----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73727/ -----------------------------------------------------------
Review request for ranger. Repository: ranger Description ------- In RangerHiveAuthorizer, the function of checkPrivileges will check the permission for the HivePrivilegeObject with FileUtils.isActionPermittedForFileHierarchy, and this method will check the permission for all the files under the related directory by default. For a large table with thousands of files, this operation will take a long time, leading to breaking the SLA. Besides, in the default implementation of StorageBasedAuthorizationProvider in Hive, only the directories will be checked too. This ticket is to add a config for users to do a coarse check for URI permission check. Jira ticket: https://issues.apache.org/jira/browse/RANGER-3298 Diffs ----- agents-common/src/main/java/org/apache/ranger/authorization/hadoop/constants/RangerHadoopConstants.java 31e4c0f4e hive-agent/conf/ranger-hive-security.xml 3a5fc54cd hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java e145ea299 Diff: https://reviews.apache.org/r/73727/diff/1/ Testing ------- Thanks, Yiyang Zhou
