You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@hive.apache.org by ha...@apache.org on 2013/10/13 18:26:47 UTC

svn commit: r1531707 - /hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/StorageBasedAuthorizationProvider.java

Author: hashutosh
Date: Sun Oct 13 16:26:46 2013
New Revision: 1531707

URL: http://svn.apache.org/r1531707
Log:
HIVE-5485 : SBAP errors on null partition being passed into partition level authorization (Sushanth Sowmyan via Ashutosh Chauhan)

Modified:
    hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/StorageBasedAuthorizationProvider.java

Modified: hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/StorageBasedAuthorizationProvider.java
URL: http://svn.apache.org/viewvc/hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/StorageBasedAuthorizationProvider.java?rev=1531707&r1=1531706&r2=1531707&view=diff
==============================================================================
--- hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/StorageBasedAuthorizationProvider.java (original)
+++ hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/StorageBasedAuthorizationProvider.java Sun Oct 13 16:26:46 2013
@@ -154,8 +154,10 @@ public class StorageBasedAuthorizationPr
       throws HiveException, AuthorizationException {
 
     // Partition path can be null in the case of a new create partition - in this case,
-    // we try to default to checking the permissions of the parent table
-    if (part.getLocation() == null) {
+    // we try to default to checking the permissions of the parent table.
+    // Partition itself can also be null, in cases where this gets called as a generic
+    // catch-all call in cases like those with CTAS onto an unpartitioned table (see HIVE-1887)
+    if ((part == null) || (part.getLocation() == null)) {
       authorize(table, readRequiredPriv, writeRequiredPriv);
     } else {
       authorize(part.getPartitionPath(), readRequiredPriv, writeRequiredPriv);
@@ -169,8 +171,11 @@ public class StorageBasedAuthorizationPr
     // In a simple storage-based auth, we have no information about columns
     // living in different files, so we do simple partition-auth and ignore
     // the columns parameter.
-
-    authorize(part.getTable(), part, readRequiredPriv, writeRequiredPriv);
+    if ((part != null) && (part.getTable() != null)) {
+      authorize(part.getTable(), part, readRequiredPriv, writeRequiredPriv);
+    } else {
+      authorize(table, part, readRequiredPriv, writeRequiredPriv);
+    }
   }
 
   @Override