[hive] branch master updated: HIVE-26219 Encapsulate the API change for FileUtils.isActionPermittedForFileHierarchy (#3278)
This is an automated email from the ASF dual-hosted git repository.
rameshkumar pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/hive.git
The following commit(s) were added to refs/heads/master by this push:
new 4622860b8c HIVE-26219 Encapsulate the API change for
FileUtils.isActionPermittedForFileHierarchy (#3278)
4622860b8c is described below
commit 4622860b8c7dbddaf4c556e65c5039c60da15e82
Author: Ramesh Kumar
AuthorDate: Tue May 10 16:17:25 2022 -0700
HIVE-26219 Encapsulate the API change for
FileUtils.isActionPermittedForFileHierarchy (#3278)
---
.../src/java/org/apache/hadoop/hive/common/FileUtils.java | 14 ++
1 file changed, 14 insertions(+)
diff --git a/common/src/java/org/apache/hadoop/hive/common/FileUtils.java
b/common/src/java/org/apache/hadoop/hive/common/FileUtils.java
index f3290f69a1..e9410ec4d0 100644
--- a/common/src/java/org/apache/hadoop/hive/common/FileUtils.java
+++ b/common/src/java/org/apache/hadoop/hive/common/FileUtils.java
@@ -532,6 +532,20 @@ public final class FileUtils {
return isPermitted;
}
+ public static boolean isActionPermittedForFileHierarchy(FileSystem fs,
FileStatus fileStatus,
+ String userName, FsAction action, boolean recurse) throws Exception {
+UserGroupInformation proxyUser = null;
+boolean isPermitted;
+try {
+ proxyUser = getProxyUser(userName);
+ FileSystem fsAsUser = getFsAsUser(fs, proxyUser);
+ isPermitted = isActionPermittedForFileHierarchy(fs, fileStatus,
userName, action, recurse, fsAsUser);
+} finally {
+ closeFs(proxyUser);
+}
+return isPermitted;
+ }
+
@SuppressFBWarnings(value = "DLS_DEAD_LOCAL_STORE", justification =
"Intended, dir privilege all-around bug")
public static boolean isActionPermittedForFileHierarchy(FileSystem fs,
FileStatus fileStatus,
String userName, FsAction action, boolean recurse, FileSystem fsAsUser)
throws Exception {
[hive] branch master updated: HVIE-26199 Reduce FileSystem init during user impersonation (#3264)
This is an automated email from the ASF dual-hosted git repository.
rameshkumar pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/hive.git
The following commit(s) were added to refs/heads/master by this push:
new f298ebc51d HVIE-26199 Reduce FileSystem init during user impersonation
(#3264)
f298ebc51d is described below
commit f298ebc51d8073e2bcefae8bdf331fab2b91d4d0
Author: Ramesh Kumar
AuthorDate: Tue May 10 07:44:50 2022 -0700
HVIE-26199 Reduce FileSystem init during user impersonation (#3264)
---
.../org/apache/hadoop/hive/common/FileUtils.java | 92 +++---
.../org/apache/hadoop/hive/ql/metadata/Hive.java | 16 +++-
.../plugin/sqlstd/SQLAuthorizationUtils.java | 20 +++--
3 files changed, 91 insertions(+), 37 deletions(-)
diff --git a/common/src/java/org/apache/hadoop/hive/common/FileUtils.java
b/common/src/java/org/apache/hadoop/hive/common/FileUtils.java
index e92b700195..f3290f69a1 100644
--- a/common/src/java/org/apache/hadoop/hive/common/FileUtils.java
+++ b/common/src/java/org/apache/hadoop/hive/common/FileUtils.java
@@ -67,6 +67,8 @@ import org.apache.hive.common.util.SuppressFBWarnings;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import javax.security.auth.login.LoginException;
+
/**
* Collection of file manipulation utilities common across Hive.
*/
@@ -408,10 +410,16 @@ public final class FileUtils {
return getPathOrParentThatExists(fs, parentPath);
}
- public static void checkFileAccessWithImpersonation(final FileSystem fs,
final FileStatus stat,
- final FsAction action, final String user)
- throws IOException, AccessControlException, InterruptedException,
Exception {
-checkFileAccessWithImpersonation(fs, stat, action, user, null);
+ public static void checkFileAccessWithImpersonation(final FileSystem fs,
final FileStatus stat, final FsAction action,
+ final String user) throws Exception {
+UserGroupInformation proxyUser = null;
+try {
+ proxyUser = getProxyUser(user);
+ FileSystem fsAsUser = FileUtils.getFsAsUser(fs, proxyUser);
+ checkFileAccessWithImpersonation(fs, stat, action, user, null, fsAsUser);
+} finally {
+ closeFs(proxyUser);
+}
}
/**
@@ -435,9 +443,9 @@ public final class FileUtils {
* @throws InterruptedException
* @throws Exception
*/
- public static void checkFileAccessWithImpersonation(final FileSystem fs,
- final FileStatus stat, final FsAction action, final String user, final
List children)
- throws IOException, AccessControlException, InterruptedException,
Exception {
+ public static void checkFileAccessWithImpersonation(final FileSystem fs,
final FileStatus stat, final FsAction action,
+ final String user, final List children, final FileSystem
fsAsUser)
+ throws IOException, AccessControlException, InterruptedException,
Exception {
UserGroupInformation ugi = Utils.getUGI();
String currentUser = ugi.getShortUserName();
@@ -449,25 +457,17 @@ public final class FileUtils {
}
// Otherwise, try user impersonation. Current user must be configured to
do user impersonation.
-UserGroupInformation proxyUser = UserGroupInformation.createProxyUser(
-user, UserGroupInformation.getLoginUser());
-try {
- proxyUser.doAs(new PrivilegedExceptionAction() {
-@Override
-public Object run() throws Exception {
- FileSystem fsAsUser = FileSystem.get(fs.getUri(), fs.getConf());
- ShimLoader.getHadoopShims().checkFileAccess(fsAsUser, stat, action);
- addChildren(fsAsUser, stat.getPath(), children);
- return null;
-}
- });
-} finally {
- FileSystem.closeAllForUGI(proxyUser);
-}
+UserGroupInformation proxyUser =
UserGroupInformation.createProxyUser(user, UserGroupInformation.getLoginUser());
+proxyUser.doAs(new PrivilegedExceptionAction() {
+ @Override public Object run() throws Exception {
+ShimLoader.getHadoopShims().checkFileAccess(fsAsUser, stat, action);
+addChildren(fsAsUser, stat.getPath(), children);
+return null;
+ }
+});
}
- private static void addChildren(FileSystem fsAsUser, Path path,
List children)
- throws IOException {
+ private static void addChildren(FileSystem fsAsUser, Path path,
List children) throws IOException {
if (children != null) {
FileStatus[] listStatus;
try {
@@ -480,6 +480,33 @@ public final class FileUtils {
}
}
+ public static UserGroupInformation getProxyUser(final String user) throws
LoginException, IOException {
+UserGroupInformation ugi = Utils.getUGI();
+String currentUser = ugi.getShortUserName();
+UserGroupInformation proxyUser = null;
+if (user != null && !user.equals(currentUser)) {
+ proxyUser = UserGroupInformation.createProxyUser(user,
UserGroupInformation.getLoginUser());
+}
+return proxyUser;
[hive] branch master updated: HIVE-25969: Unable to reference table column named default (Krisztian Kasa, reviewed by Zoltan Haindrich)
This is an automated email from the ASF dual-hosted git repository.
krisztiankasa pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/hive.git
The following commit(s) were added to refs/heads/master by this push:
new 62834fbdd3 HIVE-25969: Unable to reference table column named default
(Krisztian Kasa, reviewed by Zoltan Haindrich)
62834fbdd3 is described below
commit 62834fbdd3bd4065413b59448759c6a25aa1dbf0
Author: Krisztian Kasa
AuthorDate: Tue May 10 13:46:13 2022 +0200
HIVE-25969: Unable to reference table column named default (Krisztian Kasa,
reviewed by Zoltan Haindrich)
---
.../apache/hadoop/hive/ql/parse/FromClauseParser.g | 7 ++
.../org/apache/hadoop/hive/ql/parse/HiveParser.g | 9 +-
.../hadoop/hive/ql/parse/IdentifiersParser.g | 14 ++-
.../hadoop/hive/ql/parse/TestParseDefault.java | 108
.../hive/ql/parse/MergeSemanticAnalyzer.java | 49 -
.../hive/ql/parse/RewriteSemanticAnalyzer.java | 4 +
.../hadoop/hive/ql/parse/SemanticAnalyzer.java | 25 +++--
.../hadoop/hive/ql/parse/UnparseTranslator.java| 13 +++
.../clientpositive/insert_into_default_keyword_2.q | 15 +++
.../llap/insert_into_default_keyword_2.q.out | 113 +
10 files changed, 311 insertions(+), 46 deletions(-)
diff --git a/parser/src/java/org/apache/hadoop/hive/ql/parse/FromClauseParser.g
b/parser/src/java/org/apache/hadoop/hive/ql/parse/FromClauseParser.g
index 34a91fbe0e..dbad0f7f33 100644
--- a/parser/src/java/org/apache/hadoop/hive/ql/parse/FromClauseParser.g
+++ b/parser/src/java/org/apache/hadoop/hive/ql/parse/FromClauseParser.g
@@ -62,6 +62,13 @@ tableOrColumn
identifier -> ^(TOK_TABLE_OR_COL identifier)
;
+defaultValue
+@init { gParent.pushMsg("default value", state); }
+@after { gParent.popMsg(state); }
+:
+KW_DEFAULT -> ^(TOK_TABLE_OR_COL TOK_DEFAULT_VALUE)
+;
+
expressionList
@init { gParent.pushMsg("expression list", state); }
@after { gParent.popMsg(state); }
diff --git a/parser/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g
b/parser/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g
index ce63d0bc63..538d0a7127 100644
--- a/parser/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g
+++ b/parser/src/java/org/apache/hadoop/hive/ql/parse/HiveParser.g
@@ -2777,9 +2777,16 @@ deleteStatement
/*SET = (3 + col2)*/
columnAssignmentClause
:
- tableOrColumn EQUAL^ precedencePlusExpression
+ | tableOrColumn EQUAL^ precedencePlusExpressionOrDefault
;
+precedencePlusExpressionOrDefault
+:
+(KW_DEFAULT (~DOT|EOF)) => defaultValue
+| precedencePlusExpression
+;
+
+
/*SET col1 = 5, col2 = (4 + col4), ...*/
setColumnsClause
:
diff --git
a/parser/src/java/org/apache/hadoop/hive/ql/parse/IdentifiersParser.g
b/parser/src/java/org/apache/hadoop/hive/ql/parse/IdentifiersParser.g
index 31f437d63b..4d807a7ef6 100644
--- a/parser/src/java/org/apache/hadoop/hive/ql/parse/IdentifiersParser.g
+++ b/parser/src/java/org/apache/hadoop/hive/ql/parse/IdentifiersParser.g
@@ -160,7 +160,7 @@ expressionsInParenthesis[boolean isStruct, boolean
forceStruct]
expressionsNotInParenthesis[boolean isStruct, boolean forceStruct]
:
-first=expression more=expressionPart[$expression.tree, isStruct]?
+first=expressionOrDefault more=expressionPart[$expressionOrDefault.tree,
isStruct]?
-> {forceStruct && more==null}?
^(TOK_FUNCTION Identifier["struct"] {$first.tree})
-> {more==null}?
@@ -170,9 +170,15 @@ expressionsNotInParenthesis[boolean isStruct, boolean
forceStruct]
expressionPart[CommonTree firstExprTree, boolean isStruct]
:
-(COMMA expression)+
--> {isStruct}? ^(TOK_FUNCTION Identifier["struct"] {$firstExprTree}
expression+)
--> {$firstExprTree} expression+
+(COMMA expressionOrDefault)+
+-> {isStruct}? ^(TOK_FUNCTION Identifier["struct"] {$firstExprTree}
expressionOrDefault+)
+-> {$firstExprTree} expressionOrDefault+
+;
+
+expressionOrDefault
+:
+(KW_DEFAULT ~DOT) => defaultValue
+| expression
;
// Parses comma separated list of expressions with optionally specified
aliases.
diff --git
a/parser/src/test/org/apache/hadoop/hive/ql/parse/TestParseDefault.java
b/parser/src/test/org/apache/hadoop/hive/ql/parse/TestParseDefault.java
new file mode 100644
index 00..707b46b7f8
--- /dev/null
+++ b/parser/src/test/org/apache/hadoop/hive/ql/parse/TestParseDefault.java
@@ -0,0 +1,108 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ *
