zxl-333 commented on code in PR #5975:
URL: https://github.com/apache/hive/pull/5975#discussion_r2215463570
##########
standalone-metastore/metastore-server/src/main/java/org/apache/hadoop/hive/metastore/HMSHandler.java:
##########
@@ -3047,7 +3047,8 @@ private boolean drop_table_core(final RawStore ms, final
String catName, final S
tableDataShouldBeDeleted = checkTableDataShouldBeDeleted(tbl,
deleteData);
if (tableDataShouldBeDeleted && tbl.getSd().getLocation() != null) {
tblPath = new Path(tbl.getSd().getLocation());
- if (!wh.isWritable(tblPath.getParent())) {
+ // HIVE-28804 drop table user should have table path and parent path
permission
Review Comment:
> @zxl-333 Your test case appears to be able to reproduce this issue.
However, in the actual production environment, user clusters usually have
Ranger or other authentication plugins enabled to ensure metadata permissions
and storage permissions.
>
> So I’d like to ask, have you encountered this issue in your real
production environment with Ranger or similar authentication plugins enabled?
Or, in actual production environments, how do you ensure Hive table permission
control?
>
> Thanks.
One of our clusters does not use ranger. Therefore, the users raised this
issue as feedback. Using ranger is completely fine. This cluster also does not
employ Hive's own authorization model; instead, it solely relies on HDFS
permission control.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
