[ 
https://issues.apache.org/jira/browse/HIVE-7943?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14121779#comment-14121779
 ] 

Thejas M Nair commented on HIVE-7943:
-------------------------------------

You can look at one of the .q file based authorization tests such as 
ql/src/test/queries/clientpositive/authorization_1.q for a template.



> hive.security.authorization.createtable.owner.grants is ineffective with 
> Default Authorization
> ----------------------------------------------------------------------------------------------
>
>                 Key: HIVE-7943
>                 URL: https://issues.apache.org/jira/browse/HIVE-7943
>             Project: Hive
>          Issue Type: Bug
>          Components: Authorization
>    Affects Versions: 0.13.1
>            Reporter: Ashu Pachauri
>            Assignee: Ashu Pachauri
>         Attachments: HIVE-7943.1.patch, HIVE-7943.2.patch
>
>
> HIVE-6250 separates owner privileges from user privileges. However, Default 
> Authorization does not adapt to the change and table owners do not inherit 
> permissions from the config.
> Steps to Reproduce:
> set hive.security.authorization.enabled=true;
> set hive.security.authorization.createtable.owner.grants=ALL;
> create table temp_table(id int, value string);
> drop table temp_table;
> Above set of operations throw the following error:
>                         
> Authorization failed:No privilege 'Drop' found for outputs { 
> database:default, table:temp_table}. Use SHOW GRANT to get more details.
> 14/09/02 17:49:38 ERROR ql.Driver: Authorization failed:No privilege 'Drop' 
> found for outputs { database:default, table:temp_table}. Use SHOW GRANT to 
> get more details.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to