[ https://issues.apache.org/jira/browse/RANGER-3840?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Madhan Neethiraj updated RANGER-3840: ------------------------------------- Attachment: RANGER-3840.patch > SHOW DATABASES command should list databases owned by the user > -------------------------------------------------------------- > > Key: RANGER-3840 > URL: https://issues.apache.org/jira/browse/RANGER-3840 > Project: Ranger > Issue Type: Bug > Components: plugins > Reporter: Madhan Neethiraj > Assignee: Madhan Neethiraj > Priority: Major > Fix For: 3.0.0 > > Attachments: RANGER-3840.patch > > > SHOW DATABASES command returns only databases in which the user has some > access i.e., it will exclude databases in which the user has no permission. > However, Ranger Hive authorizer does not take into permissions given to > database owner user while processing list of databases for SHOW DATABASES > command. > Consider the following usecase: > # User user1 is the owner for database db_user1 > # User user2 is the owner for database db_user2 > # For user1, databases list returned by SHOW DATABASES should include > db_user1 - since default policies allow \{OWNER} user all permissions in the > database > # Similarly, for user2, databases list returned by SHOW DATABASES command > should include db_user2 > However, the databases list returned by SHOW DATABASES command does not > include the database owned by the user - unless additional policies > explicitly grant the user permissions in the database. -- This message was sent by Atlassian Jira (v8.20.10#820010)