-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/66324/
-----------------------------------------------------------
Review request for ranger, Madhan Neethiraj and Ramesh Mani.
Bugs: RANGER-2045
https://issues.apache.org/jira/browse/RANGER-2045
Repository: ranger
Description
-------
Test scenario
'xasecure.hive.describetable.showcolumns.authorization.option' set to 'none'
Database 'testdb' has a table 'testtable1' with 3 columns 'name', 'age', 'city'.
Hive Policy exists giving user 'hrt_1' 'select' privilege on DB='testdb',
table='testtable1' and columns='name', 'age' [user does not have permissions on
'city' column].
"DESCRIBE testdb.testtable1" and "show columns in testdb.testtable1" commands
show results with 'city' column included.
When 'xasecure.hive.describetable.showcolumns.authorization.option' is set to
'none', Hive would follow default behavior and should deny DESCRIBE table and
show column commands as the policy does not grant the test user access to all
columns of the table. But the commands go through fine.
Diffs
-----
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java
55938b128
Diff: https://reviews.apache.org/r/66324/diff/1/
Testing
-------
Tested with local VM
Thanks,
Abhay Kulkarni
