Abhishek created RANGER-3786:
--------------------------------
Summary: User allowed to insert data into a hive table when there
is a deny policy on a table column
Key: RANGER-3786
URL: https://issues.apache.org/jira/browse/RANGER-3786
Project: Ranger
Issue Type: Bug
Components: Ranger
Reporter: Abhishek
A user is allowed to enter data into a table even if there is a deny policy
present
on one of the table columns.
Test scenario details :-
Policy setup :-
policy 1 :- all access policy for hrt_qa, hive and impala users
resources - database - * , table - *, column - *
users : hrt_qa, hive, impala
access - all access allowed
policy 2 :- policy on test_1.table_1 for hrt_5
users : hrt_5
resources : database - test_1, table - table_1, column - *
access :- all access allowed
policy 3 :- deny policy on test_1.table_1.c0 for hrt_5
users : hrt_5
resources : database - test_1, table - table_1, column - c0
access - all access denied
data setup :-
database - test_1
table - table_1(c0 int, c1 int)
Run insert command on test_1.table_1 as user hrt_5.
User is able to insert data into the table when there is a deny policy for the
user
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
