This is an automated email from the ASF dual-hosted git repository. ngangam pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/hive.git
The following commit(s) were added to refs/heads/master by this push: new e61460b HIVE-25695: Making spark views authorization configurable on hive(Saihemanth via Naveen Gangam) e61460b is described below commit e61460b36178de3d8f2ddb28ad3f03902a34c3a8 Author: saihemanth <saihema...@cloudera.com> AuthorDate: Fri Nov 12 12:23:26 2021 -0800 HIVE-25695: Making spark views authorization configurable on hive(Saihemanth via Naveen Gangam) --- common/src/java/org/apache/hadoop/hive/conf/HiveConf.java | 3 +++ .../hive/ql/security/authorization/command/CommandAuthorizerV2.java | 4 +++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java b/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java index 47fb831..ad60447 100644 --- a/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java +++ b/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java @@ -3467,6 +3467,9 @@ public class HiveConf extends Configuration { "hive.test.authz.sstd.hs2.mode", false, "test hs2 mode from .q tests", true), HIVE_AUTHORIZATION_ENABLED("hive.security.authorization.enabled", false, "enable or disable the Hive client authorization"), + HIVE_AUTHORIZATION_ENABLED_ON_SPARK_VIEWS("hive.security.authorization.enabled.on.spark.views",true, + "The configuration is gives the flexibility to admin to user whether to turn on/off the authorization model" + + "introduced in HIVE-24026"), HIVE_AUTHORIZATION_KERBEROS_USE_SHORTNAME("hive.security.authorization.kerberos.use.shortname", true, "use short name in Kerberos cluster"), HIVE_AUTHORIZATION_MANAGER("hive.security.authorization.manager", diff --git a/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/command/CommandAuthorizerV2.java b/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/command/CommandAuthorizerV2.java index 5526ee5..c31f39c 100644 --- a/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/command/CommandAuthorizerV2.java +++ b/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/command/CommandAuthorizerV2.java @@ -24,6 +24,7 @@ import java.util.Map; import java.util.Set; import java.util.Map.Entry; +import org.apache.hadoop.hive.conf.HiveConf; import org.apache.hadoop.hive.metastore.TableType; import org.apache.hadoop.hive.metastore.api.DataConnector; import org.apache.hadoop.hive.metastore.api.Database; @@ -159,7 +160,8 @@ final class CommandAuthorizerV2 { } if(isView){ Map<String, String> params = t.getParameters(); - if (params != null && params.containsKey(authorizedKeyword)) { + if (HiveConf.getBoolVar(SessionState.get().getConf(), HiveConf.ConfVars.HIVE_AUTHORIZATION_ENABLED_ON_SPARK_VIEWS) + && params != null && params.containsKey(authorizedKeyword)) { String authorizedValue = params.get(authorizedKeyword); if ("false".equalsIgnoreCase(authorizedValue)) { return true;