Github user hsuanyi commented on a diff in the pull request:
https://github.com/apache/drill/pull/461#discussion_r58986459
--- Diff:
contrib/storage-hive/core/src/main/java/org/apache/drill/exec/store/hive/schema/HiveDatabaseSchema.java
---
@@ -72,4 +80,76 @@ public String getTypeName() {
return HiveStoragePluginConfig.NAME;
}
+ @Override
+ public List<Pair<String, ? extends Table>> getTablesByNames(final
List<String> tableNames) {
+ final String schemaName = getName();
+ final List<Pair<String, ? extends Table>> tableNameToTable =
Lists.newArrayList();
+ List<org.apache.hadoop.hive.metastore.api.Table> tables;
+ // Retries once if the first call to fetch the metadata fails
+ synchronized(mClient) {
+ final List<String> tableNamesWithAuth = Lists.newArrayList();
+ for(String tableName : tableNames) {
+ try {
+ if(mClient.tableExists(schemaName, tableName)) {
--- End diff --
We have some discussions in the background. So let me summarize them below:
Here are some findings:
There are two ways for authorization, "SQL Standard Based Authorization"
and "Storage Based Authorization" [1]. When "Storage Based Authorization" is
being used, and we use "getTableObjectsByName", the returned results will
display some tables, which are not authorized to this user.
The reason is when "getTableObjectsByName" is being used, hive meta storage
will return the tables which are not authorized to the users. Since the issue
is in Hive, currently I do not think there is a simple fix.
On the other hand, "SQL Standard Based Authorization" would not have this
issue.
[1]
https://drill.apache.org/docs/configuring-user-impersonation-with-hive-authorization/
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---
