You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hive.apache.org by ng...@apache.org on 2019/08/19 14:00:25 UTC
[hive] branch master updated: HIVE-22063:Ranger Authorization in
Hive based on object ownership (Sam An, reviewed by Naveen Gangam)
This is an automated email from the ASF dual-hosted git repository.
ngangam pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/hive.git
The following commit(s) were added to refs/heads/master by this push:
new a938fa8 HIVE-22063:Ranger Authorization in Hive based on object ownership (Sam An, reviewed by Naveen Gangam)
a938fa8 is described below
commit a938fa8a24196e325f9df9bb430b4bc3a9839e0c
Author: Naveen Gangam <ng...@apache.org>
AuthorDate: Mon Aug 19 10:00:07 2019 -0400
HIVE-22063:Ranger Authorization in Hive based on object ownership (Sam An, reviewed by Naveen Gangam)
---
.../plugin/metastore/HiveMetaStoreAuthorizableEvent.java | 8 ++++++--
.../authorization/plugin/metastore/events/CreateTableEvent.java | 4 +++-
2 files changed, 9 insertions(+), 3 deletions(-)
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/metastore/HiveMetaStoreAuthorizableEvent.java b/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/metastore/HiveMetaStoreAuthorizableEvent.java
index d3d475a..2bae723 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/metastore/HiveMetaStoreAuthorizableEvent.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/metastore/HiveMetaStoreAuthorizableEvent.java
@@ -52,11 +52,15 @@ public abstract class HiveMetaStoreAuthorizableEvent {
}
protected HivePrivilegeObject getHivePrivilegeObject(Database database) {
- return new HivePrivilegeObject(HivePrivilegeObject.HivePrivilegeObjectType.DATABASE, database.getName(), null);
+ return new HivePrivilegeObject(HivePrivilegeObject.HivePrivilegeObjectType.DATABASE, database.getName(),
+ null, null, null, HivePrivilegeObject.HivePrivObjectActionType.OTHER, null, null,
+ database.getOwnerName(), database.getOwnerType());
}
protected HivePrivilegeObject getHivePrivilegeObject(Table table) {
- return new HivePrivilegeObject(HivePrivilegeObject.HivePrivilegeObjectType.TABLE_OR_VIEW, table.getDbName(), table.getTableName());
+ return new HivePrivilegeObject(HivePrivilegeObject.HivePrivilegeObjectType.TABLE_OR_VIEW, table.getDbName(),
+ table.getTableName(), null, null, HivePrivilegeObject.HivePrivObjectActionType.OTHER, null, null,
+ table.getOwner(), table.getOwnerType());
}
protected HivePrivilegeObject getHivePrivilegeObjectDfsUri(String uri) {
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/metastore/events/CreateTableEvent.java b/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/metastore/events/CreateTableEvent.java
index cb5d617..f3fa758 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/metastore/events/CreateTableEvent.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/metastore/events/CreateTableEvent.java
@@ -68,7 +68,9 @@ public class CreateTableEvent extends HiveMetaStoreAuthorizableEvent {
Table table = event.getTable();
String uri = getSdLocation(table.getSd());
- ret.add(new HivePrivilegeObject(HivePrivilegeObjectType.DATABASE, table.getDbName(), null));
+ ret.add(new HivePrivilegeObject(HivePrivilegeObjectType.DATABASE, table.getDbName(), null, null, null,
+ HivePrivilegeObject.HivePrivObjectActionType.OTHER, null, null,
+ table.getOwner(), table.getOwnerType()));
ret.add(getHivePrivilegeObject(table));
if (StringUtils.isNotEmpty(uri)) {