Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

BitSetCheckedAuthorizationProvider#authorizeUserPriv without DbName cannot contact to waggle-dance #158

Closed
Elvis0607 opened this issue Mar 12, 2019 · 3 comments · Fixed by #160
Closed

BitSetCheckedAuthorizationProvider#authorizeUserPriv without DbName cannot contact to waggle-dance #158

Elvis0607 opened this issue Mar 12, 2019 · 3 comments · Fixed by #160

Comments

@Elvis0607
Copy link
Contributor

when using BitSetCheckedAuthorizationProvider to do authorization, the dbname is null. Waggle dance cannot process the request.

protected boolean authorizeUserPriv(Privilege[] inputRequiredPriv,
boolean[] inputCheck, Privilege[] outputRequiredPriv,
boolean[] outputCheck) throws HiveException {
PrincipalPrivilegeSet privileges = hive_db.get_privilege_set(
HiveObjectType.GLOBAL, null, null, null, null, this.getAuthenticator()
.getUserName(), this.getAuthenticator().getGroupNames());
return authorizePrivileges(privileges, inputRequiredPriv, inputCheck,
outputRequiredPriv, outputCheck);
}

I think waggle dance can change to

public PrincipalPrivilegeSet get_privilege_set(HiveObjectRef hiveObject, String user_name, List group_names)
throws MetaException, TException {
DatabaseMapping mapping;

if(hiveObject.getDbName().equals(null)){
  mapping = databaseMappingService.primaryDatabaseMapping();
}else{
  mapping = databaseMappingService.databaseMapping(hiveObject.getDbName());
}

return mapping.getClient().get_privilege_set(mapping.transformInboundHiveObjectRef(hiveObject), user_name,
    group_names);

}
@patduin
Copy link
Contributor

patduin commented Mar 12, 2019

That sounds like a good plan, would you consider contributing a PR for this?

@massdosage
Copy link
Contributor

Sounds reasonable, a PR would be fantastic, ideally with a unit test to cover this if possible.

@Elvis0607
Copy link
Contributor Author

I have no experience to make an effort for open-source project. After testing it well, I will try to contribute a PR.

I have just tested like this:

DatabaseMapping mapping;
HiveObjectRef hiveObjectResult;
if(hiveObject.getDbName() == null){
  mapping = databaseMappingService.primaryDatabaseMapping();
  hiveObjectResult = hiveObject;
}else{
  mapping = databaseMappingService.databaseMapping(hiveObject.getDbName());
  hiveObjectResult = mapping.transformInboundHiveObjectRef(hiveObject);

}
return mapping.getClient().get_privilege_set(hiveObjectResult, user_name,
        group_names);

It can work.

@Elvis0607 Elvis0607 mentioned this issue Mar 20, 2019
Merged
Elvis0607 added a commit to Elvis0607/waggle-dance that referenced this issue Mar 21, 2019
@Elvis0607
Support request without DbName like BitSetCheckedAuthorizationProvide…
aac1171 
…r#authorizeUserPrivcannot. See [ExpediaGroup#158](ExpediaGroup#158)
patduin pushed a commit that referenced this issue Mar 21, 2019
@Elvis0607
make request without Dbname like BitSetCheckedAuthorizationProvider#a… (
9f52407 
#160)

* make request without Dbname like BitSetCheckedAuthorizationProvider#authorizeUserPriv can get correct response from waggle-dance

* Support request without DbName like BitSetCheckedAuthorizationProvider#authorizeUserPrivcannot. See [#158](#158)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

make request without Dbname like BitSetCheckedAuthorizationProvider#a… Elvis0607/waggle-dance
3 participants
@massdosage @patduin @Elvis0607