Anne Yu created SENTRY-921:
------------------------------
Summary: [column level privilege] after add a new column into the
existing table, show columns can't show the new column, besides select column
level privilege, require insert column level privilege
Key: SENTRY-921
URL: https://issues.apache.org/jira/browse/SENTRY-921
Project: Sentry
Issue Type: Bug
Components: Sentry
Affects Versions: 1.6.0
Reporter: Anne Yu
{code}
2015-10-22 11:42:18,143 (HiveServer2-Background-Pool: Thread-293) [DEBUG -
org.apache.sentry.provider.common.ResourceAuthorizationProvider.doHasAccess(ResourceAuthorizationProvider.java:113)]
ProviderPrivilege server=+, RequestPrivilege
Server=server1->Db=test_col_metadata_ops_db->Table=test_col_metadata_ops_tb->Column=newcol->action=select,
RoleSet, ActiveRoleSet = [ roles = ALL , Result false
{code}
To reproduce this issue:
{code}
create test_role;
create test_db;
use test_db;
create test_tb(s STRING, i INT);
grant select(s) to role test_role;
grant role test_role to GROUP1;
{code}
>From here, USER1 can show columns with s listed;
{code}
alter table test_tb add columns(newcols STRING);
grant select(newcols) on table test_tb to role test_role;
{code}
>From here, USER1 can show columns with s listed, but now newcols.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
