> On April 30, 2017, 8:25 p.m., Madhan Neethiraj wrote: > > hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java > > Lines 1415 (patched) > > <https://reviews.apache.org/r/58658/diff/2/?file=1703904#file1703904line1416> > > > > Would current URI access checks (for hdfs://, file://), that are > > performed by FileSystem, be done using Ranger Hive policies after this > > patch? > > > > If yes, new Ranger Hive policies would have to be added to allow URL > > access; else it might break existing deployments. Please review. > > > > One option to consider is to fallback on FileSystem access check when > > there is no Ranger Hive policy to grant the necessary access.
Currently URI check for hdfs://, file:// are not done by the Hive Policies, it is be done by the FileSystem access check. Only if its s3a://, s3n:// it will be done by Hive Policy. - Ramesh ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/58658/#review173456 ----------------------------------------------------------- On May 4, 2017, 5:10 p.m., Ramesh Mani wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/58658/ > ----------------------------------------------------------- > > (Updated May 4, 2017, 5:10 p.m.) > > > Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, and Velmurugan > Periasamy. > > > Bugs: RANGER-1513 > https://issues.apache.org/jira/browse/RANGER-1513 > > > Repository: ranger > > > Description > ------- > > RANGER-1513:Add Support for S3 authorization in Ranger Hive Plugin > > > Diffs > ----- > > agents-common/src/main/resources/service-defs/ranger-servicedef-hive.json > b254d20 > > hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java > 2baa97b > > hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveResource.java > 09ecd1e > > hive-agent/src/test/java/org/apache/ranger/services/hive/HIVERangerAuthorizerTest.java > 57b4eef > hive-agent/src/test/resources/hive-policies.json 2b568dc > > security-admin/src/main/java/org/apache/ranger/patch/PatchForHiveServiceDefUpdate_J10007.java > PRE-CREATION > > > Diff: https://reviews.apache.org/r/58658/diff/3/ > > > Testing > ------- > > Test in local VM > > > Thanks, > > Ramesh Mani > >
