[
https://issues.apache.org/jira/browse/RANGER-2045?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16429575#comment-16429575
]
Abhay Kulkarni commented on RANGER-2045:
----------------------------------------
Additional commits:
ranger-1.0:
https://git-wip-us.apache.org/repos/asf?p=ranger.git;a=commit;h=889999a1ffbc230fa9204d2e8a0464bfcf024180
master:
https://git-wip-us.apache.org/repos/asf?p=ranger.git;a=commit;h=fe854a061e0948f27437fb5d9e6f24f0cac0f372
> Hive table columns with no explicit allow policy are listed with 'desc table'
> command
> -------------------------------------------------------------------------------------
>
> Key: RANGER-2045
> URL: https://issues.apache.org/jira/browse/RANGER-2045
> Project: Ranger
> Issue Type: Bug
> Components: Ranger
> Affects Versions: 1.0.0, master
> Reporter: Anuja Leekha
> Assignee: Abhay Kulkarni
> Priority: Major
> Fix For: 1.0.0, master
>
>
> *Test scenario*
> 'xasecure.hive.describetable.showcolumns.authorization.option' set to 'none'
> Database 'testdb' has a table 'testtable1' with 3 columns 'name', 'age',
> 'city'.
> Hive Policy exists giving user 'hrt_1' 'select' privilege on DB='testdb',
> table='testtable1' and columns='name', 'age' [user does not have permissions
> on 'city' column].
> "DESCRIBE testdb.testtable1" and "show columns in testdb.testtable1" commands
> show results with 'city' column included.
> When 'xasecure.hive.describetable.showcolumns.authorization.option' is set to
> 'none', Hive would follow default behavior and should deny DESCRIBE table and
> show column commands as the policy does not grant the test user access to all
> columns of the table. But the commands go through fine.
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
