Re: Review Request 74239: RANGER-4001:Wrong permission check for Hive 'Alter View as' command in Ranger HiveAuthorizer
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74239/#review224975 --- Ship it! Ship It! - Madhan Neethiraj On Dec. 7, 2022, 1:09 a.m., Ramesh Mani wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/74239/ > --- > > (Updated Dec. 7, 2022, 1:09 a.m.) > > > Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, > Pradeep Agrawal, Selvamohan Neethiraj, Sailaja Polavarapu, and Velmurugan > Periasamy. > > > Bugs: RANGER-4001 > https://issues.apache.org/jira/browse/RANGER-4001 > > > Repository: ranger > > > Description > --- > > RANGER-4001:Wrong permission check for Hive 'Alter View as' command in Ranger > HiveAuthorizer > > > Diffs > - > > > hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java > 8f6801be1 > > > Diff: https://reviews.apache.org/r/74239/diff/1/ > > > Testing > --- > > - Testing done in local vm for "alter view as select" operations. > > Hive Alter View as command needs SELECT privilege alone for the selected > table to create view. > command : alter view v1 as select * from db.t1 > Expectation: This command needs alter permission for view v1, select > permission for table "t1" and select permission on database "db" > Current Behavior: Currently the Ranger requires ALTER permission for table > "t1" and database "db" in addition to ALTER permission for the view "v1" . > This behavior is not correct. > > > Thanks, > > Ramesh Mani > >
Re: Review Request 74239: RANGER-4001:Wrong permission check for Hive 'Alter View as' command in Ranger HiveAuthorizer
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74239/#review224974 --- Ship it! Ship It! - Abhay Kulkarni On Dec. 7, 2022, 1:09 a.m., Ramesh Mani wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/74239/ > --- > > (Updated Dec. 7, 2022, 1:09 a.m.) > > > Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, > Pradeep Agrawal, Selvamohan Neethiraj, Sailaja Polavarapu, and Velmurugan > Periasamy. > > > Bugs: RANGER-4001 > https://issues.apache.org/jira/browse/RANGER-4001 > > > Repository: ranger > > > Description > --- > > RANGER-4001:Wrong permission check for Hive 'Alter View as' command in Ranger > HiveAuthorizer > > > Diffs > - > > > hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java > 8f6801be1 > > > Diff: https://reviews.apache.org/r/74239/diff/1/ > > > Testing > --- > > - Testing done in local vm for "alter view as select" operations. > > Hive Alter View as command needs SELECT privilege alone for the selected > table to create view. > command : alter view v1 as select * from db.t1 > Expectation: This command needs alter permission for view v1, select > permission for table "t1" and select permission on database "db" > Current Behavior: Currently the Ranger requires ALTER permission for table > "t1" and database "db" in addition to ALTER permission for the view "v1" . > This behavior is not correct. > > > Thanks, > > Ramesh Mani > >
Review Request 74239: RANGER-4001:Wrong permission check for Hive 'Alter View as' command in Ranger HiveAuthorizer
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74239/ --- Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, Selvamohan Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy. Bugs: RANGER-4001 https://issues.apache.org/jira/browse/RANGER-4001 Repository: ranger Description --- RANGER-4001:Wrong permission check for Hive 'Alter View as' command in Ranger HiveAuthorizer Diffs - hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java 8f6801be1 Diff: https://reviews.apache.org/r/74239/diff/1/ Testing --- - Testing done in local vm for "alter view as select" operations. Hive Alter View as command needs SELECT privilege alone for the selected table to create view. command : alter view v1 as select * from db.t1 Expectation: This command needs alter permission for view v1, select permission for table "t1" and select permission on database "db" Current Behavior: Currently the Ranger requires ALTER permission for table "t1" and database "db" in addition to ALTER permission for the view "v1" . This behavior is not correct. Thanks, Ramesh Mani
