Ryan P created SENTRY-827:
-----------------------------
Summary: Server Scope ALWAYS grants ALL
Key: SENTRY-827
URL: https://issues.apache.org/jira/browse/SENTRY-827
Project: Sentry
Issue Type: Bug
Reporter: Ryan P
In it's current state the following two commands result in ALL on SERVER
server1:
GRANT SELECT ON SERVER server1 TO ROLE read_role;
GRANT INSERT ON SERVER server1 TO ROLE insert_role;
This can cause users to unknowingly grant full privileges to user groups.
Fixing this behavior will also allow us to mimic the previous behavior
exhibited with Policy Files:
read_role = server=server1->db=*->table=*->action=select
insert_role = server=server1->db=*->table=*->action=insert
Granting SELECT on SERVER would be far more pleasant than granting SELECT on
each individual DATABASE
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
