You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hive.apache.org by Prasad Mujumdar <pr...@cloudera.com> on 2014/09/12 23:50:45 UTC

Review Request 25595: HIVE-8083: Authorization DDLs should not enforce hive identifier syntax for user or group namesname that

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/25595/
-----------------------------------------------------------

Review request for hive and Brock Noland.


Bugs: HIVE-8083
    https://issues.apache.org/jira/browse/HIVE-8083


Repository: hive-git


Description
-------

The compiler expects principals (user, group and role) as hive identifiers for authorization DDLs. The user and group are entities that belong to external namespace and we can't expect those to follow hive identifier syntax rules. For example, a userid or group can contain '-' which is not allowed by compiler.
The patch is to allow string literal for user and group names.
The quoted identifier support perhaps can be made to work with this. However IMO this syntax should be supported regardless of quoted identifier support (which is an optional configuration)


Diffs
-----

  ql/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g 25cd3a5 
  ql/src/test/queries/clientpositive/authorization_non_id.q PRE-CREATION 
  ql/src/test/results/clientpositive/authorization_non_id.q.out PRE-CREATION 

Diff: https://reviews.apache.org/r/25595/diff/


Testing
-------

Added test case to verify various auth DDLs with new syntax.


Thanks,

Prasad Mujumdar

Re: Review Request 25595: HIVE-8083: Authorization DDLs should not enforce hive identifier syntax for user or group namesname that

Posted by Prasad Mujumdar <pr...@cloudera.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/25595/
-----------------------------------------------------------

(Updated Sept. 17, 2014, 5:08 p.m.)


Review request for hive and Brock Noland.


Changes
-------

Addressed review feedback
Used QuotedIdentifier rule directly. This ensures that the back quotes are removed from the user or group name.
Updated test case.


Bugs: HIVE-8083
    https://issues.apache.org/jira/browse/HIVE-8083


Repository: hive-git


Description
-------

The compiler expects principals (user, group and role) as hive identifiers for authorization DDLs. The user and group are entities that belong to external namespace and we can't expect those to follow hive identifier syntax rules. For example, a userid or group can contain '-' which is not allowed by compiler.
The patch is to allow string literal for user and group names.
The quoted identifier support perhaps can be made to work with this. However IMO this syntax should be supported regardless of quoted identifier support (which is an optional configuration)


Diffs (updated)
-----

  ql/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g 25cd3a5 
  ql/src/java/org/apache/hadoop/hive/ql/parse/IdentifiersParser.g 34d2dfc 
  ql/src/test/queries/clientpositive/authorization_non_id.q PRE-CREATION 
  ql/src/test/results/clientpositive/authorization_non_id.q.out PRE-CREATION 

Diff: https://reviews.apache.org/r/25595/diff/


Testing
-------

Added test case to verify various auth DDLs with new syntax.


Thanks,

Prasad Mujumdar

Re: Review Request 25595: HIVE-8083: Authorization DDLs should not enforce hive identifier syntax for user or group namesname that

Posted by Prasad Mujumdar <pr...@cloudera.com>.

> On Sept. 16, 2014, 11:43 p.m., Xuefu Zhang wrote:
> > ql/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g, line 1541
> > <https://reviews.apache.org/r/25595/diff/2/?file=690767#file690767line1541>
> >
> >     Is this supposed to be just identifier itself?

yes, it should be just identifier.


- Prasad


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/25595/#review53624
-----------------------------------------------------------


On Sept. 16, 2014, 6:29 p.m., Prasad Mujumdar wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/25595/
> -----------------------------------------------------------
> 
> (Updated Sept. 16, 2014, 6:29 p.m.)
> 
> 
> Review request for hive and Brock Noland.
> 
> 
> Bugs: HIVE-8083
>     https://issues.apache.org/jira/browse/HIVE-8083
> 
> 
> Repository: hive-git
> 
> 
> Description
> -------
> 
> The compiler expects principals (user, group and role) as hive identifiers for authorization DDLs. The user and group are entities that belong to external namespace and we can't expect those to follow hive identifier syntax rules. For example, a userid or group can contain '-' which is not allowed by compiler.
> The patch is to allow string literal for user and group names.
> The quoted identifier support perhaps can be made to work with this. However IMO this syntax should be supported regardless of quoted identifier support (which is an optional configuration)
> 
> 
> Diffs
> -----
> 
>   ql/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g 25cd3a5 
>   ql/src/test/queries/clientpositive/authorization_non_id.q PRE-CREATION 
>   ql/src/test/results/clientpositive/authorization_non_id.q.out PRE-CREATION 
> 
> Diff: https://reviews.apache.org/r/25595/diff/
> 
> 
> Testing
> -------
> 
> Added test case to verify various auth DDLs with new syntax.
> 
> 
> Thanks,
> 
> Prasad Mujumdar
> 
>

Re: Review Request 25595: HIVE-8083: Authorization DDLs should not enforce hive identifier syntax for user or group namesname that

Posted by Xuefu Zhang <xz...@cloudera.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/25595/#review53624
-----------------------------------------------------------



ql/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g
<https://reviews.apache.org/r/25595/#comment93330>

    Is this supposed to be just identifier itself?


- Xuefu Zhang


On Sept. 16, 2014, 6:29 p.m., Prasad Mujumdar wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/25595/
> -----------------------------------------------------------
> 
> (Updated Sept. 16, 2014, 6:29 p.m.)
> 
> 
> Review request for hive and Brock Noland.
> 
> 
> Bugs: HIVE-8083
>     https://issues.apache.org/jira/browse/HIVE-8083
> 
> 
> Repository: hive-git
> 
> 
> Description
> -------
> 
> The compiler expects principals (user, group and role) as hive identifiers for authorization DDLs. The user and group are entities that belong to external namespace and we can't expect those to follow hive identifier syntax rules. For example, a userid or group can contain '-' which is not allowed by compiler.
> The patch is to allow string literal for user and group names.
> The quoted identifier support perhaps can be made to work with this. However IMO this syntax should be supported regardless of quoted identifier support (which is an optional configuration)
> 
> 
> Diffs
> -----
> 
>   ql/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g 25cd3a5 
>   ql/src/test/queries/clientpositive/authorization_non_id.q PRE-CREATION 
>   ql/src/test/results/clientpositive/authorization_non_id.q.out PRE-CREATION 
> 
> Diff: https://reviews.apache.org/r/25595/diff/
> 
> 
> Testing
> -------
> 
> Added test case to verify various auth DDLs with new syntax.
> 
> 
> Thanks,
> 
> Prasad Mujumdar
> 
>

Re: Review Request 25595: HIVE-8083: Authorization DDLs should not enforce hive identifier syntax for user or group namesname that

Posted by Prasad Mujumdar <pr...@cloudera.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/25595/
-----------------------------------------------------------

(Updated Sept. 16, 2014, 6:29 p.m.)


Review request for hive and Brock Noland.


Changes
-------

Rebased with latest


Bugs: HIVE-8083
    https://issues.apache.org/jira/browse/HIVE-8083


Repository: hive-git


Description
-------

The compiler expects principals (user, group and role) as hive identifiers for authorization DDLs. The user and group are entities that belong to external namespace and we can't expect those to follow hive identifier syntax rules. For example, a userid or group can contain '-' which is not allowed by compiler.
The patch is to allow string literal for user and group names.
The quoted identifier support perhaps can be made to work with this. However IMO this syntax should be supported regardless of quoted identifier support (which is an optional configuration)


Diffs (updated)
-----

  ql/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g 25cd3a5 
  ql/src/test/queries/clientpositive/authorization_non_id.q PRE-CREATION 
  ql/src/test/results/clientpositive/authorization_non_id.q.out PRE-CREATION 

Diff: https://reviews.apache.org/r/25595/diff/


Testing
-------

Added test case to verify various auth DDLs with new syntax.


Thanks,

Prasad Mujumdar