[
https://issues.apache.org/jira/browse/RANGER-5097?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17914712#comment-17914712
]
Mahesh Bandal commented on RANGER-5097:
---------------------------------------
Hi [~Aggarwal_Raghav], thanks for reviewing the issue. I have validated the
patch and the issue is fixed for both, database and table resources. Please
refer below debug log from HMS where setOwnerUser() returns owner name when
accessing a database resource.
{noformat}
2025-01-20 14:53:56,333 DEBUG
org.apache.ranger.authorization.hive.authorizer.RangerHiveAuthorizer:
[TThreadPoolServer WorkerProcess-72]: setOwnerUser(Object [type=DATABASE,
name=testdb02]): ownerName=spark
{noformat}
> Fix setOwnerUser function to ensure the Hive default {owner} policy works
> correctly
> -----------------------------------------------------------------------------------
>
> Key: RANGER-5097
> URL: https://issues.apache.org/jira/browse/RANGER-5097
> Project: Ranger
> Issue Type: Bug
> Components: Ranger
> Affects Versions: 3.0.0
> Reporter: Mahesh Bandal
> Assignee: Mahesh Bandal
> Priority: Major
> Attachments: DB_owner_as_null.png, TBL_owner_as_hive.png,
> create_db_HS2_stacktrace.txt, create_table_HS2_stacktrace.txt
>
>
> Create a Hive Table as spark user from beeline and then try accessing the
> same table from spark3-shell. The select query on Hive Table fails.
> {noformat}
> create table spark_table_123 (name string);
> select * from spark_table_123
> {noformat}
> The below error is observed in spark3-shell
> {noformat}
> org.apache.spark.sql.AnalysisException:
> org.apache.hadoop.hive.ql.metadata.HiveException: Unable to fetch table
> spark_table_123. Permission denied: user [spark] does not have [SELECT]
> privilege on [default/spark_table_123]
> {noformat}
> Expectation:
> The Hive default policy for "Owner" user allowing "all" Access on all Hive
> Database, table & column should allow the access.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
