[
https://issues.apache.org/jira/browse/RANGER-3985?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jonas Hartwig updated RANGER-3985:
----------------------------------
Description:
The ranger rules to create tables in Trino only check data base level on
create. They should check by table name as well. It easily get inconsistent, if
users or groups are allowed to read, drop and alter certain tables like
t_<user>_* but may create any.
At the moment, the same rule is used to check if a catalog can be created for
table creation
was:The ranger rules to create tables in Trino only check data base level on
create. They should check by table name as well. It easily get inconsistent, if
users or groups are allowed to read, drop and alter certain tables like
t_<user>_* but may create any.
> Trino plugin: Check table name when creating tables
> ---------------------------------------------------
>
> Key: RANGER-3985
> URL: https://issues.apache.org/jira/browse/RANGER-3985
> Project: Ranger
> Issue Type: Improvement
> Components: plugins
> Affects Versions: 2.3.0
> Reporter: Jonas Hartwig
> Priority: Major
> Fix For: 2.4.0
>
>
> The ranger rules to create tables in Trino only check data base level on
> create. They should check by table name as well. It easily get inconsistent,
> if users or groups are allowed to read, drop and alter certain tables like
> t_<user>_* but may create any.
>
> At the moment, the same rule is used to check if a catalog can be created for
> table creation
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
