From 720a67ac9468662585a9ca6cf05b71971ab3addf Mon Sep 17 00:00:00 2001 From: Jerry Shao Date: Sat, 21 Sep 2024 15:33:27 +0800 Subject: [PATCH] [#4960] fix(server): hive metastore authentication failed when checking whether securable object exists in createRole() method (#4978) ### What changes were proposed in this pull request? put the check code into the code block Utils.doAs. ### Why are the changes needed? Fix: #4960 ### Does this PR introduce _any_ user-facing change? Passing identity authentication information when checking hive resource ### How was this patch tested? yes,finish functional test By hand, based on the hive meatasotre with kerberos authentication enabled. Co-authored-by: yangyuxia <13853186257@139.com> Co-authored-by: yangyx <360508847@qq.com> --- .../apache/gravitino/server/web/rest/RoleOperations.java | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/server/src/main/java/org/apache/gravitino/server/web/rest/RoleOperations.java b/server/src/main/java/org/apache/gravitino/server/web/rest/RoleOperations.java index f2ed13f7daf..1fa8a443f81 100644 --- a/server/src/main/java/org/apache/gravitino/server/web/rest/RoleOperations.java +++ b/server/src/main/java/org/apache/gravitino/server/web/rest/RoleOperations.java @@ -96,14 +96,12 @@ public Response getRole(@PathParam("metalake") String metalake, @PathParam("role @ResponseMetered(name = "create-role", absolute = true) public Response createRole(@PathParam("metalake") String metalake, RoleCreateRequest request) { try { - - for (SecurableObjectDTO object : request.getSecurableObjects()) { - checkSecurableObject(metalake, object); - } - return Utils.doAs( httpRequest, () -> { + for (SecurableObjectDTO object : request.getSecurableObjects()) { + checkSecurableObject(metalake, object); + } List securableObjects = Arrays.stream(request.getSecurableObjects()) .map(