Repository: hive Updated Branches: refs/heads/master e6ea691d3 -> ad1cb15a8
HIVE-11190: No prompting info or warning provided when METASTORE_FILTER_HOOK in authorization V2 is overriddenï¼Dapeng Sun, reviewed by Thejas M Nair and Ferdinand Xu) Project: http://git-wip-us.apache.org/repos/asf/hive/repo Commit: http://git-wip-us.apache.org/repos/asf/hive/commit/ad1cb15a Tree: http://git-wip-us.apache.org/repos/asf/hive/tree/ad1cb15a Diff: http://git-wip-us.apache.org/repos/asf/hive/diff/ad1cb15a Branch: refs/heads/master Commit: ad1cb15a8e35ebc1631996ffda7b4302276483bc Parents: e6ea691 Author: Ferdinand Xu <cheng.a...@intel.com> Authored: Sun Jul 12 21:08:58 2015 -0400 Committer: Ferdinand Xu <cheng.a...@intel.com> Committed: Sun Jul 12 21:09:31 2015 -0400 ---------------------------------------------------------------------- .../org/apache/hadoop/hive/ql/session/SessionState.java | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/hive/blob/ad1cb15a/ql/src/java/org/apache/hadoop/hive/ql/session/SessionState.java ---------------------------------------------------------------------- diff --git a/ql/src/java/org/apache/hadoop/hive/ql/session/SessionState.java b/ql/src/java/org/apache/hadoop/hive/ql/session/SessionState.java index 0bc9a46..49d64db 100644 --- a/ql/src/java/org/apache/hadoop/hive/ql/session/SessionState.java +++ b/ql/src/java/org/apache/hadoop/hive/ql/session/SessionState.java @@ -74,6 +74,7 @@ import org.apache.hadoop.hive.ql.metadata.Table; import org.apache.hadoop.hive.ql.plan.HiveOperation; import org.apache.hadoop.hive.ql.security.HiveAuthenticationProvider; import org.apache.hadoop.hive.ql.security.authorization.HiveAuthorizationProvider; +import org.apache.hadoop.hive.ql.security.authorization.plugin.AuthorizationMetaStoreFilterHook; import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthorizer; import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthorizerFactory; import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzSessionContext; @@ -764,8 +765,15 @@ public class SessionState { if (conf.get(CONFIG_AUTHZ_SETTINGS_APPLIED_MARKER, "").equals(Boolean.TRUE.toString())) { return; } + String metastoreHook = conf.get(ConfVars.METASTORE_FILTER_HOOK.name()); + if (!ConfVars.METASTORE_FILTER_HOOK.getDefaultValue().equals(metastoreHook) && + !AuthorizationMetaStoreFilterHook.class.getName().equals(metastoreHook)) { + LOG.warn(ConfVars.METASTORE_FILTER_HOOK.name() + + " will be ignored, since hive.security.authorization.manager" + + " is set to instance of HiveAuthorizerFactory."); + } conf.setVar(ConfVars.METASTORE_FILTER_HOOK, - "org.apache.hadoop.hive.ql.security.authorization.plugin.AuthorizationMetaStoreFilterHook"); + AuthorizationMetaStoreFilterHook.class.getName()); authorizerV2.applyAuthorizationConfigPolicy(conf); // update config in Hive thread local as well and init the metastore client