[jira] [Updated] (RANGER-1297) Provide correct Ranger HiveAccessControlException message for DESCRIBE when authorization fails due to lack of SELECT on all columns Velmurugan Periasamy (JIRA) Sun, 19 Mar 2017 14:11:07 -0700 [ https://issues.apache.org/jira/browse/RANGER-1297?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Velmurugan Periasamy updated RANGER-1297: ----------------------------------------- Fix Version/s: 0.7.0 > Provide correct Ranger HiveAccessControlException message for DESCRIBE > <TABLE> when authorization fails due to lack of SELECT on all columns > -------------------------------------------------------------------------------------------------------------------------------------------- > > Key: RANGER-1297 > URL: https://issues.apache.org/jira/browse/RANGER-1297 > Project: Ranger > Issue Type: Bug > Reporter: Ramesh Mani > Assignee: Ramesh Mani > Fix For: 0.7.0 > > > Provide correct Ranger HiveAccessControlException message for DESCRIBE > <TABLE> when authorization fails due to lack of SELECT on all columns > Currently the message is misleading because it gives > HiveAccessControlException Permission denied: user [user1] does not have > [SELECT] privilege on [database/table] . > It doesn't provide which column it doesn't have SELECT permission. > It should have SELECT permission on all columns (\*) by default to DESCRIBE > as Hive doesn't provide ranger the necessary hooks to filter out the columns > which user doesn't have access to. Until hive provides this, the policy in > ranger should have SELECT on "*" for columns on a table in order for > describer to succeed. -- This message was sent by Atlassian JIRA (v6.3.15#6346) Previous message View by thread View by date Next message Reply via email to Search the site The Mail Archive home dev - all messages dev - about the list Expand Previous message Next message The Mail Archive home Add your mailing list FAQ Support Privacy JIRA.13032742.1483750726000.61139.1489957842417@Atlassian.JIRA

[Velmurugan Periasamy (JIRA)]

     [ 
https://issues.apache.org/jira/browse/RANGER-1297?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-1297:
-----------------------------------------
    Fix Version/s: 0.7.0

> Provide correct Ranger HiveAccessControlException message for DESCRIBE 
> <TABLE> when authorization fails due to lack of SELECT on all columns
> --------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: RANGER-1297
>                 URL: https://issues.apache.org/jira/browse/RANGER-1297
>             Project: Ranger
>          Issue Type: Bug
>            Reporter: Ramesh Mani
>            Assignee: Ramesh Mani
>             Fix For: 0.7.0
>
>
> Provide correct Ranger HiveAccessControlException message for DESCRIBE 
> <TABLE> when authorization fails due to lack of SELECT on all columns
> Currently the message is misleading because it gives 
> HiveAccessControlException Permission denied: user [user1] does not have 
> [SELECT] privilege on [database/table] . 
> It doesn't provide which column it doesn't have SELECT permission. 
> It should have SELECT permission on all columns (\*) by default to DESCRIBE 
> as Hive doesn't provide ranger the necessary hooks to filter out the columns 
> which user doesn't have access to. Until hive provides this, the policy in 
> ranger should have SELECT on  "*" for columns on a table in order for  
> describer to succeed.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)