You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hive.apache.org by ng...@apache.org on 2019/08/19 14:00:25 UTC

[hive] branch master updated: HIVE-22063:Ranger Authorization in Hive based on object ownership (Sam An, reviewed by Naveen Gangam)

This is an automated email from the ASF dual-hosted git repository.

ngangam pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/hive.git


The following commit(s) were added to refs/heads/master by this push:
     new a938fa8  HIVE-22063:Ranger Authorization in Hive based on object ownership (Sam An, reviewed by Naveen Gangam)
a938fa8 is described below

commit a938fa8a24196e325f9df9bb430b4bc3a9839e0c
Author: Naveen Gangam <ng...@apache.org>
AuthorDate: Mon Aug 19 10:00:07 2019 -0400

    HIVE-22063:Ranger Authorization in Hive based on object ownership (Sam An, reviewed by Naveen Gangam)
---
 .../plugin/metastore/HiveMetaStoreAuthorizableEvent.java          | 8 ++++++--
 .../authorization/plugin/metastore/events/CreateTableEvent.java   | 4 +++-
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/metastore/HiveMetaStoreAuthorizableEvent.java b/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/metastore/HiveMetaStoreAuthorizableEvent.java
index d3d475a..2bae723 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/metastore/HiveMetaStoreAuthorizableEvent.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/metastore/HiveMetaStoreAuthorizableEvent.java
@@ -52,11 +52,15 @@ public abstract class HiveMetaStoreAuthorizableEvent {
   }
 
   protected HivePrivilegeObject getHivePrivilegeObject(Database database) {
-    return new HivePrivilegeObject(HivePrivilegeObject.HivePrivilegeObjectType.DATABASE, database.getName(), null);
+    return new HivePrivilegeObject(HivePrivilegeObject.HivePrivilegeObjectType.DATABASE, database.getName(),
+        null, null, null, HivePrivilegeObject.HivePrivObjectActionType.OTHER, null, null,
+        database.getOwnerName(), database.getOwnerType());
   }
 
   protected HivePrivilegeObject getHivePrivilegeObject(Table table) {
-    return new HivePrivilegeObject(HivePrivilegeObject.HivePrivilegeObjectType.TABLE_OR_VIEW, table.getDbName(), table.getTableName());
+    return new HivePrivilegeObject(HivePrivilegeObject.HivePrivilegeObjectType.TABLE_OR_VIEW, table.getDbName(),
+        table.getTableName(), null, null, HivePrivilegeObject.HivePrivObjectActionType.OTHER, null, null,
+        table.getOwner(), table.getOwnerType());
   }
 
   protected HivePrivilegeObject getHivePrivilegeObjectDfsUri(String uri) {
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/metastore/events/CreateTableEvent.java b/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/metastore/events/CreateTableEvent.java
index cb5d617..f3fa758 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/metastore/events/CreateTableEvent.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/metastore/events/CreateTableEvent.java
@@ -68,7 +68,9 @@ public class CreateTableEvent extends HiveMetaStoreAuthorizableEvent {
     Table                     table = event.getTable();
     String                    uri   = getSdLocation(table.getSd());
 
-    ret.add(new HivePrivilegeObject(HivePrivilegeObjectType.DATABASE, table.getDbName(), null));
+    ret.add(new HivePrivilegeObject(HivePrivilegeObjectType.DATABASE, table.getDbName(), null, null, null,
+        HivePrivilegeObject.HivePrivObjectActionType.OTHER, null, null,
+        table.getOwner(), table.getOwnerType()));
     ret.add(getHivePrivilegeObject(table));
 
     if (StringUtils.isNotEmpty(uri)) {