[
https://issues.apache.org/jira/browse/HIVE-78?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12971161#action_12971161
]
John Sichi commented on HIVE-78:
--------------------------------
Some more from me:
* There's a bug when attempting to grant multiple privileges at once;
only one of them is getting granted (what I showed you in CLI)
* Multiple grants from the same grantor to the same grantee should not
result in duplicates (verify against Oracle), and we should collapse
everything into one row no matter whether the grants were made at
the same or different times (sort privilege names for determinism)
* revokeAllPrivileges should revoke role grants as well
* Role cycle is not being prevented
* try/finally around transactions in ObjectStore should be used
consistently (I know there are some cases which were already missing
them, but we shouldn't make it worse)
* Don't use printStackTrace
* show [role] grant role unknown should fail (even though we have to
tolerate unknown for user/group since we don't have a table for those)
Some additional points noted at code review session:
* Need many many negative tests
* Provide a way to make partitions inherit from table (and make it the
default)
* Define a UNIQUE key for the priv tables in JDO
* GRANT should mark WriteEntity for replication etc
More Typos:
* candicate
* anaylze
I have some more code-level comments but not all of them may be relevant after
the issues above have been resolved, so I'll do another pass after the
next patch.
> Authorization infrastructure for Hive
> -------------------------------------
>
> Key: HIVE-78
> URL: https://issues.apache.org/jira/browse/HIVE-78
> Project: Hive
> Issue Type: New Feature
> Components: Metastore, Query Processor, Server Infrastructure
> Reporter: Ashish Thusoo
> Assignee: He Yongqiang
> Attachments: createuser-v1.patch, hive-78-metadata-v1.patch,
> hive-78-syntax-v1.patch, HIVE-78.1.nothrift.patch, HIVE-78.1.thrift.patch,
> HIVE-78.2.nothrift.patch, HIVE-78.2.thrift.patch, HIVE-78.4.complete.patch,
> HIVE-78.4.no_thrift.patch, HIVE-78.5.complete.patch,
> HIVE-78.5.no_thrift.patch, HIVE-78.6.complete.patch,
> HIVE-78.6.no_thrift.patch, hive-78.diff
>
>
> Allow hive to integrate with existing user repositories for authentication
> and authorization infromation.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
