You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hive.apache.org by Prasad Mujumdar <pr...@cloudera.com> on 2014/09/12 23:50:45 UTC
Review Request 25595: HIVE-8083: Authorization DDLs should not
enforce hive identifier syntax for user or group namesname that
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/25595/
-----------------------------------------------------------
Review request for hive and Brock Noland.
Bugs: HIVE-8083
https://issues.apache.org/jira/browse/HIVE-8083
Repository: hive-git
Description
-------
The compiler expects principals (user, group and role) as hive identifiers for authorization DDLs. The user and group are entities that belong to external namespace and we can't expect those to follow hive identifier syntax rules. For example, a userid or group can contain '-' which is not allowed by compiler.
The patch is to allow string literal for user and group names.
The quoted identifier support perhaps can be made to work with this. However IMO this syntax should be supported regardless of quoted identifier support (which is an optional configuration)
Diffs
-----
ql/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g 25cd3a5
ql/src/test/queries/clientpositive/authorization_non_id.q PRE-CREATION
ql/src/test/results/clientpositive/authorization_non_id.q.out PRE-CREATION
Diff: https://reviews.apache.org/r/25595/diff/
Testing
-------
Added test case to verify various auth DDLs with new syntax.
Thanks,
Prasad Mujumdar
Re: Review Request 25595: HIVE-8083: Authorization DDLs should not
enforce hive identifier syntax for user or group namesname that
Posted by Prasad Mujumdar <pr...@cloudera.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/25595/
-----------------------------------------------------------
(Updated Sept. 17, 2014, 5:08 p.m.)
Review request for hive and Brock Noland.
Changes
-------
Addressed review feedback
Used QuotedIdentifier rule directly. This ensures that the back quotes are removed from the user or group name.
Updated test case.
Bugs: HIVE-8083
https://issues.apache.org/jira/browse/HIVE-8083
Repository: hive-git
Description
-------
The compiler expects principals (user, group and role) as hive identifiers for authorization DDLs. The user and group are entities that belong to external namespace and we can't expect those to follow hive identifier syntax rules. For example, a userid or group can contain '-' which is not allowed by compiler.
The patch is to allow string literal for user and group names.
The quoted identifier support perhaps can be made to work with this. However IMO this syntax should be supported regardless of quoted identifier support (which is an optional configuration)
Diffs (updated)
-----
ql/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g 25cd3a5
ql/src/java/org/apache/hadoop/hive/ql/parse/IdentifiersParser.g 34d2dfc
ql/src/test/queries/clientpositive/authorization_non_id.q PRE-CREATION
ql/src/test/results/clientpositive/authorization_non_id.q.out PRE-CREATION
Diff: https://reviews.apache.org/r/25595/diff/
Testing
-------
Added test case to verify various auth DDLs with new syntax.
Thanks,
Prasad Mujumdar
Re: Review Request 25595: HIVE-8083: Authorization DDLs should not
enforce hive identifier syntax for user or group namesname that
Posted by Prasad Mujumdar <pr...@cloudera.com>.
> On Sept. 16, 2014, 11:43 p.m., Xuefu Zhang wrote:
> > ql/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g, line 1541
> > <https://reviews.apache.org/r/25595/diff/2/?file=690767#file690767line1541>
> >
> > Is this supposed to be just identifier itself?
yes, it should be just identifier.
- Prasad
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/25595/#review53624
-----------------------------------------------------------
On Sept. 16, 2014, 6:29 p.m., Prasad Mujumdar wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/25595/
> -----------------------------------------------------------
>
> (Updated Sept. 16, 2014, 6:29 p.m.)
>
>
> Review request for hive and Brock Noland.
>
>
> Bugs: HIVE-8083
> https://issues.apache.org/jira/browse/HIVE-8083
>
>
> Repository: hive-git
>
>
> Description
> -------
>
> The compiler expects principals (user, group and role) as hive identifiers for authorization DDLs. The user and group are entities that belong to external namespace and we can't expect those to follow hive identifier syntax rules. For example, a userid or group can contain '-' which is not allowed by compiler.
> The patch is to allow string literal for user and group names.
> The quoted identifier support perhaps can be made to work with this. However IMO this syntax should be supported regardless of quoted identifier support (which is an optional configuration)
>
>
> Diffs
> -----
>
> ql/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g 25cd3a5
> ql/src/test/queries/clientpositive/authorization_non_id.q PRE-CREATION
> ql/src/test/results/clientpositive/authorization_non_id.q.out PRE-CREATION
>
> Diff: https://reviews.apache.org/r/25595/diff/
>
>
> Testing
> -------
>
> Added test case to verify various auth DDLs with new syntax.
>
>
> Thanks,
>
> Prasad Mujumdar
>
>
Re: Review Request 25595: HIVE-8083: Authorization DDLs should not
enforce hive identifier syntax for user or group namesname that
Posted by Xuefu Zhang <xz...@cloudera.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/25595/#review53624
-----------------------------------------------------------
ql/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g
<https://reviews.apache.org/r/25595/#comment93330>
Is this supposed to be just identifier itself?
- Xuefu Zhang
On Sept. 16, 2014, 6:29 p.m., Prasad Mujumdar wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/25595/
> -----------------------------------------------------------
>
> (Updated Sept. 16, 2014, 6:29 p.m.)
>
>
> Review request for hive and Brock Noland.
>
>
> Bugs: HIVE-8083
> https://issues.apache.org/jira/browse/HIVE-8083
>
>
> Repository: hive-git
>
>
> Description
> -------
>
> The compiler expects principals (user, group and role) as hive identifiers for authorization DDLs. The user and group are entities that belong to external namespace and we can't expect those to follow hive identifier syntax rules. For example, a userid or group can contain '-' which is not allowed by compiler.
> The patch is to allow string literal for user and group names.
> The quoted identifier support perhaps can be made to work with this. However IMO this syntax should be supported regardless of quoted identifier support (which is an optional configuration)
>
>
> Diffs
> -----
>
> ql/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g 25cd3a5
> ql/src/test/queries/clientpositive/authorization_non_id.q PRE-CREATION
> ql/src/test/results/clientpositive/authorization_non_id.q.out PRE-CREATION
>
> Diff: https://reviews.apache.org/r/25595/diff/
>
>
> Testing
> -------
>
> Added test case to verify various auth DDLs with new syntax.
>
>
> Thanks,
>
> Prasad Mujumdar
>
>
Re: Review Request 25595: HIVE-8083: Authorization DDLs should not
enforce hive identifier syntax for user or group namesname that
Posted by Prasad Mujumdar <pr...@cloudera.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/25595/
-----------------------------------------------------------
(Updated Sept. 16, 2014, 6:29 p.m.)
Review request for hive and Brock Noland.
Changes
-------
Rebased with latest
Bugs: HIVE-8083
https://issues.apache.org/jira/browse/HIVE-8083
Repository: hive-git
Description
-------
The compiler expects principals (user, group and role) as hive identifiers for authorization DDLs. The user and group are entities that belong to external namespace and we can't expect those to follow hive identifier syntax rules. For example, a userid or group can contain '-' which is not allowed by compiler.
The patch is to allow string literal for user and group names.
The quoted identifier support perhaps can be made to work with this. However IMO this syntax should be supported regardless of quoted identifier support (which is an optional configuration)
Diffs (updated)
-----
ql/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g 25cd3a5
ql/src/test/queries/clientpositive/authorization_non_id.q PRE-CREATION
ql/src/test/results/clientpositive/authorization_non_id.q.out PRE-CREATION
Diff: https://reviews.apache.org/r/25595/diff/
Testing
-------
Added test case to verify various auth DDLs with new syntax.
Thanks,
Prasad Mujumdar