You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hive.apache.org by mg...@apache.org on 2019/09/13 21:56:54 UTC
[hive] branch master updated: HIVE-22194 Break up
DDLSemanticAnalyzer - extract Privilege related analyzers (Miklos Gergely
reviewed by Jesus Camacho Rodriguez)
This is an automated email from the ASF dual-hosted git repository.
mgergely pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/hive.git
The following commit(s) were added to refs/heads/master by this push:
new 396c161 HIVE-22194 Break up DDLSemanticAnalyzer - extract Privilege related analyzers (Miklos Gergely reviewed by Jesus Camacho Rodriguez)
396c161 is described below
commit 396c1617429d1d0a6ae5e89761bd55bee0a0ab78
Author: miklosgergely <mg...@cloudera.com>
AuthorDate: Sun Sep 8 14:44:56 2019 +0200
HIVE-22194 Break up DDLSemanticAnalyzer - extract Privilege related analyzers (Miklos Gergely reviewed by Jesus Camacho Rodriguez)
---
.../hive/ql/ddl/DDLSemanticAnalyzerFactory.java | 16 ++
.../hive/ql/ddl/database/alter/package-info.java | 2 +-
.../ddl/privilege/AbstractPrivilegeAnalyzer.java | 64 ++++++++
.../hive/ql/ddl/privilege/PrivilegeUtils.java | 8 +-
.../hive/ql/ddl/privilege/grant/GrantAnalyzer.java | 53 +++++++
.../ql/ddl/privilege/{ => grant}/GrantDesc.java | 5 +-
.../ddl/privilege/{ => grant}/GrantOperation.java | 3 +-
.../alter => privilege/grant}/package-info.java | 4 +-
.../ql/ddl/privilege/revoke/RevokeAnalyzer.java | 53 +++++++
.../ql/ddl/privilege/{ => revoke}/RevokeDesc.java | 5 +-
.../privilege/{ => revoke}/RevokeOperation.java | 3 +-
.../alter => privilege/revoke}/package-info.java | 4 +-
.../privilege/role/create/CreateRoleAnalyzer.java | 53 +++++++
.../{ => role/create}/CreateRoleDesc.java | 2 +-
.../{ => role/create}/CreateRoleOperation.java | 4 +-
.../role/create}/package-info.java | 4 +-
.../ddl/privilege/role/drop/DropRoleAnalyzer.java | 53 +++++++
.../privilege/{ => role/drop}/DropRoleDesc.java | 2 +-
.../{ => role/drop}/DropRoleOperation.java | 4 +-
.../role/drop}/package-info.java | 4 +-
.../privilege/role/grant/GrantRoleAnalyzer.java | 53 +++++++
.../privilege/{ => role/grant}/GrantRoleDesc.java | 3 +-
.../{ => role/grant}/GrantRoleOperation.java | 3 +-
.../role/grant}/package-info.java | 4 +-
.../privilege/role/revoke/RevokeRoleAnalyzer.java | 53 +++++++
.../{ => role/revoke}/RevokeRoleDesc.java | 3 +-
.../{ => role/revoke}/RevokeRoleOperation.java | 3 +-
.../role/revoke}/package-info.java | 4 +-
.../ql/ddl/privilege/role/set/SetRoleAnalyzer.java | 51 ++++++
.../ddl/privilege/{ => role/set}/SetRoleDesc.java | 2 +-
.../privilege/{ => role/set}/SetRoleOperation.java | 4 +-
.../alter => privilege/role/set}/package-info.java | 5 +-
.../role/show/ShowCurrentRoleAnalyzer.java | 58 +++++++
.../{ => role/show}/ShowCurrentRoleDesc.java | 2 +-
.../{ => role/show}/ShowCurrentRoleOperation.java | 3 +-
.../ddl/privilege/role/show/ShowRolesAnalyzer.java | 58 +++++++
.../privilege/{ => role/show}/ShowRolesDesc.java | 2 +-
.../{ => role/show}/ShowRolesOperation.java | 3 +-
.../role/show}/package-info.java | 4 +-
.../privilege/show/grant/ShowGrantAnalyzer.java | 57 +++++++
.../privilege/{ => show/grant}/ShowGrantDesc.java | 4 +-
.../{ => show/grant}/ShowGrantOperation.java | 3 +-
.../show/grant}/package-info.java | 4 +-
.../show/principals/ShowPrincipalsAnalyzer.java | 58 +++++++
.../{ => show/principals}/ShowPrincipalsDesc.java | 2 +-
.../principals}/ShowPrincipalsOperation.java | 3 +-
.../show/principals}/package-info.java | 4 +-
.../show/rolegrant/ShowRoleGrantAnalyzer.java | 58 +++++++
.../{ => show/rolegrant}/ShowRoleGrantDesc.java | 2 +-
.../rolegrant}/ShowRoleGrantOperation.java | 3 +-
.../show/rolegrant}/package-info.java | 4 +-
.../hadoop/hive/ql/parse/DDLSemanticAnalyzer.java | 172 ---------------------
.../org/apache/hadoop/hive/ql/parse/HiveParser.g | 11 +-
.../hive/ql/parse/SemanticAnalyzerFactory.java | 11 --
.../HiveAuthorizationTaskFactoryImpl.java | 24 +--
.../apache/hadoop/hive/ql/plan/HiveOperation.java | 5 +-
.../parse/authorization/AuthorizationTestUtil.java | 7 +-
.../ql/parse/authorization/PrivilegesTestBase.java | 2 +-
.../TestHiveAuthorizationTaskFactory.java | 16 +-
59 files changed, 848 insertions(+), 266 deletions(-)
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/DDLSemanticAnalyzerFactory.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/DDLSemanticAnalyzerFactory.java
index bc93d75..efbd90f 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/DDLSemanticAnalyzerFactory.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/DDLSemanticAnalyzerFactory.java
@@ -26,10 +26,13 @@ import java.util.Map;
import java.util.Set;
import org.apache.hadoop.hive.ql.QueryState;
+import org.apache.hadoop.hive.ql.metadata.Hive;
import org.apache.hadoop.hive.ql.parse.ASTNode;
import org.apache.hadoop.hive.ql.parse.BaseSemanticAnalyzer;
import org.reflections.Reflections;
+import com.google.common.annotations.VisibleForTesting;
+
/**
* Manages the DDL command analyzers.
*/
@@ -75,4 +78,17 @@ public final class DDLSemanticAnalyzerFactory {
throw new RuntimeException(e);
}
}
+
+ @VisibleForTesting
+ public static BaseSemanticAnalyzer getAnalyzer(ASTNode root, QueryState queryState, Hive db) {
+ Class<? extends BaseSemanticAnalyzer> analyzerClass = TYPE_TO_ANALYZER.get(root.getType());
+ try {
+ BaseSemanticAnalyzer analyzer =
+ analyzerClass.getConstructor(QueryState.class, Hive.class).newInstance(queryState, db);
+ return analyzer;
+ } catch (Exception e) {
+ e.printStackTrace();
+ throw new RuntimeException(e);
+ }
+ }
}
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java
index ef16275..1c78014 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java
@@ -16,5 +16,5 @@
* limitations under the License.
*/
-/** Alter Database DDL operation descriptions and operations. */
+/** Alter Database DDL operations. */
package org.apache.hadoop.hive.ql.ddl.database.alter;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/AbstractPrivilegeAnalyzer.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/AbstractPrivilegeAnalyzer.java
new file mode 100644
index 0000000..f6e5256
--- /dev/null
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/AbstractPrivilegeAnalyzer.java
@@ -0,0 +1,64 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.hadoop.hive.ql.ddl.privilege;
+
+import java.lang.reflect.Constructor;
+
+import org.apache.hadoop.hive.conf.HiveConf;
+import org.apache.hadoop.hive.ql.QueryState;
+import org.apache.hadoop.hive.ql.metadata.Hive;
+import org.apache.hadoop.hive.ql.parse.BaseSemanticAnalyzer;
+import org.apache.hadoop.hive.ql.parse.SemanticException;
+import org.apache.hadoop.hive.ql.parse.authorization.HiveAuthorizationTaskFactory;
+import org.apache.hadoop.hive.ql.parse.authorization.HiveAuthorizationTaskFactoryImpl;
+
+import com.google.common.annotations.VisibleForTesting;
+
+/**
+ * Abstract analyzer for all privilege related commands.
+ */
+public abstract class AbstractPrivilegeAnalyzer extends BaseSemanticAnalyzer {
+ protected final HiveAuthorizationTaskFactory hiveAuthorizationTaskFactory;
+
+ public AbstractPrivilegeAnalyzer(QueryState queryState) throws SemanticException {
+ super(queryState);
+ hiveAuthorizationTaskFactory = createAuthorizationTaskFactory(conf, db);
+ }
+
+ @VisibleForTesting
+ public AbstractPrivilegeAnalyzer(QueryState queryState, Hive db) throws SemanticException {
+ super(queryState, db);
+ hiveAuthorizationTaskFactory = createAuthorizationTaskFactory(conf, db);
+ }
+
+ private HiveAuthorizationTaskFactory createAuthorizationTaskFactory(HiveConf conf, Hive db) {
+ Class<? extends HiveAuthorizationTaskFactory> authProviderClass = conf.getClass(
+ HiveConf.ConfVars.HIVE_AUTHORIZATION_TASK_FACTORY.varname, HiveAuthorizationTaskFactoryImpl.class,
+ HiveAuthorizationTaskFactory.class);
+
+ try {
+ Constructor<? extends HiveAuthorizationTaskFactory> constructor =
+ authProviderClass.getConstructor(HiveConf.class, Hive.class);
+ return constructor.newInstance(conf, db);
+ } catch (Exception e) {
+ throw new IllegalStateException(
+ "Unable to create instance of " + authProviderClass.getName() + ": " + e.getMessage(), e);
+ }
+ }
+}
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/PrivilegeUtils.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/PrivilegeUtils.java
index ad43145..f0e38d5 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/PrivilegeUtils.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/PrivilegeUtils.java
@@ -35,12 +35,12 @@ import org.apache.hadoop.hive.ql.session.SessionState;
/**
* Common utilities for Privilege related ddl operations.
*/
-final class PrivilegeUtils {
+public final class PrivilegeUtils {
private PrivilegeUtils() {
throw new UnsupportedOperationException("PrivilegeUtils should not be instantiated");
}
- static HiveAuthorizer getSessionAuthorizer(HiveConf conf) {
+ public static HiveAuthorizer getSessionAuthorizer(HiveConf conf) {
HiveAuthorizer authorizer = SessionState.get().getAuthorizerV2();
if (authorizer == null) {
authorizer = new HiveV1Authorizer(conf);
@@ -49,7 +49,7 @@ final class PrivilegeUtils {
return authorizer;
}
- static void writeListToFileAfterSort(List<String> entries, String resFile, DDLOperationContext context)
+ public static void writeListToFileAfterSort(List<String> entries, String resFile, DDLOperationContext context)
throws IOException {
Collections.sort(entries);
@@ -64,7 +64,7 @@ final class PrivilegeUtils {
private static final HiveAuthorizationTranslator DEFAULT_AUTHORIZATION_TRANSLATOR =
new DefaultHiveAuthorizationTranslator();
- static HiveAuthorizationTranslator getAuthorizationTranslator(HiveAuthorizer authorizer)
+ public static HiveAuthorizationTranslator getAuthorizationTranslator(HiveAuthorizer authorizer)
throws HiveAuthzPluginException {
if (authorizer.getHiveAuthorizationTranslator() == null) {
return DEFAULT_AUTHORIZATION_TRANSLATOR;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/grant/GrantAnalyzer.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/grant/GrantAnalyzer.java
new file mode 100644
index 0000000..c16609b
--- /dev/null
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/grant/GrantAnalyzer.java
@@ -0,0 +1,53 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.hadoop.hive.ql.ddl.privilege.grant;
+
+import org.apache.hadoop.hive.ql.QueryState;
+import org.apache.hadoop.hive.ql.exec.Task;
+import org.apache.hadoop.hive.ql.metadata.Hive;
+import org.apache.hadoop.hive.ql.ddl.DDLSemanticAnalyzerFactory.DDLType;
+import org.apache.hadoop.hive.ql.ddl.privilege.AbstractPrivilegeAnalyzer;
+import org.apache.hadoop.hive.ql.parse.ASTNode;
+import org.apache.hadoop.hive.ql.parse.HiveParser;
+import org.apache.hadoop.hive.ql.parse.SemanticException;
+
+import com.google.common.annotations.VisibleForTesting;
+
+/**
+ * Analyzer for granting commands.
+ */
+@DDLType(type=HiveParser.TOK_GRANT)
+public class GrantAnalyzer extends AbstractPrivilegeAnalyzer {
+ public GrantAnalyzer(QueryState queryState) throws SemanticException {
+ super(queryState);
+ }
+
+ @VisibleForTesting
+ public GrantAnalyzer(QueryState queryState, Hive db) throws SemanticException {
+ super(queryState, db);
+ }
+
+ @Override
+ public void analyzeInternal(ASTNode root) throws SemanticException {
+ Task<?> task = hiveAuthorizationTaskFactory.createGrantTask(root, getInputs(), getOutputs());
+ if (task != null) {
+ rootTasks.add(task);
+ }
+ }
+}
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/GrantDesc.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/grant/GrantDesc.java
similarity index 91%
rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/GrantDesc.java
rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/grant/GrantDesc.java
index 7182bd3..2f235f4 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/GrantDesc.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/grant/GrantDesc.java
@@ -16,13 +16,16 @@
* limitations under the License.
*/
-package org.apache.hadoop.hive.ql.ddl.privilege;
+package org.apache.hadoop.hive.ql.ddl.privilege.grant;
import java.io.Serializable;
import java.util.List;
import org.apache.hadoop.hive.metastore.api.PrincipalType;
import org.apache.hadoop.hive.ql.ddl.DDLDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeObjectDesc;
import org.apache.hadoop.hive.ql.plan.Explain;
import org.apache.hadoop.hive.ql.plan.Explain.Level;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/GrantOperation.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/grant/GrantOperation.java
similarity index 95%
rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/GrantOperation.java
rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/grant/GrantOperation.java
index 363e45a..1216298 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/GrantOperation.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/grant/GrantOperation.java
@@ -16,9 +16,10 @@
* limitations under the License.
*/
-package org.apache.hadoop.hive.ql.ddl.privilege;
+package org.apache.hadoop.hive.ql.ddl.privilege.grant;
import org.apache.hadoop.hive.ql.ddl.DDLOperationContext;
+import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeUtils;
import java.util.List;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/grant/package-info.java
similarity index 87%
copy from ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java
copy to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/grant/package-info.java
index ef16275..e08339b 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/grant/package-info.java
@@ -16,5 +16,5 @@
* limitations under the License.
*/
-/** Alter Database DDL operation descriptions and operations. */
-package org.apache.hadoop.hive.ql.ddl.database.alter;
+/** Granting DDL operation. */
+package org.apache.hadoop.hive.ql.ddl.privilege.grant;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/revoke/RevokeAnalyzer.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/revoke/RevokeAnalyzer.java
new file mode 100644
index 0000000..8fe1611
--- /dev/null
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/revoke/RevokeAnalyzer.java
@@ -0,0 +1,53 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.hadoop.hive.ql.ddl.privilege.revoke;
+
+import org.apache.hadoop.hive.ql.QueryState;
+import org.apache.hadoop.hive.ql.exec.Task;
+import org.apache.hadoop.hive.ql.metadata.Hive;
+import org.apache.hadoop.hive.ql.ddl.DDLSemanticAnalyzerFactory.DDLType;
+import org.apache.hadoop.hive.ql.ddl.privilege.AbstractPrivilegeAnalyzer;
+import org.apache.hadoop.hive.ql.parse.ASTNode;
+import org.apache.hadoop.hive.ql.parse.HiveParser;
+import org.apache.hadoop.hive.ql.parse.SemanticException;
+
+import com.google.common.annotations.VisibleForTesting;
+
+/**
+ * Analyzer for revoke commands.
+ */
+@DDLType(type=HiveParser.TOK_REVOKE)
+public class RevokeAnalyzer extends AbstractPrivilegeAnalyzer {
+ public RevokeAnalyzer(QueryState queryState) throws SemanticException {
+ super(queryState);
+ }
+
+ @VisibleForTesting
+ public RevokeAnalyzer(QueryState queryState, Hive db) throws SemanticException {
+ super(queryState, db);
+ }
+
+ @Override
+ public void analyzeInternal(ASTNode root) throws SemanticException {
+ Task<?> task = hiveAuthorizationTaskFactory.createRevokeTask(root, getInputs(), getOutputs());
+ if (task != null) {
+ rootTasks.add(task);
+ }
+ }
+}
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/RevokeDesc.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/revoke/RevokeDesc.java
similarity index 90%
rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/RevokeDesc.java
rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/revoke/RevokeDesc.java
index f0e3021..8a61a02 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/RevokeDesc.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/revoke/RevokeDesc.java
@@ -16,12 +16,15 @@
* limitations under the License.
*/
-package org.apache.hadoop.hive.ql.ddl.privilege;
+package org.apache.hadoop.hive.ql.ddl.privilege.revoke;
import java.io.Serializable;
import java.util.List;
import org.apache.hadoop.hive.ql.ddl.DDLDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeObjectDesc;
import org.apache.hadoop.hive.ql.plan.Explain;
import org.apache.hadoop.hive.ql.plan.Explain.Level;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/RevokeOperation.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/revoke/RevokeOperation.java
similarity index 95%
rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/RevokeOperation.java
rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/revoke/RevokeOperation.java
index 5bd7cda..0d7839c 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/RevokeOperation.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/revoke/RevokeOperation.java
@@ -16,9 +16,10 @@
* limitations under the License.
*/
-package org.apache.hadoop.hive.ql.ddl.privilege;
+package org.apache.hadoop.hive.ql.ddl.privilege.revoke;
import org.apache.hadoop.hive.ql.ddl.DDLOperationContext;
+import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeUtils;
import java.util.List;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/revoke/package-info.java
similarity index 87%
copy from ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java
copy to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/revoke/package-info.java
index ef16275..5e37b69 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/revoke/package-info.java
@@ -16,5 +16,5 @@
* limitations under the License.
*/
-/** Alter Database DDL operation descriptions and operations. */
-package org.apache.hadoop.hive.ql.ddl.database.alter;
+/** Revoking DDL operation. */
+package org.apache.hadoop.hive.ql.ddl.privilege.revoke;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/create/CreateRoleAnalyzer.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/create/CreateRoleAnalyzer.java
new file mode 100644
index 0000000..d4975d1
--- /dev/null
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/create/CreateRoleAnalyzer.java
@@ -0,0 +1,53 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.hadoop.hive.ql.ddl.privilege.role.create;
+
+import org.apache.hadoop.hive.ql.QueryState;
+import org.apache.hadoop.hive.ql.exec.Task;
+import org.apache.hadoop.hive.ql.metadata.Hive;
+import org.apache.hadoop.hive.ql.ddl.DDLSemanticAnalyzerFactory.DDLType;
+import org.apache.hadoop.hive.ql.ddl.privilege.AbstractPrivilegeAnalyzer;
+import org.apache.hadoop.hive.ql.parse.ASTNode;
+import org.apache.hadoop.hive.ql.parse.HiveParser;
+import org.apache.hadoop.hive.ql.parse.SemanticException;
+
+import com.google.common.annotations.VisibleForTesting;
+
+/**
+ * Analyzer for role creation commands.
+ */
+@DDLType(type=HiveParser.TOK_CREATEROLE)
+public class CreateRoleAnalyzer extends AbstractPrivilegeAnalyzer {
+ public CreateRoleAnalyzer(QueryState queryState) throws SemanticException {
+ super(queryState);
+ }
+
+ @VisibleForTesting
+ public CreateRoleAnalyzer(QueryState queryState, Hive db) throws SemanticException {
+ super(queryState, db);
+ }
+
+ @Override
+ public void analyzeInternal(ASTNode root) throws SemanticException {
+ Task<?> task = hiveAuthorizationTaskFactory.createCreateRoleTask(root, getInputs(), getOutputs());
+ if (task != null) {
+ rootTasks.add(task);
+ }
+ }
+}
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/CreateRoleDesc.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/create/CreateRoleDesc.java
similarity index 96%
rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/CreateRoleDesc.java
rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/create/CreateRoleDesc.java
index 4c2e1dd..7a5df3e 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/CreateRoleDesc.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/create/CreateRoleDesc.java
@@ -16,7 +16,7 @@
* limitations under the License.
*/
-package org.apache.hadoop.hive.ql.ddl.privilege;
+package org.apache.hadoop.hive.ql.ddl.privilege.role.create;
import java.io.Serializable;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/CreateRoleOperation.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/create/CreateRoleOperation.java
similarity index 92%
rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/CreateRoleOperation.java
rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/create/CreateRoleOperation.java
index e09ba64..3bc4930 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/CreateRoleOperation.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/create/CreateRoleOperation.java
@@ -16,10 +16,10 @@
* limitations under the License.
*/
-package org.apache.hadoop.hive.ql.ddl.privilege;
+package org.apache.hadoop.hive.ql.ddl.privilege.role.create;
import org.apache.hadoop.hive.ql.ddl.DDLOperationContext;
-
+import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeUtils;
import org.apache.hadoop.hive.ql.ddl.DDLOperation;
import org.apache.hadoop.hive.ql.metadata.HiveException;
import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthorizer;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/create/package-info.java
similarity index 87%
copy from ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java
copy to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/create/package-info.java
index ef16275..6e958d7 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/create/package-info.java
@@ -16,5 +16,5 @@
* limitations under the License.
*/
-/** Alter Database DDL operation descriptions and operations. */
-package org.apache.hadoop.hive.ql.ddl.database.alter;
+/** Role creation DDL operation. */
+package org.apache.hadoop.hive.ql.ddl.privilege.role.create;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/drop/DropRoleAnalyzer.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/drop/DropRoleAnalyzer.java
new file mode 100644
index 0000000..0b2a848
--- /dev/null
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/drop/DropRoleAnalyzer.java
@@ -0,0 +1,53 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.hadoop.hive.ql.ddl.privilege.role.drop;
+
+import org.apache.hadoop.hive.ql.QueryState;
+import org.apache.hadoop.hive.ql.exec.Task;
+import org.apache.hadoop.hive.ql.metadata.Hive;
+import org.apache.hadoop.hive.ql.ddl.DDLSemanticAnalyzerFactory.DDLType;
+import org.apache.hadoop.hive.ql.ddl.privilege.AbstractPrivilegeAnalyzer;
+import org.apache.hadoop.hive.ql.parse.ASTNode;
+import org.apache.hadoop.hive.ql.parse.HiveParser;
+import org.apache.hadoop.hive.ql.parse.SemanticException;
+
+import com.google.common.annotations.VisibleForTesting;
+
+/**
+ * Analyzer for role dropping commands.
+ */
+@DDLType(type=HiveParser.TOK_DROPROLE)
+public class DropRoleAnalyzer extends AbstractPrivilegeAnalyzer {
+ public DropRoleAnalyzer(QueryState queryState) throws SemanticException {
+ super(queryState);
+ }
+
+ @VisibleForTesting
+ public DropRoleAnalyzer(QueryState queryState, Hive db) throws SemanticException {
+ super(queryState, db);
+ }
+
+ @Override
+ public void analyzeInternal(ASTNode root) throws SemanticException {
+ Task<?> task = hiveAuthorizationTaskFactory.createDropRoleTask(root, getInputs(), getOutputs());
+ if (task != null) {
+ rootTasks.add(task);
+ }
+ }
+}
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/DropRoleDesc.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/drop/DropRoleDesc.java
similarity index 96%
rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/DropRoleDesc.java
rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/drop/DropRoleDesc.java
index 671a0e7..3280585 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/DropRoleDesc.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/drop/DropRoleDesc.java
@@ -16,7 +16,7 @@
* limitations under the License.
*/
-package org.apache.hadoop.hive.ql.ddl.privilege;
+package org.apache.hadoop.hive.ql.ddl.privilege.role.drop;
import java.io.Serializable;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/DropRoleOperation.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/drop/DropRoleOperation.java
similarity index 92%
rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/DropRoleOperation.java
rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/drop/DropRoleOperation.java
index 0960698..c2f8f57 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/DropRoleOperation.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/drop/DropRoleOperation.java
@@ -16,10 +16,10 @@
* limitations under the License.
*/
-package org.apache.hadoop.hive.ql.ddl.privilege;
+package org.apache.hadoop.hive.ql.ddl.privilege.role.drop;
import org.apache.hadoop.hive.ql.ddl.DDLOperationContext;
-
+import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeUtils;
import org.apache.hadoop.hive.ql.ddl.DDLOperation;
import org.apache.hadoop.hive.ql.metadata.HiveException;
import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthorizer;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/drop/package-info.java
similarity index 87%
copy from ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java
copy to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/drop/package-info.java
index ef16275..37f9eae 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/drop/package-info.java
@@ -16,5 +16,5 @@
* limitations under the License.
*/
-/** Alter Database DDL operation descriptions and operations. */
-package org.apache.hadoop.hive.ql.ddl.database.alter;
+/** Role dropping DDL operation. */
+package org.apache.hadoop.hive.ql.ddl.privilege.role.drop;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/grant/GrantRoleAnalyzer.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/grant/GrantRoleAnalyzer.java
new file mode 100644
index 0000000..d845c43
--- /dev/null
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/grant/GrantRoleAnalyzer.java
@@ -0,0 +1,53 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.hadoop.hive.ql.ddl.privilege.role.grant;
+
+import org.apache.hadoop.hive.ql.QueryState;
+import org.apache.hadoop.hive.ql.exec.Task;
+import org.apache.hadoop.hive.ql.metadata.Hive;
+import org.apache.hadoop.hive.ql.ddl.DDLSemanticAnalyzerFactory.DDLType;
+import org.apache.hadoop.hive.ql.ddl.privilege.AbstractPrivilegeAnalyzer;
+import org.apache.hadoop.hive.ql.parse.ASTNode;
+import org.apache.hadoop.hive.ql.parse.HiveParser;
+import org.apache.hadoop.hive.ql.parse.SemanticException;
+
+import com.google.common.annotations.VisibleForTesting;
+
+/**
+ * Analyzer for granting to role commands.
+ */
+@DDLType(type=HiveParser.TOK_GRANT_ROLE)
+public class GrantRoleAnalyzer extends AbstractPrivilegeAnalyzer {
+ public GrantRoleAnalyzer(QueryState queryState) throws SemanticException {
+ super(queryState);
+ }
+
+ @VisibleForTesting
+ public GrantRoleAnalyzer(QueryState queryState, Hive db) throws SemanticException {
+ super(queryState, db);
+ }
+
+ @Override
+ public void analyzeInternal(ASTNode root) throws SemanticException {
+ Task<?> task = hiveAuthorizationTaskFactory.createGrantRoleTask(root, getInputs(), getOutputs());
+ if (task != null) {
+ rootTasks.add(task);
+ }
+ }
+}
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/GrantRoleDesc.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/grant/GrantRoleDesc.java
similarity index 94%
rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/GrantRoleDesc.java
rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/grant/GrantRoleDesc.java
index ec12154..3794a70 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/GrantRoleDesc.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/grant/GrantRoleDesc.java
@@ -16,11 +16,12 @@
* limitations under the License.
*/
-package org.apache.hadoop.hive.ql.ddl.privilege;
+package org.apache.hadoop.hive.ql.ddl.privilege.role.grant;
import java.util.List;
import org.apache.hadoop.hive.ql.ddl.DDLDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc;
import org.apache.hadoop.hive.ql.plan.Explain;
import org.apache.hadoop.hive.ql.plan.Explain.Level;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/GrantRoleOperation.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/grant/GrantRoleOperation.java
similarity index 94%
rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/GrantRoleOperation.java
rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/grant/GrantRoleOperation.java
index 4413906..a8d6a92 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/GrantRoleOperation.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/grant/GrantRoleOperation.java
@@ -16,9 +16,10 @@
* limitations under the License.
*/
-package org.apache.hadoop.hive.ql.ddl.privilege;
+package org.apache.hadoop.hive.ql.ddl.privilege.role.grant;
import org.apache.hadoop.hive.ql.ddl.DDLOperationContext;
+import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeUtils;
import java.util.List;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/grant/package-info.java
similarity index 87%
copy from ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java
copy to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/grant/package-info.java
index ef16275..68b215a 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/grant/package-info.java
@@ -16,5 +16,5 @@
* limitations under the License.
*/
-/** Alter Database DDL operation descriptions and operations. */
-package org.apache.hadoop.hive.ql.ddl.database.alter;
+/** Granting to role DDL operation. */
+package org.apache.hadoop.hive.ql.ddl.privilege.role.grant;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/revoke/RevokeRoleAnalyzer.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/revoke/RevokeRoleAnalyzer.java
new file mode 100644
index 0000000..21f71cb
--- /dev/null
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/revoke/RevokeRoleAnalyzer.java
@@ -0,0 +1,53 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.hadoop.hive.ql.ddl.privilege.role.revoke;
+
+import org.apache.hadoop.hive.ql.QueryState;
+import org.apache.hadoop.hive.ql.exec.Task;
+import org.apache.hadoop.hive.ql.metadata.Hive;
+import org.apache.hadoop.hive.ql.ddl.DDLSemanticAnalyzerFactory.DDLType;
+import org.apache.hadoop.hive.ql.ddl.privilege.AbstractPrivilegeAnalyzer;
+import org.apache.hadoop.hive.ql.parse.ASTNode;
+import org.apache.hadoop.hive.ql.parse.HiveParser;
+import org.apache.hadoop.hive.ql.parse.SemanticException;
+
+import com.google.common.annotations.VisibleForTesting;
+
+/**
+ * Analyzer for revoking from role commands.
+ */
+@DDLType(type=HiveParser.TOK_REVOKE_ROLE)
+public class RevokeRoleAnalyzer extends AbstractPrivilegeAnalyzer {
+ public RevokeRoleAnalyzer(QueryState queryState) throws SemanticException {
+ super(queryState);
+ }
+
+ @VisibleForTesting
+ public RevokeRoleAnalyzer(QueryState queryState, Hive db) throws SemanticException {
+ super(queryState, db);
+ }
+
+ @Override
+ public void analyzeInternal(ASTNode root) throws SemanticException {
+ Task<?> task = hiveAuthorizationTaskFactory.createRevokeRoleTask(root, getInputs(), getOutputs());
+ if (task != null) {
+ rootTasks.add(task);
+ }
+ }
+}
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/RevokeRoleDesc.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/revoke/RevokeRoleDesc.java
similarity index 94%
rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/RevokeRoleDesc.java
rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/revoke/RevokeRoleDesc.java
index 5282789..7871303 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/RevokeRoleDesc.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/revoke/RevokeRoleDesc.java
@@ -16,11 +16,12 @@
* limitations under the License.
*/
-package org.apache.hadoop.hive.ql.ddl.privilege;
+package org.apache.hadoop.hive.ql.ddl.privilege.role.revoke;
import java.util.List;
import org.apache.hadoop.hive.ql.ddl.DDLDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc;
import org.apache.hadoop.hive.ql.plan.Explain;
import org.apache.hadoop.hive.ql.plan.Explain.Level;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/RevokeRoleOperation.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/revoke/RevokeRoleOperation.java
similarity index 94%
rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/RevokeRoleOperation.java
rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/revoke/RevokeRoleOperation.java
index 4828dc8..71d2ad0 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/RevokeRoleOperation.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/revoke/RevokeRoleOperation.java
@@ -16,9 +16,10 @@
* limitations under the License.
*/
-package org.apache.hadoop.hive.ql.ddl.privilege;
+package org.apache.hadoop.hive.ql.ddl.privilege.role.revoke;
import org.apache.hadoop.hive.ql.ddl.DDLOperationContext;
+import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeUtils;
import java.util.List;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/revoke/package-info.java
similarity index 87%
copy from ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java
copy to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/revoke/package-info.java
index ef16275..89213a6 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/revoke/package-info.java
@@ -16,5 +16,5 @@
* limitations under the License.
*/
-/** Alter Database DDL operation descriptions and operations. */
-package org.apache.hadoop.hive.ql.ddl.database.alter;
+/** Revoking from role DDL operation. */
+package org.apache.hadoop.hive.ql.ddl.privilege.role.revoke;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/set/SetRoleAnalyzer.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/set/SetRoleAnalyzer.java
new file mode 100644
index 0000000..39d887c
--- /dev/null
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/set/SetRoleAnalyzer.java
@@ -0,0 +1,51 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.hadoop.hive.ql.ddl.privilege.role.set;
+
+import org.apache.hadoop.hive.ql.QueryState;
+import org.apache.hadoop.hive.ql.ddl.DDLSemanticAnalyzerFactory.DDLType;
+import org.apache.hadoop.hive.ql.ddl.privilege.AbstractPrivilegeAnalyzer;
+import org.apache.hadoop.hive.ql.metadata.Hive;
+import org.apache.hadoop.hive.ql.parse.ASTNode;
+import org.apache.hadoop.hive.ql.parse.BaseSemanticAnalyzer;
+import org.apache.hadoop.hive.ql.parse.HiveParser;
+import org.apache.hadoop.hive.ql.parse.SemanticException;
+
+import com.google.common.annotations.VisibleForTesting;
+
+/**
+ * Analyzer for setting a role commands.
+ */
+@DDLType(type=HiveParser.TOK_SET_ROLE)
+public class SetRoleAnalyzer extends AbstractPrivilegeAnalyzer {
+ public SetRoleAnalyzer(QueryState queryState) throws SemanticException {
+ super(queryState);
+ }
+
+ @VisibleForTesting
+ public SetRoleAnalyzer(QueryState queryState, Hive db) throws SemanticException {
+ super(queryState, db);
+ }
+
+ @Override
+ public void analyzeInternal(ASTNode root) throws SemanticException {
+ String roleName = BaseSemanticAnalyzer.unescapeIdentifier(root.getChild(0).getText());
+ rootTasks.add(hiveAuthorizationTaskFactory.createSetRoleTask(roleName, getInputs(), getOutputs()));
+ }
+}
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/SetRoleDesc.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/set/SetRoleDesc.java
similarity index 96%
rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/SetRoleDesc.java
rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/set/SetRoleDesc.java
index 124fd1d..417cd94 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/SetRoleDesc.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/set/SetRoleDesc.java
@@ -16,7 +16,7 @@
* limitations under the License.
*/
-package org.apache.hadoop.hive.ql.ddl.privilege;
+package org.apache.hadoop.hive.ql.ddl.privilege.role.set;
import java.io.Serializable;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/SetRoleOperation.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/set/SetRoleOperation.java
similarity index 92%
rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/SetRoleOperation.java
rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/set/SetRoleOperation.java
index 8169175..4e43865 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/SetRoleOperation.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/set/SetRoleOperation.java
@@ -16,10 +16,10 @@
* limitations under the License.
*/
-package org.apache.hadoop.hive.ql.ddl.privilege;
+package org.apache.hadoop.hive.ql.ddl.privilege.role.set;
import org.apache.hadoop.hive.ql.ddl.DDLOperationContext;
-
+import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeUtils;
import org.apache.hadoop.hive.ql.ddl.DDLOperation;
import org.apache.hadoop.hive.ql.metadata.HiveException;
import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthorizer;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/set/package-info.java
similarity index 87%
copy from ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java
copy to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/set/package-info.java
index ef16275..9223f82 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/set/package-info.java
@@ -16,5 +16,6 @@
* limitations under the License.
*/
-/** Alter Database DDL operation descriptions and operations. */
-package org.apache.hadoop.hive.ql.ddl.database.alter;
+/** Setting role DDL operation.
+ */
+package org.apache.hadoop.hive.ql.ddl.privilege.role.set;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowCurrentRoleAnalyzer.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowCurrentRoleAnalyzer.java
new file mode 100644
index 0000000..f4f8437
--- /dev/null
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowCurrentRoleAnalyzer.java
@@ -0,0 +1,58 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.hadoop.hive.ql.ddl.privilege.role.show;
+
+import java.io.Serializable;
+
+import org.apache.hadoop.hive.ql.QueryState;
+import org.apache.hadoop.hive.ql.exec.Task;
+import org.apache.hadoop.hive.ql.metadata.Hive;
+import org.apache.hadoop.hive.ql.ddl.DDLSemanticAnalyzerFactory.DDLType;
+import org.apache.hadoop.hive.ql.ddl.privilege.AbstractPrivilegeAnalyzer;
+import org.apache.hadoop.hive.ql.parse.ASTNode;
+import org.apache.hadoop.hive.ql.parse.HiveParser;
+import org.apache.hadoop.hive.ql.parse.SemanticException;
+
+import com.google.common.annotations.VisibleForTesting;
+
+/**
+ * Analyzer for showing the current role command.
+ */
+@DDLType(type=HiveParser.TOK_SHOW_CURRENT_ROLE)
+public class ShowCurrentRoleAnalyzer extends AbstractPrivilegeAnalyzer {
+ public ShowCurrentRoleAnalyzer(QueryState queryState) throws SemanticException {
+ super(queryState);
+ }
+
+ @VisibleForTesting
+ public ShowCurrentRoleAnalyzer(QueryState queryState, Hive db) throws SemanticException {
+ super(queryState, db);
+ }
+
+ @Override
+ public void analyzeInternal(ASTNode root) throws SemanticException {
+ ctx.setResFile(ctx.getLocalTmpPath());
+ Task<? extends Serializable> task =
+ hiveAuthorizationTaskFactory.createShowCurrentRoleTask(getInputs(), getOutputs(), ctx.getResFile());
+ rootTasks.add(task);
+
+ task.setFetchSource(true);
+ setFetchTask(createFetchTask(ShowRolesDesc.SCHEMA));
+ }
+}
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowCurrentRoleDesc.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowCurrentRoleDesc.java
similarity index 96%
rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowCurrentRoleDesc.java
rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowCurrentRoleDesc.java
index 53743cd..d13af74 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowCurrentRoleDesc.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowCurrentRoleDesc.java
@@ -16,7 +16,7 @@
* limitations under the License.
*/
-package org.apache.hadoop.hive.ql.ddl.privilege;
+package org.apache.hadoop.hive.ql.ddl.privilege.role.show;
import java.io.Serializable;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowCurrentRoleOperation.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowCurrentRoleOperation.java
similarity index 93%
rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowCurrentRoleOperation.java
rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowCurrentRoleOperation.java
index 7f70bae..e843a4e 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowCurrentRoleOperation.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowCurrentRoleOperation.java
@@ -16,9 +16,10 @@
* limitations under the License.
*/
-package org.apache.hadoop.hive.ql.ddl.privilege;
+package org.apache.hadoop.hive.ql.ddl.privilege.role.show;
import org.apache.hadoop.hive.ql.ddl.DDLOperationContext;
+import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeUtils;
import java.io.IOException;
import java.util.List;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowRolesAnalyzer.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowRolesAnalyzer.java
new file mode 100644
index 0000000..20860fd
--- /dev/null
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowRolesAnalyzer.java
@@ -0,0 +1,58 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.hadoop.hive.ql.ddl.privilege.role.show;
+
+import org.apache.hadoop.hive.ql.QueryState;
+import org.apache.hadoop.hive.ql.exec.Task;
+import org.apache.hadoop.hive.ql.metadata.Hive;
+import org.apache.hadoop.hive.ql.ddl.DDLSemanticAnalyzerFactory.DDLType;
+import org.apache.hadoop.hive.ql.ddl.privilege.AbstractPrivilegeAnalyzer;
+import org.apache.hadoop.hive.ql.parse.ASTNode;
+import org.apache.hadoop.hive.ql.parse.HiveParser;
+import org.apache.hadoop.hive.ql.parse.SemanticException;
+
+import com.google.common.annotations.VisibleForTesting;
+
+/**
+ * Analyzer for showing roles commands.
+ */
+@DDLType(type=HiveParser.TOK_SHOW_ROLES)
+public class ShowRolesAnalyzer extends AbstractPrivilegeAnalyzer {
+ public ShowRolesAnalyzer(QueryState queryState) throws SemanticException {
+ super(queryState);
+ }
+
+ @VisibleForTesting
+ public ShowRolesAnalyzer(QueryState queryState, Hive db) throws SemanticException {
+ super(queryState, db);
+ }
+
+ @Override
+ public void analyzeInternal(ASTNode root) throws SemanticException {
+ ctx.setResFile(ctx.getLocalTmpPath());
+ Task<?> task = hiveAuthorizationTaskFactory.createShowRolesTask(root, ctx.getResFile(), getInputs(),
+ getOutputs());
+ if (task != null) {
+ rootTasks.add(task);
+
+ task.setFetchSource(true);
+ setFetchTask(createFetchTask(ShowRolesDesc.SCHEMA));
+ }
+ }
+}
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowRolesDesc.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowRolesDesc.java
similarity index 96%
rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowRolesDesc.java
rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowRolesDesc.java
index d4eeba4..d78a3d2 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowRolesDesc.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowRolesDesc.java
@@ -16,7 +16,7 @@
* limitations under the License.
*/
-package org.apache.hadoop.hive.ql.ddl.privilege;
+package org.apache.hadoop.hive.ql.ddl.privilege.role.show;
import java.io.Serializable;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowRolesOperation.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowRolesOperation.java
similarity index 93%
rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowRolesOperation.java
rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowRolesOperation.java
index 412e0ec..97797a6 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowRolesOperation.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/ShowRolesOperation.java
@@ -16,9 +16,10 @@
* limitations under the License.
*/
-package org.apache.hadoop.hive.ql.ddl.privilege;
+package org.apache.hadoop.hive.ql.ddl.privilege.role.show;
import org.apache.hadoop.hive.ql.ddl.DDLOperationContext;
+import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeUtils;
import java.io.IOException;
import java.util.List;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/package-info.java
similarity index 87%
copy from ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java
copy to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/package-info.java
index ef16275..cb4f169 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/role/show/package-info.java
@@ -16,5 +16,5 @@
* limitations under the License.
*/
-/** Alter Database DDL operation descriptions and operations. */
-package org.apache.hadoop.hive.ql.ddl.database.alter;
+/** Role showing DDL operations. */
+package org.apache.hadoop.hive.ql.ddl.privilege.role.show;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/grant/ShowGrantAnalyzer.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/grant/ShowGrantAnalyzer.java
new file mode 100644
index 0000000..8b0f51c
--- /dev/null
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/grant/ShowGrantAnalyzer.java
@@ -0,0 +1,57 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.hadoop.hive.ql.ddl.privilege.show.grant;
+
+import org.apache.hadoop.hive.ql.QueryState;
+import org.apache.hadoop.hive.ql.exec.Task;
+import org.apache.hadoop.hive.ql.metadata.Hive;
+import org.apache.hadoop.hive.ql.ddl.DDLSemanticAnalyzerFactory.DDLType;
+import org.apache.hadoop.hive.ql.ddl.privilege.AbstractPrivilegeAnalyzer;
+import org.apache.hadoop.hive.ql.parse.ASTNode;
+import org.apache.hadoop.hive.ql.parse.HiveParser;
+import org.apache.hadoop.hive.ql.parse.SemanticException;
+
+import com.google.common.annotations.VisibleForTesting;
+
+/**
+ * Analyzer for showing grant commands.
+ */
+@DDLType(type=HiveParser.TOK_SHOW_GRANT)
+public class ShowGrantAnalyzer extends AbstractPrivilegeAnalyzer {
+ public ShowGrantAnalyzer(QueryState queryState) throws SemanticException {
+ super(queryState);
+ }
+
+ @VisibleForTesting
+ public ShowGrantAnalyzer(QueryState queryState, Hive db) throws SemanticException {
+ super(queryState, db);
+ }
+
+ @Override
+ public void analyzeInternal(ASTNode root) throws SemanticException {
+ ctx.setResFile(ctx.getLocalTmpPath());
+ Task<?> task = hiveAuthorizationTaskFactory.createShowGrantTask(root, ctx.getResFile(), getInputs(), getOutputs());
+ if (task != null) {
+ rootTasks.add(task);
+
+ task.setFetchSource(true);
+ setFetchTask(createFetchTask(ShowGrantDesc.SCHEMA));
+ }
+ }
+}
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowGrantDesc.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/grant/ShowGrantDesc.java
similarity index 91%
rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowGrantDesc.java
rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/grant/ShowGrantDesc.java
index 8a2438a..30fe4c4 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowGrantDesc.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/grant/ShowGrantDesc.java
@@ -16,9 +16,11 @@
* limitations under the License.
*/
-package org.apache.hadoop.hive.ql.ddl.privilege;
+package org.apache.hadoop.hive.ql.ddl.privilege.show.grant;
import org.apache.hadoop.hive.ql.ddl.DDLDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeObjectDesc;
import org.apache.hadoop.hive.ql.plan.Explain;
import org.apache.hadoop.hive.ql.plan.Explain.Level;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowGrantOperation.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/grant/ShowGrantOperation.java
similarity index 97%
rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowGrantOperation.java
rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/grant/ShowGrantOperation.java
index d1320a9..46f62a7 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowGrantOperation.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/grant/ShowGrantOperation.java
@@ -16,10 +16,11 @@
* limitations under the License.
*/
-package org.apache.hadoop.hive.ql.ddl.privilege;
+package org.apache.hadoop.hive.ql.ddl.privilege.show.grant;
import org.apache.hadoop.hive.ql.ddl.DDLOperationContext;
import org.apache.hadoop.hive.ql.ddl.DDLUtils;
+import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeUtils;
import java.io.IOException;
import java.util.Collections;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/grant/package-info.java
similarity index 87%
copy from ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java
copy to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/grant/package-info.java
index ef16275..e5beeca 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/grant/package-info.java
@@ -16,5 +16,5 @@
* limitations under the License.
*/
-/** Alter Database DDL operation descriptions and operations. */
-package org.apache.hadoop.hive.ql.ddl.database.alter;
+/** Grant showing DDL operation. */
+package org.apache.hadoop.hive.ql.ddl.privilege.show.grant;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/principals/ShowPrincipalsAnalyzer.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/principals/ShowPrincipalsAnalyzer.java
new file mode 100644
index 0000000..7cdeef1
--- /dev/null
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/principals/ShowPrincipalsAnalyzer.java
@@ -0,0 +1,58 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.hadoop.hive.ql.ddl.privilege.show.principals;
+
+import org.apache.hadoop.hive.ql.QueryState;
+import org.apache.hadoop.hive.ql.exec.Task;
+import org.apache.hadoop.hive.ql.metadata.Hive;
+import org.apache.hadoop.hive.ql.ddl.DDLSemanticAnalyzerFactory.DDLType;
+import org.apache.hadoop.hive.ql.ddl.privilege.AbstractPrivilegeAnalyzer;
+import org.apache.hadoop.hive.ql.parse.ASTNode;
+import org.apache.hadoop.hive.ql.parse.HiveParser;
+import org.apache.hadoop.hive.ql.parse.SemanticException;
+
+import com.google.common.annotations.VisibleForTesting;
+
+/**
+ * Analyzer for showing principals commands.
+ */
+@DDLType(type=HiveParser.TOK_SHOW_ROLE_PRINCIPALS)
+public class ShowPrincipalsAnalyzer extends AbstractPrivilegeAnalyzer {
+ public ShowPrincipalsAnalyzer(QueryState queryState) throws SemanticException {
+ super(queryState);
+ }
+
+ @VisibleForTesting
+ public ShowPrincipalsAnalyzer(QueryState queryState, Hive db) throws SemanticException {
+ super(queryState, db);
+ }
+
+ @Override
+ public void analyzeInternal(ASTNode root) throws SemanticException {
+ ctx.setResFile(ctx.getLocalTmpPath());
+ Task<?> task = hiveAuthorizationTaskFactory.createShowRolePrincipalsTask(root, ctx.getResFile(), getInputs(),
+ getOutputs());
+ if (task != null) {
+ rootTasks.add(task);
+
+ task.setFetchSource(true);
+ setFetchTask(createFetchTask(ShowPrincipalsDesc.SCHEMA));
+ }
+ }
+}
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowPrincipalsDesc.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/principals/ShowPrincipalsDesc.java
similarity index 96%
rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowPrincipalsDesc.java
rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/principals/ShowPrincipalsDesc.java
index 0db1348..7f6d335 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowPrincipalsDesc.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/principals/ShowPrincipalsDesc.java
@@ -16,7 +16,7 @@
* limitations under the License.
*/
-package org.apache.hadoop.hive.ql.ddl.privilege;
+package org.apache.hadoop.hive.ql.ddl.privilege.show.principals;
import java.io.Serializable;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowPrincipalsOperation.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/principals/ShowPrincipalsOperation.java
similarity index 95%
rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowPrincipalsOperation.java
rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/principals/ShowPrincipalsOperation.java
index 2343f6d..ab30f2d 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowPrincipalsOperation.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/principals/ShowPrincipalsOperation.java
@@ -16,10 +16,11 @@
* limitations under the License.
*/
-package org.apache.hadoop.hive.ql.ddl.privilege;
+package org.apache.hadoop.hive.ql.ddl.privilege.show.principals;
import org.apache.hadoop.hive.ql.ddl.DDLOperationContext;
import org.apache.hadoop.hive.ql.ddl.DDLUtils;
+import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeUtils;
import java.io.IOException;
import java.util.Collections;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/principals/package-info.java
similarity index 87%
copy from ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java
copy to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/principals/package-info.java
index ef16275..0e27d31 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/principals/package-info.java
@@ -16,5 +16,5 @@
* limitations under the License.
*/
-/** Alter Database DDL operation descriptions and operations. */
-package org.apache.hadoop.hive.ql.ddl.database.alter;
+/** Principal showing DDL operation. */
+package org.apache.hadoop.hive.ql.ddl.privilege.show.principals;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/rolegrant/ShowRoleGrantAnalyzer.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/rolegrant/ShowRoleGrantAnalyzer.java
new file mode 100644
index 0000000..2e093e7
--- /dev/null
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/rolegrant/ShowRoleGrantAnalyzer.java
@@ -0,0 +1,58 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.hadoop.hive.ql.ddl.privilege.show.rolegrant;
+
+import org.apache.hadoop.hive.ql.QueryState;
+import org.apache.hadoop.hive.ql.exec.Task;
+import org.apache.hadoop.hive.ql.metadata.Hive;
+import org.apache.hadoop.hive.ql.ddl.DDLSemanticAnalyzerFactory.DDLType;
+import org.apache.hadoop.hive.ql.ddl.privilege.AbstractPrivilegeAnalyzer;
+import org.apache.hadoop.hive.ql.parse.ASTNode;
+import org.apache.hadoop.hive.ql.parse.HiveParser;
+import org.apache.hadoop.hive.ql.parse.SemanticException;
+
+import com.google.common.annotations.VisibleForTesting;
+
+/**
+ * Analyzer for showing role grant commands.
+ */
+@DDLType(type=HiveParser.TOK_SHOW_ROLE_GRANT)
+public class ShowRoleGrantAnalyzer extends AbstractPrivilegeAnalyzer {
+ public ShowRoleGrantAnalyzer(QueryState queryState) throws SemanticException {
+ super(queryState);
+ }
+
+ @VisibleForTesting
+ public ShowRoleGrantAnalyzer(QueryState queryState, Hive db) throws SemanticException {
+ super(queryState, db);
+ }
+
+ @Override
+ public void analyzeInternal(ASTNode root) throws SemanticException {
+ ctx.setResFile(ctx.getLocalTmpPath());
+ Task<?> task = hiveAuthorizationTaskFactory.createShowRoleGrantTask(root, ctx.getResFile(), getInputs(),
+ getOutputs());
+ if (task != null) {
+ rootTasks.add(task);
+
+ task.setFetchSource(true);
+ setFetchTask(createFetchTask(ShowRoleGrantDesc.SCHEMA));
+ }
+ }
+}
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowRoleGrantDesc.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/rolegrant/ShowRoleGrantDesc.java
similarity index 96%
rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowRoleGrantDesc.java
rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/rolegrant/ShowRoleGrantDesc.java
index 713fc53..ab4433d 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowRoleGrantDesc.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/rolegrant/ShowRoleGrantDesc.java
@@ -16,7 +16,7 @@
* limitations under the License.
*/
-package org.apache.hadoop.hive.ql.ddl.privilege;
+package org.apache.hadoop.hive.ql.ddl.privilege.show.rolegrant;
import java.io.Serializable;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowRoleGrantOperation.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/rolegrant/ShowRoleGrantOperation.java
similarity index 95%
rename from ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowRoleGrantOperation.java
rename to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/rolegrant/ShowRoleGrantOperation.java
index 88ddf1e..b83da18 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/ShowRoleGrantOperation.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/rolegrant/ShowRoleGrantOperation.java
@@ -16,10 +16,11 @@
* limitations under the License.
*/
-package org.apache.hadoop.hive.ql.ddl.privilege;
+package org.apache.hadoop.hive.ql.ddl.privilege.show.rolegrant;
import org.apache.hadoop.hive.ql.ddl.DDLOperationContext;
import org.apache.hadoop.hive.ql.ddl.DDLUtils;
+import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeUtils;
import java.io.IOException;
import java.util.Collections;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/rolegrant/package-info.java
similarity index 87%
copy from ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java
copy to ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/rolegrant/package-info.java
index ef16275..ccef832 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/database/alter/package-info.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/privilege/show/rolegrant/package-info.java
@@ -16,5 +16,5 @@
* limitations under the License.
*/
-/** Alter Database DDL operation descriptions and operations. */
-package org.apache.hadoop.hive.ql.ddl.database.alter;
+/** Role grant showing DDL operation. */
+package org.apache.hadoop.hive.ql.ddl.privilege.show.rolegrant;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/parse/DDLSemanticAnalyzer.java b/ql/src/java/org/apache/hadoop/hive/ql/parse/DDLSemanticAnalyzer.java
index 68dfe0d..2b8a2ba 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/parse/DDLSemanticAnalyzer.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/parse/DDLSemanticAnalyzer.java
@@ -19,8 +19,6 @@
package org.apache.hadoop.hive.ql.parse;
import java.io.FileNotFoundException;
-import java.lang.reflect.Constructor;
-import java.lang.reflect.InvocationTargetException;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
@@ -74,10 +72,6 @@ import org.apache.hadoop.hive.ql.ddl.misc.CacheMetadataDesc;
import org.apache.hadoop.hive.ql.ddl.misc.MsckDesc;
import org.apache.hadoop.hive.ql.ddl.misc.ShowConfDesc;
import org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc;
-import org.apache.hadoop.hive.ql.ddl.privilege.ShowGrantDesc;
-import org.apache.hadoop.hive.ql.ddl.privilege.ShowPrincipalsDesc;
-import org.apache.hadoop.hive.ql.ddl.privilege.ShowRoleGrantDesc;
-import org.apache.hadoop.hive.ql.ddl.privilege.ShowRolesDesc;
import org.apache.hadoop.hive.ql.ddl.process.AbortTransactionsDesc;
import org.apache.hadoop.hive.ql.ddl.process.KillQueriesDesc;
import org.apache.hadoop.hive.ql.ddl.process.ShowCompactionsDesc;
@@ -172,8 +166,6 @@ import org.apache.hadoop.hive.ql.metadata.NotNullConstraint;
import org.apache.hadoop.hive.ql.metadata.Partition;
import org.apache.hadoop.hive.ql.metadata.Table;
import org.apache.hadoop.hive.ql.parse.authorization.AuthorizationParseUtils;
-import org.apache.hadoop.hive.ql.parse.authorization.HiveAuthorizationTaskFactory;
-import org.apache.hadoop.hive.ql.parse.authorization.HiveAuthorizationTaskFactoryImpl;
import org.apache.hadoop.hive.ql.plan.BasicStatsWork;
import org.apache.hadoop.hive.ql.plan.ColumnStatsUpdateWork;
import org.apache.hadoop.hive.ql.plan.ExprNodeColumnDesc;
@@ -217,7 +209,6 @@ public class DDLSemanticAnalyzer extends BaseSemanticAnalyzer {
private static final Map<Integer, String> TokenToTypeName = new HashMap<Integer, String>();
private final Set<String> reservedPartitionValues;
- private final HiveAuthorizationTaskFactory hiveAuthorizationTaskFactory;
private WriteEntity alterTableOutput;
// Equivalent to acidSinks, but for DDL operations that change data.
private DDLDescWithWriteId ddlDescWithWriteId;
@@ -290,7 +281,6 @@ public class DDLSemanticAnalyzer extends BaseSemanticAnalyzer {
reservedPartitionValues.add(HiveConf.getVar(conf, ConfVars.METASTORE_INT_ORIGINAL));
reservedPartitionValues.add(HiveConf.getVar(conf, ConfVars.METASTORE_INT_ARCHIVED));
reservedPartitionValues.add(HiveConf.getVar(conf, ConfVars.METASTORE_INT_EXTRACTED));
- hiveAuthorizationTaskFactory = createAuthorizationTaskFactory(conf, db);
}
@Override
@@ -499,43 +489,6 @@ public class DDLSemanticAnalyzer extends BaseSemanticAnalyzer {
case HiveParser.TOK_UNLOCKTABLE:
analyzeUnlockTable(ast);
break;
- case HiveParser.TOK_CREATEROLE:
- analyzeCreateRole(ast);
- break;
- case HiveParser.TOK_DROPROLE:
- analyzeDropRole(ast);
- break;
- case HiveParser.TOK_SHOW_ROLE_GRANT:
- ctx.setResFile(ctx.getLocalTmpPath());
- analyzeShowRoleGrant(ast);
- break;
- case HiveParser.TOK_SHOW_ROLE_PRINCIPALS:
- ctx.setResFile(ctx.getLocalTmpPath());
- analyzeShowRolePrincipals(ast);
- break;
- case HiveParser.TOK_SHOW_ROLES:
- ctx.setResFile(ctx.getLocalTmpPath());
- analyzeShowRoles(ast);
- break;
- case HiveParser.TOK_GRANT_ROLE:
- analyzeGrantRevokeRole(true, ast);
- break;
- case HiveParser.TOK_REVOKE_ROLE:
- analyzeGrantRevokeRole(false, ast);
- break;
- case HiveParser.TOK_GRANT:
- analyzeGrant(ast);
- break;
- case HiveParser.TOK_SHOW_GRANT:
- ctx.setResFile(ctx.getLocalTmpPath());
- analyzeShowGrant(ast);
- break;
- case HiveParser.TOK_REVOKE:
- analyzeRevoke(ast);
- break;
- case HiveParser.TOK_SHOW_SET_ROLE:
- analyzeSetShowRole(ast);
- break;
case HiveParser.TOK_CACHE_METADATA:
analyzeCacheMetadata(ast);
break;
@@ -646,106 +599,6 @@ public class DDLSemanticAnalyzer extends BaseSemanticAnalyzer {
rootTasks.add(cStatsUpdateTask);
}
- private void analyzeSetShowRole(ASTNode ast) throws SemanticException {
- switch (ast.getChildCount()) {
- case 0:
- ctx.setResFile(ctx.getLocalTmpPath());
- rootTasks.add(hiveAuthorizationTaskFactory.createShowCurrentRoleTask(
- getInputs(), getOutputs(), ctx.getResFile()));
- setFetchTask(createFetchTask(ShowRolesDesc.SCHEMA));
- break;
- case 1:
- rootTasks.add(hiveAuthorizationTaskFactory.createSetRoleTask(
- BaseSemanticAnalyzer.unescapeIdentifier(ast.getChild(0).getText()), getInputs(), getOutputs()));
- break;
- default:
- throw new SemanticException("Internal error. ASTNode expected to have 0 or 1 child. " + ast.dump());
- }
- }
-
- private void analyzeGrantRevokeRole(boolean grant, ASTNode ast) throws SemanticException {
- Task<?> task;
- if(grant) {
- task = hiveAuthorizationTaskFactory.createGrantRoleTask(ast, getInputs(), getOutputs());
- } else {
- task = hiveAuthorizationTaskFactory.createRevokeRoleTask(ast, getInputs(), getOutputs());
- }
- if(task != null) {
- rootTasks.add(task);
- }
- }
-
- private void analyzeShowGrant(ASTNode ast) throws SemanticException {
- Task<?> task = hiveAuthorizationTaskFactory.
- createShowGrantTask(ast, ctx.getResFile(), getInputs(), getOutputs());
- if(task != null) {
- rootTasks.add(task);
- setFetchTask(createFetchTask(ShowGrantDesc.SCHEMA));
- }
- }
-
- private void analyzeGrant(ASTNode ast) throws SemanticException {
- Task<?> task = hiveAuthorizationTaskFactory.
- createGrantTask(ast, getInputs(), getOutputs());
- if(task != null) {
- rootTasks.add(task);
- }
- }
-
- private void analyzeRevoke(ASTNode ast) throws SemanticException {
- Task<?> task = hiveAuthorizationTaskFactory.
- createRevokeTask(ast, getInputs(), getOutputs());
- if(task != null) {
- rootTasks.add(task);
- }
- }
-
- private void analyzeCreateRole(ASTNode ast) throws SemanticException {
- Task<?> task = hiveAuthorizationTaskFactory.
- createCreateRoleTask(ast, getInputs(), getOutputs());
- if(task != null) {
- rootTasks.add(task);
- }
- }
-
- private void analyzeDropRole(ASTNode ast) throws SemanticException {
- Task<?> task = hiveAuthorizationTaskFactory.
- createDropRoleTask(ast, getInputs(), getOutputs());
- if(task != null) {
- rootTasks.add(task);
- }
- }
-
- private void analyzeShowRoleGrant(ASTNode ast) throws SemanticException {
- Task<?> task = hiveAuthorizationTaskFactory.
- createShowRoleGrantTask(ast, ctx.getResFile(), getInputs(), getOutputs());
- if(task != null) {
- rootTasks.add(task);
- setFetchTask(createFetchTask(ShowRoleGrantDesc.SCHEMA));
- }
- }
-
- private void analyzeShowRolePrincipals(ASTNode ast) throws SemanticException {
- Task<?> roleDDLTask = (Task<?>) hiveAuthorizationTaskFactory
- .createShowRolePrincipalsTask(ast, ctx.getResFile(), getInputs(), getOutputs());
-
- if (roleDDLTask != null) {
- rootTasks.add(roleDDLTask);
- setFetchTask(createFetchTask(ShowPrincipalsDesc.SCHEMA));
- }
- }
-
- private void analyzeShowRoles(ASTNode ast) throws SemanticException {
- @SuppressWarnings("unchecked")
- Task<DDLWork> roleDDLTask = (Task<DDLWork>) hiveAuthorizationTaskFactory
- .createShowRolesTask(ast, ctx.getResFile(), getInputs(), getOutputs());
-
- if (roleDDLTask != null) {
- rootTasks.add(roleDDLTask);
- setFetchTask(createFetchTask(ShowRolesDesc.SCHEMA));
- }
- }
-
private void analyzeExchangePartition(String[] qualified, ASTNode ast) throws SemanticException {
Table destTable = getTable(qualified);
Table sourceTable = getTable(getUnescapedName((ASTNode)ast.getChild(1)));
@@ -3968,31 +3821,6 @@ public class DDLSemanticAnalyzer extends BaseSemanticAnalyzer {
}
}
- private HiveAuthorizationTaskFactory createAuthorizationTaskFactory(HiveConf conf, Hive db) {
- Class<? extends HiveAuthorizationTaskFactory> authProviderClass = conf.
- getClass(HiveConf.ConfVars.HIVE_AUTHORIZATION_TASK_FACTORY.varname,
- HiveAuthorizationTaskFactoryImpl.class,
- HiveAuthorizationTaskFactory.class);
- String msg = "Unable to create instance of " + authProviderClass.getName() + ": ";
- try {
- Constructor<? extends HiveAuthorizationTaskFactory> constructor =
- authProviderClass.getConstructor(HiveConf.class, Hive.class);
- return constructor.newInstance(conf, db);
- } catch (NoSuchMethodException e) {
- throw new IllegalStateException(msg + e.getMessage(), e);
- } catch (SecurityException e) {
- throw new IllegalStateException(msg + e.getMessage(), e);
- } catch (InstantiationException e) {
- throw new IllegalStateException(msg + e.getMessage(), e);
- } catch (IllegalAccessException e) {
- throw new IllegalStateException(msg + e.getMessage(), e);
- } catch (IllegalArgumentException e) {
- throw new IllegalStateException(msg + e.getMessage(), e);
- } catch (InvocationTargetException e) {
- throw new IllegalStateException(msg + e.getMessage(), e);
- }
- }
-
private void analyzeAlterMaterializedViewRewrite(String fqMvName, ASTNode ast) throws SemanticException {
// Value for the flag
boolean enableFlag;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g b/ql/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g
index a881944..6e7ed4d 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g
+++ b/ql/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g
@@ -329,9 +329,10 @@ TOK_PRIV_OBJECT;
TOK_PRIV_OBJECT_COL;
TOK_GRANT_ROLE;
TOK_REVOKE_ROLE;
+TOK_SET_ROLE;
TOK_SHOW_ROLE_GRANT;
TOK_SHOW_ROLES;
-TOK_SHOW_SET_ROLE;
+TOK_SHOW_CURRENT_ROLE;
TOK_SHOW_ROLE_PRINCIPALS;
TOK_SHOWDBLOCKS;
TOK_DESCDATABASE;
@@ -1767,7 +1768,7 @@ showCurrentRole
@init {pushMsg("show current role", state);}
@after {popMsg(state);}
: KW_SHOW KW_CURRENT KW_ROLES
- -> ^(TOK_SHOW_SET_ROLE)
+ -> ^(TOK_SHOW_CURRENT_ROLE)
;
setRole
@@ -1775,11 +1776,11 @@ setRole
@after {popMsg(state);}
: KW_SET KW_ROLE
(
- (KW_ALL) => (all=KW_ALL) -> ^(TOK_SHOW_SET_ROLE Identifier[$all.text])
+ (KW_ALL) => (all=KW_ALL) -> ^(TOK_SET_ROLE Identifier[$all.text])
|
- (KW_NONE) => (none=KW_NONE) -> ^(TOK_SHOW_SET_ROLE Identifier[$none.text])
+ (KW_NONE) => (none=KW_NONE) -> ^(TOK_SET_ROLE Identifier[$none.text])
|
- identifier -> ^(TOK_SHOW_SET_ROLE identifier)
+ identifier -> ^(TOK_SET_ROLE identifier)
)
;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/parse/SemanticAnalyzerFactory.java b/ql/src/java/org/apache/hadoop/hive/ql/parse/SemanticAnalyzerFactory.java
index 1a99431..f20e49c 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/parse/SemanticAnalyzerFactory.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/parse/SemanticAnalyzerFactory.java
@@ -142,18 +142,7 @@ public final class SemanticAnalyzerFactory {
case HiveParser.TOK_SHOWMATERIALIZEDVIEWS:
case HiveParser.TOK_LOCKTABLE:
case HiveParser.TOK_UNLOCKTABLE:
- case HiveParser.TOK_CREATEROLE:
- case HiveParser.TOK_DROPROLE:
- case HiveParser.TOK_GRANT:
- case HiveParser.TOK_REVOKE:
- case HiveParser.TOK_SHOW_GRANT:
- case HiveParser.TOK_GRANT_ROLE:
- case HiveParser.TOK_REVOKE_ROLE:
- case HiveParser.TOK_SHOW_ROLE_GRANT:
- case HiveParser.TOK_SHOW_ROLE_PRINCIPALS:
- case HiveParser.TOK_SHOW_ROLES:
case HiveParser.TOK_TRUNCATETABLE:
- case HiveParser.TOK_SHOW_SET_ROLE:
case HiveParser.TOK_CACHE_METADATA:
case HiveParser.TOK_KILL_QUERY:
case HiveParser.TOK_CREATE_RP:
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/parse/authorization/HiveAuthorizationTaskFactoryImpl.java b/ql/src/java/org/apache/hadoop/hive/ql/parse/authorization/HiveAuthorizationTaskFactoryImpl.java
index 8f7bcf5..756a33a 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/parse/authorization/HiveAuthorizationTaskFactoryImpl.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/parse/authorization/HiveAuthorizationTaskFactoryImpl.java
@@ -28,21 +28,21 @@ import org.apache.hadoop.hive.conf.HiveConf;
import org.apache.hadoop.hive.metastore.api.PrincipalType;
import org.apache.hadoop.hive.ql.ErrorMsg;
import org.apache.hadoop.hive.ql.ddl.DDLWork;
-import org.apache.hadoop.hive.ql.ddl.privilege.CreateRoleDesc;
-import org.apache.hadoop.hive.ql.ddl.privilege.DropRoleDesc;
-import org.apache.hadoop.hive.ql.ddl.privilege.GrantDesc;
-import org.apache.hadoop.hive.ql.ddl.privilege.GrantRoleDesc;
import org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc;
import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeDesc;
import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeObjectDesc;
-import org.apache.hadoop.hive.ql.ddl.privilege.RevokeDesc;
-import org.apache.hadoop.hive.ql.ddl.privilege.RevokeRoleDesc;
-import org.apache.hadoop.hive.ql.ddl.privilege.SetRoleDesc;
-import org.apache.hadoop.hive.ql.ddl.privilege.ShowCurrentRoleDesc;
-import org.apache.hadoop.hive.ql.ddl.privilege.ShowGrantDesc;
-import org.apache.hadoop.hive.ql.ddl.privilege.ShowPrincipalsDesc;
-import org.apache.hadoop.hive.ql.ddl.privilege.ShowRoleGrantDesc;
-import org.apache.hadoop.hive.ql.ddl.privilege.ShowRolesDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.grant.GrantDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.revoke.RevokeDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.role.create.CreateRoleDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.role.drop.DropRoleDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.role.grant.GrantRoleDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.role.revoke.RevokeRoleDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.role.set.SetRoleDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.role.show.ShowCurrentRoleDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.role.show.ShowRolesDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.show.grant.ShowGrantDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.show.principals.ShowPrincipalsDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.show.rolegrant.ShowRoleGrantDesc;
import org.apache.hadoop.hive.ql.exec.Task;
import org.apache.hadoop.hive.ql.exec.TaskFactory;
import org.apache.hadoop.hive.ql.hooks.ReadEntity;
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/plan/HiveOperation.java b/ql/src/java/org/apache/hadoop/hive/ql/plan/HiveOperation.java
index 62a42e1..f1ab99e 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/plan/HiveOperation.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/plan/HiveOperation.java
@@ -129,8 +129,9 @@ public enum HiveOperation {
SHOW_GRANT("SHOW_GRANT", HiveParser.TOK_SHOW_GRANT, null, null, true, false),
GRANT_ROLE("GRANT_ROLE", HiveParser.TOK_GRANT_ROLE, null, null),
REVOKE_ROLE("REVOKE_ROLE", HiveParser.TOK_REVOKE_ROLE, null, null),
- SHOW_ROLES("SHOW_ROLES", new int[] {HiveParser.TOK_SHOW_ROLES, HiveParser.TOK_SHOW_SET_ROLE}, null, null, true,
- false),
+ SHOW_ROLES("SHOW_ROLES",
+ new int[] {HiveParser.TOK_SHOW_ROLES, HiveParser.TOK_SHOW_CURRENT_ROLE, HiveParser.TOK_SET_ROLE},
+ null, null, true, false),
SHOW_ROLE_PRINCIPALS("SHOW_ROLE_PRINCIPALS", HiveParser.TOK_SHOW_ROLE_PRINCIPALS, null, null, true, false),
SHOW_ROLE_GRANT("SHOW_ROLE_GRANT", HiveParser.TOK_SHOW_ROLE_GRANT, null, null, true, false),
ALTERTABLE_FILEFORMAT("ALTERTABLE_FILEFORMAT", HiveParser.TOK_ALTERTABLE_FILEFORMAT,
diff --git a/ql/src/test/org/apache/hadoop/hive/ql/parse/authorization/AuthorizationTestUtil.java b/ql/src/test/org/apache/hadoop/hive/ql/parse/authorization/AuthorizationTestUtil.java
index 5276b58..72a6c66 100644
--- a/ql/src/test/org/apache/hadoop/hive/ql/parse/authorization/AuthorizationTestUtil.java
+++ b/ql/src/test/org/apache/hadoop/hive/ql/parse/authorization/AuthorizationTestUtil.java
@@ -21,10 +21,12 @@ import java.util.List;
import org.apache.hadoop.hive.ql.Context;
import org.apache.hadoop.hive.ql.QueryState;
+import org.apache.hadoop.hive.ql.ddl.DDLSemanticAnalyzerFactory;
import org.apache.hadoop.hive.ql.ddl.DDLWork;
import org.apache.hadoop.hive.ql.exec.Task;
import org.apache.hadoop.hive.ql.metadata.Hive;
import org.apache.hadoop.hive.ql.parse.ASTNode;
+import org.apache.hadoop.hive.ql.parse.BaseSemanticAnalyzer;
import org.apache.hadoop.hive.ql.parse.DDLSemanticAnalyzer;
import org.apache.hadoop.hive.ql.parse.ParseUtils;
import org.apache.hadoop.hive.ql.session.SessionState;
@@ -36,7 +38,10 @@ import org.junit.Assert;
public class AuthorizationTestUtil {
public static DDLWork analyze(ASTNode ast, QueryState queryState, Hive db) throws Exception {
- DDLSemanticAnalyzer analyzer = new DDLSemanticAnalyzer(queryState, db);
+ BaseSemanticAnalyzer analyzer = DDLSemanticAnalyzerFactory.getAnalyzer(ast, queryState, db);
+ if (analyzer == null) {
+ analyzer = new DDLSemanticAnalyzer(queryState, db);
+ }
SessionState.start(queryState.getConf());
analyzer.analyze(ast, new Context(queryState.getConf()));
List<Task<?>> rootTasks = analyzer.getRootTasks();
diff --git a/ql/src/test/org/apache/hadoop/hive/ql/parse/authorization/PrivilegesTestBase.java b/ql/src/test/org/apache/hadoop/hive/ql/parse/authorization/PrivilegesTestBase.java
index 7339e08..6fd07a0 100644
--- a/ql/src/test/org/apache/hadoop/hive/ql/parse/authorization/PrivilegesTestBase.java
+++ b/ql/src/test/org/apache/hadoop/hive/ql/parse/authorization/PrivilegesTestBase.java
@@ -20,9 +20,9 @@ package org.apache.hadoop.hive.ql.parse.authorization;
import org.apache.hadoop.hive.metastore.api.PrincipalType;
import org.apache.hadoop.hive.ql.QueryState;
import org.apache.hadoop.hive.ql.ddl.DDLWork;
-import org.apache.hadoop.hive.ql.ddl.privilege.GrantDesc;
import org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc;
import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.grant.GrantDesc;
import org.apache.hadoop.hive.ql.metadata.Hive;
import org.apache.hadoop.hive.ql.security.authorization.PrivilegeType;
import org.junit.Assert;
diff --git a/ql/src/test/org/apache/hadoop/hive/ql/parse/authorization/TestHiveAuthorizationTaskFactory.java b/ql/src/test/org/apache/hadoop/hive/ql/parse/authorization/TestHiveAuthorizationTaskFactory.java
index f67867e..54ce8f3 100644
--- a/ql/src/test/org/apache/hadoop/hive/ql/parse/authorization/TestHiveAuthorizationTaskFactory.java
+++ b/ql/src/test/org/apache/hadoop/hive/ql/parse/authorization/TestHiveAuthorizationTaskFactory.java
@@ -26,17 +26,17 @@ import org.apache.hadoop.hive.conf.HiveConf.ConfVars;
import org.apache.hadoop.hive.metastore.api.PrincipalType;
import org.apache.hadoop.hive.ql.QueryState;
import org.apache.hadoop.hive.ql.ddl.DDLWork;
-import org.apache.hadoop.hive.ql.ddl.privilege.CreateRoleDesc;
-import org.apache.hadoop.hive.ql.ddl.privilege.DropRoleDesc;
-import org.apache.hadoop.hive.ql.ddl.privilege.GrantDesc;
-import org.apache.hadoop.hive.ql.ddl.privilege.GrantRoleDesc;
import org.apache.hadoop.hive.ql.ddl.privilege.PrincipalDesc;
import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeDesc;
import org.apache.hadoop.hive.ql.ddl.privilege.PrivilegeObjectDesc;
-import org.apache.hadoop.hive.ql.ddl.privilege.RevokeDesc;
-import org.apache.hadoop.hive.ql.ddl.privilege.RevokeRoleDesc;
-import org.apache.hadoop.hive.ql.ddl.privilege.ShowGrantDesc;
-import org.apache.hadoop.hive.ql.ddl.privilege.ShowRoleGrantDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.grant.GrantDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.revoke.RevokeDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.role.create.CreateRoleDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.role.drop.DropRoleDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.role.grant.GrantRoleDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.role.revoke.RevokeRoleDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.show.grant.ShowGrantDesc;
+import org.apache.hadoop.hive.ql.ddl.privilege.show.rolegrant.ShowRoleGrantDesc;
import org.apache.hadoop.hive.ql.metadata.Hive;
import org.apache.hadoop.hive.ql.metadata.Partition;
import org.apache.hadoop.hive.ql.metadata.Table;