[jira] [Commented] (RANGER-1297) Provide correct Ranger HiveAccessControlException message for DESCRIBE when authorization fails due to lack of SELECT on all columns Ramesh Mani (JIRA) Fri, 06 Jan 2017 17:38:18 -0800 [ https://issues.apache.org/jira/browse/RANGER-1297?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15806439#comment-15806439 ] Ramesh Mani commented on RANGER-1297: ------------------------------------- Review link : https://reviews.apache.org/r/55292/ > Provide correct Ranger HiveAccessControlException message for DESCRIBE > <TABLE> when authorization fails due to lack of SELECT on all columns > -------------------------------------------------------------------------------------------------------------------------------------------- > > Key: RANGER-1297 > URL: https://issues.apache.org/jira/browse/RANGER-1297 > Project: Ranger > Issue Type: Bug > Reporter: Ramesh Mani > Assignee: Ramesh Mani > > Provide correct Ranger HiveAccessControlException message for DESCRIBE > <TABLE> when authorization fails due to lack of SELECT on all columns > Currently the message is misleading because it gives > HiveAccessControlException Permission denied: user [user1] does not have > [SELECT] privilege on [database/table] . > It doesn't provide which column it doesn't have SELECT permission. > It should have SELECT permission on all columns (\*) by default to DESCRIBE > as Hive doesn't provide ranger the necessary hooks to filter out the columns > which user doesn't have access to. Until hive provides this, the policy in > ranger should have SELECT on "*" for columns on a table in order for > describer to succeed. -- This message was sent by Atlassian JIRA (v6.3.4#6332) Previous message View by thread View by date Next message [jira] [Commented] (RANGER-1297) Provide correct Ranger... Ramesh Mani (JIRA) [jira] [Commented] (RANGER-1297) Provide correct R... Ramesh Mani (JIRA) Reply via email to Search the site The Mail Archive home dev - all messages dev - about the list Expand Previous message Next message The Mail Archive home Add your mailing list FAQ Support Privacy JIRA.13032742.1483750726000.674512.1483753078584@Atlassian.JIRA

[Ramesh Mani (JIRA)]

    [ 
https://issues.apache.org/jira/browse/RANGER-1297?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15806439#comment-15806439
 ] 

Ramesh Mani commented on RANGER-1297:
-------------------------------------

Review link : https://reviews.apache.org/r/55292/

> Provide correct Ranger HiveAccessControlException message for DESCRIBE 
> <TABLE> when authorization fails due to lack of SELECT on all columns
> --------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: RANGER-1297
>                 URL: https://issues.apache.org/jira/browse/RANGER-1297
>             Project: Ranger
>          Issue Type: Bug
>            Reporter: Ramesh Mani
>            Assignee: Ramesh Mani
>
> Provide correct Ranger HiveAccessControlException message for DESCRIBE 
> <TABLE> when authorization fails due to lack of SELECT on all columns
> Currently the message is misleading because it gives 
> HiveAccessControlException Permission denied: user [user1] does not have 
> [SELECT] privilege on [database/table] . 
> It doesn't provide which column it doesn't have SELECT permission. 
> It should have SELECT permission on all columns (\*) by default to DESCRIBE 
> as Hive doesn't provide ranger the necessary hooks to filter out the columns 
> which user doesn't have access to. Until hive provides this, the policy in 
> ranger should have SELECT on  "*" for columns on a table in order for  
> describer to succeed.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)