[jira] [Closed] (TRAFODION-1095) LP Bug: 1437078 - LOAD fails with error 4481 even if user has priv

[Roberta Marton (JIRA)]

     [ 
https://issues.apache.org/jira/browse/TRAFODION-1095?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Roberta Marton closed TRAFODION-1095.
-------------------------------------
       Resolution: Fixed
    Fix Version/s: 2.0-incubating

> LP Bug: 1437078 - LOAD fails with error 4481 even if user has priv
> ------------------------------------------------------------------
>
>                 Key: TRAFODION-1095
>                 URL: https://issues.apache.org/jira/browse/TRAFODION-1095
>             Project: Apache Trafodion
>          Issue Type: Bug
>          Components: sql-security
>            Reporter: Roberta Marton
>            Assignee: Roberta Marton
>            Priority: Critical
>             Fix For: 1.1 (pre-incubation), 2.0-incubating
>
>
> A load operation is failing even when the user has the necessary privileges.
> Setup:
> Create a hive table:
> swhive
> drop table teams;
> create external table teams
>   (team_number int,
>    team_name string,
>    team_contact string,
>    team_contact_number string
>    )
> row format delimited fields terminated by '|'
> location '/user/hive/exttables/teams'
> ;
> show tables;
> quit;
> Load hive table in SQL:
> sqlci
> initialize authorization;
> insert into hive.hive.teams values
>    (1, 'White Socks', 'Sam','4082282222'),
>    (2, 'Giants', 'Joe', '5102839483'),
>    (3, 'Cardinals', 'Stella', '9513849384'),
>    (4, 'Indians', 'Matt', '5128383748'),
>    (5, 'Tigers', 'Ronit', '6198273827');
> Select count(*) from hive.hive.teams;
> exit;
> In window 1:
> sqlci –u sql_user1
> create schema user1;
> set schema user1;
> create table teams
>   (team_number int not null primary key,
>    team_name char(20) not null,
>    team_contact varchar(50) not null,
>    team_contact_number char (10) not null
>    )
>   ;
> In window 2:
> Sqlci –u sql_user2
> Set schema user1;
> Load with no populate indexes into user1.teams select * from hive.hive.teams;
> --should fail with no INSERT and SELECT priv
> Back to window 1
> Grant insert, select on user1.teams to sql_user2;
> Showddl user1.teams;
> Back to window 2 – load operations should work but it is still failing
> Load with no populate indexes into user1.teams select * from hive.hive.teams;
> If I restart window 2, the operation succeeds.
> It looks like the table definition cached in NATableCache is not being 
> removed if the table does not have the necessary privileges.  On next call, 
> the incorrect cached values are used for privilege checking instead of the 
> correct values.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)