Janus Chow created RANGER-3298:
----------------------------------

             Summary: Add coarse URI check for Hive Agent
                 Key: RANGER-3298
                 URL: https://issues.apache.org/jira/browse/RANGER-3298
             Project: Ranger
          Issue Type: Improvement
          Components: plugins
            Reporter: Janus Chow


In `RangerHiveAuthorizer`, the function of `checkPrivileges` will check the 
permission for the `HivePrivilegeObject` with 
`FileUtils.isActionPermittedForFileHierarchy`, and this method will check the 
permission for all the files under the related directory by default.

For a large table with thousands of files, this operation will take a long 
time, leading to breaking the SLA. Besides, in the default implementation of 
`StorageBasedAuthorizationProvider` in Hive, only the directories will be 
checked too. 

This ticket is to add a config for users to do a coarse check for URI 
permission check. 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to