You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by as...@apache.org on 2014/11/11 19:11:01 UTC
incubator-sentry git commit: SENTRY-509: upgrade HIVE version to
0.13.1-cdh5.3.0-SNAPSHOT in SENTRY
Repository: incubator-sentry
Updated Branches:
refs/heads/master 542246cce -> d9b375b9a
SENTRY-509: upgrade HIVE version to 0.13.1-cdh5.3.0-SNAPSHOT in SENTRY
Project: http://git-wip-us.apache.org/repos/asf/incubator-sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-sentry/commit/d9b375b9
Tree: http://git-wip-us.apache.org/repos/asf/incubator-sentry/tree/d9b375b9
Diff: http://git-wip-us.apache.org/repos/asf/incubator-sentry/diff/d9b375b9
Branch: refs/heads/master
Commit: d9b375b9a8749989b7cfd2c9a79f518598056ac1
Parents: 542246c
Author: Arun Suresh <as...@cloudera.com>
Authored: Tue Nov 11 10:10:41 2014 -0800
Committer: Arun Suresh <as...@cloudera.com>
Committed: Tue Nov 11 10:10:41 2014 -0800
----------------------------------------------------------------------
pom.xml | 2 +-
.../apache/sentry/binding/hive/HiveAuthzBindingHook.java | 3 +++
.../tests/e2e/hive/TestPrivilegesAtFunctionScope.java | 9 ++++-----
3 files changed, 8 insertions(+), 6 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/d9b375b9/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index 88d3c6a..8c59ba9 100644
--- a/pom.xml
+++ b/pom.xml
@@ -67,7 +67,7 @@ limitations under the License.
<jdo-api.version>3.0.1</jdo-api.version>
<derby.version>10.10.2.0</derby.version>
<commons-cli.version>1.2</commons-cli.version>
- <hive.version>0.13.1-cdh5.2.0-SNAPSHOT</hive.version>
+ <hive.version>0.13.1-cdh5.3.0-SNAPSHOT</hive.version>
<hadoop.version>2.3.0-cdh5.1.0-SNAPSHOT</hadoop.version>
<fest.reflect.version>1.4.1</fest.reflect.version>
<guava.version>11.0.2</guava.version>
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/d9b375b9/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/HiveAuthzBindingHook.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/HiveAuthzBindingHook.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/HiveAuthzBindingHook.java
index 5c6dede..095209a 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/HiveAuthzBindingHook.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/HiveAuthzBindingHook.java
@@ -604,6 +604,9 @@ public class HiveAuthzBindingHook extends AbstractSemanticAnalyzerHook {
private boolean filterWriteEntity(WriteEntity writeEntity)
throws AuthorizationException {
// skip URI validation for session scratch file URIs
+ if (writeEntity.isTempURI()) {
+ return true;
+ }
try {
if (writeEntity.getTyp().equals(Type.DFS_DIR)
|| writeEntity.getTyp().equals(Type.LOCAL_DIR)) {
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/d9b375b9/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtFunctionScope.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtFunctionScope.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtFunctionScope.java
index dc99fda..2c0b02c 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtFunctionScope.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtFunctionScope.java
@@ -79,14 +79,13 @@ public class TestPrivilegesAtFunctionScope extends AbstractTestWithStaticConfigu
context.close();
policyFile
- .addRolesToGroup(USERGROUP1, "db1_all", "UDF_JAR", "data_read")
+ .addRolesToGroup(USERGROUP1, "db1_all", "UDF_JAR")
.addRolesToGroup(USERGROUP2, "db1_tab1", "UDF_JAR")
.addRolesToGroup(USERGROUP3, "db1_tab1")
.addPermissionsToRole("db1_all", "server=server1->db=" + DB1)
.addPermissionsToRole("db1_tab1", "server=server1->db=" + DB1 + "->table=" + tableName1)
- .addPermissionsToRole("UDF_JAR", "server=server1->uri=file://" + udfLocation)
- .addPermissionsToRole("data_read", "server=server1->URI="
- + fileSystem.getDefaultUri(fileSystem.getConf()) + "/tmp");
+ .addPermissionsToRole("UDF_JAR", "server=server1->uri=file://" + udfLocation);
+
writePolicyFile(policyFile);
// user1 should be able create/drop temp functions
@@ -106,7 +105,7 @@ public class TestPrivilegesAtFunctionScope extends AbstractTestWithStaticConfigu
// test perm UDF with 'using file' syntax
statement
.execute("CREATE FUNCTION printf_test_perm AS 'org.apache.hadoop.hive.ql.udf.generic.GenericUDFPrintf' "
- + " using file '" + fileSystem.getDefaultUri(fileSystem.getConf()) + "/tmp" + "'");
+ + " using file 'file://" + udfLocation + "'");
statement.execute("DROP FUNCTION printf_test_perm");
context.close();