| set hive.test.authz.sstd.hs2.mode=true; |
| set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest; |
| set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator; |
| |
| set user.name=hive_admin_user; |
| set role admin; |
| create role r1; |
| grant role r1 to user r1user; |
| |
| set user.name=user1; |
| CREATE TABLE t1_n126(i int); |
| |
| -- all privileges should have been set for user |
| |
| GRANT ALL ON t1_n126 TO ROLE r1 WITH GRANT OPTION; |
| |
| set user.name=r1user; |
| -- check if user belong to role r1 can grant privileges to others |
| GRANT ALL ON t1_n126 TO USER user3; |
| |
| set user.name=hive_admin_user; |
| set role admin; |
| -- check privileges on table |
| show grant on table t1_n126; |
| |
| -- check if drop role removes privileges for that role |
| drop role r1; |
| show grant on table t1_n126; |