You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hive.apache.org by vg...@apache.org on 2016/07/29 23:27:33 UTC
hive git commit: HIVE-14348: Add tests for alter table exchange
partition (Vaibhav Gumashta reviewed by Thejas Nair)
Repository: hive
Updated Branches:
refs/heads/master 8a1837665 -> c8648aa3a
HIVE-14348: Add tests for alter table exchange partition (Vaibhav Gumashta reviewed by Thejas Nair)
Project: http://git-wip-us.apache.org/repos/asf/hive/repo
Commit: http://git-wip-us.apache.org/repos/asf/hive/commit/c8648aa3
Tree: http://git-wip-us.apache.org/repos/asf/hive/tree/c8648aa3
Diff: http://git-wip-us.apache.org/repos/asf/hive/diff/c8648aa3
Branch: refs/heads/master
Commit: c8648aa3a21da73ef1e17253829094bc46a9c324
Parents: 8a18376
Author: Vaibhav Gumashta <vg...@hortonworks.com>
Authored: Fri Jul 29 16:06:21 2016 -0700
Committer: Vaibhav Gumashta <vg...@hortonworks.com>
Committed: Fri Jul 29 16:06:21 2016 -0700
----------------------------------------------------------------------
.../hive/ql/parse/DDLSemanticAnalyzer.java | 1 -
.../hive/ql/parse/SemanticAnalyzerFactory.java | 3 +-
.../hadoop/hive/ql/plan/HiveOperation.java | 4 +-
.../plugin/sqlstd/Operation2Privilege.java | 7 +-
...zation_alter_table_exchange_partition_fail.q | 44 ++++++++
...ation_alter_table_exchange_partition_fail2.q | 49 +++++++++
...thorization_alter_table_exchange_partition.q | 47 ++++++++
...on_alter_table_exchange_partition_fail.q.out | 84 +++++++++++++++
...n_alter_table_exchange_partition_fail2.q.out | 92 ++++++++++++++++
.../clientnegative/exchange_partition.q.out | 1 -
...ization_alter_table_exchange_partition.q.out | 108 +++++++++++++++++++
.../clientpositive/exchange_partition.q.out | 2 -
.../clientpositive/exchange_partition2.q.out | 2 -
.../clientpositive/exchange_partition3.q.out | 2 -
.../clientpositive/exchgpartition2lel.q.out | 6 --
15 files changed, 434 insertions(+), 18 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/hive/blob/c8648aa3/ql/src/java/org/apache/hadoop/hive/ql/parse/DDLSemanticAnalyzer.java
----------------------------------------------------------------------
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/parse/DDLSemanticAnalyzer.java b/ql/src/java/org/apache/hadoop/hive/ql/parse/DDLSemanticAnalyzer.java
index 9355d25..9329e00 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/parse/DDLSemanticAnalyzer.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/parse/DDLSemanticAnalyzer.java
@@ -761,7 +761,6 @@ public class DDLSemanticAnalyzer extends BaseSemanticAnalyzer {
alterTableExchangePartition), conf));
inputs.add(new ReadEntity(sourceTable));
- outputs.add(new WriteEntity(sourceTable, WriteType.DDL_SHARED));
outputs.add(new WriteEntity(destTable, WriteType.DDL_SHARED));
}
http://git-wip-us.apache.org/repos/asf/hive/blob/c8648aa3/ql/src/java/org/apache/hadoop/hive/ql/parse/SemanticAnalyzerFactory.java
----------------------------------------------------------------------
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/parse/SemanticAnalyzerFactory.java b/ql/src/java/org/apache/hadoop/hive/ql/parse/SemanticAnalyzerFactory.java
index efb0ef0..cc731bf 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/parse/SemanticAnalyzerFactory.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/parse/SemanticAnalyzerFactory.java
@@ -61,7 +61,8 @@ public final class SemanticAnalyzerFactory {
commandType.put(HiveParser.TOK_ALTERTABLE_UNARCHIVE, HiveOperation.ALTERTABLE_UNARCHIVE);
commandType.put(HiveParser.TOK_ALTERTABLE_PROPERTIES, HiveOperation.ALTERTABLE_PROPERTIES);
commandType.put(HiveParser.TOK_ALTERTABLE_DROPPROPERTIES, HiveOperation.ALTERTABLE_PROPERTIES);
- commandType.put(HiveParser.TOK_ALTERTABLE_EXCHANGEPARTITION, HiveOperation.ALTERTABLE_EXCHANGEPARTITION);
+ commandType.put(HiveParser.TOK_ALTERTABLE_EXCHANGEPARTITION,
+ HiveOperation.ALTERTABLE_EXCHANGEPARTITION);
commandType.put(HiveParser.TOK_ALTERTABLE_DROPCONSTRAINT, HiveOperation.ALTERTABLE_DROPCONSTRAINT);
commandType.put(HiveParser.TOK_ALTERTABLE_ADDCONSTRAINT, HiveOperation.ALTERTABLE_ADDCONSTRAINT);
commandType.put(HiveParser.TOK_SHOWDATABASES, HiveOperation.SHOWDATABASES);
http://git-wip-us.apache.org/repos/asf/hive/blob/c8648aa3/ql/src/java/org/apache/hadoop/hive/ql/plan/HiveOperation.java
----------------------------------------------------------------------
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/plan/HiveOperation.java b/ql/src/java/org/apache/hadoop/hive/ql/plan/HiveOperation.java
index c2895dc..d2746ae 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/plan/HiveOperation.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/plan/HiveOperation.java
@@ -114,7 +114,9 @@ public enum HiveOperation {
ALTERTBLPART_SKEWED_LOCATION("ALTERTBLPART_SKEWED_LOCATION",
new Privilege[] {Privilege.ALTER_DATA}, null),
ALTERTABLE_PARTCOLTYPE("ALTERTABLE_PARTCOLTYPE", new Privilege[] { Privilege.SELECT }, new Privilege[] { Privilege.ALTER_DATA }),
- ALTERTABLE_EXCHANGEPARTITION("ALTERTABLE_EXCHANGEPARTITION", null, null),
+ ALTERTABLE_EXCHANGEPARTITION(
+ "ALTERTABLE_EXCHANGEPARTITION", new Privilege[] { Privilege.SELECT, Privilege.DELETE },
+ new Privilege[] { Privilege.INSERT }),
ALTERTABLE_DROPCONSTRAINT("ALTERTABLE_DROPCONSTRAINT",
new Privilege[]{Privilege.ALTER_METADATA}, null),
ALTERTABLE_ADDCONSTRAINT("ALTERTABLE_ADDCONSTRAINT",
http://git-wip-us.apache.org/repos/asf/hive/blob/c8648aa3/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/Operation2Privilege.java
----------------------------------------------------------------------
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/Operation2Privilege.java b/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/Operation2Privilege.java
index 21ae8fb..bbe28ab 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/Operation2Privilege.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/Operation2Privilege.java
@@ -426,8 +426,11 @@ public class Operation2Privilege {
(null, null));
op2Priv.put(HiveOperationType.SET_AUTOCOMMIT, PrivRequirement.newIOPrivRequirement
(null, null));
- op2Priv.put(HiveOperationType.ALTERTABLE_EXCHANGEPARTITION,
- PrivRequirement.newIOPrivRequirement(null, null));
+ // For alter table exchange partition, we need select & delete on input & insert on output
+ op2Priv.put(
+ HiveOperationType.ALTERTABLE_EXCHANGEPARTITION,
+ PrivRequirement.newIOPrivRequirement(
+ arr(SQLPrivTypeGrant.SELECT_NOGRANT, SQLPrivTypeGrant.DELETE_NOGRANT), INS_NOGRANT_AR));
op2Priv.put(HiveOperationType.ABORT_TRANSACTIONS, PrivRequirement.newIOPrivRequirement
(null, null));
}
http://git-wip-us.apache.org/repos/asf/hive/blob/c8648aa3/ql/src/test/queries/clientnegative/authorization_alter_table_exchange_partition_fail.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientnegative/authorization_alter_table_exchange_partition_fail.q b/ql/src/test/queries/clientnegative/authorization_alter_table_exchange_partition_fail.q
new file mode 100644
index 0000000..d4c22bf
--- /dev/null
+++ b/ql/src/test/queries/clientnegative/authorization_alter_table_exchange_partition_fail.q
@@ -0,0 +1,44 @@
+set hive.test.authz.sstd.hs2.mode=true;
+set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
+set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
+set hive.security.authorization.enabled=true;
+
+set user.name=user1;
+
+-- create a table owned by user1
+
+create table exchange_partition_test_1(a int) partitioned by (b int);
+
+show grant user user1 on table exchange_partition_test_1;
+
+set user.name=hive_admin_user;
+
+set role admin;
+
+-- add data to exchange_partition_test_1
+
+insert overwrite table exchange_partition_test_1 partition (b=1) select key from src;
+
+set role all;
+
+set user.name=user2;
+
+-- switch user
+
+-- create a table owned by user2 (as a result user2 will have insert privilege on exchange_partition_test_2 but no select + delete previlege on exchange_partition_test_1)
+
+create table exchange_partition_test_2(a int) partitioned by (b int);
+
+show grant user user2 on table exchange_partition_test_2;
+
+
+-- execute alter table exchange partition to add data to exchange_partition_test_2 (this should fail)
+
+ explain authorization alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1;
+
+ alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1;
+
+ set hive.security.authorization.enabled=false;
+
+
+
http://git-wip-us.apache.org/repos/asf/hive/blob/c8648aa3/ql/src/test/queries/clientnegative/authorization_alter_table_exchange_partition_fail2.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientnegative/authorization_alter_table_exchange_partition_fail2.q b/ql/src/test/queries/clientnegative/authorization_alter_table_exchange_partition_fail2.q
new file mode 100644
index 0000000..9a68394
--- /dev/null
+++ b/ql/src/test/queries/clientnegative/authorization_alter_table_exchange_partition_fail2.q
@@ -0,0 +1,49 @@
+set hive.test.authz.sstd.hs2.mode=true;
+set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
+set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
+set hive.security.authorization.enabled=true;
+
+set user.name=user1;
+
+-- create a table owned by user1
+
+create table exchange_partition_test_1(a int) partitioned by (b int);
+
+show grant user user1 on table exchange_partition_test_1;
+
+set user.name=hive_admin_user;
+
+set role admin;
+
+-- add data to exchange_partition_test_1
+
+insert overwrite table exchange_partition_test_1 partition (b=1) select key from src;
+
+set role all;
+
+set user.name=user2;
+
+-- switch user
+
+-- create a table owned by user2
+
+create table exchange_partition_test_2(a int) partitioned by (b int);
+
+show grant user user2 on table exchange_partition_test_2;
+
+set user.name=user1;
+
+-- switch user
+
+show grant user user1 on table exchange_partition_test_2;
+
+-- execute alter table exchange partition to add data to exchange_partition_test_2 (this should fail)
+
+ explain authorization alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1;
+
+ alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1;
+
+ set hive.security.authorization.enabled=false;
+
+
+
http://git-wip-us.apache.org/repos/asf/hive/blob/c8648aa3/ql/src/test/queries/clientpositive/authorization_alter_table_exchange_partition.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientpositive/authorization_alter_table_exchange_partition.q b/ql/src/test/queries/clientpositive/authorization_alter_table_exchange_partition.q
new file mode 100644
index 0000000..1ff4560
--- /dev/null
+++ b/ql/src/test/queries/clientpositive/authorization_alter_table_exchange_partition.q
@@ -0,0 +1,47 @@
+set hive.test.authz.sstd.hs2.mode=true;
+set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
+set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;
+set hive.security.authorization.enabled=true;
+
+
+set user.name=user1;
+
+-- create a table owned by user1
+
+create table exchange_partition_test_1(a int) partitioned by (b int);
+
+show grant user user1 on table exchange_partition_test_1;
+
+set user.name=hive_admin_user;
+
+set role admin;
+
+-- add data to exchange_partition_test_1
+
+insert overwrite table exchange_partition_test_1 partition (b=1) select key from src;
+
+-- grant select, delete privileges to user2 on exchange_partition_test_1
+
+grant select, delete on exchange_partition_test_1 to user user2;
+
+set role all;
+
+set user.name=user2;
+
+show grant user user2 on table exchange_partition_test_1;
+
+-- switch user
+
+-- create a table owned by user2 (as a result user2 will have insert privilege)
+
+create table exchange_partition_test_2(a int) partitioned by (b int);
+
+show grant user user2 on table exchange_partition_test_2;
+
+-- execute alter table exchange partition to add data to exchange_partition_test_2
+
+explain authorization alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1;
+
+alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1;
+
+set hive.security.authorization.enabled=false;
http://git-wip-us.apache.org/repos/asf/hive/blob/c8648aa3/ql/src/test/results/clientnegative/authorization_alter_table_exchange_partition_fail.q.out
----------------------------------------------------------------------
diff --git a/ql/src/test/results/clientnegative/authorization_alter_table_exchange_partition_fail.q.out b/ql/src/test/results/clientnegative/authorization_alter_table_exchange_partition_fail.q.out
new file mode 100644
index 0000000..15dc079
--- /dev/null
+++ b/ql/src/test/results/clientnegative/authorization_alter_table_exchange_partition_fail.q.out
@@ -0,0 +1,84 @@
+PREHOOK: query: -- create a table owned by user1
+
+create table exchange_partition_test_1(a int) partitioned by (b int)
+PREHOOK: type: CREATETABLE
+PREHOOK: Output: database:default
+PREHOOK: Output: default@exchange_partition_test_1
+POSTHOOK: query: -- create a table owned by user1
+
+create table exchange_partition_test_1(a int) partitioned by (b int)
+POSTHOOK: type: CREATETABLE
+POSTHOOK: Output: database:default
+POSTHOOK: Output: default@exchange_partition_test_1
+PREHOOK: query: show grant user user1 on table exchange_partition_test_1
+PREHOOK: type: SHOW_GRANT
+POSTHOOK: query: show grant user user1 on table exchange_partition_test_1
+POSTHOOK: type: SHOW_GRANT
+default exchange_partition_test_1 user1 USER DELETE true -1 user1
+default exchange_partition_test_1 user1 USER INSERT true -1 user1
+default exchange_partition_test_1 user1 USER SELECT true -1 user1
+default exchange_partition_test_1 user1 USER UPDATE true -1 user1
+PREHOOK: query: set role admin
+PREHOOK: type: SHOW_ROLES
+POSTHOOK: query: set role admin
+POSTHOOK: type: SHOW_ROLES
+PREHOOK: query: -- add data to exchange_partition_test_1
+
+insert overwrite table exchange_partition_test_1 partition (b=1) select key from src
+PREHOOK: type: QUERY
+PREHOOK: Input: default@src
+PREHOOK: Output: default@exchange_partition_test_1@b=1
+POSTHOOK: query: -- add data to exchange_partition_test_1
+
+insert overwrite table exchange_partition_test_1 partition (b=1) select key from src
+POSTHOOK: type: QUERY
+POSTHOOK: Input: default@src
+POSTHOOK: Output: default@exchange_partition_test_1@b=1
+POSTHOOK: Lineage: exchange_partition_test_1 PARTITION(b=1).a EXPRESSION [(src)src.FieldSchema(name:key, type:string, comment:default), ]
+PREHOOK: query: set role all
+PREHOOK: type: SHOW_ROLES
+POSTHOOK: query: set role all
+POSTHOOK: type: SHOW_ROLES
+PREHOOK: query: -- switch user
+
+-- create a table owned by user2 (as a result user2 will have insert privilege on exchange_partition_test_2 but no select + delete previlege on exchange_partition_test_1)
+
+create table exchange_partition_test_2(a int) partitioned by (b int)
+PREHOOK: type: CREATETABLE
+PREHOOK: Output: database:default
+PREHOOK: Output: default@exchange_partition_test_2
+POSTHOOK: query: -- switch user
+
+-- create a table owned by user2 (as a result user2 will have insert privilege on exchange_partition_test_2 but no select + delete previlege on exchange_partition_test_1)
+
+create table exchange_partition_test_2(a int) partitioned by (b int)
+POSTHOOK: type: CREATETABLE
+POSTHOOK: Output: database:default
+POSTHOOK: Output: default@exchange_partition_test_2
+PREHOOK: query: show grant user user2 on table exchange_partition_test_2
+PREHOOK: type: SHOW_GRANT
+POSTHOOK: query: show grant user user2 on table exchange_partition_test_2
+POSTHOOK: type: SHOW_GRANT
+default exchange_partition_test_2 user2 USER DELETE true -1 user1
+default exchange_partition_test_2 user2 USER INSERT true -1 user1
+default exchange_partition_test_2 user2 USER SELECT true -1 user1
+default exchange_partition_test_2 user2 USER UPDATE true -1 user1
+PREHOOK: query: -- execute alter table exchange partition to add data to exchange_partition_test_2 (this should fail)
+
+ explain authorization alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1
+PREHOOK: type: ALTERTABLE_EXCHANGEPARTITION
+POSTHOOK: query: -- execute alter table exchange partition to add data to exchange_partition_test_2 (this should fail)
+
+ explain authorization alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1
+POSTHOOK: type: ALTERTABLE_EXCHANGEPARTITION
+INPUTS:
+ default@exchange_partition_test_1
+OUTPUTS:
+ default@exchange_partition_test_2
+CURRENT_USER:
+ user2
+OPERATION:
+ ALTERTABLE_EXCHANGEPARTITION
+AUTHORIZATION_FAILURES:
+ Permission denied: Principal [name=user2, type=USER] does not have following privileges for operation ALTERTABLE_EXCHANGEPARTITION [[SELECT, DELETE] on Object [type=TABLE_OR_VIEW, name=default.exchange_partition_test_1]]
+FAILED: HiveAccessControlException Permission denied: Principal [name=user2, type=USER] does not have following privileges for operation ALTERTABLE_EXCHANGEPARTITION [[SELECT, DELETE] on Object [type=TABLE_OR_VIEW, name=default.exchange_partition_test_1]]
http://git-wip-us.apache.org/repos/asf/hive/blob/c8648aa3/ql/src/test/results/clientnegative/authorization_alter_table_exchange_partition_fail2.q.out
----------------------------------------------------------------------
diff --git a/ql/src/test/results/clientnegative/authorization_alter_table_exchange_partition_fail2.q.out b/ql/src/test/results/clientnegative/authorization_alter_table_exchange_partition_fail2.q.out
new file mode 100644
index 0000000..280673c
--- /dev/null
+++ b/ql/src/test/results/clientnegative/authorization_alter_table_exchange_partition_fail2.q.out
@@ -0,0 +1,92 @@
+PREHOOK: query: -- create a table owned by user1
+
+create table exchange_partition_test_1(a int) partitioned by (b int)
+PREHOOK: type: CREATETABLE
+PREHOOK: Output: database:default
+PREHOOK: Output: default@exchange_partition_test_1
+POSTHOOK: query: -- create a table owned by user1
+
+create table exchange_partition_test_1(a int) partitioned by (b int)
+POSTHOOK: type: CREATETABLE
+POSTHOOK: Output: database:default
+POSTHOOK: Output: default@exchange_partition_test_1
+PREHOOK: query: show grant user user1 on table exchange_partition_test_1
+PREHOOK: type: SHOW_GRANT
+POSTHOOK: query: show grant user user1 on table exchange_partition_test_1
+POSTHOOK: type: SHOW_GRANT
+default exchange_partition_test_1 user1 USER DELETE true -1 user1
+default exchange_partition_test_1 user1 USER INSERT true -1 user1
+default exchange_partition_test_1 user1 USER SELECT true -1 user1
+default exchange_partition_test_1 user1 USER UPDATE true -1 user1
+PREHOOK: query: set role admin
+PREHOOK: type: SHOW_ROLES
+POSTHOOK: query: set role admin
+POSTHOOK: type: SHOW_ROLES
+PREHOOK: query: -- add data to exchange_partition_test_1
+
+insert overwrite table exchange_partition_test_1 partition (b=1) select key from src
+PREHOOK: type: QUERY
+PREHOOK: Input: default@src
+PREHOOK: Output: default@exchange_partition_test_1@b=1
+POSTHOOK: query: -- add data to exchange_partition_test_1
+
+insert overwrite table exchange_partition_test_1 partition (b=1) select key from src
+POSTHOOK: type: QUERY
+POSTHOOK: Input: default@src
+POSTHOOK: Output: default@exchange_partition_test_1@b=1
+POSTHOOK: Lineage: exchange_partition_test_1 PARTITION(b=1).a EXPRESSION [(src)src.FieldSchema(name:key, type:string, comment:default), ]
+PREHOOK: query: set role all
+PREHOOK: type: SHOW_ROLES
+POSTHOOK: query: set role all
+POSTHOOK: type: SHOW_ROLES
+PREHOOK: query: -- switch user
+
+-- create a table owned by user2
+
+create table exchange_partition_test_2(a int) partitioned by (b int)
+PREHOOK: type: CREATETABLE
+PREHOOK: Output: database:default
+PREHOOK: Output: default@exchange_partition_test_2
+POSTHOOK: query: -- switch user
+
+-- create a table owned by user2
+
+create table exchange_partition_test_2(a int) partitioned by (b int)
+POSTHOOK: type: CREATETABLE
+POSTHOOK: Output: database:default
+POSTHOOK: Output: default@exchange_partition_test_2
+PREHOOK: query: show grant user user2 on table exchange_partition_test_2
+PREHOOK: type: SHOW_GRANT
+POSTHOOK: query: show grant user user2 on table exchange_partition_test_2
+POSTHOOK: type: SHOW_GRANT
+default exchange_partition_test_2 user2 USER DELETE true -1 user1
+default exchange_partition_test_2 user2 USER INSERT true -1 user1
+default exchange_partition_test_2 user2 USER SELECT true -1 user1
+default exchange_partition_test_2 user2 USER UPDATE true -1 user1
+PREHOOK: query: -- switch user
+
+show grant user user1 on table exchange_partition_test_2
+PREHOOK: type: SHOW_GRANT
+POSTHOOK: query: -- switch user
+
+show grant user user1 on table exchange_partition_test_2
+POSTHOOK: type: SHOW_GRANT
+PREHOOK: query: -- execute alter table exchange partition to add data to exchange_partition_test_2 (this should fail)
+
+ explain authorization alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1
+PREHOOK: type: ALTERTABLE_EXCHANGEPARTITION
+POSTHOOK: query: -- execute alter table exchange partition to add data to exchange_partition_test_2 (this should fail)
+
+ explain authorization alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1
+POSTHOOK: type: ALTERTABLE_EXCHANGEPARTITION
+INPUTS:
+ default@exchange_partition_test_1
+OUTPUTS:
+ default@exchange_partition_test_2
+CURRENT_USER:
+ user1
+OPERATION:
+ ALTERTABLE_EXCHANGEPARTITION
+AUTHORIZATION_FAILURES:
+ Permission denied: Principal [name=user1, type=USER] does not have following privileges for operation ALTERTABLE_EXCHANGEPARTITION [[INSERT] on Object [type=TABLE_OR_VIEW, name=default.exchange_partition_test_2]]
+FAILED: HiveAccessControlException Permission denied: Principal [name=user1, type=USER] does not have following privileges for operation ALTERTABLE_EXCHANGEPARTITION [[INSERT] on Object [type=TABLE_OR_VIEW, name=default.exchange_partition_test_2]]
http://git-wip-us.apache.org/repos/asf/hive/blob/c8648aa3/ql/src/test/results/clientnegative/exchange_partition.q.out
----------------------------------------------------------------------
diff --git a/ql/src/test/results/clientnegative/exchange_partition.q.out b/ql/src/test/results/clientnegative/exchange_partition.q.out
index 47393ec..bfdf413 100644
--- a/ql/src/test/results/clientnegative/exchange_partition.q.out
+++ b/ql/src/test/results/clientnegative/exchange_partition.q.out
@@ -53,5 +53,4 @@ PREHOOK: query: ALTER TABLE ex_table1 EXCHANGE PARTITION (part='part1') WITH TAB
PREHOOK: type: ALTERTABLE_EXCHANGEPARTITION
PREHOOK: Input: default@ex_table2
PREHOOK: Output: default@ex_table1
-PREHOOK: Output: default@ex_table2
FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. MetaException(message:Got exception: java.io.IOException Cannot rename the source path. The destination path already exists.)
http://git-wip-us.apache.org/repos/asf/hive/blob/c8648aa3/ql/src/test/results/clientpositive/authorization_alter_table_exchange_partition.q.out
----------------------------------------------------------------------
diff --git a/ql/src/test/results/clientpositive/authorization_alter_table_exchange_partition.q.out b/ql/src/test/results/clientpositive/authorization_alter_table_exchange_partition.q.out
new file mode 100644
index 0000000..22b66d1
--- /dev/null
+++ b/ql/src/test/results/clientpositive/authorization_alter_table_exchange_partition.q.out
@@ -0,0 +1,108 @@
+PREHOOK: query: -- create a table owned by user1
+
+create table exchange_partition_test_1(a int) partitioned by (b int)
+PREHOOK: type: CREATETABLE
+PREHOOK: Output: database:default
+PREHOOK: Output: default@exchange_partition_test_1
+POSTHOOK: query: -- create a table owned by user1
+
+create table exchange_partition_test_1(a int) partitioned by (b int)
+POSTHOOK: type: CREATETABLE
+POSTHOOK: Output: database:default
+POSTHOOK: Output: default@exchange_partition_test_1
+PREHOOK: query: show grant user user1 on table exchange_partition_test_1
+PREHOOK: type: SHOW_GRANT
+POSTHOOK: query: show grant user user1 on table exchange_partition_test_1
+POSTHOOK: type: SHOW_GRANT
+default exchange_partition_test_1 user1 USER DELETE true -1 user1
+default exchange_partition_test_1 user1 USER INSERT true -1 user1
+default exchange_partition_test_1 user1 USER SELECT true -1 user1
+default exchange_partition_test_1 user1 USER UPDATE true -1 user1
+PREHOOK: query: set role admin
+PREHOOK: type: SHOW_ROLES
+POSTHOOK: query: set role admin
+POSTHOOK: type: SHOW_ROLES
+PREHOOK: query: -- add data to exchange_partition_test_1
+
+insert overwrite table exchange_partition_test_1 partition (b=1) select key from src
+PREHOOK: type: QUERY
+PREHOOK: Input: default@src
+PREHOOK: Output: default@exchange_partition_test_1@b=1
+POSTHOOK: query: -- add data to exchange_partition_test_1
+
+insert overwrite table exchange_partition_test_1 partition (b=1) select key from src
+POSTHOOK: type: QUERY
+POSTHOOK: Input: default@src
+POSTHOOK: Output: default@exchange_partition_test_1@b=1
+POSTHOOK: Lineage: exchange_partition_test_1 PARTITION(b=1).a EXPRESSION [(src)src.FieldSchema(name:key, type:string, comment:default), ]
+PREHOOK: query: -- grant select, delete privileges to user2 on exchange_partition_test_1
+
+grant select, delete on exchange_partition_test_1 to user user2
+PREHOOK: type: GRANT_PRIVILEGE
+PREHOOK: Output: default@exchange_partition_test_1
+POSTHOOK: query: -- grant select, delete privileges to user2 on exchange_partition_test_1
+
+grant select, delete on exchange_partition_test_1 to user user2
+POSTHOOK: type: GRANT_PRIVILEGE
+POSTHOOK: Output: default@exchange_partition_test_1
+PREHOOK: query: set role all
+PREHOOK: type: SHOW_ROLES
+POSTHOOK: query: set role all
+POSTHOOK: type: SHOW_ROLES
+PREHOOK: query: show grant user user2 on table exchange_partition_test_1
+PREHOOK: type: SHOW_GRANT
+POSTHOOK: query: show grant user user2 on table exchange_partition_test_1
+POSTHOOK: type: SHOW_GRANT
+default exchange_partition_test_1 user2 USER DELETE false -1 hive_admin_user
+default exchange_partition_test_1 user2 USER SELECT false -1 hive_admin_user
+PREHOOK: query: -- switch user
+
+-- create a table owned by user2 (as a result user2 will have insert privilege)
+
+create table exchange_partition_test_2(a int) partitioned by (b int)
+PREHOOK: type: CREATETABLE
+PREHOOK: Output: database:default
+PREHOOK: Output: default@exchange_partition_test_2
+POSTHOOK: query: -- switch user
+
+-- create a table owned by user2 (as a result user2 will have insert privilege)
+
+create table exchange_partition_test_2(a int) partitioned by (b int)
+POSTHOOK: type: CREATETABLE
+POSTHOOK: Output: database:default
+POSTHOOK: Output: default@exchange_partition_test_2
+PREHOOK: query: show grant user user2 on table exchange_partition_test_2
+PREHOOK: type: SHOW_GRANT
+POSTHOOK: query: show grant user user2 on table exchange_partition_test_2
+POSTHOOK: type: SHOW_GRANT
+default exchange_partition_test_2 user2 USER DELETE true -1 user1
+default exchange_partition_test_2 user2 USER INSERT true -1 user1
+default exchange_partition_test_2 user2 USER SELECT true -1 user1
+default exchange_partition_test_2 user2 USER UPDATE true -1 user1
+PREHOOK: query: -- execute alter table exchange partition to add data to exchange_partition_test_2
+
+explain authorization alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1
+PREHOOK: type: ALTERTABLE_EXCHANGEPARTITION
+POSTHOOK: query: -- execute alter table exchange partition to add data to exchange_partition_test_2
+
+explain authorization alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1
+POSTHOOK: type: ALTERTABLE_EXCHANGEPARTITION
+INPUTS:
+ default@exchange_partition_test_1
+OUTPUTS:
+ default@exchange_partition_test_2
+CURRENT_USER:
+ user2
+OPERATION:
+ ALTERTABLE_EXCHANGEPARTITION
+PREHOOK: query: alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1
+PREHOOK: type: ALTERTABLE_EXCHANGEPARTITION
+PREHOOK: Input: default@exchange_partition_test_1
+PREHOOK: Output: default@exchange_partition_test_2
+POSTHOOK: query: alter table exchange_partition_test_2 exchange partition (b=1) with table exchange_partition_test_1
+POSTHOOK: type: ALTERTABLE_EXCHANGEPARTITION
+POSTHOOK: Input: default@exchange_partition_test_1
+POSTHOOK: Input: default@exchange_partition_test_1@b=1
+POSTHOOK: Output: default@exchange_partition_test_1@b=1
+POSTHOOK: Output: default@exchange_partition_test_2
+POSTHOOK: Output: default@exchange_partition_test_2@b=1
http://git-wip-us.apache.org/repos/asf/hive/blob/c8648aa3/ql/src/test/results/clientpositive/exchange_partition.q.out
----------------------------------------------------------------------
diff --git a/ql/src/test/results/clientpositive/exchange_partition.q.out b/ql/src/test/results/clientpositive/exchange_partition.q.out
index 0097450..7dbc6c2 100644
--- a/ql/src/test/results/clientpositive/exchange_partition.q.out
+++ b/ql/src/test/results/clientpositive/exchange_partition.q.out
@@ -62,14 +62,12 @@ PREHOOK: query: ALTER TABLE ex1.exchange_part_test1 EXCHANGE PARTITION (ds='2013
PREHOOK: type: ALTERTABLE_EXCHANGEPARTITION
PREHOOK: Input: ex2@exchange_part_test2
PREHOOK: Output: ex1@exchange_part_test1
-PREHOOK: Output: ex2@exchange_part_test2
POSTHOOK: query: ALTER TABLE ex1.exchange_part_test1 EXCHANGE PARTITION (ds='2013-04-05') WITH TABLE ex2.exchange_part_test2
POSTHOOK: type: ALTERTABLE_EXCHANGEPARTITION
POSTHOOK: Input: ex2@exchange_part_test2
POSTHOOK: Input: ex2@exchange_part_test2@ds=2013-04-05
POSTHOOK: Output: ex1@exchange_part_test1
POSTHOOK: Output: ex1@exchange_part_test1@ds=2013-04-05
-POSTHOOK: Output: ex2@exchange_part_test2
POSTHOOK: Output: ex2@exchange_part_test2@ds=2013-04-05
PREHOOK: query: SHOW PARTITIONS ex1.exchange_part_test1
PREHOOK: type: SHOWPARTITIONS
http://git-wip-us.apache.org/repos/asf/hive/blob/c8648aa3/ql/src/test/results/clientpositive/exchange_partition2.q.out
----------------------------------------------------------------------
diff --git a/ql/src/test/results/clientpositive/exchange_partition2.q.out b/ql/src/test/results/clientpositive/exchange_partition2.q.out
index ed7c956..64e6066 100644
--- a/ql/src/test/results/clientpositive/exchange_partition2.q.out
+++ b/ql/src/test/results/clientpositive/exchange_partition2.q.out
@@ -50,14 +50,12 @@ PREHOOK: query: ALTER TABLE exchange_part_test1 EXCHANGE PARTITION (ds='2013-04-
PREHOOK: type: ALTERTABLE_EXCHANGEPARTITION
PREHOOK: Input: default@exchange_part_test2
PREHOOK: Output: default@exchange_part_test1
-PREHOOK: Output: default@exchange_part_test2
POSTHOOK: query: ALTER TABLE exchange_part_test1 EXCHANGE PARTITION (ds='2013-04-05', hr='1') WITH TABLE exchange_part_test2
POSTHOOK: type: ALTERTABLE_EXCHANGEPARTITION
POSTHOOK: Input: default@exchange_part_test2
POSTHOOK: Input: default@exchange_part_test2@ds=2013-04-05/hr=1
POSTHOOK: Output: default@exchange_part_test1
POSTHOOK: Output: default@exchange_part_test1@ds=2013-04-05/hr=1
-POSTHOOK: Output: default@exchange_part_test2
POSTHOOK: Output: default@exchange_part_test2@ds=2013-04-05/hr=1
PREHOOK: query: SHOW PARTITIONS exchange_part_test1
PREHOOK: type: SHOWPARTITIONS
http://git-wip-us.apache.org/repos/asf/hive/blob/c8648aa3/ql/src/test/results/clientpositive/exchange_partition3.q.out
----------------------------------------------------------------------
diff --git a/ql/src/test/results/clientpositive/exchange_partition3.q.out b/ql/src/test/results/clientpositive/exchange_partition3.q.out
index 7e431fc..b7c62e2 100644
--- a/ql/src/test/results/clientpositive/exchange_partition3.q.out
+++ b/ql/src/test/results/clientpositive/exchange_partition3.q.out
@@ -67,7 +67,6 @@ ALTER TABLE exchange_part_test1 EXCHANGE PARTITION (ds='2013-04-05') WITH TABLE
PREHOOK: type: ALTERTABLE_EXCHANGEPARTITION
PREHOOK: Input: default@exchange_part_test2
PREHOOK: Output: default@exchange_part_test1
-PREHOOK: Output: default@exchange_part_test2
POSTHOOK: query: -- This will exchange both partitions hr=1 and hr=2
ALTER TABLE exchange_part_test1 EXCHANGE PARTITION (ds='2013-04-05') WITH TABLE exchange_part_test2
POSTHOOK: type: ALTERTABLE_EXCHANGEPARTITION
@@ -77,7 +76,6 @@ POSTHOOK: Input: default@exchange_part_test2@ds=2013-04-05/hr=2
POSTHOOK: Output: default@exchange_part_test1
POSTHOOK: Output: default@exchange_part_test1@ds=2013-04-05/hr=1
POSTHOOK: Output: default@exchange_part_test1@ds=2013-04-05/hr=2
-POSTHOOK: Output: default@exchange_part_test2
POSTHOOK: Output: default@exchange_part_test2@ds=2013-04-05/hr=1
POSTHOOK: Output: default@exchange_part_test2@ds=2013-04-05/hr=2
PREHOOK: query: SHOW PARTITIONS exchange_part_test1
http://git-wip-us.apache.org/repos/asf/hive/blob/c8648aa3/ql/src/test/results/clientpositive/exchgpartition2lel.q.out
----------------------------------------------------------------------
diff --git a/ql/src/test/results/clientpositive/exchgpartition2lel.q.out b/ql/src/test/results/clientpositive/exchgpartition2lel.q.out
index 22ec96b..69d6d88 100644
--- a/ql/src/test/results/clientpositive/exchgpartition2lel.q.out
+++ b/ql/src/test/results/clientpositive/exchgpartition2lel.q.out
@@ -114,13 +114,11 @@ POSTHOOK: Input: default@t3@d1=1/d2=1
PREHOOK: query: ALTER TABLE t2 EXCHANGE PARTITION (d1 = 1) WITH TABLE t1
PREHOOK: type: ALTERTABLE_EXCHANGEPARTITION
PREHOOK: Input: default@t1
-PREHOOK: Output: default@t1
PREHOOK: Output: default@t2
POSTHOOK: query: ALTER TABLE t2 EXCHANGE PARTITION (d1 = 1) WITH TABLE t1
POSTHOOK: type: ALTERTABLE_EXCHANGEPARTITION
POSTHOOK: Input: default@t1
POSTHOOK: Input: default@t1@d1=1
-POSTHOOK: Output: default@t1
POSTHOOK: Output: default@t1@d1=1
POSTHOOK: Output: default@t2
POSTHOOK: Output: default@t2@d1=1
@@ -146,13 +144,11 @@ POSTHOOK: Input: default@t2@d1=1
PREHOOK: query: ALTER TABLE t4 EXCHANGE PARTITION (d1 = 1, d2 = 1) WITH TABLE t3
PREHOOK: type: ALTERTABLE_EXCHANGEPARTITION
PREHOOK: Input: default@t3
-PREHOOK: Output: default@t3
PREHOOK: Output: default@t4
POSTHOOK: query: ALTER TABLE t4 EXCHANGE PARTITION (d1 = 1, d2 = 1) WITH TABLE t3
POSTHOOK: type: ALTERTABLE_EXCHANGEPARTITION
POSTHOOK: Input: default@t3
POSTHOOK: Input: default@t3@d1=1/d2=1
-POSTHOOK: Output: default@t3
POSTHOOK: Output: default@t3@d1=1/d2=1
POSTHOOK: Output: default@t4
POSTHOOK: Output: default@t4@d1=1/d2=1
@@ -178,13 +174,11 @@ POSTHOOK: Input: default@t4@d1=1/d2=1
PREHOOK: query: ALTER TABLE t6 EXCHANGE PARTITION (d1 = 1, d2 = 1, d3 = 1) WITH TABLE t5
PREHOOK: type: ALTERTABLE_EXCHANGEPARTITION
PREHOOK: Input: default@t5
-PREHOOK: Output: default@t5
PREHOOK: Output: default@t6
POSTHOOK: query: ALTER TABLE t6 EXCHANGE PARTITION (d1 = 1, d2 = 1, d3 = 1) WITH TABLE t5
POSTHOOK: type: ALTERTABLE_EXCHANGEPARTITION
POSTHOOK: Input: default@t5
POSTHOOK: Input: default@t5@d1=1/d2=1/d3=1
-POSTHOOK: Output: default@t5
POSTHOOK: Output: default@t5@d1=1/d2=1/d3=1
POSTHOOK: Output: default@t6
POSTHOOK: Output: default@t6@d1=1/d2=1/d3=1