[
https://issues.apache.org/jira/browse/SENTRY-881?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14742002#comment-14742002
]
Lenni Kuff commented on SENTRY-881:
-----------------------------------
Thanks for the review [~sravya]. Addressed CR comments. I did not realize that
SENTRY-847 had been committed. Yes, that did change SHOW COLUMNS to not require
table scope. I do think this patch still makes sense though. That's because the
input privileges are being modified in the filter layer in SENTRY-847 so it's
not immediately obvious that there is link between the auth checks filter.
Happy to remove if you object.
> Allow some metadata operations with column-level privileges
> -----------------------------------------------------------
>
> Key: SENTRY-881
> URL: https://issues.apache.org/jira/browse/SENTRY-881
> Project: Sentry
> Issue Type: Bug
> Components: Sentry
> Affects Versions: 1.5.0, 1.6.0
> Reporter: Lenni Kuff
> Assignee: Lenni Kuff
> Attachments: SENTRY-881.0.patch, SENTRY-881.1.patch,
> SENTRY-881.2.patch
>
>
> It would be useful to allow some metadata operations if a user has only
> column-level permissions on a table. The two common statements are:
> DESCRIBE table
> and
> SHOW COLUMNS IN table
> DESCRIBE variants such as DESCRIBE FORMATTED should continue to require table
> level privileges, since they expose additional table metadata.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
