[ https://issues.apache.org/jira/browse/HIVE-2818?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13900007#comment-13900007 ]
Thejas M Nair commented on HIVE-2818: ------------------------------------- I need to go through this some more. I haven't understood why the patch adds operation to the Entity object. Was that needed to fix this issue, or do you have other future use in mind ? Can you please create a reviewboard link (with maybe just the java code changes) ? > Create table should check privilege of target database, not default database > ---------------------------------------------------------------------------- > > Key: HIVE-2818 > URL: https://issues.apache.org/jira/browse/HIVE-2818 > Project: Hive > Issue Type: Bug > Components: Authorization, Security > Affects Versions: 0.7.1 > Reporter: Benyi Wang > Assignee: Navis > Attachments: HIVE-2818.1.patch.txt, HIVE-2818.2.patch.txt, > HIVE-2818.3.patch.txt, HIVE-2818.4.patch.txt, HIVE-2818.5.patch.txt, > HIVE-2818.6.patch.txt > > > Hive seems check the current database to determine the privilege of a > statement when you use fully qualified name like 'database.table' > > {code} > hive> set hive.security.authorization.enabled=true; > hive> create database test_db; > hive> grant all on database test_db to user test_user; > hive> revoke all on database default from test_user; > hive> use default; > hive> create table test_db.new_table (id int); > Authorization failed:No privilege 'Create' found for outputs { > database:default}. Use show grant to get more details. > hive> use test_db; > hive> create table test_db.new_table (id int); > {code} -- This message was sent by Atlassian JIRA (v6.1.5#6160)