[jira] [Commented] (HIVE-5923) sql std auth - parser changes

Mon, 02 Dec 2013 20:16:04 -0800 

    [ 
https://issues.apache.org/jira/browse/HIVE-5923?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13837309#comment-13837309
 ] 

Thejas M Nair commented on HIVE-5923:
-------------------------------------


new statements in proposal 
- SET ROLE
- SHOW CURRENT ROLES
- SHOW ALL ROLES
- DESCRIBE ROLE


- Grant privilege and revoke privilege statements need to be changed to remove 
the requirement (but not the option) for the noise word TABLE.  In the SQL 
specification table is the assumed default for grant and revoke statements.  
Today Hive’s syntax is GRANT action ON TABLE table TO grantee.  It should be 
GRANT action ON [TABLE] table TO grantee.
- Grant privilege and revoke privilege statements need to be changed to remove 
the requirement to specify whether the grantee is a user or role.  That is, 
today Hive’s syntax is GRANT action ON [TABLE] table TO grantee where grantee 
is USER|ROLE identifier.  The keywords USER or ROLE do not belong here.  It 
should not be legal to have a role that shares a name with a user.  For 
backward compatibility we will allow these extra keywords but warn that the 
usage is deprecated.
- Grant role and revoke role statements need to be changed to remove the 
keyword ROLE.  Current Hive syntax is GRANT ROLE rolename TO grantee.  It 
should be GRANT rolename TO grantee.  The same applies for revoke role.
- Support for WITH ADMIN OPTION needs to be added to grant role and revoke role 
statements.
- Support for GRANTED BY needs to be added to all grant and revoke statements.
- Privileges INSERT and DELETE need to be added to the language.
- New statements SHOW ROLE and SHOW ROLE roleid need to be added to the 
language.


> sql std auth - parser changes
> -----------------------------
>
>                 Key: HIVE-5923
>                 URL: https://issues.apache.org/jira/browse/HIVE-5923
>             Project: Hive
>          Issue Type: Sub-task
>          Components: Authorization
>            Reporter: Thejas M Nair
>
> There are new access control statements proposed in the functional spec in 
> HIVE-5837 . It also proposes some small changes to the existing query syntax 
> (mostly extensions and some optional keywords).
> The syntax supported should depend on the current authorization mode.



--
This message was sent by Atlassian JIRA
(v6.1#6144)

Reply via email to