You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@hive.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2022/07/28 13:12:00 UTC
[jira] [Work logged] (HIVE-26433) StorageHandler authorization doesn't work with "METASTORE" db type
[ https://issues.apache.org/jira/browse/HIVE-26433?focusedWorklogId=796063&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-796063 ]
ASF GitHub Bot logged work on HIVE-26433:
-----------------------------------------
Author: ASF GitHub Bot
Created on: 28/Jul/22 13:11
Start Date: 28/Jul/22 13:11
Worklog Time Spent: 10m
Work Description: saihemanth-cloudera commented on code in PR #3482:
URL: https://github.com/apache/hive/pull/3482#discussion_r932198572
##########
jdbc-handler/src/main/java/org/apache/hive/storage/jdbc/JdbcStorageHandler.java:
##########
@@ -99,7 +101,10 @@ public void configureInputJobProperties(TableDesc tableDesc, Map<String, String>
@Override
public URI getURIForAuth(Table table) throws URISyntaxException {
Map<String, String> tableProperties = HiveCustomStorageHandlerUtils.getTableProperties(table);
- String host_url = tableProperties.get(Constants.JDBC_URL);
+ DatabaseType dbType = DatabaseType.valueOf(
+ tableProperties.get(JdbcStorageConfig.DATABASE_TYPE.getPropertyName()));
+ String host_url = DatabaseType.METASTORE == dbType ?
+ "internal:metastore://" : tableProperties.get(Constants.JDBC_URL);
Review Comment:
All the storage handlers will have prefix in the Storage URL including jdbc storage handler. Can we make this hardcoded uri also to be in the same format? Essentially you would need to add "JDBC://" before the string "internal:metastore:/" (please take out extra "/" after "metastore:/")?
Issue Time Tracking
-------------------
Worklog Id: (was: 796063)
Time Spent: 20m (was: 10m)
> StorageHandler authorization doesn't work with "METASTORE" db type
> ------------------------------------------------------------------
>
> Key: HIVE-26433
> URL: https://issues.apache.org/jira/browse/HIVE-26433
> Project: Hive
> Issue Type: Task
> Reporter: Denys Kuzmenko
> Assignee: Denys Kuzmenko
> Priority: Major
> Labels: pull-request-available
> Time Spent: 20m
> Remaining Estimate: 0h
>
> StorageHandler Authorization doesn't work with the "METASTORE" db type:
> {code}
> CREATE EXTERNAL TABLE IF NOT EXISTS `SYS`.`HIVE_LOCKS` (
> `HL_LOCK_EXT_ID` bigint,
> `HL_LOCK_INT_ID` bigint,
> `HL_TXNID` bigint,
> `HL_DB` string,
> `HL_TABLE` string,
> `HL_PARTITION` string,
> `HL_LOCK_STATE` string,
> `HL_LOCK_TYPE` string,
> `HL_LAST_HEARTBEAT` bigint,
> `HL_ACQUIRED_AT` bigint,
> `HL_USER` string,
> `HL_HOST` string,
> `HL_HEARTBEAT_COUNT` int,
> `HL_AGENT_INFO` string,
> `HL_BLOCKEDBY_EXT_ID` bigint,
> `HL_BLOCKEDBY_INT_ID` bigint
> )
> STORED BY 'org.apache.hive.storage.jdbc.JdbcStorageHandler'
> TBLPROPERTIES (
> "hive.sql.database.type" = "METASTORE",
> "hive.sql.query" =
> "SELECT
> \"HL_LOCK_EXT_ID\",
> \"HL_LOCK_INT_ID\",
> \"HL_TXNID\",
> \"HL_DB\",
> \"HL_TABLE\",
> \"HL_PARTITION\",
> \"HL_LOCK_STATE\",
> \"HL_LOCK_TYPE\",
> \"HL_LAST_HEARTBEAT\",
> \"HL_ACQUIRED_AT\",
> \"HL_USER\",
> \"HL_HOST\",
> \"HL_HEARTBEAT_COUNT\",
> \"HL_AGENT_INFO\",
> \"HL_BLOCKEDBY_EXT_ID\",
> \"HL_BLOCKEDBY_INT_ID\"
> FROM \"HIVE_LOCKS\""
> );
> {code}
> Exception thrown:
> {code}
> Error: Error while compiling statement: FAILED: HiveAccessControlException Permission denied: user [hive] does not have [RWSTORAGE] privilege on [null/null] (state=42000,code=40000)
> {code}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)