You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hive.apache.org by da...@apache.org on 2015/12/19 00:49:19 UTC
hive git commit: Revert "HIVE-12429: Switch default Hive
authorization to SQLStandardAuth in 2.0", unintended commit
Repository: hive
Updated Branches:
refs/heads/master 5a67b0a64 -> e84da8c9b
Revert "HIVE-12429: Switch default Hive authorization to SQLStandardAuth in 2.0", unintended commit
This reverts commit 95d22735d73381458354e0ca79a2cb607f8e2150.
Project: http://git-wip-us.apache.org/repos/asf/hive/repo
Commit: http://git-wip-us.apache.org/repos/asf/hive/commit/e84da8c9
Tree: http://git-wip-us.apache.org/repos/asf/hive/tree/e84da8c9
Diff: http://git-wip-us.apache.org/repos/asf/hive/diff/e84da8c9
Branch: refs/heads/master
Commit: e84da8c9b324ae9e971da824845e46f51f844a76
Parents: 5a67b0a
Author: Daniel Dai <da...@hortonworks.com>
Authored: Fri Dec 18 15:48:11 2015 -0800
Committer: Daniel Dai <da...@hortonworks.com>
Committed: Fri Dec 18 15:48:32 2015 -0800
----------------------------------------------------------------------
.../org/apache/hadoop/hive/conf/HiveConf.java | 2 +-
.../cli/SemanticAnalysis/HCatAuthUtil.java | 5 +-
.../cli/SemanticAnalysis/TestHCatAuthUtil.java | 4 +-
.../SQLStdHiveAuthorizationValidator.java | 11 ++
.../parse/authorization/TestPrivilegesV1.java | 13 +-
.../TestSQLStdHiveAccessControllerCLI.java | 16 +-
.../authorization_cli_auth_enable.q | 7 +
.../clientnegative/authorization_fail_1.q | 1 -
.../clientnegative/authorization_fail_2.q | 1 -
.../clientnegative/authorization_fail_3.q | 1 -
.../clientnegative/authorization_fail_4.q | 1 -
.../clientnegative/authorization_fail_5.q | 3 +-
.../clientnegative/authorization_fail_6.q | 1 -
.../clientnegative/authorization_fail_7.q | 3 +-
.../authorization_fail_create_db.q | 1 -
.../clientnegative/authorization_fail_drop_db.q | 1 -
.../authorization_invalid_priv_v1.q | 1 -
.../queries/clientnegative/authorization_part.q | 3 +-
.../authorization_public_create.q | 1 -
.../clientnegative/authorization_public_drop.q | 1 -
.../clientnegative/authorization_role_case.q | 1 -
.../clientnegative/authorize_grant_public.q | 1 -
.../clientnegative/authorize_revoke_public.q | 1 -
.../clientnegative/exim_22_export_authfail.q | 1 -
.../exim_23_import_exist_authfail.q | 1 -
.../exim_24_import_part_authfail.q | 1 -
.../exim_25_import_nonexist_authfail.q | 1 -
.../clientnegative/join_nonexistent_part.q | 5 +
.../clientnegative/load_exist_part_authfail.q | 1 -
.../clientnegative/load_nonpart_authfail.q | 1 -
.../queries/clientnegative/load_part_authfail.q | 1 -
.../alter_rename_partition_authorization.q | 1 -
.../queries/clientpositive/authorization_1.q | 4 +-
.../queries/clientpositive/authorization_2.q | 4 +-
.../queries/clientpositive/authorization_3.q | 2 -
.../queries/clientpositive/authorization_4.q | 4 +-
.../queries/clientpositive/authorization_5.q | 2 -
.../queries/clientpositive/authorization_6.q | 2 -
.../queries/clientpositive/authorization_7.q | 4 +-
.../queries/clientpositive/authorization_8.q | 1 -
.../queries/clientpositive/authorization_9.q | 1 -
...orization_default_create_table_owner_privs.q | 1 -
.../clientpositive/authorization_explain.q | 1 -
.../authorization_show_role_principals_v1.q | 1 -
.../clientpositive/exim_21_export_authsuccess.q | 1 -
.../exim_22_import_exist_authsuccess.q | 1 -
.../exim_23_import_part_authsuccess.q | 1 -
.../exim_24_import_nonexist_authsuccess.q | 1 -
ql/src/test/queries/clientpositive/index_auth.q | 2 -
ql/src/test/queries/clientpositive/keyword_1.q | 4 +-
.../load_exist_part_authsuccess.q | 1 -
.../clientpositive/load_nonpart_authsuccess.q | 1 -
.../clientpositive/load_part_authsuccess.q | 1 -
ql/src/test/queries/clientpositive/show_roles.q | 2 -
.../authorization_cli_auth_enable.q.out | 1 +
.../clientnegative/join_nonexistent_part.q.out | 1 +
.../clientpositive/authorization_9.q.out | 180 -------------------
.../authorization_explain.q.java1.7.out | 3 +
.../authorization_show_grant.q.out | 60 -------
59 files changed, 62 insertions(+), 318 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
----------------------------------------------------------------------
diff --git a/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java b/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
index 96a3fb5..60ac0c0 100644
--- a/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
+++ b/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
@@ -1646,7 +1646,7 @@ public class HiveConf extends Configuration {
HIVE_AUTHORIZATION_ENABLED("hive.security.authorization.enabled", false,
"enable or disable the Hive client authorization"),
HIVE_AUTHORIZATION_MANAGER("hive.security.authorization.manager",
- "org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactory",
+ "org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider",
"The Hive client authorization manager class name. The user defined authorization class should implement \n" +
"interface org.apache.hadoop.hive.ql.security.authorization.HiveAuthorizationProvider."),
HIVE_AUTHENTICATOR_MANAGER("hive.security.authenticator.manager",
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/hcatalog/core/src/main/java/org/apache/hive/hcatalog/cli/SemanticAnalysis/HCatAuthUtil.java
----------------------------------------------------------------------
diff --git a/hcatalog/core/src/main/java/org/apache/hive/hcatalog/cli/SemanticAnalysis/HCatAuthUtil.java b/hcatalog/core/src/main/java/org/apache/hive/hcatalog/cli/SemanticAnalysis/HCatAuthUtil.java
index c954245..6dce9c4 100644
--- a/hcatalog/core/src/main/java/org/apache/hive/hcatalog/cli/SemanticAnalysis/HCatAuthUtil.java
+++ b/hcatalog/core/src/main/java/org/apache/hive/hcatalog/cli/SemanticAnalysis/HCatAuthUtil.java
@@ -20,7 +20,7 @@ package org.apache.hive.hcatalog.cli.SemanticAnalysis;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hive.conf.HiveConf;
-import org.apache.hadoop.hive.ql.security.authorization.StorageBasedAuthorizationProvider;
+import org.apache.hadoop.hive.ql.session.SessionState;
final class HCatAuthUtil {
public static boolean isAuthorizationEnabled(Configuration conf) {
@@ -31,7 +31,6 @@ final class HCatAuthUtil {
// additional checks if a V2 authorizer is in use. The reccomended configuration is to
// use storage based authorization in metastore server
return HiveConf.getBoolVar(conf, HiveConf.ConfVars.HIVE_AUTHORIZATION_ENABLED)
- && HiveConf.getVar(conf, HiveConf.ConfVars.HIVE_AUTHORIZATION_MANAGER)
- == StorageBasedAuthorizationProvider.class.getName();
+ && SessionState.get().getAuthorizer() != null;
}
}
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/hcatalog/core/src/test/java/org/apache/hive/hcatalog/cli/SemanticAnalysis/TestHCatAuthUtil.java
----------------------------------------------------------------------
diff --git a/hcatalog/core/src/test/java/org/apache/hive/hcatalog/cli/SemanticAnalysis/TestHCatAuthUtil.java b/hcatalog/core/src/test/java/org/apache/hive/hcatalog/cli/SemanticAnalysis/TestHCatAuthUtil.java
index a190002..830dcb8 100644
--- a/hcatalog/core/src/test/java/org/apache/hive/hcatalog/cli/SemanticAnalysis/TestHCatAuthUtil.java
+++ b/hcatalog/core/src/test/java/org/apache/hive/hcatalog/cli/SemanticAnalysis/TestHCatAuthUtil.java
@@ -24,7 +24,6 @@ import static org.junit.Assert.assertTrue;
import org.apache.hadoop.hive.conf.HiveConf;
import org.apache.hadoop.hive.conf.HiveConf.ConfVars;
import org.apache.hadoop.hive.ql.security.HiveAuthenticationProvider;
-import org.apache.hadoop.hive.ql.security.authorization.StorageBasedAuthorizationProvider;
import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthorizer;
import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthorizerFactory;
import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException;
@@ -50,13 +49,12 @@ public class TestHCatAuthUtil {
}
/**
- * Test with auth enabled and StorageBasedAuthorizationProvider
+ * Test with auth enabled and v1 auth
*/
@Test
public void authEnabledV1Auth() throws Exception {
HiveConf hcatConf = new HiveConf(this.getClass());
hcatConf.setBoolVar(ConfVars.HIVE_AUTHORIZATION_ENABLED, true);
- hcatConf.setVar(ConfVars.HIVE_AUTHORIZATION_MANAGER, StorageBasedAuthorizationProvider.class.getName());
SessionState.start(hcatConf);
assertTrue("hcat auth should be enabled", HCatAuthUtil.isAuthorizationEnabled(hcatConf));
}
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAuthorizationValidator.java
----------------------------------------------------------------------
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAuthorizationValidator.java b/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAuthorizationValidator.java
index 9f586be..ee57f69 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAuthorizationValidator.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAuthorizationValidator.java
@@ -60,6 +60,17 @@ public class SQLStdHiveAuthorizationValidator implements HiveAuthorizationValida
this.authenticator = authenticator;
this.privController = privilegeManager;
this.ctx = SQLAuthorizationUtils.applyTestSettings(ctx, conf);
+ assertHiveCliAuthDisabled(conf);
+ }
+
+ private void assertHiveCliAuthDisabled(HiveConf conf) throws HiveAuthzPluginException {
+ if (ctx.getClientType() == CLIENT_TYPE.HIVECLI
+ && conf.getBoolVar(ConfVars.HIVE_AUTHORIZATION_ENABLED)) {
+ throw new HiveAuthzPluginException(
+ "SQL standards based authorization should not be enabled from hive cli"
+ + "Instead the use of storage based authorization in hive metastore is reccomended. Set "
+ + ConfVars.HIVE_AUTHORIZATION_ENABLED.varname + "=false to disable authz within cli");
+ }
}
@Override
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/org/apache/hadoop/hive/ql/parse/authorization/TestPrivilegesV1.java
----------------------------------------------------------------------
diff --git a/ql/src/test/org/apache/hadoop/hive/ql/parse/authorization/TestPrivilegesV1.java b/ql/src/test/org/apache/hadoop/hive/ql/parse/authorization/TestPrivilegesV1.java
index c614630..c97bbb8 100644
--- a/ql/src/test/org/apache/hadoop/hive/ql/parse/authorization/TestPrivilegesV1.java
+++ b/ql/src/test/org/apache/hadoop/hive/ql/parse/authorization/TestPrivilegesV1.java
@@ -76,8 +76,17 @@ public class TestPrivilegesV1 extends PrivilegesTestBase{
*/
@Test
public void testPrivInGrantNotAccepted() throws Exception{
- grantUserTable("insert", PrivilegeType.INSERT);
- grantUserTable("delete", PrivilegeType.DELETE);
+ grantUserTableFail("insert");
+ grantUserTableFail("delete");
+ }
+
+ private void grantUserTableFail(String privName) {
+ try{
+ grantUserTable(privName, PrivilegeType.UNKNOWN);
+ Assert.fail("Exception expected");
+ }catch(Exception e){
+
+ }
}
private void grantUserTable(String privName, PrivilegeType privType) throws Exception {
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/TestSQLStdHiveAccessControllerCLI.java
----------------------------------------------------------------------
diff --git a/ql/src/test/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/TestSQLStdHiveAccessControllerCLI.java b/ql/src/test/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/TestSQLStdHiveAccessControllerCLI.java
index 7d243f0..ac862c5 100644
--- a/ql/src/test/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/TestSQLStdHiveAccessControllerCLI.java
+++ b/ql/src/test/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/TestSQLStdHiveAccessControllerCLI.java
@@ -68,16 +68,22 @@ public class TestSQLStdHiveAccessControllerCLI {
}
/**
- * Verify that no exception is thrown if authorization is enabled from hive cli,
+ * Verify that exceptiion is thrown if authorization is enabled from hive cli,
* when sql std auth is used
*/
@Test
- public void testAuthEnable() throws Exception {
+ public void testAuthEnableError() {
HiveConf processedConf = new HiveConf();
processedConf.setBoolVar(ConfVars.HIVE_AUTHORIZATION_ENABLED, true);
- HiveAuthorizerFactory authorizerFactory = new SQLStdHiveAuthorizerFactory();
- HiveAuthorizer authorizer = authorizerFactory.createHiveAuthorizer(null, processedConf,
- new HadoopDefaultAuthenticator(), getCLISessionCtx());
+ try {
+ HiveAuthorizerFactory authorizerFactory = new SQLStdHiveAuthorizerFactory();
+ HiveAuthorizer authorizer = authorizerFactory.createHiveAuthorizer(null, processedConf,
+ new HadoopDefaultAuthenticator(), getCLISessionCtx());
+ fail("Exception expected");
+ } catch (HiveAuthzPluginException e) {
+ assertTrue(e.getMessage().contains(
+ "SQL standards based authorization should not be enabled from hive cli"));
+ }
}
}
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientnegative/authorization_cli_auth_enable.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientnegative/authorization_cli_auth_enable.q b/ql/src/test/queries/clientnegative/authorization_cli_auth_enable.q
new file mode 100644
index 0000000..4761051
--- /dev/null
+++ b/ql/src/test/queries/clientnegative/authorization_cli_auth_enable.q
@@ -0,0 +1,7 @@
+set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
+set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
+set user.name=hive_test_user;
+set hive.security.authorization.enabled=true;
+
+-- verify that sql std auth throws an error with hive cli, if auth is enabled
+show tables 'src';
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientnegative/authorization_fail_1.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientnegative/authorization_fail_1.q b/ql/src/test/queries/clientnegative/authorization_fail_1.q
index 49aa09e..c38dab5 100644
--- a/ql/src/test/queries/clientnegative/authorization_fail_1.q
+++ b/ql/src/test/queries/clientnegative/authorization_fail_1.q
@@ -1,4 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
create table authorization_fail_1 (key int, value string);
set hive.security.authorization.enabled=true;
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientnegative/authorization_fail_2.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientnegative/authorization_fail_2.q b/ql/src/test/queries/clientnegative/authorization_fail_2.q
index 1a703d5..341e447 100644
--- a/ql/src/test/queries/clientnegative/authorization_fail_2.q
+++ b/ql/src/test/queries/clientnegative/authorization_fail_2.q
@@ -1,4 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
create table authorization_fail_2 (key int, value string) partitioned by (ds string);
set hive.security.authorization.enabled=true;
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientnegative/authorization_fail_3.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientnegative/authorization_fail_3.q b/ql/src/test/queries/clientnegative/authorization_fail_3.q
index 03c516d..6a56daa 100644
--- a/ql/src/test/queries/clientnegative/authorization_fail_3.q
+++ b/ql/src/test/queries/clientnegative/authorization_fail_3.q
@@ -1,4 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
-- SORT_BEFORE_DIFF
create table authorization_fail_3 (key int, value string) partitioned by (ds string);
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientnegative/authorization_fail_4.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientnegative/authorization_fail_4.q b/ql/src/test/queries/clientnegative/authorization_fail_4.q
index b3e687e..f0cb645 100644
--- a/ql/src/test/queries/clientnegative/authorization_fail_4.q
+++ b/ql/src/test/queries/clientnegative/authorization_fail_4.q
@@ -1,4 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
-- SORT_BEFORE_DIFF
create table authorization_fail_4 (key int, value string) partitioned by (ds string);
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientnegative/authorization_fail_5.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientnegative/authorization_fail_5.q b/ql/src/test/queries/clientnegative/authorization_fail_5.q
index abf2e81..b4efab5 100644
--- a/ql/src/test/queries/clientnegative/authorization_fail_5.q
+++ b/ql/src/test/queries/clientnegative/authorization_fail_5.q
@@ -1,4 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
-- SORT_BEFORE_DIFF
create table authorization_fail (key int, value string) partitioned by (ds string);
@@ -18,4 +17,4 @@ revoke Select on table authorization_fail partition (ds='2010') from user hive_t
show grant user hive_test_user on table authorization_fail partition (ds='2010');
-select key from authorization_fail where ds='2010';
+select key from authorization_fail where ds='2010';
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientnegative/authorization_fail_6.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientnegative/authorization_fail_6.q b/ql/src/test/queries/clientnegative/authorization_fail_6.q
index d3322f4..9772469 100644
--- a/ql/src/test/queries/clientnegative/authorization_fail_6.q
+++ b/ql/src/test/queries/clientnegative/authorization_fail_6.q
@@ -1,4 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
-- SORT_BEFORE_DIFF
create table authorization_part_fail (key int, value string) partitioned by (ds string);
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientnegative/authorization_fail_7.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientnegative/authorization_fail_7.q b/ql/src/test/queries/clientnegative/authorization_fail_7.q
index 9eeecc1..492deed 100644
--- a/ql/src/test/queries/clientnegative/authorization_fail_7.q
+++ b/ql/src/test/queries/clientnegative/authorization_fail_7.q
@@ -1,4 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
-- SORT_BEFORE_DIFF
create table authorization_fail (key int, value string);
@@ -15,4 +14,4 @@ show grant role hive_test_role_fail on table authorization_fail;
drop role hive_test_role_fail;
-select key from authorization_fail;
+select key from authorization_fail;
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientnegative/authorization_fail_create_db.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientnegative/authorization_fail_create_db.q b/ql/src/test/queries/clientnegative/authorization_fail_create_db.q
index 147c772..d969e39 100644
--- a/ql/src/test/queries/clientnegative/authorization_fail_create_db.q
+++ b/ql/src/test/queries/clientnegative/authorization_fail_create_db.q
@@ -1,4 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
set hive.security.authorization.enabled=true;
create database db_to_fail;
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientnegative/authorization_fail_drop_db.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientnegative/authorization_fail_drop_db.q b/ql/src/test/queries/clientnegative/authorization_fail_drop_db.q
index 5a98620..87719b0 100644
--- a/ql/src/test/queries/clientnegative/authorization_fail_drop_db.q
+++ b/ql/src/test/queries/clientnegative/authorization_fail_drop_db.q
@@ -1,4 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
set hive.security.authorization.enabled=false;
create database db_fail_to_drop;
set hive.security.authorization.enabled=true;
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientnegative/authorization_invalid_priv_v1.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientnegative/authorization_invalid_priv_v1.q b/ql/src/test/queries/clientnegative/authorization_invalid_priv_v1.q
index 2742f0d..2a1da23 100644
--- a/ql/src/test/queries/clientnegative/authorization_invalid_priv_v1.q
+++ b/ql/src/test/queries/clientnegative/authorization_invalid_priv_v1.q
@@ -1,4 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
create table if not exists authorization_invalid_v1 (key int, value string);
grant delete on table authorization_invalid_v1 to user hive_test_user;
drop table authorization_invalid_v1;
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientnegative/authorization_part.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientnegative/authorization_part.q b/ql/src/test/queries/clientnegative/authorization_part.q
index 517f513..a654a23 100644
--- a/ql/src/test/queries/clientnegative/authorization_part.q
+++ b/ql/src/test/queries/clientnegative/authorization_part.q
@@ -1,4 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
-- SORT_BEFORE_DIFF
create table authorization_part_fail (key int, value string) partitioned by (ds string);
@@ -35,4 +34,4 @@ revoke select on table authorization_part_fail partition (ds='2010') from group
select key,value, ds from authorization_part_fail where ds>='2010' order by key, ds limit 20;
drop table authorization_part_fail;
-drop table src_auth;
+drop table src_auth;
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientnegative/authorization_public_create.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientnegative/authorization_public_create.q b/ql/src/test/queries/clientnegative/authorization_public_create.q
index 00e542a..8298ce9 100644
--- a/ql/src/test/queries/clientnegative/authorization_public_create.q
+++ b/ql/src/test/queries/clientnegative/authorization_public_create.q
@@ -1,2 +1 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
create role public;
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientnegative/authorization_public_drop.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientnegative/authorization_public_drop.q b/ql/src/test/queries/clientnegative/authorization_public_drop.q
index 1f5025f..7e89f6e 100644
--- a/ql/src/test/queries/clientnegative/authorization_public_drop.q
+++ b/ql/src/test/queries/clientnegative/authorization_public_drop.q
@@ -1,2 +1 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
drop role public;
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientnegative/authorization_role_case.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientnegative/authorization_role_case.q b/ql/src/test/queries/clientnegative/authorization_role_case.q
index bcc075d..339239a 100644
--- a/ql/src/test/queries/clientnegative/authorization_role_case.q
+++ b/ql/src/test/queries/clientnegative/authorization_role_case.q
@@ -1,4 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
create role mixCaseRole1;
create role mixCaseRole2;
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientnegative/authorize_grant_public.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientnegative/authorize_grant_public.q b/ql/src/test/queries/clientnegative/authorize_grant_public.q
index 31d7462..e024b50 100644
--- a/ql/src/test/queries/clientnegative/authorize_grant_public.q
+++ b/ql/src/test/queries/clientnegative/authorize_grant_public.q
@@ -1,2 +1 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
grant role public to user hive_test_user;
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientnegative/authorize_revoke_public.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientnegative/authorize_revoke_public.q b/ql/src/test/queries/clientnegative/authorize_revoke_public.q
index 4d949ac..dadd424 100644
--- a/ql/src/test/queries/clientnegative/authorize_revoke_public.q
+++ b/ql/src/test/queries/clientnegative/authorize_revoke_public.q
@@ -1,2 +1 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
revoke role public from user hive_test_user;
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientnegative/exim_22_export_authfail.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientnegative/exim_22_export_authfail.q b/ql/src/test/queries/clientnegative/exim_22_export_authfail.q
index 5810be5..b818686 100644
--- a/ql/src/test/queries/clientnegative/exim_22_export_authfail.q
+++ b/ql/src/test/queries/clientnegative/exim_22_export_authfail.q
@@ -1,4 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
set hive.test.mode=true;
set hive.test.mode.prefix=;
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientnegative/exim_23_import_exist_authfail.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientnegative/exim_23_import_exist_authfail.q b/ql/src/test/queries/clientnegative/exim_23_import_exist_authfail.q
index 4e302c0..4acefb9 100644
--- a/ql/src/test/queries/clientnegative/exim_23_import_exist_authfail.q
+++ b/ql/src/test/queries/clientnegative/exim_23_import_exist_authfail.q
@@ -1,4 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
set hive.test.mode=true;
set hive.test.mode.prefix=;
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientnegative/exim_24_import_part_authfail.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientnegative/exim_24_import_part_authfail.q b/ql/src/test/queries/clientnegative/exim_24_import_part_authfail.q
index 0bc070c..467014e 100644
--- a/ql/src/test/queries/clientnegative/exim_24_import_part_authfail.q
+++ b/ql/src/test/queries/clientnegative/exim_24_import_part_authfail.q
@@ -1,4 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
set hive.test.mode=true;
set hive.test.mode.prefix=;
set hive.test.mode.nosamplelist=exim_department,exim_employee;
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientnegative/exim_25_import_nonexist_authfail.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientnegative/exim_25_import_nonexist_authfail.q b/ql/src/test/queries/clientnegative/exim_25_import_nonexist_authfail.q
index 3ed7a5f..595fa7e 100644
--- a/ql/src/test/queries/clientnegative/exim_25_import_nonexist_authfail.q
+++ b/ql/src/test/queries/clientnegative/exim_25_import_nonexist_authfail.q
@@ -1,4 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
set hive.test.mode=true;
set hive.test.mode.prefix=;
set hive.test.mode.nosamplelist=exim_department,exim_employee;
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientnegative/join_nonexistent_part.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientnegative/join_nonexistent_part.q b/ql/src/test/queries/clientnegative/join_nonexistent_part.q
new file mode 100644
index 0000000..bf60d2e
--- /dev/null
+++ b/ql/src/test/queries/clientnegative/join_nonexistent_part.q
@@ -0,0 +1,5 @@
+set hive.mapred.mode=nonstrict;
+SET hive.security.authorization.enabled = true;
+SELECT *
+FROM srcpart s1 join src s2 on s1.key == s2.key
+WHERE s1.ds='non-existent';
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientnegative/load_exist_part_authfail.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientnegative/load_exist_part_authfail.q b/ql/src/test/queries/clientnegative/load_exist_part_authfail.q
index f9ecc6f..eb72d94 100644
--- a/ql/src/test/queries/clientnegative/load_exist_part_authfail.q
+++ b/ql/src/test/queries/clientnegative/load_exist_part_authfail.q
@@ -1,4 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
create table hive_test_src ( col1 string ) partitioned by (pcol1 string) stored as textfile;
alter table hive_test_src add partition (pcol1 = 'test_part');
set hive.security.authorization.enabled=true;
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientnegative/load_nonpart_authfail.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientnegative/load_nonpart_authfail.q b/ql/src/test/queries/clientnegative/load_nonpart_authfail.q
index 1f40978..3265363 100644
--- a/ql/src/test/queries/clientnegative/load_nonpart_authfail.q
+++ b/ql/src/test/queries/clientnegative/load_nonpart_authfail.q
@@ -1,4 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
create table hive_test_src ( col1 string ) stored as textfile;
set hive.security.authorization.enabled=true;
load data local inpath '../../data/files/test.dat' overwrite into table hive_test_src ;
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientnegative/load_part_authfail.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientnegative/load_part_authfail.q b/ql/src/test/queries/clientnegative/load_part_authfail.q
index 5735cd2..315988d 100644
--- a/ql/src/test/queries/clientnegative/load_part_authfail.q
+++ b/ql/src/test/queries/clientnegative/load_part_authfail.q
@@ -1,4 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
create table hive_test_src ( col1 string ) partitioned by (pcol1 string) stored as textfile;
set hive.security.authorization.enabled=true;
load data local inpath '../../data/files/test.dat' overwrite into table hive_test_src partition (pcol1 = 'test_part');
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientpositive/alter_rename_partition_authorization.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientpositive/alter_rename_partition_authorization.q b/ql/src/test/queries/clientpositive/alter_rename_partition_authorization.q
index 70f2bb4..cdefc2d 100644
--- a/ql/src/test/queries/clientpositive/alter_rename_partition_authorization.q
+++ b/ql/src/test/queries/clientpositive/alter_rename_partition_authorization.q
@@ -1,4 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
-- SORT_BEFORE_DIFF
create table src_auth_tmp as select * from src;
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientpositive/authorization_1.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientpositive/authorization_1.q b/ql/src/test/queries/clientpositive/authorization_1.q
index 184acc7..d5fd2ec 100644
--- a/ql/src/test/queries/clientpositive/authorization_1.q
+++ b/ql/src/test/queries/clientpositive/authorization_1.q
@@ -1,5 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
-
-- SORT_BEFORE_DIFF
create table src_autho_test as select * from src;
@@ -88,4 +86,4 @@ revoke select on table src_autho_test from role sRc_roLE;
drop role sRc_roLE;
set hive.security.authorization.enabled=false;
-drop table src_autho_test;
+drop table src_autho_test;
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientpositive/authorization_2.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientpositive/authorization_2.q b/ql/src/test/queries/clientpositive/authorization_2.q
index efb42f7..3353c53 100644
--- a/ql/src/test/queries/clientpositive/authorization_2.q
+++ b/ql/src/test/queries/clientpositive/authorization_2.q
@@ -1,5 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
-
-- SORT_BEFORE_DIFF
create table authorization_part (key int, value string) partitioned by (ds string);
@@ -110,4 +108,4 @@ show grant group hive_test_group1 on table authorization_part partition (ds='201
revoke select on table src_auth_tmp from user hive_test_user;
set hive.security.authorization.enabled=false;
-drop table authorization_part;
+drop table authorization_part;
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientpositive/authorization_3.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientpositive/authorization_3.q b/ql/src/test/queries/clientpositive/authorization_3.q
index 09c6494..ba76b00 100644
--- a/ql/src/test/queries/clientpositive/authorization_3.q
+++ b/ql/src/test/queries/clientpositive/authorization_3.q
@@ -1,5 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
-
-- SORT_BEFORE_DIFF
create table src_autho_test as select * from src;
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientpositive/authorization_4.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientpositive/authorization_4.q b/ql/src/test/queries/clientpositive/authorization_4.q
index c1848a7..152c8e5 100644
--- a/ql/src/test/queries/clientpositive/authorization_4.q
+++ b/ql/src/test/queries/clientpositive/authorization_4.q
@@ -1,5 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
-
-- SORT_BEFORE_DIFF
create table src_autho_test as select * from src;
@@ -12,4 +10,4 @@ show grant user hive_test_user on table src_autho_test;
select key from src_autho_test order by key limit 20;
-drop table src_autho_test;
+drop table src_autho_test;
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientpositive/authorization_5.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientpositive/authorization_5.q b/ql/src/test/queries/clientpositive/authorization_5.q
index fb9b262..fec27b4 100644
--- a/ql/src/test/queries/clientpositive/authorization_5.q
+++ b/ql/src/test/queries/clientpositive/authorization_5.q
@@ -1,5 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
-
-- SORT_BEFORE_DIFF
CREATE DATABASE IF NOT EXISTS test_db COMMENT 'Hive test database';
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientpositive/authorization_6.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientpositive/authorization_6.q b/ql/src/test/queries/clientpositive/authorization_6.q
index 5f9bde7..258ada4 100644
--- a/ql/src/test/queries/clientpositive/authorization_6.q
+++ b/ql/src/test/queries/clientpositive/authorization_6.q
@@ -1,5 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
-
-- SORT_BEFORE_DIFF
create table src_auth_tmp as select * from src;
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientpositive/authorization_7.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientpositive/authorization_7.q b/ql/src/test/queries/clientpositive/authorization_7.q
index 216951e..ae49000 100644
--- a/ql/src/test/queries/clientpositive/authorization_7.q
+++ b/ql/src/test/queries/clientpositive/authorization_7.q
@@ -1,5 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
-
GRANT ALL TO USER hive_test_user;
SET hive.security.authorization.enabled=true;
CREATE TABLE src_authorization_7 (key int, value string);
@@ -14,4 +12,4 @@ SET hive.security.authorization.enabled=true;
CREATE TABLE src_authorization_7 (key int, value string);
DESCRIBE src_authorization_7;
DROP TABLE src_authorization_7;
-REVOKE ALL FROM GROUP hive_test_group1;
+REVOKE ALL FROM GROUP hive_test_group1;
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientpositive/authorization_8.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientpositive/authorization_8.q b/ql/src/test/queries/clientpositive/authorization_8.q
index b8571aa..67fcf31 100644
--- a/ql/src/test/queries/clientpositive/authorization_8.q
+++ b/ql/src/test/queries/clientpositive/authorization_8.q
@@ -1,4 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
set hive.security.authorization.enabled=true;
GRANT ALL TO USER hive_test_user;
CREATE TABLE tbl_j5jbymsx8e (key INT, value STRING) PARTITIONED BY (ds STRING);
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientpositive/authorization_9.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientpositive/authorization_9.q b/ql/src/test/queries/clientpositive/authorization_9.q
index 5f72665..ed62c45 100644
--- a/ql/src/test/queries/clientpositive/authorization_9.q
+++ b/ql/src/test/queries/clientpositive/authorization_9.q
@@ -1,4 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
-- SORT_BEFORE_DIFF
create table dummy (key string, value string);
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientpositive/authorization_default_create_table_owner_privs.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientpositive/authorization_default_create_table_owner_privs.q b/ql/src/test/queries/clientpositive/authorization_default_create_table_owner_privs.q
index e533ee7..c265733 100644
--- a/ql/src/test/queries/clientpositive/authorization_default_create_table_owner_privs.q
+++ b/ql/src/test/queries/clientpositive/authorization_default_create_table_owner_privs.q
@@ -1,4 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
set hive.security.authorization.createtable.owner.grants=ALL;
create table default_auth_table_creator_priv_test(i int);
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientpositive/authorization_explain.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientpositive/authorization_explain.q b/ql/src/test/queries/clientpositive/authorization_explain.q
index 6a9475c..fe376bf 100644
--- a/ql/src/test/queries/clientpositive/authorization_explain.q
+++ b/ql/src/test/queries/clientpositive/authorization_explain.q
@@ -1,4 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
set hive.mapred.mode=nonstrict;
set hive.security.authorization.enabled=true;
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientpositive/authorization_show_role_principals_v1.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientpositive/authorization_show_role_principals_v1.q b/ql/src/test/queries/clientpositive/authorization_show_role_principals_v1.q
index 45e89c5..50e9dc2 100644
--- a/ql/src/test/queries/clientpositive/authorization_show_role_principals_v1.q
+++ b/ql/src/test/queries/clientpositive/authorization_show_role_principals_v1.q
@@ -1,4 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
create role role1;
grant role1 to user user1 with admin option;
grant role1 to user user2 with admin option;
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientpositive/exim_21_export_authsuccess.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientpositive/exim_21_export_authsuccess.q b/ql/src/test/queries/clientpositive/exim_21_export_authsuccess.q
index 1e3eaee..293a011 100644
--- a/ql/src/test/queries/clientpositive/exim_21_export_authsuccess.q
+++ b/ql/src/test/queries/clientpositive/exim_21_export_authsuccess.q
@@ -1,4 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
set hive.test.mode=true;
set hive.test.mode.prefix=;
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientpositive/exim_22_import_exist_authsuccess.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientpositive/exim_22_import_exist_authsuccess.q b/ql/src/test/queries/clientpositive/exim_22_import_exist_authsuccess.q
index 606f9af..03714ab 100644
--- a/ql/src/test/queries/clientpositive/exim_22_import_exist_authsuccess.q
+++ b/ql/src/test/queries/clientpositive/exim_22_import_exist_authsuccess.q
@@ -1,7 +1,6 @@
set hive.test.mode=true;
set hive.test.mode.prefix=;
set hive.test.mode.nosamplelist=exim_department,exim_employee;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
create table exim_department ( dep_id int) stored as textfile;
load data local inpath "../../data/files/test.dat" into table exim_department;
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientpositive/exim_23_import_part_authsuccess.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientpositive/exim_23_import_part_authsuccess.q b/ql/src/test/queries/clientpositive/exim_23_import_part_authsuccess.q
index 316f2e0..9012b0e 100644
--- a/ql/src/test/queries/clientpositive/exim_23_import_part_authsuccess.q
+++ b/ql/src/test/queries/clientpositive/exim_23_import_part_authsuccess.q
@@ -2,7 +2,6 @@ set hive.mapred.mode=nonstrict;
set hive.test.mode=true;
set hive.test.mode.prefix=;
set hive.test.mode.nosamplelist=exim_department,exim_employee;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
create table exim_employee ( emp_id int comment "employee id")
comment "employee table"
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientpositive/exim_24_import_nonexist_authsuccess.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientpositive/exim_24_import_nonexist_authsuccess.q b/ql/src/test/queries/clientpositive/exim_24_import_nonexist_authsuccess.q
index 8ded70b..8934c47 100644
--- a/ql/src/test/queries/clientpositive/exim_24_import_nonexist_authsuccess.q
+++ b/ql/src/test/queries/clientpositive/exim_24_import_nonexist_authsuccess.q
@@ -1,7 +1,6 @@
set hive.test.mode=true;
set hive.test.mode.prefix=;
set hive.test.mode.nosamplelist=exim_department,exim_employee;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
create table exim_department ( dep_id int) stored as textfile;
load data local inpath "../../data/files/test.dat" into table exim_department;
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientpositive/index_auth.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientpositive/index_auth.q b/ql/src/test/queries/clientpositive/index_auth.q
index b12b742..03d77f1 100644
--- a/ql/src/test/queries/clientpositive/index_auth.q
+++ b/ql/src/test/queries/clientpositive/index_auth.q
@@ -1,7 +1,5 @@
set hive.stats.dbclass=fs;
SET hive.input.format=org.apache.hadoop.hive.ql.io.HiveInputFormat;
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
-
create table foobar(key int, value string) PARTITIONED BY (ds string, hr string);
alter table foobar add partition (ds='2008-04-08',hr='12');
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientpositive/keyword_1.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientpositive/keyword_1.q b/ql/src/test/queries/clientpositive/keyword_1.q
index 9277725..d274515 100644
--- a/ql/src/test/queries/clientpositive/keyword_1.q
+++ b/ql/src/test/queries/clientpositive/keyword_1.q
@@ -1,5 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
-
-- SORT_BEFORE_DIFF
create table test_user (`user` string, `group` string);
@@ -18,4 +16,4 @@ explain select role from test_user;
show grant user hive_test on table test_user;
-drop table test_user;
+drop table test_user;
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientpositive/load_exist_part_authsuccess.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientpositive/load_exist_part_authsuccess.q b/ql/src/test/queries/clientpositive/load_exist_part_authsuccess.q
index 1ce4824..35eb219 100644
--- a/ql/src/test/queries/clientpositive/load_exist_part_authsuccess.q
+++ b/ql/src/test/queries/clientpositive/load_exist_part_authsuccess.q
@@ -1,4 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
create table hive_test_src ( col1 string ) partitioned by (pcol1 string) stored as textfile;
alter table hive_test_src add partition (pcol1 = 'test_part');
set hive.security.authorization.enabled=true;
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientpositive/load_nonpart_authsuccess.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientpositive/load_nonpart_authsuccess.q b/ql/src/test/queries/clientpositive/load_nonpart_authsuccess.q
index 29d4e80..fdee451 100644
--- a/ql/src/test/queries/clientpositive/load_nonpart_authsuccess.q
+++ b/ql/src/test/queries/clientpositive/load_nonpart_authsuccess.q
@@ -1,4 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
create table hive_test_src ( col1 string ) stored as textfile;
set hive.security.authorization.enabled=true;
grant Update on table hive_test_src to user hive_test_user;
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientpositive/load_part_authsuccess.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientpositive/load_part_authsuccess.q b/ql/src/test/queries/clientpositive/load_part_authsuccess.q
index 868fd6c..cee5873 100644
--- a/ql/src/test/queries/clientpositive/load_part_authsuccess.q
+++ b/ql/src/test/queries/clientpositive/load_part_authsuccess.q
@@ -1,4 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
create table hive_test_src ( col1 string ) partitioned by (pcol1 string) stored as textfile;
set hive.security.authorization.enabled=true;
grant Update on table hive_test_src to user hive_test_user;
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/queries/clientpositive/show_roles.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientpositive/show_roles.q b/ql/src/test/queries/clientpositive/show_roles.q
index 9e5a6c3..d8ce96a 100644
--- a/ql/src/test/queries/clientpositive/show_roles.q
+++ b/ql/src/test/queries/clientpositive/show_roles.q
@@ -1,5 +1,3 @@
-set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
-
create role role1;
create role role2;
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/results/clientnegative/authorization_cli_auth_enable.q.out
----------------------------------------------------------------------
diff --git a/ql/src/test/results/clientnegative/authorization_cli_auth_enable.q.out b/ql/src/test/results/clientnegative/authorization_cli_auth_enable.q.out
new file mode 100644
index 0000000..252eb66
--- /dev/null
+++ b/ql/src/test/results/clientnegative/authorization_cli_auth_enable.q.out
@@ -0,0 +1 @@
+FAILED: RuntimeException org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException: SQL standards based authorization should not be enabled from hive cliInstead the use of storage based authorization in hive metastore is reccomended. Set hive.security.authorization.enabled=false to disable authz within cli
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/results/clientnegative/join_nonexistent_part.q.out
----------------------------------------------------------------------
diff --git a/ql/src/test/results/clientnegative/join_nonexistent_part.q.out b/ql/src/test/results/clientnegative/join_nonexistent_part.q.out
new file mode 100644
index 0000000..a924895
--- /dev/null
+++ b/ql/src/test/results/clientnegative/join_nonexistent_part.q.out
@@ -0,0 +1 @@
+Authorization failed:No privilege 'Select' found for inputs { database:default, table:srcpart, columnName:key}. Use SHOW GRANT to get more details.
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/results/clientpositive/authorization_9.q.out
----------------------------------------------------------------------
diff --git a/ql/src/test/results/clientpositive/authorization_9.q.out b/ql/src/test/results/clientpositive/authorization_9.q.out
index 6bb8ecb..7f95f5e 100644
--- a/ql/src/test/results/clientpositive/authorization_9.q.out
+++ b/ql/src/test/results/clientpositive/authorization_9.q.out
@@ -46,67 +46,7 @@ POSTHOOK: query: show grant user hive_test_user on all
POSTHOOK: type: SHOW_GRANT
hive_test_user USER SELECT false -1 hive_test_user
default hive_test_user USER SELECT false -1 hive_test_user
-default alltypesorc hive_test_user USER DELETE true -1 hive_test_user
-default alltypesorc hive_test_user USER INSERT true -1 hive_test_user
-default alltypesorc hive_test_user USER SELECT true -1 hive_test_user
-default alltypesorc hive_test_user USER UPDATE true -1 hive_test_user
-default cbo_t1 hive_test_user USER DELETE true -1 hive_test_user
-default cbo_t1 hive_test_user USER INSERT true -1 hive_test_user
-default cbo_t1 hive_test_user USER SELECT true -1 hive_test_user
-default cbo_t1 hive_test_user USER UPDATE true -1 hive_test_user
-default cbo_t2 hive_test_user USER DELETE true -1 hive_test_user
-default cbo_t2 hive_test_user USER INSERT true -1 hive_test_user
-default cbo_t2 hive_test_user USER SELECT true -1 hive_test_user
-default cbo_t2 hive_test_user USER UPDATE true -1 hive_test_user
-default cbo_t3 hive_test_user USER DELETE true -1 hive_test_user
-default cbo_t3 hive_test_user USER INSERT true -1 hive_test_user
-default cbo_t3 hive_test_user USER SELECT true -1 hive_test_user
-default cbo_t3 hive_test_user USER UPDATE true -1 hive_test_user
default dummy hive_test_user USER SELECT false -1 hive_test_user
-default lineitem hive_test_user USER DELETE true -1 hive_test_user
-default lineitem hive_test_user USER INSERT true -1 hive_test_user
-default lineitem hive_test_user USER SELECT true -1 hive_test_user
-default lineitem hive_test_user USER UPDATE true -1 hive_test_user
-default part hive_test_user USER DELETE true -1 hive_test_user
-default part hive_test_user USER INSERT true -1 hive_test_user
-default part hive_test_user USER SELECT true -1 hive_test_user
-default part hive_test_user USER UPDATE true -1 hive_test_user
-default src hive_test_user USER DELETE true -1 hive_test_user
-default src hive_test_user USER INSERT true -1 hive_test_user
-default src hive_test_user USER SELECT true -1 hive_test_user
-default src hive_test_user USER UPDATE true -1 hive_test_user
-default src1 hive_test_user USER DELETE true -1 hive_test_user
-default src1 hive_test_user USER INSERT true -1 hive_test_user
-default src1 hive_test_user USER SELECT true -1 hive_test_user
-default src1 hive_test_user USER UPDATE true -1 hive_test_user
-default src_cbo hive_test_user USER DELETE true -1 hive_test_user
-default src_cbo hive_test_user USER INSERT true -1 hive_test_user
-default src_cbo hive_test_user USER SELECT true -1 hive_test_user
-default src_cbo hive_test_user USER UPDATE true -1 hive_test_user
-default src_json hive_test_user USER DELETE true -1 hive_test_user
-default src_json hive_test_user USER INSERT true -1 hive_test_user
-default src_json hive_test_user USER SELECT true -1 hive_test_user
-default src_json hive_test_user USER UPDATE true -1 hive_test_user
-default src_sequencefile hive_test_user USER DELETE true -1 hive_test_user
-default src_sequencefile hive_test_user USER INSERT true -1 hive_test_user
-default src_sequencefile hive_test_user USER SELECT true -1 hive_test_user
-default src_sequencefile hive_test_user USER UPDATE true -1 hive_test_user
-default src_thrift hive_test_user USER DELETE true -1 hive_test_user
-default src_thrift hive_test_user USER INSERT true -1 hive_test_user
-default src_thrift hive_test_user USER SELECT true -1 hive_test_user
-default src_thrift hive_test_user USER UPDATE true -1 hive_test_user
-default srcbucket hive_test_user USER DELETE true -1 hive_test_user
-default srcbucket hive_test_user USER INSERT true -1 hive_test_user
-default srcbucket hive_test_user USER SELECT true -1 hive_test_user
-default srcbucket hive_test_user USER UPDATE true -1 hive_test_user
-default srcbucket2 hive_test_user USER DELETE true -1 hive_test_user
-default srcbucket2 hive_test_user USER INSERT true -1 hive_test_user
-default srcbucket2 hive_test_user USER SELECT true -1 hive_test_user
-default srcbucket2 hive_test_user USER UPDATE true -1 hive_test_user
-default srcpart hive_test_user USER DELETE true -1 hive_test_user
-default srcpart hive_test_user USER INSERT true -1 hive_test_user
-default srcpart hive_test_user USER SELECT true -1 hive_test_user
-default srcpart hive_test_user USER UPDATE true -1 hive_test_user
default dummy [key] hive_test_user USER SELECT false -1 hive_test_user
default dummy [value] hive_test_user USER SELECT false -1 hive_test_user
PREHOOK: query: grant select to user hive_test_user2
@@ -138,68 +78,8 @@ POSTHOOK: type: SHOW_GRANT
hive_test_user2 USER SELECT false -1 hive_test_user
default hive_test_user USER SELECT false -1 hive_test_user
default hive_test_user2 USER SELECT false -1 hive_test_user
-default alltypesorc hive_test_user USER DELETE true -1 hive_test_user
-default alltypesorc hive_test_user USER INSERT true -1 hive_test_user
-default alltypesorc hive_test_user USER SELECT true -1 hive_test_user
-default alltypesorc hive_test_user USER UPDATE true -1 hive_test_user
-default cbo_t1 hive_test_user USER DELETE true -1 hive_test_user
-default cbo_t1 hive_test_user USER INSERT true -1 hive_test_user
-default cbo_t1 hive_test_user USER SELECT true -1 hive_test_user
-default cbo_t1 hive_test_user USER UPDATE true -1 hive_test_user
-default cbo_t2 hive_test_user USER DELETE true -1 hive_test_user
-default cbo_t2 hive_test_user USER INSERT true -1 hive_test_user
-default cbo_t2 hive_test_user USER SELECT true -1 hive_test_user
-default cbo_t2 hive_test_user USER UPDATE true -1 hive_test_user
-default cbo_t3 hive_test_user USER DELETE true -1 hive_test_user
-default cbo_t3 hive_test_user USER INSERT true -1 hive_test_user
-default cbo_t3 hive_test_user USER SELECT true -1 hive_test_user
-default cbo_t3 hive_test_user USER UPDATE true -1 hive_test_user
default dummy hive_test_user USER SELECT false -1 hive_test_user
default dummy hive_test_user2 USER SELECT false -1 hive_test_user
-default lineitem hive_test_user USER DELETE true -1 hive_test_user
-default lineitem hive_test_user USER INSERT true -1 hive_test_user
-default lineitem hive_test_user USER SELECT true -1 hive_test_user
-default lineitem hive_test_user USER UPDATE true -1 hive_test_user
-default part hive_test_user USER DELETE true -1 hive_test_user
-default part hive_test_user USER INSERT true -1 hive_test_user
-default part hive_test_user USER SELECT true -1 hive_test_user
-default part hive_test_user USER UPDATE true -1 hive_test_user
-default src hive_test_user USER DELETE true -1 hive_test_user
-default src hive_test_user USER INSERT true -1 hive_test_user
-default src hive_test_user USER SELECT true -1 hive_test_user
-default src hive_test_user USER UPDATE true -1 hive_test_user
-default src1 hive_test_user USER DELETE true -1 hive_test_user
-default src1 hive_test_user USER INSERT true -1 hive_test_user
-default src1 hive_test_user USER SELECT true -1 hive_test_user
-default src1 hive_test_user USER UPDATE true -1 hive_test_user
-default src_cbo hive_test_user USER DELETE true -1 hive_test_user
-default src_cbo hive_test_user USER INSERT true -1 hive_test_user
-default src_cbo hive_test_user USER SELECT true -1 hive_test_user
-default src_cbo hive_test_user USER UPDATE true -1 hive_test_user
-default src_json hive_test_user USER DELETE true -1 hive_test_user
-default src_json hive_test_user USER INSERT true -1 hive_test_user
-default src_json hive_test_user USER SELECT true -1 hive_test_user
-default src_json hive_test_user USER UPDATE true -1 hive_test_user
-default src_sequencefile hive_test_user USER DELETE true -1 hive_test_user
-default src_sequencefile hive_test_user USER INSERT true -1 hive_test_user
-default src_sequencefile hive_test_user USER SELECT true -1 hive_test_user
-default src_sequencefile hive_test_user USER UPDATE true -1 hive_test_user
-default src_thrift hive_test_user USER DELETE true -1 hive_test_user
-default src_thrift hive_test_user USER INSERT true -1 hive_test_user
-default src_thrift hive_test_user USER SELECT true -1 hive_test_user
-default src_thrift hive_test_user USER UPDATE true -1 hive_test_user
-default srcbucket hive_test_user USER DELETE true -1 hive_test_user
-default srcbucket hive_test_user USER INSERT true -1 hive_test_user
-default srcbucket hive_test_user USER SELECT true -1 hive_test_user
-default srcbucket hive_test_user USER UPDATE true -1 hive_test_user
-default srcbucket2 hive_test_user USER DELETE true -1 hive_test_user
-default srcbucket2 hive_test_user USER INSERT true -1 hive_test_user
-default srcbucket2 hive_test_user USER SELECT true -1 hive_test_user
-default srcbucket2 hive_test_user USER UPDATE true -1 hive_test_user
-default srcpart hive_test_user USER DELETE true -1 hive_test_user
-default srcpart hive_test_user USER INSERT true -1 hive_test_user
-default srcpart hive_test_user USER SELECT true -1 hive_test_user
-default srcpart hive_test_user USER UPDATE true -1 hive_test_user
default dummy [key] hive_test_user USER SELECT false -1 hive_test_user
default dummy [key] hive_test_user2 USER SELECT false -1 hive_test_user
default dummy [value] hive_test_user USER SELECT false -1 hive_test_user
@@ -210,67 +90,7 @@ POSTHOOK: query: show grant user hive_test_user on all
POSTHOOK: type: SHOW_GRANT
hive_test_user USER SELECT false -1 hive_test_user
default hive_test_user USER SELECT false -1 hive_test_user
-default alltypesorc hive_test_user USER DELETE true -1 hive_test_user
-default alltypesorc hive_test_user USER INSERT true -1 hive_test_user
-default alltypesorc hive_test_user USER SELECT true -1 hive_test_user
-default alltypesorc hive_test_user USER UPDATE true -1 hive_test_user
-default cbo_t1 hive_test_user USER DELETE true -1 hive_test_user
-default cbo_t1 hive_test_user USER INSERT true -1 hive_test_user
-default cbo_t1 hive_test_user USER SELECT true -1 hive_test_user
-default cbo_t1 hive_test_user USER UPDATE true -1 hive_test_user
-default cbo_t2 hive_test_user USER DELETE true -1 hive_test_user
-default cbo_t2 hive_test_user USER INSERT true -1 hive_test_user
-default cbo_t2 hive_test_user USER SELECT true -1 hive_test_user
-default cbo_t2 hive_test_user USER UPDATE true -1 hive_test_user
-default cbo_t3 hive_test_user USER DELETE true -1 hive_test_user
-default cbo_t3 hive_test_user USER INSERT true -1 hive_test_user
-default cbo_t3 hive_test_user USER SELECT true -1 hive_test_user
-default cbo_t3 hive_test_user USER UPDATE true -1 hive_test_user
default dummy hive_test_user USER SELECT false -1 hive_test_user
-default lineitem hive_test_user USER DELETE true -1 hive_test_user
-default lineitem hive_test_user USER INSERT true -1 hive_test_user
-default lineitem hive_test_user USER SELECT true -1 hive_test_user
-default lineitem hive_test_user USER UPDATE true -1 hive_test_user
-default part hive_test_user USER DELETE true -1 hive_test_user
-default part hive_test_user USER INSERT true -1 hive_test_user
-default part hive_test_user USER SELECT true -1 hive_test_user
-default part hive_test_user USER UPDATE true -1 hive_test_user
-default src hive_test_user USER DELETE true -1 hive_test_user
-default src hive_test_user USER INSERT true -1 hive_test_user
-default src hive_test_user USER SELECT true -1 hive_test_user
-default src hive_test_user USER UPDATE true -1 hive_test_user
-default src1 hive_test_user USER DELETE true -1 hive_test_user
-default src1 hive_test_user USER INSERT true -1 hive_test_user
-default src1 hive_test_user USER SELECT true -1 hive_test_user
-default src1 hive_test_user USER UPDATE true -1 hive_test_user
-default src_cbo hive_test_user USER DELETE true -1 hive_test_user
-default src_cbo hive_test_user USER INSERT true -1 hive_test_user
-default src_cbo hive_test_user USER SELECT true -1 hive_test_user
-default src_cbo hive_test_user USER UPDATE true -1 hive_test_user
-default src_json hive_test_user USER DELETE true -1 hive_test_user
-default src_json hive_test_user USER INSERT true -1 hive_test_user
-default src_json hive_test_user USER SELECT true -1 hive_test_user
-default src_json hive_test_user USER UPDATE true -1 hive_test_user
-default src_sequencefile hive_test_user USER DELETE true -1 hive_test_user
-default src_sequencefile hive_test_user USER INSERT true -1 hive_test_user
-default src_sequencefile hive_test_user USER SELECT true -1 hive_test_user
-default src_sequencefile hive_test_user USER UPDATE true -1 hive_test_user
-default src_thrift hive_test_user USER DELETE true -1 hive_test_user
-default src_thrift hive_test_user USER INSERT true -1 hive_test_user
-default src_thrift hive_test_user USER SELECT true -1 hive_test_user
-default src_thrift hive_test_user USER UPDATE true -1 hive_test_user
-default srcbucket hive_test_user USER DELETE true -1 hive_test_user
-default srcbucket hive_test_user USER INSERT true -1 hive_test_user
-default srcbucket hive_test_user USER SELECT true -1 hive_test_user
-default srcbucket hive_test_user USER UPDATE true -1 hive_test_user
-default srcbucket2 hive_test_user USER DELETE true -1 hive_test_user
-default srcbucket2 hive_test_user USER INSERT true -1 hive_test_user
-default srcbucket2 hive_test_user USER SELECT true -1 hive_test_user
-default srcbucket2 hive_test_user USER UPDATE true -1 hive_test_user
-default srcpart hive_test_user USER DELETE true -1 hive_test_user
-default srcpart hive_test_user USER INSERT true -1 hive_test_user
-default srcpart hive_test_user USER SELECT true -1 hive_test_user
-default srcpart hive_test_user USER UPDATE true -1 hive_test_user
default dummy [key] hive_test_user USER SELECT false -1 hive_test_user
default dummy [value] hive_test_user USER SELECT false -1 hive_test_user
PREHOOK: query: show grant user hive_test_user2 on all
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/results/clientpositive/authorization_explain.q.java1.7.out
----------------------------------------------------------------------
diff --git a/ql/src/test/results/clientpositive/authorization_explain.q.java1.7.out b/ql/src/test/results/clientpositive/authorization_explain.q.java1.7.out
index a9ed049..b7ec209 100644
--- a/ql/src/test/results/clientpositive/authorization_explain.q.java1.7.out
+++ b/ql/src/test/results/clientpositive/authorization_explain.q.java1.7.out
@@ -20,6 +20,9 @@ CURRENT_USER:
hive_test_user
OPERATION:
QUERY
+AUTHORIZATION_FAILURES:
+ No privilege 'Select' found for inputs { database:default, table:src, columnName:key}
+ No privilege 'Select' found for inputs { database:default, table:srcpart, columnName:key}
Warning: Shuffle Join JOIN[7][tables = [$hdt$_0, $hdt$_1]] in Stage 'Stage-1:MAPRED' is a cross product
PREHOOK: query: explain formatted authorization select * from src join srcpart
PREHOOK: type: QUERY
http://git-wip-us.apache.org/repos/asf/hive/blob/e84da8c9/ql/src/test/results/clientpositive/authorization_show_grant.q.out
----------------------------------------------------------------------
diff --git a/ql/src/test/results/clientpositive/authorization_show_grant.q.out b/ql/src/test/results/clientpositive/authorization_show_grant.q.out
index 7fa0b1c..2e7d7f6 100644
--- a/ql/src/test/results/clientpositive/authorization_show_grant.q.out
+++ b/ql/src/test/results/clientpositive/authorization_show_grant.q.out
@@ -111,66 +111,6 @@ PREHOOK: query: show grant
PREHOOK: type: SHOW_GRANT
POSTHOOK: query: show grant
POSTHOOK: type: SHOW_GRANT
-default alltypesorc hive_test_user USER DELETE true -1 hive_test_user
-default alltypesorc hive_test_user USER INSERT true -1 hive_test_user
-default alltypesorc hive_test_user USER SELECT true -1 hive_test_user
-default alltypesorc hive_test_user USER UPDATE true -1 hive_test_user
-default cbo_t1 hive_test_user USER DELETE true -1 hive_test_user
-default cbo_t1 hive_test_user USER INSERT true -1 hive_test_user
-default cbo_t1 hive_test_user USER SELECT true -1 hive_test_user
-default cbo_t1 hive_test_user USER UPDATE true -1 hive_test_user
-default cbo_t2 hive_test_user USER DELETE true -1 hive_test_user
-default cbo_t2 hive_test_user USER INSERT true -1 hive_test_user
-default cbo_t2 hive_test_user USER SELECT true -1 hive_test_user
-default cbo_t2 hive_test_user USER UPDATE true -1 hive_test_user
-default cbo_t3 hive_test_user USER DELETE true -1 hive_test_user
-default cbo_t3 hive_test_user USER INSERT true -1 hive_test_user
-default cbo_t3 hive_test_user USER SELECT true -1 hive_test_user
-default cbo_t3 hive_test_user USER UPDATE true -1 hive_test_user
-default lineitem hive_test_user USER DELETE true -1 hive_test_user
-default lineitem hive_test_user USER INSERT true -1 hive_test_user
-default lineitem hive_test_user USER SELECT true -1 hive_test_user
-default lineitem hive_test_user USER UPDATE true -1 hive_test_user
-default part hive_test_user USER DELETE true -1 hive_test_user
-default part hive_test_user USER INSERT true -1 hive_test_user
-default part hive_test_user USER SELECT true -1 hive_test_user
-default part hive_test_user USER UPDATE true -1 hive_test_user
-default src hive_test_user USER DELETE true -1 hive_test_user
-default src hive_test_user USER INSERT true -1 hive_test_user
-default src hive_test_user USER SELECT true -1 hive_test_user
-default src hive_test_user USER UPDATE true -1 hive_test_user
-default src1 hive_test_user USER DELETE true -1 hive_test_user
-default src1 hive_test_user USER INSERT true -1 hive_test_user
-default src1 hive_test_user USER SELECT true -1 hive_test_user
-default src1 hive_test_user USER UPDATE true -1 hive_test_user
-default src_cbo hive_test_user USER DELETE true -1 hive_test_user
-default src_cbo hive_test_user USER INSERT true -1 hive_test_user
-default src_cbo hive_test_user USER SELECT true -1 hive_test_user
-default src_cbo hive_test_user USER UPDATE true -1 hive_test_user
-default src_json hive_test_user USER DELETE true -1 hive_test_user
-default src_json hive_test_user USER INSERT true -1 hive_test_user
-default src_json hive_test_user USER SELECT true -1 hive_test_user
-default src_json hive_test_user USER UPDATE true -1 hive_test_user
-default src_sequencefile hive_test_user USER DELETE true -1 hive_test_user
-default src_sequencefile hive_test_user USER INSERT true -1 hive_test_user
-default src_sequencefile hive_test_user USER SELECT true -1 hive_test_user
-default src_sequencefile hive_test_user USER UPDATE true -1 hive_test_user
-default src_thrift hive_test_user USER DELETE true -1 hive_test_user
-default src_thrift hive_test_user USER INSERT true -1 hive_test_user
-default src_thrift hive_test_user USER SELECT true -1 hive_test_user
-default src_thrift hive_test_user USER UPDATE true -1 hive_test_user
-default srcbucket hive_test_user USER DELETE true -1 hive_test_user
-default srcbucket hive_test_user USER INSERT true -1 hive_test_user
-default srcbucket hive_test_user USER SELECT true -1 hive_test_user
-default srcbucket hive_test_user USER UPDATE true -1 hive_test_user
-default srcbucket2 hive_test_user USER DELETE true -1 hive_test_user
-default srcbucket2 hive_test_user USER INSERT true -1 hive_test_user
-default srcbucket2 hive_test_user USER SELECT true -1 hive_test_user
-default srcbucket2 hive_test_user USER UPDATE true -1 hive_test_user
-default srcpart hive_test_user USER DELETE true -1 hive_test_user
-default srcpart hive_test_user USER INSERT true -1 hive_test_user
-default srcpart hive_test_user USER SELECT true -1 hive_test_user
-default srcpart hive_test_user USER UPDATE true -1 hive_test_user
default t1 rolea ROLE SELECT false -1 user1
default t1 user1 USER DELETE true -1 hive_admin_user
default t1 user1 USER INSERT true -1 hive_admin_user