[ranger] branch master updated: RANGER-2544:Ranger Owner Policy not getting honored for SELECT * queries

Tue, 20 Aug 2019 17:59:34 -0700 

This is an automated email from the ASF dual-hosted git repository.

rmani pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git


The following commit(s) were added to refs/heads/master by this push:
     new c3cfb4d  RANGER-2544:Ranger Owner Policy not getting honored for 
SELECT * queries
c3cfb4d is described below

commit c3cfb4da74b3a1edb11901f2e59a9fdbf5b7bcbc
Author: rmani <rm...@hortonworks.com>
AuthorDate: Tue Aug 20 17:44:55 2019 -0700

    RANGER-2544:Ranger Owner Policy not getting honored for SELECT * queries
---
 .../ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java  | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git 
a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
 
b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
index 3e255fd..bb015c5 100644
--- 
a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
+++ 
b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
@@ -741,6 +741,7 @@ public class RangerHiveAuthorizer extends 
RangerHiveAuthorizerBase {
                                                }
 
                                                RangerHiveResource colResource 
= new RangerHiveResource(HiveObjectType.COLUMN, resource.getDatabase(), 
resource.getTable(), column);
+                                               
colResource.setOwnerUser(resource.getOwnerUser());
 
                                                RangerHiveAccessRequest 
colRequest = request.copy();
                                                
colRequest.setResource(colResource);
@@ -1157,9 +1158,13 @@ public class RangerHiveAuthorizer extends 
RangerHiveAuthorizerBase {
                switch(objectType) {
                case DATABASE:
                        resource = new 
RangerHiveResource(HiveObjectType.DATABASE, objectName);
+                       //when fix is in place for HIVE-22128 we can un comment 
this.
+                       //resource.setOwnerUser(privilegeObject.getOwnerName());
                        break;
                case TABLE_OR_VIEW:
                        resource = new RangerHiveResource(HiveObjectType.TABLE, 
dbName, objectName);
+                       //when fix is in place for HIVE-22128 we can un comment 
this.
+                       //resource.setOwnerUser(privilegeObject.getOwnerName());
                        break;
                default:
                        LOG.warn("RangerHiveAuthorizer.getHiveResource: 
unexpected objectType:" + objectType);
@@ -2079,6 +2084,7 @@ public class RangerHiveAuthorizer extends 
RangerHiveAuthorizerBase {
                                        }
 
                                        RangerHiveResource colResource = new 
RangerHiveResource(HiveObjectType.COLUMN, resource.getDatabase(), 
resource.getTable(), column);
+                                       
colResource.setOwnerUser(resource.getOwnerUser());
                                        
colResource.setServiceDef(hivePlugin.getServiceDef());
 
                                        
requestedResources.addRequestedResource(colResource);

Reply via email to