You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hive.apache.org by th...@apache.org on 2014/02/07 00:11:13 UTC
svn commit: r1565475 [1/2] - in /hive/trunk:
common/src/java/org/apache/hadoop/hive/conf/ data/conf/
itests/hive-unit/src/test/java/org/apache/hadoop/hive/jdbc/
itests/hive-unit/src/test/java/org/apache/hive/jdbc/
jdbc/src/java/org/apache/hive/jdbc/ me...
Author: thejas
Date: Thu Feb 6 23:11:12 2014
New Revision: 1565475
URL: http://svn.apache.org/r1565475
Log:
HIVE-6204 : The result of show grant / show role should be tabular format (Navis via Thejas Nair)
Added:
hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveRole.java
Modified:
hive/trunk/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
hive/trunk/data/conf/hive-site.xml
hive/trunk/itests/hive-unit/src/test/java/org/apache/hadoop/hive/jdbc/TestJdbcDriver.java
hive/trunk/itests/hive-unit/src/test/java/org/apache/hive/jdbc/TestJdbcDriver2.java
hive/trunk/jdbc/src/java/org/apache/hive/jdbc/HiveQueryResultSet.java
hive/trunk/metastore/if/hive_metastore.thrift
hive/trunk/metastore/src/gen/thrift/gen-cpp/hive_metastore_types.cpp
hive/trunk/metastore/src/gen/thrift/gen-cpp/hive_metastore_types.h
hive/trunk/metastore/src/gen/thrift/gen-javabean/org/apache/hadoop/hive/metastore/api/Role.java
hive/trunk/metastore/src/gen/thrift/gen-php/metastore/Types.php
hive/trunk/metastore/src/gen/thrift/gen-py/hive_metastore/ttypes.py
hive/trunk/metastore/src/gen/thrift/gen-rb/hive_metastore_types.rb
hive/trunk/metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java
hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/Context.java
hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/exec/DDLTask.java
hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/parse/DDLSemanticAnalyzer.java
hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/plan/RoleDDLDesc.java
hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/plan/ShowGrantDesc.java
hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAccessController.java
hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAuthorizer.java
hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAuthorizerImpl.java
hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java
hive/trunk/ql/src/test/results/clientnegative/authorization_fail_3.q.out
hive/trunk/ql/src/test/results/clientnegative/authorization_fail_4.q.out
hive/trunk/ql/src/test/results/clientnegative/authorization_fail_5.q.out
hive/trunk/ql/src/test/results/clientnegative/authorization_fail_7.q.out
hive/trunk/ql/src/test/results/clientnegative/authorization_part.q.out
hive/trunk/ql/src/test/results/clientpositive/alter_rename_partition_authorization.q.out
hive/trunk/ql/src/test/results/clientpositive/authorization_1.q.out
hive/trunk/ql/src/test/results/clientpositive/authorization_1_sql_std.q.out
hive/trunk/ql/src/test/results/clientpositive/authorization_2.q.out
hive/trunk/ql/src/test/results/clientpositive/authorization_3.q.out
hive/trunk/ql/src/test/results/clientpositive/authorization_4.q.out
hive/trunk/ql/src/test/results/clientpositive/authorization_5.q.out
hive/trunk/ql/src/test/results/clientpositive/authorization_6.q.out
hive/trunk/ql/src/test/results/clientpositive/authorization_9.q.out
hive/trunk/ql/src/test/results/clientpositive/authorization_role_grant1.q.out
hive/trunk/ql/src/test/results/clientpositive/authorization_view.q.out
hive/trunk/ql/src/test/results/clientpositive/keyword_1.q.out
Modified: hive/trunk/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
URL: http://svn.apache.org/viewvc/hive/trunk/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java (original)
+++ hive/trunk/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java Thu Feb 6 23:11:12 2014
@@ -208,6 +208,8 @@ public class HiveConf extends Configurat
TASKLOG_DEBUG_TIMEOUT("hive.exec.tasklog.debug.timeout", 20000),
OUTPUT_FILE_EXTENSION("hive.output.file.extension", null),
+ HIVE_IN_TEST("hive.in.test", false), // internal usage only, true in test mode
+
// should hive determine whether to run in local mode automatically ?
LOCALMODEAUTO("hive.exec.mode.local.auto", false),
// if yes:
@@ -1508,6 +1510,7 @@ public class HiveConf extends Configurat
restrictList.add(entry.trim());
}
}
- restrictList.add(ConfVars.HIVE_CONF_RESTRICTED_LIST.toString());
+ restrictList.add(ConfVars.HIVE_IN_TEST.varname);
+ restrictList.add(ConfVars.HIVE_CONF_RESTRICTED_LIST.varname);
}
}
Modified: hive/trunk/data/conf/hive-site.xml
URL: http://svn.apache.org/viewvc/hive/trunk/data/conf/hive-site.xml?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/data/conf/hive-site.xml (original)
+++ hive/trunk/data/conf/hive-site.xml Thu Feb 6 23:11:12 2014
@@ -19,6 +19,12 @@
<configuration>
+<property>
+ <name>hive.in.test</name>
+ <value>true</value>
+ <description>Internal marker for test. Used for masking env-dependent values</description>
+</property>
+
<!-- Hive Configuration can either be stored in this file or in the hadoop configuration files -->
<!-- that are implied by Hadoop setup variables. -->
<!-- Aside from Hadoop setup variables - this file is provided as a convenience so that Hive -->
Modified: hive/trunk/itests/hive-unit/src/test/java/org/apache/hadoop/hive/jdbc/TestJdbcDriver.java
URL: http://svn.apache.org/viewvc/hive/trunk/itests/hive-unit/src/test/java/org/apache/hadoop/hive/jdbc/TestJdbcDriver.java?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/itests/hive-unit/src/test/java/org/apache/hadoop/hive/jdbc/TestJdbcDriver.java (original)
+++ hive/trunk/itests/hive-unit/src/test/java/org/apache/hadoop/hive/jdbc/TestJdbcDriver.java Thu Feb 6 23:11:12 2014
@@ -1147,24 +1147,16 @@ public class TestJdbcDriver extends Test
ResultSet res = stmt.getResultSet();
assertTrue(res.next());
- assertEquals("database", res.getString(1));
- assertEquals("default", res.getString(2));
- assertTrue(res.next());
- assertEquals("table", res.getString(1));
+ assertEquals("default", res.getString(1));
assertEquals(dataTypeTableName, res.getString(2));
- assertTrue(res.next());
- assertEquals("principalName", res.getString(1));
- assertEquals("hive_test_user", res.getString(2));
- assertTrue(res.next());
- assertEquals("principalType", res.getString(1));
- assertEquals("USER", res.getString(2));
- assertTrue(res.next());
- assertEquals("privilege", res.getString(1));
- assertEquals("Select", res.getString(2));
- assertTrue(res.next());
- assertEquals("grantTime", res.getString(1));
- assertTrue(res.next());
- assertEquals("grantor", res.getString(1));
+ assertEquals("", res.getString(3)); // partition
+ assertEquals("", res.getString(4)); // column
+ assertEquals("hive_test_user", res.getString(5));
+ assertEquals("USER", res.getString(6));
+ assertEquals("Select", res.getString(7));
+ assertEquals(false, res.getBoolean(8)); // grant option
+ assertEquals(-1, res.getLong(9));
+ assertNotNull(res.getString(10)); // grantor
assertFalse(res.next());
res.close();
}
Modified: hive/trunk/itests/hive-unit/src/test/java/org/apache/hive/jdbc/TestJdbcDriver2.java
URL: http://svn.apache.org/viewvc/hive/trunk/itests/hive-unit/src/test/java/org/apache/hive/jdbc/TestJdbcDriver2.java?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/itests/hive-unit/src/test/java/org/apache/hive/jdbc/TestJdbcDriver2.java (original)
+++ hive/trunk/itests/hive-unit/src/test/java/org/apache/hive/jdbc/TestJdbcDriver2.java Thu Feb 6 23:11:12 2014
@@ -1947,40 +1947,29 @@ public class TestJdbcDriver2 {
}
}
+ @Test
public void testShowGrant() throws SQLException {
Statement stmt = con.createStatement();
stmt.execute("grant select on table " + dataTypeTableName + " to user hive_test_user");
stmt.execute("show grant user hive_test_user on table " + dataTypeTableName);
ResultSet res = stmt.getResultSet();
- ResultSetMetaData metaData = res.getMetaData();
-
- assertEquals("property", metaData.getColumnName(1));
- assertEquals("value", metaData.getColumnName(2));
-
- assertTrue(res.next());
- assertEquals("database", res.getString(1));
- assertEquals("default", res.getString(2));
assertTrue(res.next());
- assertEquals("table", res.getString(1));
+ assertEquals("default", res.getString(1));
assertEquals(dataTypeTableName, res.getString(2));
- assertTrue(res.next());
- assertEquals("principalName", res.getString(1));
- assertEquals("hive_test_user", res.getString(2));
- assertTrue(res.next());
- assertEquals("principalType", res.getString(1));
- assertEquals("USER", res.getString(2));
- assertTrue(res.next());
- assertEquals("privilege", res.getString(1));
- assertEquals("Select", res.getString(2));
- assertTrue(res.next());
- assertEquals("grantTime", res.getString(1));
- assertTrue(res.next());
- assertEquals("grantor", res.getString(1));
+ assertEquals("", res.getString(3)); // partition
+ assertEquals("", res.getString(4)); // column
+ assertEquals("hive_test_user", res.getString(5));
+ assertEquals("USER", res.getString(6));
+ assertEquals("Select", res.getString(7));
+ assertEquals(false, res.getBoolean(8)); // grant option
+ assertEquals(-1, res.getLong(9));
+ assertNotNull(res.getString(10)); // grantor
assertFalse(res.next());
res.close();
}
+ @Test
public void testShowRoleGrant() throws SQLException {
Statement stmt = con.createStatement();
stmt.execute("create role role1");
@@ -1990,7 +1979,8 @@ public class TestJdbcDriver2 {
ResultSet res = stmt.getResultSet();
assertTrue(res.next());
assertEquals("role1", res.getString(1));
- assertFalse(res.next());
+ assertTrue(res.next());
+ assertEquals("PUBLIC", res.getString(1));
res.close();
}
}
Modified: hive/trunk/jdbc/src/java/org/apache/hive/jdbc/HiveQueryResultSet.java
URL: http://svn.apache.org/viewvc/hive/trunk/jdbc/src/java/org/apache/hive/jdbc/HiveQueryResultSet.java?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/jdbc/src/java/org/apache/hive/jdbc/HiveQueryResultSet.java (original)
+++ hive/trunk/jdbc/src/java/org/apache/hive/jdbc/HiveQueryResultSet.java Thu Feb 6 23:11:12 2014
@@ -236,7 +236,6 @@ public class HiveQueryResultSet extends
* Retrieve schema from the server
*/
private void retrieveSchema() throws SQLException {
- System.err.println("[HiveQueryResultSet/next] 0");
try {
TGetResultSetMetadataReq metadataReq = new TGetResultSetMetadataReq(stmtHandle);
// TODO need session handle
Modified: hive/trunk/metastore/if/hive_metastore.thrift
URL: http://svn.apache.org/viewvc/hive/trunk/metastore/if/hive_metastore.thrift?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/metastore/if/hive_metastore.thrift (original)
+++ hive/trunk/metastore/if/hive_metastore.thrift Thu Feb 6 23:11:12 2014
@@ -107,6 +107,11 @@ struct Role {
1: string roleName,
2: i32 createTime,
3: string ownerName,
+ 4: optional string principalName,
+ 5: optional string principalType,
+ 6: optional bool grantOption,
+ 7: optional i32 grantTime,
+ 8: optional string grantor
}
// namespace for tables
Modified: hive/trunk/metastore/src/gen/thrift/gen-cpp/hive_metastore_types.cpp
URL: http://svn.apache.org/viewvc/hive/trunk/metastore/src/gen/thrift/gen-cpp/hive_metastore_types.cpp?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/metastore/src/gen/thrift/gen-cpp/hive_metastore_types.cpp (original)
+++ hive/trunk/metastore/src/gen/thrift/gen-cpp/hive_metastore_types.cpp Thu Feb 6 23:11:12 2014
@@ -990,8 +990,8 @@ void swap(PrincipalPrivilegeSet &a, Prin
swap(a.__isset, b.__isset);
}
-const char* Role::ascii_fingerprint = "70563A0628F75DF9555F4D24690B1E26";
-const uint8_t Role::binary_fingerprint[16] = {0x70,0x56,0x3A,0x06,0x28,0xF7,0x5D,0xF9,0x55,0x5F,0x4D,0x24,0x69,0x0B,0x1E,0x26};
+const char* Role::ascii_fingerprint = "8DEBC3096AEF414FFF38C357ECEEA8BC";
+const uint8_t Role::binary_fingerprint[16] = {0x8D,0xEB,0xC3,0x09,0x6A,0xEF,0x41,0x4F,0xFF,0x38,0xC3,0x57,0xEC,0xEE,0xA8,0xBC};
uint32_t Role::read(::apache::thrift::protocol::TProtocol* iprot) {
@@ -1037,6 +1037,46 @@ uint32_t Role::read(::apache::thrift::pr
xfer += iprot->skip(ftype);
}
break;
+ case 4:
+ if (ftype == ::apache::thrift::protocol::T_STRING) {
+ xfer += iprot->readString(this->principalName);
+ this->__isset.principalName = true;
+ } else {
+ xfer += iprot->skip(ftype);
+ }
+ break;
+ case 5:
+ if (ftype == ::apache::thrift::protocol::T_STRING) {
+ xfer += iprot->readString(this->principalType);
+ this->__isset.principalType = true;
+ } else {
+ xfer += iprot->skip(ftype);
+ }
+ break;
+ case 6:
+ if (ftype == ::apache::thrift::protocol::T_BOOL) {
+ xfer += iprot->readBool(this->grantOption);
+ this->__isset.grantOption = true;
+ } else {
+ xfer += iprot->skip(ftype);
+ }
+ break;
+ case 7:
+ if (ftype == ::apache::thrift::protocol::T_I32) {
+ xfer += iprot->readI32(this->grantTime);
+ this->__isset.grantTime = true;
+ } else {
+ xfer += iprot->skip(ftype);
+ }
+ break;
+ case 8:
+ if (ftype == ::apache::thrift::protocol::T_STRING) {
+ xfer += iprot->readString(this->grantor);
+ this->__isset.grantor = true;
+ } else {
+ xfer += iprot->skip(ftype);
+ }
+ break;
default:
xfer += iprot->skip(ftype);
break;
@@ -1065,6 +1105,31 @@ uint32_t Role::write(::apache::thrift::p
xfer += oprot->writeString(this->ownerName);
xfer += oprot->writeFieldEnd();
+ if (this->__isset.principalName) {
+ xfer += oprot->writeFieldBegin("principalName", ::apache::thrift::protocol::T_STRING, 4);
+ xfer += oprot->writeString(this->principalName);
+ xfer += oprot->writeFieldEnd();
+ }
+ if (this->__isset.principalType) {
+ xfer += oprot->writeFieldBegin("principalType", ::apache::thrift::protocol::T_STRING, 5);
+ xfer += oprot->writeString(this->principalType);
+ xfer += oprot->writeFieldEnd();
+ }
+ if (this->__isset.grantOption) {
+ xfer += oprot->writeFieldBegin("grantOption", ::apache::thrift::protocol::T_BOOL, 6);
+ xfer += oprot->writeBool(this->grantOption);
+ xfer += oprot->writeFieldEnd();
+ }
+ if (this->__isset.grantTime) {
+ xfer += oprot->writeFieldBegin("grantTime", ::apache::thrift::protocol::T_I32, 7);
+ xfer += oprot->writeI32(this->grantTime);
+ xfer += oprot->writeFieldEnd();
+ }
+ if (this->__isset.grantor) {
+ xfer += oprot->writeFieldBegin("grantor", ::apache::thrift::protocol::T_STRING, 8);
+ xfer += oprot->writeString(this->grantor);
+ xfer += oprot->writeFieldEnd();
+ }
xfer += oprot->writeFieldStop();
xfer += oprot->writeStructEnd();
return xfer;
@@ -1075,6 +1140,11 @@ void swap(Role &a, Role &b) {
swap(a.roleName, b.roleName);
swap(a.createTime, b.createTime);
swap(a.ownerName, b.ownerName);
+ swap(a.principalName, b.principalName);
+ swap(a.principalType, b.principalType);
+ swap(a.grantOption, b.grantOption);
+ swap(a.grantTime, b.grantTime);
+ swap(a.grantor, b.grantor);
swap(a.__isset, b.__isset);
}
Modified: hive/trunk/metastore/src/gen/thrift/gen-cpp/hive_metastore_types.h
URL: http://svn.apache.org/viewvc/hive/trunk/metastore/src/gen/thrift/gen-cpp/hive_metastore_types.h?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/metastore/src/gen/thrift/gen-cpp/hive_metastore_types.h (original)
+++ hive/trunk/metastore/src/gen/thrift/gen-cpp/hive_metastore_types.h Thu Feb 6 23:11:12 2014
@@ -553,19 +553,24 @@ class PrincipalPrivilegeSet {
void swap(PrincipalPrivilegeSet &a, PrincipalPrivilegeSet &b);
typedef struct _Role__isset {
- _Role__isset() : roleName(false), createTime(false), ownerName(false) {}
+ _Role__isset() : roleName(false), createTime(false), ownerName(false), principalName(false), principalType(false), grantOption(false), grantTime(false), grantor(false) {}
bool roleName;
bool createTime;
bool ownerName;
+ bool principalName;
+ bool principalType;
+ bool grantOption;
+ bool grantTime;
+ bool grantor;
} _Role__isset;
class Role {
public:
- static const char* ascii_fingerprint; // = "70563A0628F75DF9555F4D24690B1E26";
- static const uint8_t binary_fingerprint[16]; // = {0x70,0x56,0x3A,0x06,0x28,0xF7,0x5D,0xF9,0x55,0x5F,0x4D,0x24,0x69,0x0B,0x1E,0x26};
+ static const char* ascii_fingerprint; // = "8DEBC3096AEF414FFF38C357ECEEA8BC";
+ static const uint8_t binary_fingerprint[16]; // = {0x8D,0xEB,0xC3,0x09,0x6A,0xEF,0x41,0x4F,0xFF,0x38,0xC3,0x57,0xEC,0xEE,0xA8,0xBC};
- Role() : roleName(), createTime(0), ownerName() {
+ Role() : roleName(), createTime(0), ownerName(), principalName(), principalType(), grantOption(0), grantTime(0), grantor() {
}
virtual ~Role() throw() {}
@@ -573,6 +578,11 @@ class Role {
std::string roleName;
int32_t createTime;
std::string ownerName;
+ std::string principalName;
+ std::string principalType;
+ bool grantOption;
+ int32_t grantTime;
+ std::string grantor;
_Role__isset __isset;
@@ -588,6 +598,31 @@ class Role {
ownerName = val;
}
+ void __set_principalName(const std::string& val) {
+ principalName = val;
+ __isset.principalName = true;
+ }
+
+ void __set_principalType(const std::string& val) {
+ principalType = val;
+ __isset.principalType = true;
+ }
+
+ void __set_grantOption(const bool val) {
+ grantOption = val;
+ __isset.grantOption = true;
+ }
+
+ void __set_grantTime(const int32_t val) {
+ grantTime = val;
+ __isset.grantTime = true;
+ }
+
+ void __set_grantor(const std::string& val) {
+ grantor = val;
+ __isset.grantor = true;
+ }
+
bool operator == (const Role & rhs) const
{
if (!(roleName == rhs.roleName))
@@ -596,6 +631,26 @@ class Role {
return false;
if (!(ownerName == rhs.ownerName))
return false;
+ if (__isset.principalName != rhs.__isset.principalName)
+ return false;
+ else if (__isset.principalName && !(principalName == rhs.principalName))
+ return false;
+ if (__isset.principalType != rhs.__isset.principalType)
+ return false;
+ else if (__isset.principalType && !(principalType == rhs.principalType))
+ return false;
+ if (__isset.grantOption != rhs.__isset.grantOption)
+ return false;
+ else if (__isset.grantOption && !(grantOption == rhs.grantOption))
+ return false;
+ if (__isset.grantTime != rhs.__isset.grantTime)
+ return false;
+ else if (__isset.grantTime && !(grantTime == rhs.grantTime))
+ return false;
+ if (__isset.grantor != rhs.__isset.grantor)
+ return false;
+ else if (__isset.grantor && !(grantor == rhs.grantor))
+ return false;
return true;
}
bool operator != (const Role &rhs) const {
Modified: hive/trunk/metastore/src/gen/thrift/gen-javabean/org/apache/hadoop/hive/metastore/api/Role.java
URL: http://svn.apache.org/viewvc/hive/trunk/metastore/src/gen/thrift/gen-javabean/org/apache/hadoop/hive/metastore/api/Role.java?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/metastore/src/gen/thrift/gen-javabean/org/apache/hadoop/hive/metastore/api/Role.java (original)
+++ hive/trunk/metastore/src/gen/thrift/gen-javabean/org/apache/hadoop/hive/metastore/api/Role.java Thu Feb 6 23:11:12 2014
@@ -37,6 +37,11 @@ public class Role implements org.apache.
private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)1);
private static final org.apache.thrift.protocol.TField CREATE_TIME_FIELD_DESC = new org.apache.thrift.protocol.TField("createTime", org.apache.thrift.protocol.TType.I32, (short)2);
private static final org.apache.thrift.protocol.TField OWNER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("ownerName", org.apache.thrift.protocol.TType.STRING, (short)3);
+ private static final org.apache.thrift.protocol.TField PRINCIPAL_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("principalName", org.apache.thrift.protocol.TType.STRING, (short)4);
+ private static final org.apache.thrift.protocol.TField PRINCIPAL_TYPE_FIELD_DESC = new org.apache.thrift.protocol.TField("principalType", org.apache.thrift.protocol.TType.STRING, (short)5);
+ private static final org.apache.thrift.protocol.TField GRANT_OPTION_FIELD_DESC = new org.apache.thrift.protocol.TField("grantOption", org.apache.thrift.protocol.TType.BOOL, (short)6);
+ private static final org.apache.thrift.protocol.TField GRANT_TIME_FIELD_DESC = new org.apache.thrift.protocol.TField("grantTime", org.apache.thrift.protocol.TType.I32, (short)7);
+ private static final org.apache.thrift.protocol.TField GRANTOR_FIELD_DESC = new org.apache.thrift.protocol.TField("grantor", org.apache.thrift.protocol.TType.STRING, (short)8);
private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
static {
@@ -47,12 +52,22 @@ public class Role implements org.apache.
private String roleName; // required
private int createTime; // required
private String ownerName; // required
+ private String principalName; // optional
+ private String principalType; // optional
+ private boolean grantOption; // optional
+ private int grantTime; // optional
+ private String grantor; // optional
/** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
public enum _Fields implements org.apache.thrift.TFieldIdEnum {
ROLE_NAME((short)1, "roleName"),
CREATE_TIME((short)2, "createTime"),
- OWNER_NAME((short)3, "ownerName");
+ OWNER_NAME((short)3, "ownerName"),
+ PRINCIPAL_NAME((short)4, "principalName"),
+ PRINCIPAL_TYPE((short)5, "principalType"),
+ GRANT_OPTION((short)6, "grantOption"),
+ GRANT_TIME((short)7, "grantTime"),
+ GRANTOR((short)8, "grantor");
private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
@@ -73,6 +88,16 @@ public class Role implements org.apache.
return CREATE_TIME;
case 3: // OWNER_NAME
return OWNER_NAME;
+ case 4: // PRINCIPAL_NAME
+ return PRINCIPAL_NAME;
+ case 5: // PRINCIPAL_TYPE
+ return PRINCIPAL_TYPE;
+ case 6: // GRANT_OPTION
+ return GRANT_OPTION;
+ case 7: // GRANT_TIME
+ return GRANT_TIME;
+ case 8: // GRANTOR
+ return GRANTOR;
default:
return null;
}
@@ -114,7 +139,10 @@ public class Role implements org.apache.
// isset id assignments
private static final int __CREATETIME_ISSET_ID = 0;
+ private static final int __GRANTOPTION_ISSET_ID = 1;
+ private static final int __GRANTTIME_ISSET_ID = 2;
private byte __isset_bitfield = 0;
+ private _Fields optionals[] = {_Fields.PRINCIPAL_NAME,_Fields.PRINCIPAL_TYPE,_Fields.GRANT_OPTION,_Fields.GRANT_TIME,_Fields.GRANTOR};
public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
static {
Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
@@ -124,6 +152,16 @@ public class Role implements org.apache.
new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
tmpMap.put(_Fields.OWNER_NAME, new org.apache.thrift.meta_data.FieldMetaData("ownerName", org.apache.thrift.TFieldRequirementType.DEFAULT,
new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
+ tmpMap.put(_Fields.PRINCIPAL_NAME, new org.apache.thrift.meta_data.FieldMetaData("principalName", org.apache.thrift.TFieldRequirementType.OPTIONAL,
+ new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
+ tmpMap.put(_Fields.PRINCIPAL_TYPE, new org.apache.thrift.meta_data.FieldMetaData("principalType", org.apache.thrift.TFieldRequirementType.OPTIONAL,
+ new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
+ tmpMap.put(_Fields.GRANT_OPTION, new org.apache.thrift.meta_data.FieldMetaData("grantOption", org.apache.thrift.TFieldRequirementType.OPTIONAL,
+ new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.BOOL)));
+ tmpMap.put(_Fields.GRANT_TIME, new org.apache.thrift.meta_data.FieldMetaData("grantTime", org.apache.thrift.TFieldRequirementType.OPTIONAL,
+ new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
+ tmpMap.put(_Fields.GRANTOR, new org.apache.thrift.meta_data.FieldMetaData("grantor", org.apache.thrift.TFieldRequirementType.OPTIONAL,
+ new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
metaDataMap = Collections.unmodifiableMap(tmpMap);
org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(Role.class, metaDataMap);
}
@@ -155,6 +193,17 @@ public class Role implements org.apache.
if (other.isSetOwnerName()) {
this.ownerName = other.ownerName;
}
+ if (other.isSetPrincipalName()) {
+ this.principalName = other.principalName;
+ }
+ if (other.isSetPrincipalType()) {
+ this.principalType = other.principalType;
+ }
+ this.grantOption = other.grantOption;
+ this.grantTime = other.grantTime;
+ if (other.isSetGrantor()) {
+ this.grantor = other.grantor;
+ }
}
public Role deepCopy() {
@@ -167,6 +216,13 @@ public class Role implements org.apache.
setCreateTimeIsSet(false);
this.createTime = 0;
this.ownerName = null;
+ this.principalName = null;
+ this.principalType = null;
+ setGrantOptionIsSet(false);
+ this.grantOption = false;
+ setGrantTimeIsSet(false);
+ this.grantTime = 0;
+ this.grantor = null;
}
public String getRoleName() {
@@ -237,6 +293,119 @@ public class Role implements org.apache.
}
}
+ public String getPrincipalName() {
+ return this.principalName;
+ }
+
+ public void setPrincipalName(String principalName) {
+ this.principalName = principalName;
+ }
+
+ public void unsetPrincipalName() {
+ this.principalName = null;
+ }
+
+ /** Returns true if field principalName is set (has been assigned a value) and false otherwise */
+ public boolean isSetPrincipalName() {
+ return this.principalName != null;
+ }
+
+ public void setPrincipalNameIsSet(boolean value) {
+ if (!value) {
+ this.principalName = null;
+ }
+ }
+
+ public String getPrincipalType() {
+ return this.principalType;
+ }
+
+ public void setPrincipalType(String principalType) {
+ this.principalType = principalType;
+ }
+
+ public void unsetPrincipalType() {
+ this.principalType = null;
+ }
+
+ /** Returns true if field principalType is set (has been assigned a value) and false otherwise */
+ public boolean isSetPrincipalType() {
+ return this.principalType != null;
+ }
+
+ public void setPrincipalTypeIsSet(boolean value) {
+ if (!value) {
+ this.principalType = null;
+ }
+ }
+
+ public boolean isGrantOption() {
+ return this.grantOption;
+ }
+
+ public void setGrantOption(boolean grantOption) {
+ this.grantOption = grantOption;
+ setGrantOptionIsSet(true);
+ }
+
+ public void unsetGrantOption() {
+ __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __GRANTOPTION_ISSET_ID);
+ }
+
+ /** Returns true if field grantOption is set (has been assigned a value) and false otherwise */
+ public boolean isSetGrantOption() {
+ return EncodingUtils.testBit(__isset_bitfield, __GRANTOPTION_ISSET_ID);
+ }
+
+ public void setGrantOptionIsSet(boolean value) {
+ __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __GRANTOPTION_ISSET_ID, value);
+ }
+
+ public int getGrantTime() {
+ return this.grantTime;
+ }
+
+ public void setGrantTime(int grantTime) {
+ this.grantTime = grantTime;
+ setGrantTimeIsSet(true);
+ }
+
+ public void unsetGrantTime() {
+ __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __GRANTTIME_ISSET_ID);
+ }
+
+ /** Returns true if field grantTime is set (has been assigned a value) and false otherwise */
+ public boolean isSetGrantTime() {
+ return EncodingUtils.testBit(__isset_bitfield, __GRANTTIME_ISSET_ID);
+ }
+
+ public void setGrantTimeIsSet(boolean value) {
+ __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __GRANTTIME_ISSET_ID, value);
+ }
+
+ public String getGrantor() {
+ return this.grantor;
+ }
+
+ public void setGrantor(String grantor) {
+ this.grantor = grantor;
+ }
+
+ public void unsetGrantor() {
+ this.grantor = null;
+ }
+
+ /** Returns true if field grantor is set (has been assigned a value) and false otherwise */
+ public boolean isSetGrantor() {
+ return this.grantor != null;
+ }
+
+ public void setGrantorIsSet(boolean value) {
+ if (!value) {
+ this.grantor = null;
+ }
+ }
+
public void setFieldValue(_Fields field, Object value) {
switch (field) {
case ROLE_NAME:
@@ -263,6 +432,46 @@ public class Role implements org.apache.
}
break;
+ case PRINCIPAL_NAME:
+ if (value == null) {
+ unsetPrincipalName();
+ } else {
+ setPrincipalName((String)value);
+ }
+ break;
+
+ case PRINCIPAL_TYPE:
+ if (value == null) {
+ unsetPrincipalType();
+ } else {
+ setPrincipalType((String)value);
+ }
+ break;
+
+ case GRANT_OPTION:
+ if (value == null) {
+ unsetGrantOption();
+ } else {
+ setGrantOption((Boolean)value);
+ }
+ break;
+
+ case GRANT_TIME:
+ if (value == null) {
+ unsetGrantTime();
+ } else {
+ setGrantTime((Integer)value);
+ }
+ break;
+
+ case GRANTOR:
+ if (value == null) {
+ unsetGrantor();
+ } else {
+ setGrantor((String)value);
+ }
+ break;
+
}
}
@@ -277,6 +486,21 @@ public class Role implements org.apache.
case OWNER_NAME:
return getOwnerName();
+ case PRINCIPAL_NAME:
+ return getPrincipalName();
+
+ case PRINCIPAL_TYPE:
+ return getPrincipalType();
+
+ case GRANT_OPTION:
+ return Boolean.valueOf(isGrantOption());
+
+ case GRANT_TIME:
+ return Integer.valueOf(getGrantTime());
+
+ case GRANTOR:
+ return getGrantor();
+
}
throw new IllegalStateException();
}
@@ -294,6 +518,16 @@ public class Role implements org.apache.
return isSetCreateTime();
case OWNER_NAME:
return isSetOwnerName();
+ case PRINCIPAL_NAME:
+ return isSetPrincipalName();
+ case PRINCIPAL_TYPE:
+ return isSetPrincipalType();
+ case GRANT_OPTION:
+ return isSetGrantOption();
+ case GRANT_TIME:
+ return isSetGrantTime();
+ case GRANTOR:
+ return isSetGrantor();
}
throw new IllegalStateException();
}
@@ -338,6 +572,51 @@ public class Role implements org.apache.
return false;
}
+ boolean this_present_principalName = true && this.isSetPrincipalName();
+ boolean that_present_principalName = true && that.isSetPrincipalName();
+ if (this_present_principalName || that_present_principalName) {
+ if (!(this_present_principalName && that_present_principalName))
+ return false;
+ if (!this.principalName.equals(that.principalName))
+ return false;
+ }
+
+ boolean this_present_principalType = true && this.isSetPrincipalType();
+ boolean that_present_principalType = true && that.isSetPrincipalType();
+ if (this_present_principalType || that_present_principalType) {
+ if (!(this_present_principalType && that_present_principalType))
+ return false;
+ if (!this.principalType.equals(that.principalType))
+ return false;
+ }
+
+ boolean this_present_grantOption = true && this.isSetGrantOption();
+ boolean that_present_grantOption = true && that.isSetGrantOption();
+ if (this_present_grantOption || that_present_grantOption) {
+ if (!(this_present_grantOption && that_present_grantOption))
+ return false;
+ if (this.grantOption != that.grantOption)
+ return false;
+ }
+
+ boolean this_present_grantTime = true && this.isSetGrantTime();
+ boolean that_present_grantTime = true && that.isSetGrantTime();
+ if (this_present_grantTime || that_present_grantTime) {
+ if (!(this_present_grantTime && that_present_grantTime))
+ return false;
+ if (this.grantTime != that.grantTime)
+ return false;
+ }
+
+ boolean this_present_grantor = true && this.isSetGrantor();
+ boolean that_present_grantor = true && that.isSetGrantor();
+ if (this_present_grantor || that_present_grantor) {
+ if (!(this_present_grantor && that_present_grantor))
+ return false;
+ if (!this.grantor.equals(that.grantor))
+ return false;
+ }
+
return true;
}
@@ -360,6 +639,31 @@ public class Role implements org.apache.
if (present_ownerName)
builder.append(ownerName);
+ boolean present_principalName = true && (isSetPrincipalName());
+ builder.append(present_principalName);
+ if (present_principalName)
+ builder.append(principalName);
+
+ boolean present_principalType = true && (isSetPrincipalType());
+ builder.append(present_principalType);
+ if (present_principalType)
+ builder.append(principalType);
+
+ boolean present_grantOption = true && (isSetGrantOption());
+ builder.append(present_grantOption);
+ if (present_grantOption)
+ builder.append(grantOption);
+
+ boolean present_grantTime = true && (isSetGrantTime());
+ builder.append(present_grantTime);
+ if (present_grantTime)
+ builder.append(grantTime);
+
+ boolean present_grantor = true && (isSetGrantor());
+ builder.append(present_grantor);
+ if (present_grantor)
+ builder.append(grantor);
+
return builder.toHashCode();
}
@@ -401,6 +705,56 @@ public class Role implements org.apache.
return lastComparison;
}
}
+ lastComparison = Boolean.valueOf(isSetPrincipalName()).compareTo(typedOther.isSetPrincipalName());
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ if (isSetPrincipalName()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.principalName, typedOther.principalName);
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ }
+ lastComparison = Boolean.valueOf(isSetPrincipalType()).compareTo(typedOther.isSetPrincipalType());
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ if (isSetPrincipalType()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.principalType, typedOther.principalType);
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ }
+ lastComparison = Boolean.valueOf(isSetGrantOption()).compareTo(typedOther.isSetGrantOption());
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ if (isSetGrantOption()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.grantOption, typedOther.grantOption);
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ }
+ lastComparison = Boolean.valueOf(isSetGrantTime()).compareTo(typedOther.isSetGrantTime());
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ if (isSetGrantTime()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.grantTime, typedOther.grantTime);
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ }
+ lastComparison = Boolean.valueOf(isSetGrantor()).compareTo(typedOther.isSetGrantor());
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ if (isSetGrantor()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.grantor, typedOther.grantor);
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ }
return 0;
}
@@ -440,6 +794,48 @@ public class Role implements org.apache.
sb.append(this.ownerName);
}
first = false;
+ if (isSetPrincipalName()) {
+ if (!first) sb.append(", ");
+ sb.append("principalName:");
+ if (this.principalName == null) {
+ sb.append("null");
+ } else {
+ sb.append(this.principalName);
+ }
+ first = false;
+ }
+ if (isSetPrincipalType()) {
+ if (!first) sb.append(", ");
+ sb.append("principalType:");
+ if (this.principalType == null) {
+ sb.append("null");
+ } else {
+ sb.append(this.principalType);
+ }
+ first = false;
+ }
+ if (isSetGrantOption()) {
+ if (!first) sb.append(", ");
+ sb.append("grantOption:");
+ sb.append(this.grantOption);
+ first = false;
+ }
+ if (isSetGrantTime()) {
+ if (!first) sb.append(", ");
+ sb.append("grantTime:");
+ sb.append(this.grantTime);
+ first = false;
+ }
+ if (isSetGrantor()) {
+ if (!first) sb.append(", ");
+ sb.append("grantor:");
+ if (this.grantor == null) {
+ sb.append("null");
+ } else {
+ sb.append(this.grantor);
+ }
+ first = false;
+ }
sb.append(")");
return sb.toString();
}
@@ -509,6 +905,46 @@ public class Role implements org.apache.
org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
}
break;
+ case 4: // PRINCIPAL_NAME
+ if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
+ struct.principalName = iprot.readString();
+ struct.setPrincipalNameIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ case 5: // PRINCIPAL_TYPE
+ if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
+ struct.principalType = iprot.readString();
+ struct.setPrincipalTypeIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ case 6: // GRANT_OPTION
+ if (schemeField.type == org.apache.thrift.protocol.TType.BOOL) {
+ struct.grantOption = iprot.readBool();
+ struct.setGrantOptionIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ case 7: // GRANT_TIME
+ if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
+ struct.grantTime = iprot.readI32();
+ struct.setGrantTimeIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ case 8: // GRANTOR
+ if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
+ struct.grantor = iprot.readString();
+ struct.setGrantorIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
default:
org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
}
@@ -535,6 +971,37 @@ public class Role implements org.apache.
oprot.writeString(struct.ownerName);
oprot.writeFieldEnd();
}
+ if (struct.principalName != null) {
+ if (struct.isSetPrincipalName()) {
+ oprot.writeFieldBegin(PRINCIPAL_NAME_FIELD_DESC);
+ oprot.writeString(struct.principalName);
+ oprot.writeFieldEnd();
+ }
+ }
+ if (struct.principalType != null) {
+ if (struct.isSetPrincipalType()) {
+ oprot.writeFieldBegin(PRINCIPAL_TYPE_FIELD_DESC);
+ oprot.writeString(struct.principalType);
+ oprot.writeFieldEnd();
+ }
+ }
+ if (struct.isSetGrantOption()) {
+ oprot.writeFieldBegin(GRANT_OPTION_FIELD_DESC);
+ oprot.writeBool(struct.grantOption);
+ oprot.writeFieldEnd();
+ }
+ if (struct.isSetGrantTime()) {
+ oprot.writeFieldBegin(GRANT_TIME_FIELD_DESC);
+ oprot.writeI32(struct.grantTime);
+ oprot.writeFieldEnd();
+ }
+ if (struct.grantor != null) {
+ if (struct.isSetGrantor()) {
+ oprot.writeFieldBegin(GRANTOR_FIELD_DESC);
+ oprot.writeString(struct.grantor);
+ oprot.writeFieldEnd();
+ }
+ }
oprot.writeFieldStop();
oprot.writeStructEnd();
}
@@ -562,7 +1029,22 @@ public class Role implements org.apache.
if (struct.isSetOwnerName()) {
optionals.set(2);
}
- oprot.writeBitSet(optionals, 3);
+ if (struct.isSetPrincipalName()) {
+ optionals.set(3);
+ }
+ if (struct.isSetPrincipalType()) {
+ optionals.set(4);
+ }
+ if (struct.isSetGrantOption()) {
+ optionals.set(5);
+ }
+ if (struct.isSetGrantTime()) {
+ optionals.set(6);
+ }
+ if (struct.isSetGrantor()) {
+ optionals.set(7);
+ }
+ oprot.writeBitSet(optionals, 8);
if (struct.isSetRoleName()) {
oprot.writeString(struct.roleName);
}
@@ -572,12 +1054,27 @@ public class Role implements org.apache.
if (struct.isSetOwnerName()) {
oprot.writeString(struct.ownerName);
}
+ if (struct.isSetPrincipalName()) {
+ oprot.writeString(struct.principalName);
+ }
+ if (struct.isSetPrincipalType()) {
+ oprot.writeString(struct.principalType);
+ }
+ if (struct.isSetGrantOption()) {
+ oprot.writeBool(struct.grantOption);
+ }
+ if (struct.isSetGrantTime()) {
+ oprot.writeI32(struct.grantTime);
+ }
+ if (struct.isSetGrantor()) {
+ oprot.writeString(struct.grantor);
+ }
}
@Override
public void read(org.apache.thrift.protocol.TProtocol prot, Role struct) throws org.apache.thrift.TException {
TTupleProtocol iprot = (TTupleProtocol) prot;
- BitSet incoming = iprot.readBitSet(3);
+ BitSet incoming = iprot.readBitSet(8);
if (incoming.get(0)) {
struct.roleName = iprot.readString();
struct.setRoleNameIsSet(true);
@@ -590,6 +1087,26 @@ public class Role implements org.apache.
struct.ownerName = iprot.readString();
struct.setOwnerNameIsSet(true);
}
+ if (incoming.get(3)) {
+ struct.principalName = iprot.readString();
+ struct.setPrincipalNameIsSet(true);
+ }
+ if (incoming.get(4)) {
+ struct.principalType = iprot.readString();
+ struct.setPrincipalTypeIsSet(true);
+ }
+ if (incoming.get(5)) {
+ struct.grantOption = iprot.readBool();
+ struct.setGrantOptionIsSet(true);
+ }
+ if (incoming.get(6)) {
+ struct.grantTime = iprot.readI32();
+ struct.setGrantTimeIsSet(true);
+ }
+ if (incoming.get(7)) {
+ struct.grantor = iprot.readString();
+ struct.setGrantorIsSet(true);
+ }
}
}
Modified: hive/trunk/metastore/src/gen/thrift/gen-php/metastore/Types.php
URL: http://svn.apache.org/viewvc/hive/trunk/metastore/src/gen/thrift/gen-php/metastore/Types.php?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/metastore/src/gen/thrift/gen-php/metastore/Types.php (original)
+++ hive/trunk/metastore/src/gen/thrift/gen-php/metastore/Types.php Thu Feb 6 23:11:12 2014
@@ -1280,6 +1280,11 @@ class Role {
public $roleName = null;
public $createTime = null;
public $ownerName = null;
+ public $principalName = null;
+ public $principalType = null;
+ public $grantOption = null;
+ public $grantTime = null;
+ public $grantor = null;
public function __construct($vals=null) {
if (!isset(self::$_TSPEC)) {
@@ -1296,6 +1301,26 @@ class Role {
'var' => 'ownerName',
'type' => TType::STRING,
),
+ 4 => array(
+ 'var' => 'principalName',
+ 'type' => TType::STRING,
+ ),
+ 5 => array(
+ 'var' => 'principalType',
+ 'type' => TType::STRING,
+ ),
+ 6 => array(
+ 'var' => 'grantOption',
+ 'type' => TType::BOOL,
+ ),
+ 7 => array(
+ 'var' => 'grantTime',
+ 'type' => TType::I32,
+ ),
+ 8 => array(
+ 'var' => 'grantor',
+ 'type' => TType::STRING,
+ ),
);
}
if (is_array($vals)) {
@@ -1308,6 +1333,21 @@ class Role {
if (isset($vals['ownerName'])) {
$this->ownerName = $vals['ownerName'];
}
+ if (isset($vals['principalName'])) {
+ $this->principalName = $vals['principalName'];
+ }
+ if (isset($vals['principalType'])) {
+ $this->principalType = $vals['principalType'];
+ }
+ if (isset($vals['grantOption'])) {
+ $this->grantOption = $vals['grantOption'];
+ }
+ if (isset($vals['grantTime'])) {
+ $this->grantTime = $vals['grantTime'];
+ }
+ if (isset($vals['grantor'])) {
+ $this->grantor = $vals['grantor'];
+ }
}
}
@@ -1351,6 +1391,41 @@ class Role {
$xfer += $input->skip($ftype);
}
break;
+ case 4:
+ if ($ftype == TType::STRING) {
+ $xfer += $input->readString($this->principalName);
+ } else {
+ $xfer += $input->skip($ftype);
+ }
+ break;
+ case 5:
+ if ($ftype == TType::STRING) {
+ $xfer += $input->readString($this->principalType);
+ } else {
+ $xfer += $input->skip($ftype);
+ }
+ break;
+ case 6:
+ if ($ftype == TType::BOOL) {
+ $xfer += $input->readBool($this->grantOption);
+ } else {
+ $xfer += $input->skip($ftype);
+ }
+ break;
+ case 7:
+ if ($ftype == TType::I32) {
+ $xfer += $input->readI32($this->grantTime);
+ } else {
+ $xfer += $input->skip($ftype);
+ }
+ break;
+ case 8:
+ if ($ftype == TType::STRING) {
+ $xfer += $input->readString($this->grantor);
+ } else {
+ $xfer += $input->skip($ftype);
+ }
+ break;
default:
$xfer += $input->skip($ftype);
break;
@@ -1379,6 +1454,31 @@ class Role {
$xfer += $output->writeString($this->ownerName);
$xfer += $output->writeFieldEnd();
}
+ if ($this->principalName !== null) {
+ $xfer += $output->writeFieldBegin('principalName', TType::STRING, 4);
+ $xfer += $output->writeString($this->principalName);
+ $xfer += $output->writeFieldEnd();
+ }
+ if ($this->principalType !== null) {
+ $xfer += $output->writeFieldBegin('principalType', TType::STRING, 5);
+ $xfer += $output->writeString($this->principalType);
+ $xfer += $output->writeFieldEnd();
+ }
+ if ($this->grantOption !== null) {
+ $xfer += $output->writeFieldBegin('grantOption', TType::BOOL, 6);
+ $xfer += $output->writeBool($this->grantOption);
+ $xfer += $output->writeFieldEnd();
+ }
+ if ($this->grantTime !== null) {
+ $xfer += $output->writeFieldBegin('grantTime', TType::I32, 7);
+ $xfer += $output->writeI32($this->grantTime);
+ $xfer += $output->writeFieldEnd();
+ }
+ if ($this->grantor !== null) {
+ $xfer += $output->writeFieldBegin('grantor', TType::STRING, 8);
+ $xfer += $output->writeString($this->grantor);
+ $xfer += $output->writeFieldEnd();
+ }
$xfer += $output->writeFieldStop();
$xfer += $output->writeStructEnd();
return $xfer;
Modified: hive/trunk/metastore/src/gen/thrift/gen-py/hive_metastore/ttypes.py
URL: http://svn.apache.org/viewvc/hive/trunk/metastore/src/gen/thrift/gen-py/hive_metastore/ttypes.py?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/metastore/src/gen/thrift/gen-py/hive_metastore/ttypes.py (original)
+++ hive/trunk/metastore/src/gen/thrift/gen-py/hive_metastore/ttypes.py Thu Feb 6 23:11:12 2014
@@ -869,6 +869,11 @@ class Role:
- roleName
- createTime
- ownerName
+ - principalName
+ - principalType
+ - grantOption
+ - grantTime
+ - grantor
"""
thrift_spec = (
@@ -876,12 +881,22 @@ class Role:
(1, TType.STRING, 'roleName', None, None, ), # 1
(2, TType.I32, 'createTime', None, None, ), # 2
(3, TType.STRING, 'ownerName', None, None, ), # 3
+ (4, TType.STRING, 'principalName', None, None, ), # 4
+ (5, TType.STRING, 'principalType', None, None, ), # 5
+ (6, TType.BOOL, 'grantOption', None, None, ), # 6
+ (7, TType.I32, 'grantTime', None, None, ), # 7
+ (8, TType.STRING, 'grantor', None, None, ), # 8
)
- def __init__(self, roleName=None, createTime=None, ownerName=None,):
+ def __init__(self, roleName=None, createTime=None, ownerName=None, principalName=None, principalType=None, grantOption=None, grantTime=None, grantor=None,):
self.roleName = roleName
self.createTime = createTime
self.ownerName = ownerName
+ self.principalName = principalName
+ self.principalType = principalType
+ self.grantOption = grantOption
+ self.grantTime = grantTime
+ self.grantor = grantor
def read(self, iprot):
if iprot.__class__ == TBinaryProtocol.TBinaryProtocolAccelerated and isinstance(iprot.trans, TTransport.CReadableTransport) and self.thrift_spec is not None and fastbinary is not None:
@@ -907,6 +922,31 @@ class Role:
self.ownerName = iprot.readString();
else:
iprot.skip(ftype)
+ elif fid == 4:
+ if ftype == TType.STRING:
+ self.principalName = iprot.readString();
+ else:
+ iprot.skip(ftype)
+ elif fid == 5:
+ if ftype == TType.STRING:
+ self.principalType = iprot.readString();
+ else:
+ iprot.skip(ftype)
+ elif fid == 6:
+ if ftype == TType.BOOL:
+ self.grantOption = iprot.readBool();
+ else:
+ iprot.skip(ftype)
+ elif fid == 7:
+ if ftype == TType.I32:
+ self.grantTime = iprot.readI32();
+ else:
+ iprot.skip(ftype)
+ elif fid == 8:
+ if ftype == TType.STRING:
+ self.grantor = iprot.readString();
+ else:
+ iprot.skip(ftype)
else:
iprot.skip(ftype)
iprot.readFieldEnd()
@@ -929,6 +969,26 @@ class Role:
oprot.writeFieldBegin('ownerName', TType.STRING, 3)
oprot.writeString(self.ownerName)
oprot.writeFieldEnd()
+ if self.principalName is not None:
+ oprot.writeFieldBegin('principalName', TType.STRING, 4)
+ oprot.writeString(self.principalName)
+ oprot.writeFieldEnd()
+ if self.principalType is not None:
+ oprot.writeFieldBegin('principalType', TType.STRING, 5)
+ oprot.writeString(self.principalType)
+ oprot.writeFieldEnd()
+ if self.grantOption is not None:
+ oprot.writeFieldBegin('grantOption', TType.BOOL, 6)
+ oprot.writeBool(self.grantOption)
+ oprot.writeFieldEnd()
+ if self.grantTime is not None:
+ oprot.writeFieldBegin('grantTime', TType.I32, 7)
+ oprot.writeI32(self.grantTime)
+ oprot.writeFieldEnd()
+ if self.grantor is not None:
+ oprot.writeFieldBegin('grantor', TType.STRING, 8)
+ oprot.writeString(self.grantor)
+ oprot.writeFieldEnd()
oprot.writeFieldStop()
oprot.writeStructEnd()
Modified: hive/trunk/metastore/src/gen/thrift/gen-rb/hive_metastore_types.rb
URL: http://svn.apache.org/viewvc/hive/trunk/metastore/src/gen/thrift/gen-rb/hive_metastore_types.rb?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/metastore/src/gen/thrift/gen-rb/hive_metastore_types.rb (original)
+++ hive/trunk/metastore/src/gen/thrift/gen-rb/hive_metastore_types.rb Thu Feb 6 23:11:12 2014
@@ -212,11 +212,21 @@ class Role
ROLENAME = 1
CREATETIME = 2
OWNERNAME = 3
+ PRINCIPALNAME = 4
+ PRINCIPALTYPE = 5
+ GRANTOPTION = 6
+ GRANTTIME = 7
+ GRANTOR = 8
FIELDS = {
ROLENAME => {:type => ::Thrift::Types::STRING, :name => 'roleName'},
CREATETIME => {:type => ::Thrift::Types::I32, :name => 'createTime'},
- OWNERNAME => {:type => ::Thrift::Types::STRING, :name => 'ownerName'}
+ OWNERNAME => {:type => ::Thrift::Types::STRING, :name => 'ownerName'},
+ PRINCIPALNAME => {:type => ::Thrift::Types::STRING, :name => 'principalName', :optional => true},
+ PRINCIPALTYPE => {:type => ::Thrift::Types::STRING, :name => 'principalType', :optional => true},
+ GRANTOPTION => {:type => ::Thrift::Types::BOOL, :name => 'grantOption', :optional => true},
+ GRANTTIME => {:type => ::Thrift::Types::I32, :name => 'grantTime', :optional => true},
+ GRANTOR => {:type => ::Thrift::Types::STRING, :name => 'grantor', :optional => true}
}
def struct_fields; FIELDS; end
Modified: hive/trunk/metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java
URL: http://svn.apache.org/viewvc/hive/trunk/metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java (original)
+++ hive/trunk/metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java Thu Feb 6 23:11:12 2014
@@ -3773,12 +3773,17 @@ public class HiveMetaStore extends Thrif
List<Role> result = new ArrayList<Role>();
try {
- List<MRoleMap> roleMap = getMS().listRoles(principalName, principalType);
- if (roleMap != null) {
- for (MRoleMap role : roleMap) {
- MRole r = role.getRole();
- result.add(new Role(r.getRoleName(), r
- .getCreateTime(), r.getOwnerName()));
+ List<MRoleMap> roleMaps = getMS().listRoles(principalName, principalType);
+ if (roleMaps != null) {
+ for (MRoleMap roleMap : roleMaps) {
+ MRole mrole = roleMap.getRole();
+ Role role = new Role(mrole.getRoleName(), mrole.getCreateTime(), mrole.getOwnerName());
+ role.setPrincipalName(roleMap.getPrincipalName());
+ role.setPrincipalType(roleMap.getPrincipalType());
+ role.setGrantOption(roleMap.getGrantOption());
+ role.setGrantTime(roleMap.getAddTime());
+ role.setGrantor(roleMap.getGrantor());
+ result.add(role);
}
}
// all users by default belongs to public role
Modified: hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/Context.java
URL: http://svn.apache.org/viewvc/hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/Context.java?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/Context.java (original)
+++ hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/Context.java Thu Feb 6 23:11:12 2014
@@ -49,7 +49,6 @@ import org.apache.hadoop.hive.ql.lockmgr
import org.apache.hadoop.hive.ql.plan.LoadTableDesc;
import org.apache.hadoop.hive.shims.ShimLoader;
import org.apache.hadoop.util.StringUtils;
-import org.apache.velocity.runtime.parser.node.GetExecutor;
/**
* Context for Semantic Analyzers. Usage: not reusable - construct a new one for
Modified: hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/exec/DDLTask.java
URL: http://svn.apache.org/viewvc/hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/exec/DDLTask.java?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/exec/DDLTask.java (original)
+++ hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/exec/DDLTask.java Thu Feb 6 23:11:12 2014
@@ -34,7 +34,6 @@ import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Comparator;
-import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
@@ -164,6 +163,7 @@ import org.apache.hadoop.hive.ql.securit
import org.apache.hadoop.hive.ql.security.authorization.plugin.HivePrivilegeInfo;
import org.apache.hadoop.hive.ql.security.authorization.plugin.HivePrivilegeObject;
import org.apache.hadoop.hive.ql.security.authorization.plugin.HivePrivilegeObject.HivePrivilegeObjectType;
+import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveRole;
import org.apache.hadoop.hive.ql.session.SessionState;
import org.apache.hadoop.hive.serde.serdeConstants;
import org.apache.hadoop.hive.serde2.Deserializer;
@@ -622,7 +622,8 @@ public class DDLTask extends Task<DDLWor
}
}
}
- writeToFile(writeGrantInfo(privs), showGrantDesc.getResFile());
+ boolean testMode = conf.getBoolVar(HiveConf.ConfVars.HIVE_IN_TEST);
+ writeToFile(writeGrantInfo(privs, testMode), showGrantDesc.getResFile());
} catch (FileNotFoundException e) {
LOG.info("show table status: " + stringifyException(e));
return 1;
@@ -660,7 +661,8 @@ public class DDLTask extends Task<DDLWor
AuthorizationUtils.getThriftPrincipalType(principal.getType()), grantInfo);
privList.add(thriftObjectPriv);
}
- writeToFile(writeGrantInfo(privList), showGrantDesc.getResFile());
+ boolean testMode = conf.getBoolVar(HiveConf.ConfVars.HIVE_IN_TEST);
+ writeToFile(writeGrantInfo(privList, testMode), showGrantDesc.getResFile());
} catch (IOException e) {
throw new HiveException("Error in show grant statement", e);
}
@@ -914,19 +916,9 @@ public class DDLTask extends Task<DDLWor
} else if (operation.equals(RoleDDLDesc.RoleOperation.DROP_ROLE)) {
db.dropRole(roleDDLDesc.getName());
} else if (operation.equals(RoleDDLDesc.RoleOperation.SHOW_ROLE_GRANT)) {
- List<Role> roles = db.showRoleGrant(roleDDLDesc.getName(), roleDDLDesc
- .getPrincipalType());
- if (roles != null && roles.size() > 0) {
- Path resFile = new Path(roleDDLDesc.getResFile());
- FileSystem fs = resFile.getFileSystem(conf);
- outStream = fs.create(resFile);
- for (Role role : roles) {
- outStream.writeBytes(role.getRoleName());
- outStream.write(terminator);
- }
- outStream.close();
- outStream = null;
- }
+ boolean testMode = conf.getBoolVar(HiveConf.ConfVars.HIVE_IN_TEST);
+ List<Role> roles = db.showRoleGrant(roleDDLDesc.getName(), roleDDLDesc.getPrincipalType());
+ writeToFile(writeRoleInfo(roles, testMode), roleDDLDesc.getResFile());
} else if (operation.equals(RoleDDLDesc.RoleOperation.SHOW_ROLES)) {
List<String> roleNames = db.getAllRoleNames();
Path resFile = new Path(roleDDLDesc.getResFile());
@@ -969,9 +961,10 @@ public class DDLTask extends Task<DDLWor
authorizer.dropRole(roleDDLDesc.getName());
break;
case SHOW_ROLE_GRANT:
- List<String> roles = authorizer.getRoles(new HivePrincipal(roleDDLDesc.getName(),
+ boolean testMode = conf.getBoolVar(HiveConf.ConfVars.HIVE_IN_TEST);
+ List<HiveRole> roles = authorizer.getRoles(new HivePrincipal(roleDDLDesc.getName(),
getHivePrincipalType(roleDDLDesc.getPrincipalType())));
- writeListToFile(roles, roleDDLDesc.getResFile());
+ writeToFile(writeHiveRoleInfo(roles, testMode), roleDDLDesc.getResFile());
break;
case SHOW_ROLES:
List<String> allRoles = authorizer.getAllRoles();
@@ -2498,23 +2491,23 @@ public class DDLTask extends Task<DDLWor
Collections.sort(locks, new Comparator<HiveLock>() {
- @Override
- public int compare(HiveLock o1, HiveLock o2) {
- int cmp = o1.getHiveLockObject().getName().compareTo(o2.getHiveLockObject().getName());
- if (cmp == 0) {
- if (o1.getHiveLockMode() == o2.getHiveLockMode()) {
- return cmp;
- }
- // EXCLUSIVE locks occur before SHARED locks
- if (o1.getHiveLockMode() == HiveLockMode.EXCLUSIVE) {
- return -1;
- }
- return +1;
+ @Override
+ public int compare(HiveLock o1, HiveLock o2) {
+ int cmp = o1.getHiveLockObject().getName().compareTo(o2.getHiveLockObject().getName());
+ if (cmp == 0) {
+ if (o1.getHiveLockMode() == o2.getHiveLockMode()) {
+ return cmp;
}
- return cmp;
+ // EXCLUSIVE locks occur before SHARED locks
+ if (o1.getHiveLockMode() == HiveLockMode.EXCLUSIVE) {
+ return -1;
+ }
+ return +1;
}
+ return cmp;
+ }
- });
+ });
Iterator<HiveLock> locksIter = locks.iterator();
@@ -2923,8 +2916,9 @@ public class DDLTask extends Task<DDLWor
}
else {
Map<String, String> properties = tbl.getParameters();
- for (String key : properties.keySet()) {
- writeKeyValuePair(builder, key, properties.get(key));
+ for (Entry<String, String> entry : properties.entrySet()) {
+ appendNonNull(builder, entry.getKey(), true);
+ appendNonNull(builder, entry.getValue());
}
}
@@ -3060,61 +3054,77 @@ public class DDLTask extends Task<DDLWor
}
}
- static String writeGrantInfo(List<HiveObjectPrivilege> privileges) {
+ static String writeGrantInfo(List<HiveObjectPrivilege> privileges, boolean testMode) {
if (privileges == null || privileges.isEmpty()) {
return "";
}
-
StringBuilder builder = new StringBuilder();
for (HiveObjectPrivilege privilege : privileges) {
- PrivilegeGrantInfo grantInfo = privilege.getGrantInfo();
HiveObjectRef resource = privilege.getHiveObject();
- String privName = grantInfo.getPrivilege();
- long unixTimestamp = grantInfo.getCreateTime() * 1000L;
- Date createTime = new Date(unixTimestamp);
- String grantor = grantInfo.getGrantor();
-
- switch (resource.getObjectType()) {
- case DATABASE:
- writeKeyValuePair(builder, "database", resource.getDbName());
- break;
- case TABLE:
- writeKeyValuePair(builder, "database", resource.getDbName());
- writeKeyValuePair(builder, "table", resource.getObjectName());
- break;
- case PARTITION:
- writeKeyValuePair(builder, "database", resource.getDbName());
- writeKeyValuePair(builder, "table", resource.getObjectName());
- writeKeyValuePair(builder, "partition", String.valueOf(resource.getPartValues()));
- break;
- case COLUMN:
- writeKeyValuePair(builder, "database", resource.getDbName());
- writeKeyValuePair(builder, "table", resource.getObjectName());
- if (resource.getPartValues() != null && !resource.getPartValues().isEmpty()) {
- writeKeyValuePair(builder, "partition", String.valueOf(resource.getPartValues()));
- }
- writeKeyValuePair(builder, "columnName", resource.getColumnName());
- break;
- }
-
- writeKeyValuePair(builder, "principalName", privilege.getPrincipalName());
- writeKeyValuePair(builder, "principalType", "" + privilege.getPrincipalType());
- writeKeyValuePair(builder, "privilege", privName);
- writeKeyValuePair(builder, "grantTime", "" + createTime);
- if (grantor != null) {
- writeKeyValuePair(builder, "grantor", grantor);
- }
+ PrivilegeGrantInfo grantInfo = privilege.getGrantInfo();
+
+ appendNonNull(builder, resource.getDbName(), true);
+ appendNonNull(builder, resource.getObjectName());
+ appendNonNull(builder, resource.getPartValues());
+ appendNonNull(builder, resource.getColumnName());
+ appendNonNull(builder, privilege.getPrincipalName());
+ appendNonNull(builder, privilege.getPrincipalType());
+ appendNonNull(builder, grantInfo.getPrivilege());
+ appendNonNull(builder, grantInfo.isGrantOption());
+ appendNonNull(builder, testMode ? -1 : grantInfo.getCreateTime() * 1000L);
+ appendNonNull(builder, grantInfo.getGrantor());
}
return builder.toString();
}
- private static void writeKeyValuePair(StringBuilder builder, String key, String value) {
- if (builder.length() > 0) {
+ static String writeRoleInfo(List<Role> roles, boolean testMode) {
+ if (roles == null || roles.isEmpty()) {
+ return "";
+ }
+ StringBuilder builder = new StringBuilder();
+ for (Role role : roles) {
+ appendNonNull(builder, role.getRoleName(), true);
+ appendNonNull(builder, testMode ? -1 : role.getCreateTime() * 1000L);
+ appendNonNull(builder, role.getPrincipalName());
+ appendNonNull(builder, role.getPrincipalType());
+ appendNonNull(builder, role.isGrantOption());
+ appendNonNull(builder, testMode ? -1 : role.getGrantTime() * 1000L);
+ appendNonNull(builder, role.getGrantor());
+ }
+ return builder.toString();
+ }
+
+ static String writeHiveRoleInfo(List<HiveRole> roles, boolean testMode) {
+ if (roles == null || roles.isEmpty()) {
+ return "";
+ }
+ StringBuilder builder = new StringBuilder();
+ for (HiveRole role : roles) {
+ appendNonNull(builder, role.getRoleName(), true);
+ appendNonNull(builder, testMode ? -1 : role.getCreateTime() * 1000L);
+ appendNonNull(builder, role.getPrincipalName());
+ appendNonNull(builder, role.getPrincipalType());
+ appendNonNull(builder, role.isGrantOption());
+ appendNonNull(builder, testMode ? -1 : role.getGrantTime() * 1000L);
+ appendNonNull(builder, role.getGrantor());
+ }
+ return builder.toString();
+ }
+
+ static StringBuilder appendNonNull(StringBuilder builder, Object value) {
+ return appendNonNull(builder, value, false);
+ }
+
+ static StringBuilder appendNonNull(StringBuilder builder, Object value, boolean firstColumn) {
+ if (!firstColumn) {
+ builder.append((char)separator);
+ } else if (builder.length() > 0) {
builder.append((char)terminator);
}
- builder.append(key);
- builder.append((char)separator);
- builder.append(value);
+ if (value != null) {
+ builder.append(value);
+ }
+ return builder;
}
private void setAlterProtectMode(boolean protectModeEnable,
Modified: hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/parse/DDLSemanticAnalyzer.java
URL: http://svn.apache.org/viewvc/hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/parse/DDLSemanticAnalyzer.java?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/parse/DDLSemanticAnalyzer.java (original)
+++ hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/parse/DDLSemanticAnalyzer.java Thu Feb 6 23:11:12 2014
@@ -515,7 +515,7 @@ public class DDLSemanticAnalyzer extends
createShowRoleGrantTask(ast, ctx.getResFile(), getInputs(), getOutputs());
if(task != null) {
rootTasks.add(task);
- setFetchTask(createFetchTask(RoleDDLDesc.getSchema()));
+ setFetchTask(createFetchTask(RoleDDLDesc.getRoleDescSchema()));
}
}
@@ -525,7 +525,7 @@ public class DDLSemanticAnalyzer extends
showRolesDesc.setResFile(ctx.getResFile().toString());
rootTasks.add(TaskFactory.get(new DDLWork(getInputs(), getOutputs(),
showRolesDesc), conf));
- setFetchTask(createFetchTask(RoleDDLDesc.getSchema()));
+ setFetchTask(createFetchTask(RoleDDLDesc.getRoleNameSchema()));
}
private void analyzeAlterDatabase(ASTNode ast) throws SemanticException {
Modified: hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/plan/RoleDDLDesc.java
URL: http://svn.apache.org/viewvc/hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/plan/RoleDDLDesc.java?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/plan/RoleDDLDesc.java (original)
+++ hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/plan/RoleDDLDesc.java Thu Feb 6 23:11:12 2014
@@ -40,12 +40,23 @@ public class RoleDDLDesc extends DDLDesc
private String roleOwnerName;
/**
+ * thrift ddl for the result of show roles.
+ */
+ private static final String roleNameSchema = "role#string";
+
+ /**
* thrift ddl for the result of show role.
*/
- private static String schema = "role#string";
+ private static final String roleDescSchema =
+ "role,create_time,principal_name,principal_type,grant_option,grant_time,grantor#" +
+ "string:bigint:string:string:boolean:bigint:string";
+
+ public static String getRoleNameSchema() {
+ return roleNameSchema;
+ }
- public static String getSchema() {
- return schema;
+ public static String getRoleDescSchema() {
+ return roleDescSchema;
}
public static enum RoleOperation {
Modified: hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/plan/ShowGrantDesc.java
URL: http://svn.apache.org/viewvc/hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/plan/ShowGrantDesc.java?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/plan/ShowGrantDesc.java (original)
+++ hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/plan/ShowGrantDesc.java Thu Feb 6 23:11:12 2014
@@ -33,7 +33,10 @@ public class ShowGrantDesc {
/**
* thrift ddl for the result of show grant.
*/
- private static final String schema = "property,value#string:string";
+ private static final String tabularSchema =
+ "database,table,partition,column,principal_name,principal_type,privilege," +
+ "grant_option,grant_time,grantor#" +
+ "string:string:string:string:string:string:string:boolean:bigint:string";
public ShowGrantDesc(){
}
@@ -47,7 +50,7 @@ public class ShowGrantDesc {
}
public static String getSchema() {
- return schema;
+ return tabularSchema;
}
@Explain(displayName="principal desc")
@@ -83,5 +86,4 @@ public class ShowGrantDesc {
public void setColumns(List<String> columns) {
this.columns = columns;
}
-
}
Modified: hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAccessController.java
URL: http://svn.apache.org/viewvc/hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAccessController.java?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAccessController.java (original)
+++ hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAccessController.java Thu Feb 6 23:11:12 2014
@@ -40,7 +40,7 @@ public interface HiveAccessController {
void dropRole(String roleName)
throws HiveAuthorizationPluginException;
- List<String> getRoles(HivePrincipal hivePrincipal)
+ List<HiveRole> getRoles(HivePrincipal hivePrincipal)
throws HiveAuthorizationPluginException;
void grantRole(List<HivePrincipal> hivePrincipals, List<String> roles, boolean grantOption,
Modified: hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAuthorizer.java
URL: http://svn.apache.org/viewvc/hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAuthorizer.java?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAuthorizer.java (original)
+++ hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAuthorizer.java Thu Feb 6 23:11:12 2014
@@ -94,7 +94,7 @@ public interface HiveAuthorizer {
* @return list of roles
* @throws HiveAuthorizationPluginException
*/
- List<String> getRoles(HivePrincipal hivePrincipal)
+ List<HiveRole> getRoles(HivePrincipal hivePrincipal)
throws HiveAuthorizationPluginException;
/**
Modified: hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAuthorizerImpl.java
URL: http://svn.apache.org/viewvc/hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAuthorizerImpl.java?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAuthorizerImpl.java (original)
+++ hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAuthorizerImpl.java Thu Feb 6 23:11:12 2014
@@ -66,7 +66,7 @@ public class HiveAuthorizerImpl implemen
}
@Override
- public List<String> getRoles(HivePrincipal hivePrincipal) throws HiveAuthorizationPluginException {
+ public List<HiveRole> getRoles(HivePrincipal hivePrincipal) throws HiveAuthorizationPluginException {
return accessController.getRoles(hivePrincipal);
}
Added: hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveRole.java
URL: http://svn.apache.org/viewvc/hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveRole.java?rev=1565475&view=auto
==============================================================================
--- hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveRole.java (added)
+++ hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveRole.java Thu Feb 6 23:11:12 2014
@@ -0,0 +1,110 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.hive.ql.security.authorization.plugin;
+
+import org.apache.hadoop.hive.metastore.api.Role;
+
+// same with thrift.Role
+public class HiveRole {
+
+ private String roleName;
+ private int createTime;
+ private String ownerName;
+ private String principalName;
+ private String principalType;
+ private boolean grantOption;
+ private int grantTime;
+ private String grantor;
+
+ public HiveRole() {}
+
+ public HiveRole(Role role) {
+ roleName = role.getRoleName();
+ createTime = role.getCreateTime();
+ ownerName = role.getOwnerName();
+ principalName = role.getPrincipalName();
+ principalType = role.getPrincipalType();
+ grantOption = role.isGrantOption();
+ grantTime = role.getGrantTime();
+ grantor = role.getGrantor();
+ }
+
+ public String getRoleName() {
+ return roleName;
+ }
+
+ public void setRoleName(String roleName) {
+ this.roleName = roleName;
+ }
+
+ public int getCreateTime() {
+ return createTime;
+ }
+
+ public void setCreateTime(int createTime) {
+ this.createTime = createTime;
+ }
+
+ public String getOwnerName() {
+ return ownerName;
+ }
+
+ public void setOwnerName(String ownerName) {
+ this.ownerName = ownerName;
+ }
+
+ public String getPrincipalName() {
+ return principalName;
+ }
+
+ public void setPrincipalName(String principalName) {
+ this.principalName = principalName;
+ }
+
+ public String getPrincipalType() {
+ return principalType;
+ }
+
+ public void setPrincipalType(String principalType) {
+ this.principalType = principalType;
+ }
+
+ public boolean isGrantOption() {
+ return grantOption;
+ }
+
+ public void setGrantOption(boolean grantOption) {
+ this.grantOption = grantOption;
+ }
+
+ public int getGrantTime() {
+ return grantTime;
+ }
+
+ public void setGrantTime(int grantTime) {
+ this.grantTime = grantTime;
+ }
+
+ public String getGrantor() {
+ return grantor;
+ }
+
+ public void setGrantor(String grantor) {
+ this.grantor = grantor;
+ }
+}
Modified: hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java
URL: http://svn.apache.org/viewvc/hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java (original)
+++ hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java Thu Feb 6 23:11:12 2014
@@ -44,6 +44,7 @@ import org.apache.hadoop.hive.ql.securit
import org.apache.hadoop.hive.ql.security.authorization.plugin.HivePrivilegeInfo;
import org.apache.hadoop.hive.ql.security.authorization.plugin.HivePrivilegeObject;
import org.apache.hadoop.hive.ql.security.authorization.plugin.HivePrivilegeObject.HivePrivilegeObjectType;
+import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveRole;
/**
@@ -174,13 +175,14 @@ public class SQLStdHiveAccessController
}
@Override
- public List<String> getRoles(HivePrincipal hivePrincipal) throws HiveAuthorizationPluginException {
+ public List<HiveRole> getRoles(HivePrincipal hivePrincipal) throws HiveAuthorizationPluginException {
try {
List<Role> roles = metastoreClientFactory.getHiveMetastoreClient().list_roles(
hivePrincipal.getName(), AuthorizationUtils.getThriftPrincipalType(hivePrincipal.getType()));
- List<String> roleNames = new ArrayList<String>(roles.size());
- for(Role role : roles){
- roleNames.add(role.getRoleName());
+ List<HiveRole> roleNames = new ArrayList<HiveRole>(roles.size());
+ for (Role role : roles){
+ ;
+ roleNames.add(new HiveRole(role));
}
return roleNames;
} catch (Exception e) {
Modified: hive/trunk/ql/src/test/results/clientnegative/authorization_fail_3.q.out
URL: http://svn.apache.org/viewvc/hive/trunk/ql/src/test/results/clientnegative/authorization_fail_3.q.out?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/ql/src/test/results/clientnegative/authorization_fail_3.q.out (original)
+++ hive/trunk/ql/src/test/results/clientnegative/authorization_fail_3.q.out Thu Feb 6 23:11:12 2014
@@ -24,13 +24,7 @@ PREHOOK: query: show grant user hive_tes
PREHOOK: type: SHOW_GRANT
POSTHOOK: query: show grant user hive_test_user on table authorization_fail_3
POSTHOOK: type: SHOW_GRANT
-database default
-table authorization_fail_3
-principalName hive_test_user
-principalType USER
-privilege Create
-#### A masked pattern was here ####
-grantor hive_test_user
+default authorization_fail_3 hive_test_user USER Create false -1 hive_test_user
PREHOOK: query: show grant user hive_test_user on table authorization_fail_3 partition (ds='2010')
PREHOOK: type: SHOW_GRANT
POSTHOOK: query: show grant user hive_test_user on table authorization_fail_3 partition (ds='2010')
Modified: hive/trunk/ql/src/test/results/clientnegative/authorization_fail_4.q.out
URL: http://svn.apache.org/viewvc/hive/trunk/ql/src/test/results/clientnegative/authorization_fail_4.q.out?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/ql/src/test/results/clientnegative/authorization_fail_4.q.out (original)
+++ hive/trunk/ql/src/test/results/clientnegative/authorization_fail_4.q.out Thu Feb 6 23:11:12 2014
@@ -38,38 +38,12 @@ PREHOOK: query: show grant user hive_tes
PREHOOK: type: SHOW_GRANT
POSTHOOK: query: show grant user hive_test_user on table authorization_fail_4
POSTHOOK: type: SHOW_GRANT
-database default
-table authorization_fail_4
-principalName hive_test_user
-principalType USER
-privilege Alter
-#### A masked pattern was here ####
-grantor hive_test_user
-database default
-table authorization_fail_4
-principalName hive_test_user
-principalType USER
-privilege Create
-#### A masked pattern was here ####
-grantor hive_test_user
+default authorization_fail_4 hive_test_user USER Alter false -1 hive_test_user
+default authorization_fail_4 hive_test_user USER Create false -1 hive_test_user
PREHOOK: query: show grant user hive_test_user on table authorization_fail_4 partition (ds='2010')
PREHOOK: type: SHOW_GRANT
POSTHOOK: query: show grant user hive_test_user on table authorization_fail_4 partition (ds='2010')
POSTHOOK: type: SHOW_GRANT
-database default
-table authorization_fail_4
-partition [2010]
-principalName hive_test_user
-principalType USER
-privilege Alter
-#### A masked pattern was here ####
-grantor hive_test_user
-database default
-table authorization_fail_4
-partition [2010]
-principalName hive_test_user
-principalType USER
-privilege Create
-#### A masked pattern was here ####
-grantor hive_test_user
+default authorization_fail_4 [2010] hive_test_user USER Alter false -1 hive_test_user
+default authorization_fail_4 [2010] hive_test_user USER Create false -1 hive_test_user
Authorization failed:No privilege 'Select' found for inputs { database:default, table:authorization_fail_4, partitionName:ds=2010, columnName:key}. Use SHOW GRANT to get more details.
Modified: hive/trunk/ql/src/test/results/clientnegative/authorization_fail_5.q.out
URL: http://svn.apache.org/viewvc/hive/trunk/ql/src/test/results/clientnegative/authorization_fail_5.q.out?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/ql/src/test/results/clientnegative/authorization_fail_5.q.out (original)
+++ hive/trunk/ql/src/test/results/clientnegative/authorization_fail_5.q.out Thu Feb 6 23:11:12 2014
@@ -44,55 +44,16 @@ PREHOOK: query: show grant user hive_tes
PREHOOK: type: SHOW_GRANT
POSTHOOK: query: show grant user hive_test_user on table authorization_fail
POSTHOOK: type: SHOW_GRANT
-database default
-table authorization_fail
-principalName hive_test_user
-principalType USER
-privilege Alter
-#### A masked pattern was here ####
-grantor hive_test_user
-database default
-table authorization_fail
-principalName hive_test_user
-principalType USER
-privilege Create
-#### A masked pattern was here ####
-grantor hive_test_user
-database default
-table authorization_fail
-principalName hive_test_user
-principalType USER
-privilege Select
-#### A masked pattern was here ####
-grantor hive_test_user
+default authorization_fail hive_test_user USER Alter false -1 hive_test_user
+default authorization_fail hive_test_user USER Create false -1 hive_test_user
+default authorization_fail hive_test_user USER Select false -1 hive_test_user
PREHOOK: query: show grant user hive_test_user on table authorization_fail partition (ds='2010')
PREHOOK: type: SHOW_GRANT
POSTHOOK: query: show grant user hive_test_user on table authorization_fail partition (ds='2010')
POSTHOOK: type: SHOW_GRANT
-database default
-table authorization_fail
-partition [2010]
-principalName hive_test_user
-principalType USER
-privilege Alter
-#### A masked pattern was here ####
-grantor hive_test_user
-database default
-table authorization_fail
-partition [2010]
-principalName hive_test_user
-principalType USER
-privilege Create
-#### A masked pattern was here ####
-grantor hive_test_user
-database default
-table authorization_fail
-partition [2010]
-principalName hive_test_user
-principalType USER
-privilege Select
-#### A masked pattern was here ####
-grantor hive_test_user
+default authorization_fail [2010] hive_test_user USER Alter false -1 hive_test_user
+default authorization_fail [2010] hive_test_user USER Create false -1 hive_test_user
+default authorization_fail [2010] hive_test_user USER Select false -1 hive_test_user
PREHOOK: query: revoke Select on table authorization_fail partition (ds='2010') from user hive_test_user
PREHOOK: type: REVOKE_PRIVILEGE
PREHOOK: Output: default@authorization_fail@ds=2010
@@ -103,20 +64,6 @@ PREHOOK: query: show grant user hive_tes
PREHOOK: type: SHOW_GRANT
POSTHOOK: query: show grant user hive_test_user on table authorization_fail partition (ds='2010')
POSTHOOK: type: SHOW_GRANT
-database default
-table authorization_fail
-partition [2010]
-principalName hive_test_user
-principalType USER
-privilege Alter
-#### A masked pattern was here ####
-grantor hive_test_user
-database default
-table authorization_fail
-partition [2010]
-principalName hive_test_user
-principalType USER
-privilege Create
-#### A masked pattern was here ####
-grantor hive_test_user
+default authorization_fail [2010] hive_test_user USER Alter false -1 hive_test_user
+default authorization_fail [2010] hive_test_user USER Create false -1 hive_test_user
Authorization failed:No privilege 'Select' found for inputs { database:default, table:authorization_fail, partitionName:ds=2010, columnName:key}. Use SHOW GRANT to get more details.
Modified: hive/trunk/ql/src/test/results/clientnegative/authorization_fail_7.q.out
URL: http://svn.apache.org/viewvc/hive/trunk/ql/src/test/results/clientnegative/authorization_fail_7.q.out?rev=1565475&r1=1565474&r2=1565475&view=diff
==============================================================================
--- hive/trunk/ql/src/test/results/clientnegative/authorization_fail_7.q.out (original)
+++ hive/trunk/ql/src/test/results/clientnegative/authorization_fail_7.q.out Thu Feb 6 23:11:12 2014
@@ -25,19 +25,13 @@ PREHOOK: query: show role grant user hiv
PREHOOK: type: SHOW_ROLE_GRANT
POSTHOOK: query: show role grant user hive_test_user
POSTHOOK: type: SHOW_ROLE_GRANT
-hive_test_role_fail
-PUBLIC
+hive_test_role_fail -1 hive_test_user USER true -1 hive_test_user
+PUBLIC -1 false -1
PREHOOK: query: show grant role hive_test_role_fail on table authorization_fail
PREHOOK: type: SHOW_GRANT
POSTHOOK: query: show grant role hive_test_role_fail on table authorization_fail
POSTHOOK: type: SHOW_GRANT
-database default
-table authorization_fail
-principalName hive_test_role_fail
-principalType ROLE
-privilege Select
-#### A masked pattern was here ####
-grantor hive_test_user
+default authorization_fail hive_test_role_fail ROLE Select false -1 hive_test_user
PREHOOK: query: drop role hive_test_role_fail
PREHOOK: type: DROPROLE
POSTHOOK: query: drop role hive_test_role_fail