ${system:test.dfs.mkdir} ${system:test.tmp.dir}/az_uri_alterpart_loc;
diff --git ql/src/test/queries/clientnegative/authorization_uri_altertab_setloc.q ql/src/test/queries/clientnegative/authorization_uri_altertab_setloc.q
index 653b7bb..06d7b56 100644
--- ql/src/test/queries/clientnegative/authorization_uri_altertab_setloc.q
+++ ql/src/test/queries/clientnegative/authorization_uri_altertab_setloc.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
dfs ${system:test.dfs.mkdir} ${system:test.tmp.dir}/az_uri_altertab_setloc;
dfs -touchz ${system:test.tmp.dir}/az_uri_altertab_setloc/1.txt;
diff --git ql/src/test/queries/clientnegative/authorization_uri_create_table1.q ql/src/test/queries/clientnegative/authorization_uri_create_table1.q
index 307c4f6..1434239 100644
--- ql/src/test/queries/clientnegative/authorization_uri_create_table1.q
+++ ql/src/test/queries/clientnegative/authorization_uri_create_table1.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
dfs ${system:test.dfs.mkdir} ${system:test.tmp.dir}/a_uri_crtab1;
dfs -touchz ${system:test.tmp.dir}/a_uri_crtab1/1.txt;
diff --git ql/src/test/queries/clientnegative/authorization_uri_create_table_ext.q ql/src/test/queries/clientnegative/authorization_uri_create_table_ext.q
index 82b5916..982cac4 100644
--- ql/src/test/queries/clientnegative/authorization_uri_create_table_ext.q
+++ ql/src/test/queries/clientnegative/authorization_uri_create_table_ext.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
dfs ${system:test.dfs.mkdir} ${system:test.tmp.dir}/a_uri_crtab_ext;
dfs -touchz ${system:test.tmp.dir}/a_uri_crtab_ext/1.txt;
diff --git ql/src/test/queries/clientnegative/authorization_uri_createdb.q ql/src/test/queries/clientnegative/authorization_uri_createdb.q
index 1a257c0..a6482b2 100644
--- ql/src/test/queries/clientnegative/authorization_uri_createdb.q
+++ ql/src/test/queries/clientnegative/authorization_uri_createdb.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
dfs ${system:test.dfs.mkdir} ${system:test.tmp.dir}/az_uri_createdb;
dfs -touchz ${system:test.tmp.dir}/az_uri_createdb/1.txt;
diff --git ql/src/test/queries/clientnegative/authorization_uri_export.q ql/src/test/queries/clientnegative/authorization_uri_export.q
index 05dea16..e64a99b 100644
--- ql/src/test/queries/clientnegative/authorization_uri_export.q
+++ ql/src/test/queries/clientnegative/authorization_uri_export.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set hive.test.mode=true;
set hive.test.mode.prefix=;
diff --git ql/src/test/queries/clientnegative/authorization_uri_import.q ql/src/test/queries/clientnegative/authorization_uri_import.q
index 58ca093..a65e58e 100644
--- ql/src/test/queries/clientnegative/authorization_uri_import.q
+++ ql/src/test/queries/clientnegative/authorization_uri_import.q
@@ -1,8 +1,5 @@
+--! qt:authorizer
set hive.mapred.mode=nonstrict;
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
set hive.test.mode=true;
set hive.test.mode.prefix=;
diff --git ql/src/test/queries/clientnegative/authorization_uri_insert.q ql/src/test/queries/clientnegative/authorization_uri_insert.q
index 39bb4b6..0eb2ae2 100644
--- ql/src/test/queries/clientnegative/authorization_uri_insert.q
+++ ql/src/test/queries/clientnegative/authorization_uri_insert.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
dfs ${system:test.dfs.mkdir} ${system:test.tmp.dir}/az_uri_insert;
dfs -touchz ${system:test.tmp.dir}/az_uri_insert/1.txt;
diff --git ql/src/test/queries/clientnegative/authorization_uri_insert_local.q ql/src/test/queries/clientnegative/authorization_uri_insert_local.q
index 4ad350c..5fb20cc 100644
--- ql/src/test/queries/clientnegative/authorization_uri_insert_local.q
+++ ql/src/test/queries/clientnegative/authorization_uri_insert_local.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
dfs ${system:test.dfs.mkdir} ${system:test.tmp.dir}/az_uri_insert_local;
dfs -touchz ${system:test.tmp.dir}/az_uri_insert_local/1.txt;
diff --git ql/src/test/queries/clientnegative/authorization_uri_load_data.q ql/src/test/queries/clientnegative/authorization_uri_load_data.q
index a409e18..866cc57 100644
--- ql/src/test/queries/clientnegative/authorization_uri_load_data.q
+++ ql/src/test/queries/clientnegative/authorization_uri_load_data.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
dfs ${system:test.dfs.mkdir} ${system:test.tmp.dir}/authz_uri_load_data;
dfs -touchz ${system:test.tmp.dir}/authz_uri_load_data/1.txt;
diff --git ql/src/test/queries/clientnegative/ct_noperm_loc.q ql/src/test/queries/clientnegative/ct_noperm_loc.q
index 958d78d..4be0bcd 100644
--- ql/src/test/queries/clientnegative/ct_noperm_loc.q
+++ ql/src/test/queries/clientnegative/ct_noperm_loc.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
dfs ${system:test.dfs.mkdir} hdfs:///tmp/ct_noperm_loc;
diff --git ql/src/test/queries/clientnegative/ctas_noperm_loc.q ql/src/test/queries/clientnegative/ctas_noperm_loc.q
index 9fc3141..53bec6f 100644
--- ql/src/test/queries/clientnegative/ctas_noperm_loc.q
+++ ql/src/test/queries/clientnegative/ctas_noperm_loc.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
dfs ${system:test.dfs.mkdir} hdfs:///tmp/ctas_noperm_loc;
diff --git ql/src/test/queries/clientnegative/materialized_view_authorization_create_no_grant.q ql/src/test/queries/clientnegative/materialized_view_authorization_create_no_grant.q
index 6aa6385..c8e67f5 100644
--- ql/src/test/queries/clientnegative/materialized_view_authorization_create_no_grant.q
+++ ql/src/test/queries/clientnegative/materialized_view_authorization_create_no_grant.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=user1;
create table amvcng_gtable (a int, b varchar(256), c decimal(10,2));
diff --git ql/src/test/queries/clientnegative/materialized_view_authorization_create_no_select_perm.q ql/src/test/queries/clientnegative/materialized_view_authorization_create_no_select_perm.q
index 2ec7133..fb5f46c 100644
--- ql/src/test/queries/clientnegative/materialized_view_authorization_create_no_select_perm.q
+++ ql/src/test/queries/clientnegative/materialized_view_authorization_create_no_select_perm.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=user1;
create table amvnsp_table (a int, b varchar(256), c decimal(10,2));
diff --git ql/src/test/queries/clientnegative/materialized_view_authorization_drop_other.q ql/src/test/queries/clientnegative/materialized_view_authorization_drop_other.q
index 9a486f2..ed50a8d 100644
--- ql/src/test/queries/clientnegative/materialized_view_authorization_drop_other.q
+++ ql/src/test/queries/clientnegative/materialized_view_authorization_drop_other.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=user1;
create table amvdo_table (a int, b varchar(256), c decimal(10,2));
diff --git ql/src/test/queries/clientnegative/materialized_view_authorization_no_select_perm.q ql/src/test/queries/clientnegative/materialized_view_authorization_no_select_perm.q
index eb59349..1a11623 100644
--- ql/src/test/queries/clientnegative/materialized_view_authorization_no_select_perm.q
+++ ql/src/test/queries/clientnegative/materialized_view_authorization_no_select_perm.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=user1;
create table amvnsp_table (a int, b varchar(256), c decimal(10,2));
diff --git ql/src/test/queries/clientnegative/materialized_view_authorization_rebuild_no_grant.q ql/src/test/queries/clientnegative/materialized_view_authorization_rebuild_no_grant.q
index fb849ab..b361bcf 100644
--- ql/src/test/queries/clientnegative/materialized_view_authorization_rebuild_no_grant.q
+++ ql/src/test/queries/clientnegative/materialized_view_authorization_rebuild_no_grant.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=user1;
create table amvrng_table (a int, b varchar(256), c decimal(10,2));
diff --git ql/src/test/queries/clientnegative/materialized_view_authorization_rebuild_other.q ql/src/test/queries/clientnegative/materialized_view_authorization_rebuild_other.q
index d22ee26..792b851 100644
--- ql/src/test/queries/clientnegative/materialized_view_authorization_rebuild_other.q
+++ ql/src/test/queries/clientnegative/materialized_view_authorization_rebuild_other.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=user1;
create table amvro_table (a int, b varchar(256), c decimal(10,2));
diff --git ql/src/test/queries/clientnegative/repl_dump_requires_admin.q ql/src/test/queries/clientnegative/repl_dump_requires_admin.q
index 9d712ca..9633a79 100644
--- ql/src/test/queries/clientnegative/repl_dump_requires_admin.q
+++ ql/src/test/queries/clientnegative/repl_dump_requires_admin.q
@@ -1,7 +1,4 @@
-set hive.security.authorization.enabled=true;
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
+--! qt:authorizer
set hive.repl.rootdir=${system:test.tmp.dir}/hrepl;
dfs ${system:test.dfs.mkdir} ${system:test.tmp.dir}/hrepl/sentinel;
diff --git ql/src/test/queries/clientnegative/repl_load_requires_admin.q ql/src/test/queries/clientnegative/repl_load_requires_admin.q
index 0b1b12b..f4395aa 100644
--- ql/src/test/queries/clientnegative/repl_load_requires_admin.q
+++ ql/src/test/queries/clientnegative/repl_load_requires_admin.q
@@ -1,7 +1,4 @@
-set hive.security.authorization.enabled=true;
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
+--! qt:authorizer
set hive.repl.rootdir=${system:test.tmp.dir}/hrepl;
dfs ${system:test.dfs.mkdir} ${system:test.tmp.dir}/hrepl/sentinel;
diff --git ql/src/test/queries/clientnegative/temp_table_authorize_create_tbl.q ql/src/test/queries/clientnegative/temp_table_authorize_create_tbl.q
index 69bcc43a..02ac973 100644
--- ql/src/test/queries/clientnegative/temp_table_authorize_create_tbl.q
+++ ql/src/test/queries/clientnegative/temp_table_authorize_create_tbl.q
@@ -1,8 +1,5 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
+--! qt:authorizer
-set hive.security.authorization.enabled=true;
set user.name=user33;
create database db23221;
use db23221;
diff --git ql/src/test/queries/clientpositive/authorization_1.q ql/src/test/queries/clientpositive/authorization_1.q
index 80e7a5d..0056bf9 100644
--- ql/src/test/queries/clientpositive/authorization_1.q
+++ ql/src/test/queries/clientpositive/authorization_1.q
@@ -88,5 +88,3 @@
-- drop role
drop role sRc_roLE;
-set hive.security.authorization.enabled=false;
-drop table src_autho_test_n11;
diff --git ql/src/test/queries/clientpositive/authorization_1_sql_std.q ql/src/test/queries/clientpositive/authorization_1_sql_std.q
index b7b6710..45b3748 100644
--- ql/src/test/queries/clientpositive/authorization_1_sql_std.q
+++ ql/src/test/queries/clientpositive/authorization_1_sql_std.q
@@ -1,11 +1,8 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
+--! qt:authorizer
set user.name=hive_admin_user;
create table src_autho_test (key STRING, value STRING) ;
-set hive.security.authorization.enabled=true;
--select dummy table
select 1;
@@ -36,6 +33,3 @@
-- drop role
drop role SRc_role;
-
-set hive.security.authorization.enabled=false;
-drop table src_autho_test;
diff --git ql/src/test/queries/clientpositive/authorization_alter_table_exchange_partition.q ql/src/test/queries/clientpositive/authorization_alter_table_exchange_partition.q
index 4ffe4a1..a1e554d 100644
--- ql/src/test/queries/clientpositive/authorization_alter_table_exchange_partition.q
+++ ql/src/test/queries/clientpositive/authorization_alter_table_exchange_partition.q
@@ -1,8 +1,5 @@
+--! qt:authorizer
--! qt:dataset:src
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
set user.name=user1;
@@ -44,5 +41,3 @@
explain authorization alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1;
alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1;
-
-set hive.security.authorization.enabled=false;
diff --git ql/src/test/queries/clientpositive/authorization_create_func1.q ql/src/test/queries/clientpositive/authorization_create_func1.q
index 6c7ebc7..4476536 100644
--- ql/src/test/queries/clientpositive/authorization_create_func1.q
+++ ql/src/test/queries/clientpositive/authorization_create_func1.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=hive_admin_user;
-- admin required for create function
diff --git ql/src/test/queries/clientpositive/authorization_create_macro1.q ql/src/test/queries/clientpositive/authorization_create_macro1.q
index e0297d2..0f75ee5 100644
--- ql/src/test/queries/clientpositive/authorization_create_macro1.q
+++ ql/src/test/queries/clientpositive/authorization_create_macro1.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=hive_admin_user;
-- admin required for create macro
diff --git ql/src/test/queries/clientpositive/authorization_create_temp_table.q ql/src/test/queries/clientpositive/authorization_create_temp_table.q
index 4878e20..230d828 100644
--- ql/src/test/queries/clientpositive/authorization_create_temp_table.q
+++ ql/src/test/queries/clientpositive/authorization_create_temp_table.q
@@ -1,14 +1,11 @@
+--! qt:authorizer
--! qt:dataset:src
set hive.mapred.mode=nonstrict;
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
create table authorization_create_temp_table_1 as select * from src limit 10;
grant select on authorization_create_temp_table_1 to user user1;
set user.name=user1;
-set hive.security.authorization.enabled=true;
create temporary table tmp1(c1 string, c2 string);
diff --git ql/src/test/queries/clientpositive/authorization_delete_own_table.q ql/src/test/queries/clientpositive/authorization_delete_own_table.q
index 34dfa6a..a648198 100644
--- ql/src/test/queries/clientpositive/authorization_delete_own_table.q
+++ ql/src/test/queries/clientpositive/authorization_delete_own_table.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set hive.support.concurrency=true;
set hive.txn.manager=org.apache.hadoop.hive.ql.lockmgr.DbTxnManager;
diff --git ql/src/test/queries/clientpositive/authorization_owner_actions.q ql/src/test/queries/clientpositive/authorization_owner_actions.q
index 7340dbc..0826d32 100644
--- ql/src/test/queries/clientpositive/authorization_owner_actions.q
+++ ql/src/test/queries/clientpositive/authorization_owner_actions.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=user1;
-- actions that require user to be table owner
diff --git ql/src/test/queries/clientpositive/authorization_owner_actions_db.q ql/src/test/queries/clientpositive/authorization_owner_actions_db.q
index ccd4605..afc2792 100644
--- ql/src/test/queries/clientpositive/authorization_owner_actions_db.q
+++ ql/src/test/queries/clientpositive/authorization_owner_actions_db.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=hive_admin_user;
set role admin;
diff --git ql/src/test/queries/clientpositive/authorization_parts.q ql/src/test/queries/clientpositive/authorization_parts.q
index d1a74a3..633de31 100644
--- ql/src/test/queries/clientpositive/authorization_parts.q
+++ ql/src/test/queries/clientpositive/authorization_parts.q
@@ -1,8 +1,5 @@
+--! qt:authorizer
set hive.mapred.mode=nonstrict;
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
dfs ${system:test.dfs.mkdir} ${system:test.tmp.dir}/a_uri_add_part1;
dfs ${system:test.dfs.mkdir} ${system:test.tmp.dir}/a_uri_add_part2;
diff --git ql/src/test/queries/clientpositive/authorization_reset.q ql/src/test/queries/clientpositive/authorization_reset.q
index 047474e..5ae56c9 100644
--- ql/src/test/queries/clientpositive/authorization_reset.q
+++ ql/src/test/queries/clientpositive/authorization_reset.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set hive.metastore.server.min.threads=101;
set hive.metastore.server.min.threads;
diff --git ql/src/test/queries/clientpositive/authorization_show_grant.q ql/src/test/queries/clientpositive/authorization_show_grant.q
index 3c79db9..3e10225 100644
--- ql/src/test/queries/clientpositive/authorization_show_grant.q
+++ ql/src/test/queries/clientpositive/authorization_show_grant.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=hive_admin_user;
set role admin;
diff --git ql/src/test/queries/clientpositive/authorization_update_own_table.q ql/src/test/queries/clientpositive/authorization_update_own_table.q
index 9189bf5d..a912575 100644
--- ql/src/test/queries/clientpositive/authorization_update_own_table.q
+++ ql/src/test/queries/clientpositive/authorization_update_own_table.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set hive.support.concurrency=true;
set hive.txn.manager=org.apache.hadoop.hive.ql.lockmgr.DbTxnManager;
diff --git ql/src/test/queries/clientpositive/authorization_wm.q ql/src/test/queries/clientpositive/authorization_wm.q
index 95019f1..394c6e3 100644
--- ql/src/test/queries/clientpositive/authorization_wm.q
+++ ql/src/test/queries/clientpositive/authorization_wm.q
@@ -1,8 +1,5 @@
+--! qt:authorizer
set hive.cli.errors.ignore=true;
-set hive.security.authorization.enabled=true;
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
set user.name=ruser1;
@@ -75,4 +72,4 @@
alter user mapping 'joe' IN rp TO pool0;
drop user mapping 'joe' IN rp;
drop pool rp.pool0;
-drop trigger rp.trigger0;
\ No newline at end of file
+drop trigger rp.trigger0;
diff --git ql/src/test/queries/clientpositive/exim_25_export_parentpath_has_inaccessible_children.q ql/src/test/queries/clientpositive/exim_25_export_parentpath_has_inaccessible_children.q
index af33cbe..b04945e 100644
--- ql/src/test/queries/clientpositive/exim_25_export_parentpath_has_inaccessible_children.q
+++ ql/src/test/queries/clientpositive/exim_25_export_parentpath_has_inaccessible_children.q
@@ -1,4 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactory;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
diff --git ql/src/test/queries/clientpositive/materialized_view_authorization_sqlstd.q ql/src/test/queries/clientpositive/materialized_view_authorization_sqlstd.q
index 5807c77..283c893 100644
--- ql/src/test/queries/clientpositive/materialized_view_authorization_sqlstd.q
+++ ql/src/test/queries/clientpositive/materialized_view_authorization_sqlstd.q
@@ -1,8 +1,5 @@
+--! qt:authorizer
set hive.vectorized.execution.enabled=false;
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
set user.name=user1;
create table amvs_table (a int, b varchar(256), c decimal(10,2));
diff --git ql/src/test/queries/clientpositive/results_cache_with_auth.q ql/src/test/queries/clientpositive/results_cache_with_auth.q
index 18118f6..e08ddcd 100644
--- ql/src/test/queries/clientpositive/results_cache_with_auth.q
+++ ql/src/test/queries/clientpositive/results_cache_with_auth.q
@@ -1,3 +1,4 @@
+--! qt:authorizer
-- Setup results cache
set hive.compute.query.using.stats=false;
@@ -5,10 +6,6 @@
set hive.query.results.cache.nontransactional.tables.enabled=true;
-- Setup auth
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
create table results_cache_with_auth_t1 (c1 string);
insert into results_cache_with_auth_t1 values ('abc');
@@ -25,5 +22,3 @@
select count(*) from results_cache_with_auth_t1;
-set hive.security.authorization.enabled=false;
-drop table results_cache_with_auth_t1;
diff --git ql/src/test/queries/clientpositive/sysdb_schq.q ql/src/test/queries/clientpositive/sysdb_schq.q
index 6b93199..fc1bcd5 100644
--- ql/src/test/queries/clientpositive/sysdb_schq.q
+++ ql/src/test/queries/clientpositive/sysdb_schq.q
@@ -1,13 +1,17 @@
+--! qt:authorizer
--! qt:scheduledqueryservice
--! qt:dataset:src
--! qt:sysdb
-use sys;
+set user.name=hive_admin_user;
+set role admin;
create scheduled query asd cron '* * * * * ? *' defined as select 1;
!sleep 10;
+use sys;
+
desc formatted scheduled_queries;
select
diff --git ql/src/test/queries/clientpositive/view_authorization_sqlstd.q ql/src/test/queries/clientpositive/view_authorization_sqlstd.q
index bc5b9bd..f380632 100644
--- ql/src/test/queries/clientpositive/view_authorization_sqlstd.q
+++ ql/src/test/queries/clientpositive/view_authorization_sqlstd.q
@@ -1,7 +1,4 @@
-set hive.test.authz.sstd.hs2.mode=true;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
-set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
-set hive.security.authorization.enabled=true;
+--! qt:authorizer
set user.name=user1;
-- Test view authorization , and 'show grant' variants
diff --git ql/src/test/results/clientpositive/authorization_1.q.out ql/src/test/results/clientpositive/authorization_1.q.out
index 0a3e19a..26dc4a0 100644
--- ql/src/test/results/clientpositive/authorization_1.q.out
+++ ql/src/test/results/clientpositive/authorization_1.q.out
@@ -354,11 +354,3 @@
PREHOOK: type: DROPROLE
POSTHOOK: query: drop role sRc_roLE
POSTHOOK: type: DROPROLE
-PREHOOK: query: drop table src_autho_test_n11
-PREHOOK: type: DROPTABLE
-PREHOOK: Input: default@src_autho_test_n11
-PREHOOK: Output: default@src_autho_test_n11
-POSTHOOK: query: drop table src_autho_test_n11
-POSTHOOK: type: DROPTABLE
-POSTHOOK: Input: default@src_autho_test_n11
-POSTHOOK: Output: default@src_autho_test_n11
diff --git ql/src/test/results/clientpositive/llap/sysdb.q.out ql/src/test/results/clientpositive/llap/sysdb.q.out
index 30a87a1..6ec2a06 100644
--- ql/src/test/results/clientpositive/llap/sysdb.q.out
+++ ql/src/test/results/clientpositive/llap/sysdb.q.out
@@ -1185,6 +1185,7 @@
POSTHOOK: type: QUERY
POSTHOOK: Input: sys@role_map
#### A masked pattern was here ####
+hive_admin_user admin
PREHOOK: query: explain vectorization detail
select count(*) from sds
PREHOOK: type: QUERY
diff --git ql/src/test/results/clientpositive/llap/sysdb_schq.q.out ql/src/test/results/clientpositive/llap/sysdb_schq.q.out
index 528bb3f..6af1181 100644
--- ql/src/test/results/clientpositive/llap/sysdb_schq.q.out
+++ ql/src/test/results/clientpositive/llap/sysdb_schq.q.out
@@ -1,13 +1,17 @@
+PREHOOK: query: set role admin
+PREHOOK: type: SHOW_ROLES
+POSTHOOK: query: set role admin
+POSTHOOK: type: SHOW_ROLES
+PREHOOK: query: create scheduled query asd cron '* * * * * ? *' defined as select 1
+PREHOOK: type: QUERY
+POSTHOOK: query: create scheduled query asd cron '* * * * * ? *' defined as select 1
+POSTHOOK: type: QUERY
PREHOOK: query: use sys
PREHOOK: type: SWITCHDATABASE
PREHOOK: Input: database:sys
POSTHOOK: query: use sys
POSTHOOK: type: SWITCHDATABASE
POSTHOOK: Input: database:sys
-PREHOOK: query: create scheduled query asd cron '* * * * * ? *' defined as select 1
-PREHOOK: type: QUERY
-POSTHOOK: query: create scheduled query asd cron '* * * * * ? *' defined as select 1
-POSTHOOK: type: QUERY
PREHOOK: query: desc formatted scheduled_queries
PREHOOK: type: DESCTABLE
PREHOOK: Input: sys@scheduled_queries
@@ -96,7 +100,7 @@
POSTHOOK: type: QUERY
POSTHOOK: Input: sys@scheduled_queries
#### A masked pattern was here ####
-1 asd true hive * * * * * ? * hive_test_user select 1 true
+1 asd true hive * * * * * ? * hive_admin_user select 1 true
PREHOOK: query: select scheduled_execution_id,
scheduled_query_id,
state,