HIVE-26246: Filter out results 'show connectors' on HMS client-side

[zhangbutao]

What changes were proposed in this pull request?

Why are the changes needed?

HMS client-side filter out results of 'show connectors' based on authorization, eg. ranger authorization.

Does this PR introduce any user-facing change?

No

How was this patch tested?

UT and local hive cluster with ranger

[zhangbutao]

Could you please take a look? Thank you. @zabetak @nrg4878

[zabetak]

Sorry @zhangbutao missed the notification. I am quite busy right now so I am not sure if I will find time to have a look.

[saihemanth-cloudera]

Does name of the method: getFilteredObjectNames() makes more sense?

[zhangbutao]

make sense. fixed. thx

[saihemanth-cloudera]

I think it is ideal to pass HivePrivilegeObjectType.DATACONNECTOR, null, dcname as arguments to HivePrivilegeObject since one of the constructors for HivePrivilegeObject class is HivePrivilegeObjectType, database name, object name.

[zhangbutao]

Good catch! thx

[saihemanth-cloudera]

I'm wondering why we are doing a no-op for this drop operation since we are already passing true as value for ifnotexists argument.
So, I don't think we need to catch nosuchobjectexception.

[zhangbutao]

When we are dropping dataconnector whch does not exists, this line will throw NoSuchObjectException though passing ifnotexists argument(true):

hive/standalone-metastore/metastore-server/src/main/java/org/apache/hadoop/hive/metastore/HMSHandler.java

Line 2045 in cdb1052

connector = getMS().getDataConnector(dcName);

If this is a bug, i will fix it in another pr :). thx

[saihemanth-cloudera]

Yeah, I think this is a bug and needs fixing. Because
drop connector if exists unexisting_connector;
shouldn't throw an error if the connector doesn't exist.

[zhangbutao]

#3350 I have created a pr to fix this. If you have time, please take a look. :)
cc @saihemanth-cloudera @nrg4878

[zhangbutao]

@saihemanth-cloudera Because of #3350 has been merged, i removed the needless catch nosuchobjectexception. Could we continue to merge this pr? Thank you.

[saihemanth-cloudera]

LGTM +1

[github-actions]

@check-spelling-bot Report

🔴 Please review

See the files view or the action log for details.

Unrecognized words (3)

api
esri
wkid

Previously acknowledged words that are now absent

aarry timestamplocal yyyy

Available dictionaries could cover words not in the dictionary

cspell:cpp/cpp.txt (104293) covers 81 of them
cspell:django/django.txt (2342) covers 14 of them
cspell:golang/go.txt (7745) covers 12 of them
cspell:java/java.txt (33524) covers 11 of them
cspell:filetypes/filetypes.txt (337) covers 10 of them
cspell:aws/aws.txt (1485) covers 10 of them
cspell:css/css.txt (993) covers 9 of them
cspell:rust/rust.txt (112) covers 8 of them
cspell:npm/npm.txt (671) covers 8 of them
cspell:html/html.txt (542) covers 8 of them
cspell:scala/scala.txt (2752) covers 7 of them
cspell:php/php.txt (9785) covers 6 of them
cspell:fullstack/fullstack.txt (181) covers 5 of them
cspell:csharp/csharp.txt (123) covers 5 of them
cspell:python/python.txt (364) covers 3 of them
cspell:lua/lua.txt (391) covers 3 of them
cspell:dotnet/dotnet.txt (9824) covers 2 of them
cspell:ruby/ruby.txt (354) covers 1 of them
cspell:bash/bash-words.txt (22) covers 1 of them

Consider adding them using:

      with:
        extra_dictionaries:
          cspell:cpp/cpp.txt
          cspell:django/django.txt
          cspell:golang/go.txt
          cspell:java/java.txt
          cspell:filetypes/filetypes.txt
          cspell:aws/aws.txt
          cspell:css/css.txt
          cspell:rust/rust.txt
          cspell:npm/npm.txt
          cspell:html/html.txt
          cspell:scala/scala.txt
          cspell:php/php.txt
          cspell:fullstack/fullstack.txt
          cspell:csharp/csharp.txt
          cspell:python/python.txt
          cspell:lua/lua.txt
          cspell:dotnet/dotnet.txt
          cspell:ruby/ruby.txt
          cspell:bash/bash-words.txt

To stop checking additional dictionaries, add:

      with:
        check_extra_dictionaries: ''

To accept these unrecognized words as correct (and remove the previously acknowledged and now absent words), run the following commands

... in a clone of the git@github.com:zhangbutao/hive.git repository
on the HIVE-26246 branch:

update_files() {
perl -e '
my @expect_files=qw('".github/actions/spelling/expect.txt"');
@ARGV=@expect_files;
my @stale=qw('"$patch_remove"');
my $re=join "|", @stale;
my $suffix=".".time();
my $previous="";
sub maybe_unlink { unlink($_[0]) if $_[0]; }
while (<>) {
if ($ARGV ne $old_argv) { maybe_unlink($previous); $previous="$ARGV$suffix"; rename($ARGV, $previous); open(ARGV_OUT, ">$ARGV"); select(ARGV_OUT); $old_argv = $ARGV; }
next if /^(?:$re)(?:(?:\r|\n)*$| .*)/; print;
}; maybe_unlink($previous);'
perl -e '
my $new_expect_file=".github/actions/spelling/expect.txt";
use File::Path qw(make_path);
use File::Basename qw(dirname);
make_path (dirname($new_expect_file));
open FILE, q{<}, $new_expect_file; chomp(my @words = <FILE>); close FILE;
my @add=qw('"$patch_add"');
my %items; @items{@words} = @words x (1); @items{@add} = @add x (1);
@words = sort {lc($a)."-".$a cmp lc($b)."-".$b} keys %items;
open FILE, q{>}, $new_expect_file; for my $word (@words) { print FILE "$word\n" if $word =~ /\w/; };
close FILE;
system("git", "add", $new_expect_file);
'
}

comment_json=$(mktemp)
curl -L -s -S \
-H "Content-Type: application/json" \
"https://api.github.com/repos/apache/hive/issues/comments/1156032564" > "$comment_json"
comment_body=$(mktemp)
jq -r ".body // empty" "$comment_json" > $comment_body
rm $comment_json

patch_remove=$(perl -ne 'next unless s{^</summary>(.*)</details>$}{$1}; print' < "$comment_body")

patch_add=$(perl -e '$/=undef; $_=<>; if (m{Unrecognized words[^<]*</summary>\n*```\n*([^<]*)```\n*</details>$}m) { print "$1" } elsif (m{Unrecognized words[^<]*\n\n((?:\w.*\n)+)\n}m) { print "$1" };' < "$comment_body")

update_files
rm $comment_body
git add -u

If the flagged items do not appear to be text

If items relate to a ...

• well-formed pattern.

  If you can write a pattern that would match it,
  try adding it to the patterns.txt file.

  Patterns are Perl 5 Regular Expressions - you can test yours before committing to verify it will match your lines.

  Note that patterns can't match multiline strings.

• binary file.

  Please add a file path to the excludes.txt file matching the containing file.

  File paths are Perl 5 Regular Expressions - you can test yours before committing to verify it will match your files.

  ^ refers to the file's path from the root of the repository, so ^README\.md$ would exclude README.md (on whichever branch you're using).

[zhangbutao]

@nrg4878 another pr about connector auth :). please take a look too. thx

[saihemanth-cloudera]

LGTM +1

[nrg4878]

Change looks good to me. +1