配置單元jdbc - 無法從我自己的表中選擇

Question

我登錄爲pawel用戶。在蜂巢shell中，我在數據庫中創建了一個數據庫pawel_db和一個test_table，並填充了一行數據。這是ls顯示我：

[pawel@sandbox ~]$ hadoop fs -ls /apps/hive/warehouse 
Found 6 items 
drwxr-xr-x - pawel hdfs   0 2014-07-14 07:29 /apps/hive/warehouse/pawel_db.db 
[...] 

在shell：

[pawel@sandbox ~]$ hive -e "use pawel_db; select * from test_table" 

Logging initialized using configuration in file:/etc/hive/conf.dist/hive-log4j.properties 
OK 
Time taken: 9.926 seconds 
OK 
777 
Time taken: 5.243 seconds, Fetched: 1 row(s) 

一切似乎是罰款。問題開始時，我想通過JDBC做一些疑問：

Connection con = DriverManager.getConnection("jdbc:hive2://" + hiveHostAddress + ":" + hiveHostPort + "/pawel_db", "pawel", ""); 
Statement stmt = con.createStatement(); 
stmt.execute("select * from test_table"); 

拋出一個異常：

Caused by: java.sql.SQLException: Error while compiling statement: FAILED: HiveAccessControlException Permission denied. Principal [name=pawel, type=USER] does not have following privileges on Object [type=TABLE_OR_VIEW, name=pawel_db.test_table] : [SELECT] 

然而，在蜂巢執行後：

grant SELECT on table test_table to user pawel; 

沒有例外。我真的需要手動向數據庫的所有者授予選擇權限嗎？這似乎不合邏輯。

Answer 1

先決條件 爲了使用蜂巢授權，有應該在蜂房site.xml中設置兩個參數：

<property> 
    <name>hive.security.authorization.enabled</name> 
    <value>true</value> 
    <description>enable or disable the hive client authorization</description> 
</property> 

<property> 
    <name>hive.security.authorization.createtable.owner.grants</name> 
    <value>ALL</value> 
    <description>the privileges automatically granted to the owner whenever a table gets created. 
    An example like "select,drop" will grant select and drop privilege to the owner of the table</description> 
</property>