set hive.test.authz.sstd.hs2.mode=true;
set hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest;
set hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateConfigUserAuthenticator;

set hive.cli.print.header=true;
set user.name=hive_admin_user;
set role ADMIN;

----------------------------------------
-- role granting with admin option
----------------------------------------
-- Also test case sensitivity of role name

create role srC_role_wadmin;
create role src_roLe2;
grant src_role_wadmin to user user2 with admin option;
show role grant user user2;
show principals src_role_wadmin;


set user.name=user2;
set role src_role_WadMin;
show principals src_role_wadmin;
-- grant role to another user
grant src_Role_wadmin to user user3;

set user.name=user3;
show role grant user user3;

set user.name=user2;
-- grant role to another role
grant src_role_wadmin to role sRc_role2;

set user.name=hive_admin_user;
set role ADMIn;
grant src_role2 to user user3;

set user.name=user3;
-- as user3 belings to src_role2 hierarchy, its should be able to run show grant on it
show role grant role src_Role2;

set user.name=hive_admin_user;
set role ADMIN;



show principals src_ROle_wadmin;

set user.name=user2;
set role src_role_wadmin;
-- revoke user from role
revoke src_rolE_wadmin from user user3;

set user.name=user3;
show role grant user user3;
set user.name=user2;

-- revoke role from role
revoke src_rolE_wadmin from role sRc_role2;
set user.name=hive_admin_user;
set role ADMIN;

show role grant role sRc_role2;

show principals src_role_wadmin;