[
https://issues.apache.org/jira/browse/SENTRY-826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15068692#comment-15068692
]
Li Li commented on SENTRY-826:
------------------------------
The SemanticException happened in HiveAuthzBinding.authorize method, which is
caused by the empty outputHierarchy list.
As there is no partition in the test tbl, the writeEntity set returned from
Hive is empty. That's why the outputHierarchy list is also empty.
To resolve it, we should manually add db.tbl in the outputHierarchy which will
be validated in the hiveAuthzBinding.authorize method.
Besides, we need add test case for:
- empty partitioned table and NOT empty partitioned table
- user with permission and WITHOUT permission
> TRUNCATE on empty partitioned table in Hive fails
> -------------------------------------------------
>
> Key: SENTRY-826
> URL: https://issues.apache.org/jira/browse/SENTRY-826
> Project: Sentry
> Issue Type: Bug
> Components: Hive Plugin
> Affects Versions: 1.5.0
> Reporter: Lenni Kuff
> Assignee: Li Li
>
> TRUNCATE on empty partitioned table in Hive fails. If the table contains at
> least one partition, the operation will succeed:
> {code}
> CREATE ROLE admin;
> GRANT ALL ON SERVER server1 TO ROLE admin;
> GRANT ROLE ADMIN TO GROUP <current group>;
> CREATE TABLE Foo(i int) PARTITIONED BY (j int);
> -- Fails
> TRUNCATE TABLE Foo;
> Error: Error while compiling statement: FAILED: SemanticException No valid
> privileges
> Required privileges for this query: (state=42000,code=40000)
> -- Now add a partition
> ALTER TABLE FOO ADD PARTITION (j=1);
> -- Succeeds
> TRUNCATE TABLE Foo;
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
