[jira] [Commented] (HIVE-17701) Added restriction to historic queries on web UI
[ https://issues.apache.org/jira/browse/HIVE-17701?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16203896#comment-16203896 ] Tao Li commented on HIVE-17701: --- Thanks [~thejas] for the comments and commit. > Added restriction to historic queries on web UI > --- > > Key: HIVE-17701 > URL: https://issues.apache.org/jira/browse/HIVE-17701 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Reporter: Thejas M Nair >Assignee: Tao Li > Fix For: 3.0.0 > > Attachments: HIVE-17701.1.patch, HIVE-17701.2.patch, > HIVE-17701.3.patch, HIVE-17701.4.patch, HIVE-17701.5.patch, HIVE-17701.6.patch > > > The HiveServer2 Web UI (HIVE-12550) shows recently completed queries. > However, a user can see the queries run by other users as well, and that is a > security/privacy concern. > Only admin users should be allowed to see queries from other users (similar > to behavior of display for configs, stack trace etc). -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17701) Added restriction to historic queries on web UI
[ https://issues.apache.org/jira/browse/HIVE-17701?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17701: -- Attachment: HIVE-17701.6.patch > Added restriction to historic queries on web UI > --- > > Key: HIVE-17701 > URL: https://issues.apache.org/jira/browse/HIVE-17701 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Reporter: Thejas M Nair >Assignee: Tao Li > Attachments: HIVE-17701.1.patch, HIVE-17701.2.patch, > HIVE-17701.3.patch, HIVE-17701.4.patch, HIVE-17701.5.patch, HIVE-17701.6.patch > > > The HiveServer2 Web UI (HIVE-12550) shows recently completed queries. > However, a user can see the queries run by other users as well, and that is a > security/privacy concern. > Only admin users should be allowed to see queries from other users (similar > to behavior of display for configs, stack trace etc). -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (HIVE-17701) Added restriction to historic queries on web UI
[ https://issues.apache.org/jira/browse/HIVE-17701?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16195075#comment-16195075 ] Tao Li commented on HIVE-17701: --- In the latest patch, we want to display sessions/queries that belong to the remote user if not an admin, when auth is enabled. When auth is disabled, each user acts as an admin and can view everything. > Added restriction to historic queries on web UI > --- > > Key: HIVE-17701 > URL: https://issues.apache.org/jira/browse/HIVE-17701 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Reporter: Thejas M Nair >Assignee: Tao Li > Attachments: HIVE-17701.1.patch, HIVE-17701.2.patch, > HIVE-17701.3.patch, HIVE-17701.4.patch, HIVE-17701.5.patch > > > The HiveServer2 Web UI (HIVE-12550) shows recently completed queries. > However, a user can see the queries run by other users as well, and that is a > security/privacy concern. > Only admin users should be allowed to see queries from other users (similar > to behavior of display for configs, stack trace etc). -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17701) Added restriction to historic queries on web UI
[ https://issues.apache.org/jira/browse/HIVE-17701?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17701: -- Attachment: HIVE-17701.5.patch > Added restriction to historic queries on web UI > --- > > Key: HIVE-17701 > URL: https://issues.apache.org/jira/browse/HIVE-17701 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Reporter: Thejas M Nair >Assignee: Tao Li > Attachments: HIVE-17701.1.patch, HIVE-17701.2.patch, > HIVE-17701.3.patch, HIVE-17701.4.patch, HIVE-17701.5.patch > > > The HiveServer2 Web UI (HIVE-12550) shows recently completed queries. > However, a user can see the queries run by other users as well, and that is a > security/privacy concern. > Only admin users should be allowed to see queries from other users (similar > to behavior of display for configs, stack trace etc). -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17701) Added restriction to historic queries on web UI
[ https://issues.apache.org/jira/browse/HIVE-17701?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17701: -- Status: Patch Available (was: Open) > Added restriction to historic queries on web UI > --- > > Key: HIVE-17701 > URL: https://issues.apache.org/jira/browse/HIVE-17701 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Reporter: Thejas M Nair >Assignee: Tao Li > Attachments: HIVE-17701.1.patch, HIVE-17701.2.patch, > HIVE-17701.3.patch, HIVE-17701.4.patch > > > The HiveServer2 Web UI (HIVE-12550) shows recently completed queries. > However, a user can see the queries run by other users as well, and that is a > security/privacy concern. > Only admin users should be allowed to see queries from other users (similar > to behavior of display for configs, stack trace etc). -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17701) Added restriction to historic queries on web UI
[ https://issues.apache.org/jira/browse/HIVE-17701?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17701: -- Attachment: HIVE-17701.4.patch > Added restriction to historic queries on web UI > --- > > Key: HIVE-17701 > URL: https://issues.apache.org/jira/browse/HIVE-17701 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Reporter: Thejas M Nair >Assignee: Tao Li > Attachments: HIVE-17701.1.patch, HIVE-17701.2.patch, > HIVE-17701.3.patch, HIVE-17701.4.patch > > > The HiveServer2 Web UI (HIVE-12550) shows recently completed queries. > However, a user can see the queries run by other users as well, and that is a > security/privacy concern. > Only admin users should be allowed to see queries from other users (similar > to behavior of display for configs, stack trace etc). -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17701) Added restriction to historic queries on web UI
[ https://issues.apache.org/jira/browse/HIVE-17701?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17701: -- Status: Open (was: Patch Available) > Added restriction to historic queries on web UI > --- > > Key: HIVE-17701 > URL: https://issues.apache.org/jira/browse/HIVE-17701 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Reporter: Thejas M Nair >Assignee: Tao Li > Attachments: HIVE-17701.1.patch, HIVE-17701.2.patch, > HIVE-17701.3.patch, HIVE-17701.4.patch > > > The HiveServer2 Web UI (HIVE-12550) shows recently completed queries. > However, a user can see the queries run by other users as well, and that is a > security/privacy concern. > Only admin users should be allowed to see queries from other users (similar > to behavior of display for configs, stack trace etc). -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17701) Added restriction to historic queries on web UI
[ https://issues.apache.org/jira/browse/HIVE-17701?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17701: -- Attachment: HIVE-17701.4.patch > Added restriction to historic queries on web UI > --- > > Key: HIVE-17701 > URL: https://issues.apache.org/jira/browse/HIVE-17701 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Reporter: Thejas M Nair >Assignee: Tao Li > Attachments: HIVE-17701.1.patch, HIVE-17701.2.patch, > HIVE-17701.3.patch, HIVE-17701.4.patch > > > The HiveServer2 Web UI (HIVE-12550) shows recently completed queries. > However, a user can see the queries run by other users as well, and that is a > security/privacy concern. > Only admin users should be allowed to see queries from other users (similar > to behavior of display for configs, stack trace etc). -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17701) Added restriction to historic queries on web UI
[ https://issues.apache.org/jira/browse/HIVE-17701?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17701: -- Attachment: (was: HIVE-17701.4.patch) > Added restriction to historic queries on web UI > --- > > Key: HIVE-17701 > URL: https://issues.apache.org/jira/browse/HIVE-17701 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Reporter: Thejas M Nair >Assignee: Tao Li > Attachments: HIVE-17701.1.patch, HIVE-17701.2.patch, > HIVE-17701.3.patch > > > The HiveServer2 Web UI (HIVE-12550) shows recently completed queries. > However, a user can see the queries run by other users as well, and that is a > security/privacy concern. > Only admin users should be allowed to see queries from other users (similar > to behavior of display for configs, stack trace etc). -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (HIVE-17701) Added restriction to historic queries on web UI
[ https://issues.apache.org/jira/browse/HIVE-17701?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16194774#comment-16194774 ] Tao Li commented on HIVE-17701: --- Test result looks good. > Added restriction to historic queries on web UI > --- > > Key: HIVE-17701 > URL: https://issues.apache.org/jira/browse/HIVE-17701 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Reporter: Thejas M Nair >Assignee: Tao Li > Attachments: HIVE-17701.1.patch, HIVE-17701.2.patch, > HIVE-17701.3.patch > > > The HiveServer2 Web UI (HIVE-12550) shows recently completed queries. > However, a user can see the queries run by other users as well, and that is a > security/privacy concern. > Only admin users should be allowed to see queries from other users (similar > to behavior of display for configs, stack trace etc). -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17701) Added restriction to historic queries on web UI
[ https://issues.apache.org/jira/browse/HIVE-17701?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17701: -- Status: Patch Available (was: Open) > Added restriction to historic queries on web UI > --- > > Key: HIVE-17701 > URL: https://issues.apache.org/jira/browse/HIVE-17701 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Reporter: Thejas M Nair >Assignee: Tao Li > Attachments: HIVE-17701.1.patch, HIVE-17701.2.patch, > HIVE-17701.3.patch > > > The HiveServer2 Web UI (HIVE-12550) shows recently completed queries. > However, a user can see the queries run by other users as well, and that is a > security/privacy concern. > Only admin users should be allowed to see queries from other users (similar > to behavior of display for configs, stack trace etc). -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17701) Added restriction to historic queries on web UI
[ https://issues.apache.org/jira/browse/HIVE-17701?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17701: -- Attachment: HIVE-17701.3.patch > Added restriction to historic queries on web UI > --- > > Key: HIVE-17701 > URL: https://issues.apache.org/jira/browse/HIVE-17701 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Reporter: Thejas M Nair >Assignee: Tao Li > Attachments: HIVE-17701.1.patch, HIVE-17701.2.patch, > HIVE-17701.3.patch > > > The HiveServer2 Web UI (HIVE-12550) shows recently completed queries. > However, a user can see the queries run by other users as well, and that is a > security/privacy concern. > Only admin users should be allowed to see queries from other users (similar > to behavior of display for configs, stack trace etc). -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17701) Added restriction to historic queries on web UI
[ https://issues.apache.org/jira/browse/HIVE-17701?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17701: -- Status: Open (was: Patch Available) > Added restriction to historic queries on web UI > --- > > Key: HIVE-17701 > URL: https://issues.apache.org/jira/browse/HIVE-17701 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Reporter: Thejas M Nair >Assignee: Tao Li > Attachments: HIVE-17701.1.patch, HIVE-17701.2.patch, > HIVE-17701.3.patch > > > The HiveServer2 Web UI (HIVE-12550) shows recently completed queries. > However, a user can see the queries run by other users as well, and that is a > security/privacy concern. > Only admin users should be allowed to see queries from other users (similar > to behavior of display for configs, stack trace etc). -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (HIVE-17701) Added restriction to historic queries on web UI
[ https://issues.apache.org/jira/browse/HIVE-17701?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16194053#comment-16194053 ] Tao Li commented on HIVE-17701: --- Potentially we can move hasAdministratorAccess all to the beginning of "Active session" section and remove the call for the following sections. Thus it should fail early in the session section and return the error page at that time. However the advantage of the uploaded patch is, if we change the logic of hasAdministratorAccess in future such that we just return false (when permission check fails) without returning error page, then we can skip rendering of the 3 sections. That logic is more clear. > Added restriction to historic queries on web UI > --- > > Key: HIVE-17701 > URL: https://issues.apache.org/jira/browse/HIVE-17701 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Reporter: Thejas M Nair >Assignee: Tao Li > Attachments: HIVE-17701.1.patch, HIVE-17701.2.patch > > > The HiveServer2 Web UI (HIVE-12550) shows recently completed queries. > However, a user can see the queries run by other users as well, and that is a > security/privacy concern. > Only admin users should be allowed to see queries from other users (similar > to behavior of display for configs, stack trace etc). -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (HIVE-17701) Added restriction to historic queries on web UI
[ https://issues.apache.org/jira/browse/HIVE-17701?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16194047#comment-16194047 ] Tao Li commented on HIVE-17701: --- So with the patch, if the auth is enabled and user is not admin, then we return the error page. If auth is disabled, then any user can view all the queries. > Added restriction to historic queries on web UI > --- > > Key: HIVE-17701 > URL: https://issues.apache.org/jira/browse/HIVE-17701 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Reporter: Thejas M Nair >Assignee: Tao Li > Attachments: HIVE-17701.1.patch, HIVE-17701.2.patch > > > The HiveServer2 Web UI (HIVE-12550) shows recently completed queries. > However, a user can see the queries run by other users as well, and that is a > security/privacy concern. > Only admin users should be allowed to see queries from other users (similar > to behavior of display for configs, stack trace etc). -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17701) Added restriction to historic queries on web UI
[ https://issues.apache.org/jira/browse/HIVE-17701?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17701: -- Attachment: HIVE-17701.2.patch > Added restriction to historic queries on web UI > --- > > Key: HIVE-17701 > URL: https://issues.apache.org/jira/browse/HIVE-17701 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Reporter: Thejas M Nair >Assignee: Tao Li > Attachments: HIVE-17701.1.patch, HIVE-17701.2.patch > > > The HiveServer2 Web UI (HIVE-12550) shows recently completed queries. > However, a user can see the queries run by other users as well, and that is a > security/privacy concern. > Only admin users should be allowed to see queries from other users (similar > to behavior of display for configs, stack trace etc). -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17701) Added restriction to historic queries on web UI
[ https://issues.apache.org/jira/browse/HIVE-17701?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17701: -- Status: Patch Available (was: Open) > Added restriction to historic queries on web UI > --- > > Key: HIVE-17701 > URL: https://issues.apache.org/jira/browse/HIVE-17701 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Reporter: Thejas M Nair >Assignee: Tao Li > Attachments: HIVE-17701.1.patch > > > The HiveServer2 Web UI (HIVE-12550) shows recently completed queries. > However, a user can see the queries run by other users as well, and that is a > security/privacy concern. > Only admin users should be allowed to see queries from other users (similar > to behavior of display for configs, stack trace etc). -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17701) Added restriction to historic queries on web UI
[ https://issues.apache.org/jira/browse/HIVE-17701?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17701: -- Attachment: HIVE-17701.1.patch > Added restriction to historic queries on web UI > --- > > Key: HIVE-17701 > URL: https://issues.apache.org/jira/browse/HIVE-17701 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Reporter: Thejas M Nair >Assignee: Tao Li > Attachments: HIVE-17701.1.patch > > > The HiveServer2 Web UI (HIVE-12550) shows recently completed queries. > However, a user can see the queries run by other users as well, and that is a > security/privacy concern. > Only admin users should be allowed to see queries from other users (similar > to behavior of display for configs, stack trace etc). -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17701) Added restriction to historic queries on web UI
[ https://issues.apache.org/jira/browse/HIVE-17701?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17701: -- Summary: Added restriction to historic queries on web UI (was: Show historic queries only for admin users) > Added restriction to historic queries on web UI > --- > > Key: HIVE-17701 > URL: https://issues.apache.org/jira/browse/HIVE-17701 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Reporter: Thejas M Nair >Assignee: Tao Li > > The HiveServer2 Web UI (HIVE-12550) shows recently completed queries. > However, a user can see the queries run by other users as well, and that is a > security/privacy concern. > Only admin users should be allowed to see queries from other users (similar > to behavior of display for configs, stack trace etc). -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (HIVE-17701) Show historic queries only for admin users
[ https://issues.apache.org/jira/browse/HIVE-17701?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16193613#comment-16193613 ] Tao Li commented on HIVE-17701: --- By looking at the code, we use the hasAdministratorAccess method to check if the use is an admin to access the config/stack pages. But for the reported bug, I assume we are trying to filter out the queries that are not related to this user. That means a non-admin user "foo" should not see queries from other users, while an admin user "bar" should see all queries. Is this understanding correct? Please confirm. If it sounds correct, then the behavior is different from the logic by using hasAdministratorAccess. > Show historic queries only for admin users > -- > > Key: HIVE-17701 > URL: https://issues.apache.org/jira/browse/HIVE-17701 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Reporter: Thejas M Nair >Assignee: Tao Li > > The HiveServer2 Web UI (HIVE-12550) shows recently completed queries. > However, a user can see the queries run by other users as well, and that is a > security/privacy concern. > Only admin users should be allowed to see queries from other users (similar > to behavior of display for configs, stack trace etc). -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16187465#comment-16187465 ] Tao Li commented on HIVE-17606: --- Added a section here: https://cwiki.apache.org/confluence/display/Hive/HiveReplicationv2Development#HiveReplicationv2Development-MetastorenotificationAPIsecurity [~leftylev] Please let me know if you have any suggestions to improve it. Thanks! > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Fix For: 3.0.0 > > Attachments: HIVE-17606.10.patch, HIVE-17606.1.patch, > HIVE-17606.2.patch, HIVE-17606.3.patch, HIVE-17606.4.patch, > HIVE-17606.5.patch, HIVE-17606.6.patch, HIVE-17606.7.patch, > HIVE-17606.8.patch, HIVE-17606.9.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16187256#comment-16187256 ] Tao Li commented on HIVE-17606: --- Thanks [~thejas]. Will update Apache wiki asap. > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Fix For: 3.0.0 > > Attachments: HIVE-17606.10.patch, HIVE-17606.1.patch, > HIVE-17606.2.patch, HIVE-17606.3.patch, HIVE-17606.4.patch, > HIVE-17606.5.patch, HIVE-17606.6.patch, HIVE-17606.7.patch, > HIVE-17606.8.patch, HIVE-17606.9.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16184995#comment-16184995 ] Tao Li commented on HIVE-17606: --- [~sershe] I don't see how the change could cause the error since ReplChangeManager was not changed. Can you please elaborate? > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Fix For: 3.0.0 > > Attachments: HIVE-17606.10.patch, HIVE-17606.1.patch, > HIVE-17606.2.patch, HIVE-17606.3.patch, HIVE-17606.4.patch, > HIVE-17606.5.patch, HIVE-17606.6.patch, HIVE-17606.7.patch, > HIVE-17606.8.patch, HIVE-17606.9.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16184900#comment-16184900 ] Tao Li commented on HIVE-17606: --- [~thejas] Am I supposed to make the wiki doc change? Thanks for the reminder. > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Fix For: 3.0.0 > > Attachments: HIVE-17606.10.patch, HIVE-17606.1.patch, > HIVE-17606.2.patch, HIVE-17606.3.patch, HIVE-17606.4.patch, > HIVE-17606.5.patch, HIVE-17606.6.patch, HIVE-17606.7.patch, > HIVE-17606.8.patch, HIVE-17606.9.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16184838#comment-16184838 ] Tao Li commented on HIVE-17606: --- Test result looks good. The failures don't seems related to the change. > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.10.patch, HIVE-17606.1.patch, > HIVE-17606.2.patch, HIVE-17606.3.patch, HIVE-17606.4.patch, > HIVE-17606.5.patch, HIVE-17606.6.patch, HIVE-17606.7.patch, > HIVE-17606.8.patch, HIVE-17606.9.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Attachment: HIVE-17606.10.patch > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.10.patch, HIVE-17606.1.patch, > HIVE-17606.2.patch, HIVE-17606.3.patch, HIVE-17606.4.patch, > HIVE-17606.5.patch, HIVE-17606.6.patch, HIVE-17606.7.patch, > HIVE-17606.8.patch, HIVE-17606.9.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Attachment: (was: HIVE-17606.10.patch) > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch, HIVE-17606.5.patch, > HIVE-17606.6.patch, HIVE-17606.7.patch, HIVE-17606.8.patch, HIVE-17606.9.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Attachment: HIVE-17606.10.patch > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.10.patch, HIVE-17606.1.patch, > HIVE-17606.2.patch, HIVE-17606.3.patch, HIVE-17606.4.patch, > HIVE-17606.5.patch, HIVE-17606.6.patch, HIVE-17606.7.patch, > HIVE-17606.8.patch, HIVE-17606.9.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Attachment: (was: HIVE-17606.10.patch) > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch, HIVE-17606.5.patch, > HIVE-17606.6.patch, HIVE-17606.7.patch, HIVE-17606.8.patch, HIVE-17606.9.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Attachment: HIVE-17606.10.patch > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.10.patch, HIVE-17606.1.patch, > HIVE-17606.2.patch, HIVE-17606.3.patch, HIVE-17606.4.patch, > HIVE-17606.5.patch, HIVE-17606.6.patch, HIVE-17606.7.patch, > HIVE-17606.8.patch, HIVE-17606.9.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16184674#comment-16184674 ] Tao Li commented on HIVE-17606: --- [~thejas] Correct. Actually I am fixing that now. > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch, HIVE-17606.5.patch, > HIVE-17606.6.patch, HIVE-17606.7.patch, HIVE-17606.8.patch, HIVE-17606.9.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16184610#comment-16184610 ] Tao Li commented on HIVE-17606: --- [~thejas] Thanks for the comments. Regarding the test case, I was specifying "expected = TException.class" to expect the exception. I will add some more comments to make it more clear. Just uploaded another iteration. > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch, HIVE-17606.5.patch, > HIVE-17606.6.patch, HIVE-17606.7.patch, HIVE-17606.8.patch, HIVE-17606.9.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Attachment: HIVE-17606.9.patch > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch, HIVE-17606.5.patch, > HIVE-17606.6.patch, HIVE-17606.7.patch, HIVE-17606.8.patch, HIVE-17606.9.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Attachment: (was: HIVE-17606.9.patch) > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch, HIVE-17606.5.patch, > HIVE-17606.6.patch, HIVE-17606.7.patch, HIVE-17606.8.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Attachment: HIVE-17606.9.patch > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch, HIVE-17606.5.patch, > HIVE-17606.6.patch, HIVE-17606.7.patch, HIVE-17606.8.patch, HIVE-17606.9.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Attachment: HIVE-17606.8.patch > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch, HIVE-17606.5.patch, > HIVE-17606.6.patch, HIVE-17606.7.patch, HIVE-17606.8.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16184476#comment-16184476 ] Tao Li commented on HIVE-17606: --- Test result looks good. > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch, HIVE-17606.5.patch, > HIVE-17606.6.patch, HIVE-17606.7.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Attachment: HIVE-17606.7.patch > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch, HIVE-17606.5.patch, > HIVE-17606.6.patch, HIVE-17606.7.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Attachment: (was: HIVE-17606.7.patch) > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch, HIVE-17606.5.patch, > HIVE-17606.6.patch, HIVE-17606.7.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Attachment: HIVE-17606.7.patch > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch, HIVE-17606.5.patch, > HIVE-17606.6.patch, HIVE-17606.7.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Status: Patch Available (was: Open) > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch, HIVE-17606.5.patch, HIVE-17606.6.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Status: Open (was: Patch Available) > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch, HIVE-17606.5.patch, HIVE-17606.6.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Status: Patch Available (was: Open) > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch, HIVE-17606.5.patch, HIVE-17606.6.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Attachment: HIVE-17606.6.patch > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch, HIVE-17606.5.patch, HIVE-17606.6.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Attachment: HIVE-17606.6.patch > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch, HIVE-17606.5.patch, HIVE-17606.6.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Attachment: (was: HIVE-17606.6.patch) > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch, HIVE-17606.5.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Status: Open (was: Patch Available) > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch, HIVE-17606.5.patch, HIVE-17606.6.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Status: Patch Available (was: Open) > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch, HIVE-17606.5.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Attachment: HIVE-17606.5.patch > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch, HIVE-17606.5.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Attachment: (was: HIVE-17606.5.patch) > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch, HIVE-17606.5.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Attachment: HIVE-17606.5.patch > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch, HIVE-17606.5.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Status: Open (was: Patch Available) > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Attachment: HIVE-17606.5.patch > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch, HIVE-17606.5.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Attachment: (was: HIVE-17606.5.patch) > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Status: Patch Available (was: Open) > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Status: Open (was: Patch Available) > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16182189#comment-16182189 ] Tao Li commented on HIVE-17606: --- [~thejas], [~leftylev] Thanks for the comments. Just uploaded another iteration and will wait for test results. > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Status: Patch Available (was: Open) > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Attachment: HIVE-17606.4.patch > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Attachment: (was: HIVE-17606.4.patch) > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Attachment: HIVE-17606.4.patch > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch, HIVE-17606.4.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Status: Open (was: Patch Available) > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Status: Patch Available (was: Open) > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Status: Open (was: Patch Available) > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Status: Patch Available (was: Open) > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Attachment: HIVE-17606.3.patch > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Status: Open (was: Patch Available) > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, > HIVE-17606.3.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16181607#comment-16181607 ] Tao Li commented on HIVE-17606: --- Test result looks good now. > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Status: Patch Available (was: Open) > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Status: Open (was: Patch Available) > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Status: Open (was: Patch Available) > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Status: Patch Available (was: Open) > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Attachment: HIVE-17606.2.patch > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Status: Patch Available (was: Open) > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Assigned] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li reassigned HIVE-17606: - > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17606) Improve security for DB notification related APIs
[ https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17606: -- Attachment: HIVE-17606.1.patch > Improve security for DB notification related APIs > - > > Key: HIVE-17606 > URL: https://issues.apache.org/jira/browse/HIVE-17606 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17606.1.patch > > > The purpose is to make sure only the superusers which are specified in the > proxyuser settings can make the db notification related API calls, since this > is supposed to be called by superuser/admin instead of any end user. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (HIVE-17585) Improve thread safety when loading dynamic partitions in parallel
[ https://issues.apache.org/jira/browse/HIVE-17585?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16180289#comment-16180289 ] Tao Li commented on HIVE-17585: --- [~sershe] Thanks for the comments. I thought about that and was a little concerned with the memory overhead to have a new Hive instance per thread (especially the embedded metastore scenario), so I chose to go with the singleton approach. But I agree that having the thread local will give us the best safety. Regarding the latency, the major advantage of the loading partitions in parallel is making the HDFS calls in parallel, so synchronizing on the metastore client should not be a big concern. > Improve thread safety when loading dynamic partitions in parallel > - > > Key: HIVE-17585 > URL: https://issues.apache.org/jira/browse/HIVE-17585 > Project: Hive > Issue Type: Bug >Reporter: Tao Li >Assignee: Tao Li > Fix For: 3.0.0 > > Attachments: HIVE-17585.1.patch, HIVE-17585.2.patch > > -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (HIVE-17585) Improve thread safety when loading dynamic partitions in parallel
[ https://issues.apache.org/jira/browse/HIVE-17585?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16177893#comment-16177893 ] Tao Li commented on HIVE-17585: --- Test result looks good. cc [~thejas] > Improve thread safety when loading dynamic partitions in parallel > - > > Key: HIVE-17585 > URL: https://issues.apache.org/jira/browse/HIVE-17585 > Project: Hive > Issue Type: Bug >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17585.1.patch, HIVE-17585.2.patch > > -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (HIVE-17587) Remove unnecessary filter from getPartitionsFromPartitionIds call
[ https://issues.apache.org/jira/browse/HIVE-17587?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16177892#comment-16177892 ] Tao Li commented on HIVE-17587: --- Test result looks good. [~sershe], [~ashutoshc] Can you please review this change? cc [~thejas] > Remove unnecessary filter from getPartitionsFromPartitionIds call > - > > Key: HIVE-17587 > URL: https://issues.apache.org/jira/browse/HIVE-17587 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17587.1.patch > > -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17587) Remove unnecessary filter from getPartitionsFromPartitionIds call
[ https://issues.apache.org/jira/browse/HIVE-17587?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17587: -- Priority: Major (was: Minor) > Remove unnecessary filter from getPartitionsFromPartitionIds call > - > > Key: HIVE-17587 > URL: https://issues.apache.org/jira/browse/HIVE-17587 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17587.1.patch > > -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Comment Edited] (HIVE-17587) Remove unnecessary filter from getPartitionsFromPartitionIds call
[ https://issues.apache.org/jira/browse/HIVE-17587?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16177441#comment-16177441 ] Tao Li edited comment on HIVE-17587 at 9/23/17 2:40 AM: The background is that we identified a MySQL bug when dropping partitions with HDP (Apache based): https://bugs.mysql.com/bug.php?id=87264 The community was able to verify the mysql bug, but has not given us a ETA for the fix. From our side we have a workaround with the attached patch. So this change is not only an improvement, but also an important fix for the above issue. was (Author: taoli-hwx): The background is that we identified a MySQL bug when dropping partitions: https://bugs.mysql.com/bug.php?id=87264 The community was able to verify the mysql bug, but has not given us a ETA. From our side we have a workaround with the attached patch. > Remove unnecessary filter from getPartitionsFromPartitionIds call > - > > Key: HIVE-17587 > URL: https://issues.apache.org/jira/browse/HIVE-17587 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li >Priority: Minor > Attachments: HIVE-17587.1.patch > > -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (HIVE-17587) Remove unnecessary filter from getPartitionsFromPartitionIds call
[ https://issues.apache.org/jira/browse/HIVE-17587?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16177441#comment-16177441 ] Tao Li commented on HIVE-17587: --- The background is that we identified a MySQL bug when dropping partitions: https://bugs.mysql.com/bug.php?id=87264 The community was able to verify the mysql bug, but has not given us a ETA. From our side we have a workaround with the attached patch. > Remove unnecessary filter from getPartitionsFromPartitionIds call > - > > Key: HIVE-17587 > URL: https://issues.apache.org/jira/browse/HIVE-17587 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li >Priority: Minor > Attachments: HIVE-17587.1.patch > > -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17585) Improve thread safety when loading dynamic partitions in parallel
[ https://issues.apache.org/jira/browse/HIVE-17585?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17585: -- Status: Patch Available (was: Open) > Improve thread safety when loading dynamic partitions in parallel > - > > Key: HIVE-17585 > URL: https://issues.apache.org/jira/browse/HIVE-17585 > Project: Hive > Issue Type: Bug >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17585.1.patch, HIVE-17585.2.patch > > -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17585) Improve thread safety when loading dynamic partitions in parallel
[ https://issues.apache.org/jira/browse/HIVE-17585?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17585: -- Attachment: HIVE-17585.2.patch > Improve thread safety when loading dynamic partitions in parallel > - > > Key: HIVE-17585 > URL: https://issues.apache.org/jira/browse/HIVE-17585 > Project: Hive > Issue Type: Bug >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17585.1.patch, HIVE-17585.2.patch > > -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17585) Improve thread safety when loading dynamic partitions in parallel
[ https://issues.apache.org/jira/browse/HIVE-17585?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17585: -- Attachment: (was: HIVE-17585.2.patch) > Improve thread safety when loading dynamic partitions in parallel > - > > Key: HIVE-17585 > URL: https://issues.apache.org/jira/browse/HIVE-17585 > Project: Hive > Issue Type: Bug >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17585.1.patch > > -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17585) Improve thread safety when loading dynamic partitions in parallel
[ https://issues.apache.org/jira/browse/HIVE-17585?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17585: -- Attachment: HIVE-17585.2.patch > Improve thread safety when loading dynamic partitions in parallel > - > > Key: HIVE-17585 > URL: https://issues.apache.org/jira/browse/HIVE-17585 > Project: Hive > Issue Type: Bug >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17585.1.patch, HIVE-17585.2.patch > > -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17585) Improve thread safety when loading dynamic partitions in parallel
[ https://issues.apache.org/jira/browse/HIVE-17585?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17585: -- Status: Open (was: Patch Available) > Improve thread safety when loading dynamic partitions in parallel > - > > Key: HIVE-17585 > URL: https://issues.apache.org/jira/browse/HIVE-17585 > Project: Hive > Issue Type: Bug >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17585.1.patch, HIVE-17585.2.patch > > -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17587) Remove unnecessary filter from getPartitionsFromPartitionIds call
[ https://issues.apache.org/jira/browse/HIVE-17587?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17587: -- Status: Patch Available (was: Open) > Remove unnecessary filter from getPartitionsFromPartitionIds call > - > > Key: HIVE-17587 > URL: https://issues.apache.org/jira/browse/HIVE-17587 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li >Priority: Minor > Attachments: HIVE-17587.1.patch > > -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17587) Remove unnecessary filter from getPartitionsFromPartitionIds call
[ https://issues.apache.org/jira/browse/HIVE-17587?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17587: -- Attachment: HIVE-17587.1.patch > Remove unnecessary filter from getPartitionsFromPartitionIds call > - > > Key: HIVE-17587 > URL: https://issues.apache.org/jira/browse/HIVE-17587 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li >Priority: Minor > Attachments: HIVE-17587.1.patch > > -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17587) Remove unnecessary filter from getPartitionsFromPartitionIds call
[ https://issues.apache.org/jira/browse/HIVE-17587?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17587: -- Attachment: HIVE-17587.1.patch > Remove unnecessary filter from getPartitionsFromPartitionIds call > - > > Key: HIVE-17587 > URL: https://issues.apache.org/jira/browse/HIVE-17587 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li >Priority: Minor > -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17587) Remove unnecessary filter from getPartitionsFromPartitionIds call
[ https://issues.apache.org/jira/browse/HIVE-17587?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17587: -- Attachment: (was: HIVE-17587.1.patch) > Remove unnecessary filter from getPartitionsFromPartitionIds call > - > > Key: HIVE-17587 > URL: https://issues.apache.org/jira/browse/HIVE-17587 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li >Priority: Minor > -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Assigned] (HIVE-17587) Remove unnecessary filter from getPartitionsFromPartitionIds call
[ https://issues.apache.org/jira/browse/HIVE-17587?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li reassigned HIVE-17587: - > Remove unnecessary filter from getPartitionsFromPartitionIds call > - > > Key: HIVE-17587 > URL: https://issues.apache.org/jira/browse/HIVE-17587 > Project: Hive > Issue Type: Improvement > Components: Metastore >Reporter: Tao Li >Assignee: Tao Li >Priority: Minor > -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17585) Improve thread safety when loading dynamic partitions in parallel
[ https://issues.apache.org/jira/browse/HIVE-17585?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17585: -- Status: Patch Available (was: Open) > Improve thread safety when loading dynamic partitions in parallel > - > > Key: HIVE-17585 > URL: https://issues.apache.org/jira/browse/HIVE-17585 > Project: Hive > Issue Type: Bug >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17585.1.patch > > -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17585) Improve thread safety when loading dynamic partitions in parallel
[ https://issues.apache.org/jira/browse/HIVE-17585?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17585: -- Attachment: HIVE-17585.1.patch > Improve thread safety when loading dynamic partitions in parallel > - > > Key: HIVE-17585 > URL: https://issues.apache.org/jira/browse/HIVE-17585 > Project: Hive > Issue Type: Bug >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17585.1.patch > > -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Assigned] (HIVE-17585) Improve thread safety when loading dynamic partitions in parallel
[ https://issues.apache.org/jira/browse/HIVE-17585?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li reassigned HIVE-17585: - > Improve thread safety when loading dynamic partitions in parallel > - > > Key: HIVE-17585 > URL: https://issues.apache.org/jira/browse/HIVE-17585 > Project: Hive > Issue Type: Bug >Reporter: Tao Li >Assignee: Tao Li > -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (HIVE-17558) Skip non-native/temporary tables for constraint related scenarios
[ https://issues.apache.org/jira/browse/HIVE-17558?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16175224#comment-16175224 ] Tao Li commented on HIVE-17558: --- Test result looks good. > Skip non-native/temporary tables for constraint related scenarios > - > > Key: HIVE-17558 > URL: https://issues.apache.org/jira/browse/HIVE-17558 > Project: Hive > Issue Type: Bug >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17558.1.patch, HIVE-17558.2.patch > > > The change would be similar to HIVE-17422. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (HIVE-17570) Fix view deletion related test failures (create_view.q etc)
[ https://issues.apache.org/jira/browse/HIVE-17570?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16175004#comment-16175004 ] Tao Li commented on HIVE-17570: --- Test result looks good. > Fix view deletion related test failures (create_view.q etc) > --- > > Key: HIVE-17570 > URL: https://issues.apache.org/jira/browse/HIVE-17570 > Project: Hive > Issue Type: Bug >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17570.1.patch, HIVE-17570.2.patch > > > Fixing the bug introduced by HIVE-17459. Sorry that did not capture that in a > timely fashion. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (HIVE-17570) Fix view deletion related test failures (create_view.q etc)
[ https://issues.apache.org/jira/browse/HIVE-17570?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16173803#comment-16173803 ] Tao Li commented on HIVE-17570: --- Just uploaded another iteration. > Fix view deletion related test failures (create_view.q etc) > --- > > Key: HIVE-17570 > URL: https://issues.apache.org/jira/browse/HIVE-17570 > Project: Hive > Issue Type: Bug >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17570.1.patch, HIVE-17570.2.patch > > > Fixing the bug introduced by HIVE-17459. Sorry that did not capture that in a > timely fashion. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17570) Fix view deletion related test failures (create_view.q etc)
[ https://issues.apache.org/jira/browse/HIVE-17570?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17570: -- Attachment: HIVE-17570.2.patch > Fix view deletion related test failures (create_view.q etc) > --- > > Key: HIVE-17570 > URL: https://issues.apache.org/jira/browse/HIVE-17570 > Project: Hive > Issue Type: Bug >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17570.1.patch, HIVE-17570.2.patch > > > Fixing the bug introduced by HIVE-17459. Sorry that did not capture that in a > timely fashion. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17570) Fix view deletion related test failures (create_view.q etc)
[ https://issues.apache.org/jira/browse/HIVE-17570?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17570: -- Status: Patch Available (was: Open) > Fix view deletion related test failures (create_view.q etc) > --- > > Key: HIVE-17570 > URL: https://issues.apache.org/jira/browse/HIVE-17570 > Project: Hive > Issue Type: Bug >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17570.1.patch, HIVE-17570.2.patch > > > Fixing the bug introduced by HIVE-17459. Sorry that did not capture that in a > timely fashion. -- This message was sent by Atlassian JIRA (v6.4.14#64029)