-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58912/
-----------------------------------------------------------
Review request for ranger, Madhan Neethiraj and Selvamohan Neethiraj.
Bugs: RANGER-1553
https://issues.apache.org/jira/browse/RANGER-1553
Repository: ranger
Description
-------
If hive service is associated with a tag service then when a ‘show databases’
command is authorized by Ranger, potentially, all tags associated with all hive
entities are evaluated to determine the authorization of the command.
Consequently, the audit log record generated for it will show, in the tags
field, every tag provisioned for any hive entity in Ranger. When a large number
of tags are associated with hive entities the audit log is very cluttered and
does not convey meaningful information.
For this specific command, tags information in the generated audit log record
is scrubbed.
Diffs
-----
hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuditHandler.java
9dea37a
Diff: https://reviews.apache.org/r/58912/diff/1/
Testing
-------
Tested with local VM
Thanks,
Abhay Kulkarni
