[
https://issues.apache.org/jira/browse/RANGER-3840?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Madhan Neethiraj updated RANGER-3840:
-------------------------------------
Fix Version/s: 2.4.0
> SHOW DATABASES command should list databases owned by the user
> --------------------------------------------------------------
>
> Key: RANGER-3840
> URL: https://issues.apache.org/jira/browse/RANGER-3840
> Project: Ranger
> Issue Type: Bug
> Components: plugins
> Reporter: Madhan Neethiraj
> Assignee: Madhan Neethiraj
> Priority: Major
> Fix For: 3.0.0, 2.4.0
>
> Attachments: RANGER-3840.patch
>
>
> SHOW DATABASES command returns only databases in which the user has some
> access i.e., it will exclude databases in which the user has no permission.
> However, Ranger Hive authorizer does not take into permissions given to
> database owner user while processing list of databases for SHOW DATABASES
> command.
> Consider the following usecase:
> # User user1 is the owner for database db_user1
> # User user2 is the owner for database db_user2
> # For user1, databases list returned by SHOW DATABASES should include
> db_user1 - since default policies allow \{OWNER} user all permissions in the
> database
> # Similarly, for user2, databases list returned by SHOW DATABASES command
> should include db_user2
> However, the databases list returned by SHOW DATABASES command does not
> include the database owned by the user - unless additional policies
> explicitly grant the user permissions in the database.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
