Abhay Kulkarni commented on RANGER-2045:

Additional commits:





> Hive table columns with no explicit allow policy are listed with 'desc table' 
> command
> -------------------------------------------------------------------------------------
>                 Key: RANGER-2045
>                 URL: https://issues.apache.org/jira/browse/RANGER-2045
>             Project: Ranger
>          Issue Type: Bug
>          Components: Ranger
>    Affects Versions: 1.0.0, master
>            Reporter: Anuja Leekha
>            Assignee: Abhay Kulkarni
>            Priority: Major
>             Fix For: 1.0.0, master
> *Test scenario*
> 'xasecure.hive.describetable.showcolumns.authorization.option' set to 'none'
> Database 'testdb' has a table 'testtable1' with 3 columns 'name', 'age', 
> 'city'.
> Hive Policy exists giving user 'hrt_1' 'select' privilege on DB='testdb', 
> table='testtable1' and columns='name', 'age' [user does not have permissions 
> on 'city' column].
> "DESCRIBE testdb.testtable1" and "show columns in testdb.testtable1" commands 
> show results with 'city' column included.
> When 'xasecure.hive.describetable.showcolumns.authorization.option' is set to 
> 'none', Hive would follow default behavior and should deny DESCRIBE table and 
> show column commands as the policy does not grant the test user access to all 
> columns of the table. But the commands go through fine.

This message was sent by Atlassian JIRA

Reply via email to