[
https://issues.apache.org/jira/browse/HIVE-6203?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13899989#comment-13899989
]
Thejas M Nair commented on HIVE-6203:
-------------------------------------
There is already get_privilege_set that returns privileges for the roles as
well. The right behavior for it is to return the privileges through the
indirect roles as well. I think it is better to re-use that instead of adding
another thrift api.
It should be straightforward to change that to finally call a version of
list_roles that also looks at indirect roles.
> Privileges of role granted indrectily to user is not applied
> ------------------------------------------------------------
>
> Key: HIVE-6203
> URL: https://issues.apache.org/jira/browse/HIVE-6203
> Project: Hive
> Issue Type: Bug
> Components: Authorization
> Reporter: Navis
> Assignee: Navis
> Attachments: HIVE-6203.1.patch.txt
>
>
> For example,
> {noformat}
> create role r1;
> create role r2;
> grant select on table eq to role r1;
> grant role r1 to role r2;
> grant role r2 to user admin;
> select * from eq limit 5;
> {noformat}
> admin -> r2 -> r1 -> SEL on table eq
> but user admin fails to access table eq
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
