[jira] [Commented] (HIVE-21833) Ranger Authorization in Hive based on object ownership

Thu, 13 Jun 2019 11:39:35 -0700 


    [ 
https://issues.apache.org/jira/browse/HIVE-21833?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16863368#comment-16863368
 ] 

Hive QA commented on HIVE-21833:
--------------------------------



Here are the results of testing the latest attachment:
https://issues.apache.org/jira/secure/attachment/12971656/HIVE-21833.9.patch

{color:green}SUCCESS:{color} +1 due to 1 test(s) being added or modified.

{color:green}SUCCESS:{color} +1 due to 16068 tests passed

Test results: 
https://builds.apache.org/job/PreCommit-HIVE-Build/17558/testReport
Console output: https://builds.apache.org/job/PreCommit-HIVE-Build/17558/console
Test logs: http://104.198.109.242/logs/PreCommit-HIVE-Build-17558/

Messages:
{noformat}
Executing org.apache.hive.ptest.execution.TestCheckPhase
Executing org.apache.hive.ptest.execution.PrepPhase
Executing org.apache.hive.ptest.execution.YetusPhase
Executing org.apache.hive.ptest.execution.ExecutionPhase
Executing org.apache.hive.ptest.execution.ReportingPhase
{noformat}

This message is automatically generated.

ATTACHMENT ID: 12971656 - PreCommit-HIVE-Build

> Ranger Authorization in Hive based on object ownership
> ------------------------------------------------------
>
>                 Key: HIVE-21833
>                 URL: https://issues.apache.org/jira/browse/HIVE-21833
>             Project: Hive
>          Issue Type: New Feature
>          Components: HiveServer2
>            Reporter: Sam An
>            Assignee: Sam An
>            Priority: Major
>         Attachments: HIVE-21833.1.patch, HIVE-21833.2.patch, 
> HIVE-21833.6.patch, HIVE-21833.7.patch, HIVE-21833.8.patch, HIVE-21833.9.patch
>
>
> Background: Currently Hive Authorizer for Ranger does not provide owner 
> information for Hive objects as part of AuthZ calls. This has resulted in 
> gaps with respect to Sentry AuthZ and customers/partners cannot leverage 
> privileges for owners in their authorization model.
>  
> User Story: As an enterprise security admin, I need to be able to set 
> privileges based on Hive object ownership for setting up access controls in 
> Ranger so that I can provide appropriate protections and permissions for my 
> enterprise users.
>  
> Acceptance criteria:
> 1) Owner information is available in Hive -Ranger AuthZ calls 
> 2) Ranger admin users can use owner information to set policies based on 
> object ownership in Ranger UI and APIs
> 3) OWNER Macro based policies continue to work for Hive objects



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to