-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/56567/
-----------------------------------------------------------
Review request for ranger, Ankita Sinha, Gautam Borad, Abhay Kulkarni, Madhan
Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and Velmurugan
Periasamy.
Bugs: RANGER-1375
https://issues.apache.org/jira/browse/RANGER-1375
Repository: ranger
Description
-------
Moved hive config to enable ranger authorization after the initial db setup and
table creating is done. This will avoid going through ranger authorization for
initial setup.
Diffs
-----
hive-agent/src/test/java/org/apache/ranger/services/hive/HIVERangerAuthorizerTest.java
9b22794
Diff: https://reviews.apache.org/r/56567/diff/
Testing
-------
1. Commented out the authorization config block of code and ran the unit tests
and all the tests failed because of no permissions on hive side. This is to
confirm that hive config can be dynamically updated without restarting
hiveserver.
2. To confirm that the DB creation in setup method is going through Ranger
authorization – For testing this, keeping the ranger authorization config block
as it is before hiverserver startup, changed the username to “admin1” instead
of “admin” in the connection url for create db statement. With this the setup
failed saying "admin1" has no permissions to create db and the stack trace
shows ranger authorization.
3. Moving the ranger authorization config block after creating DB and creating
basic tables, the setup was successful even with “admin1” as the user for
creating DB connection url.
Thanks,
Sailaja Polavarapu
