[
https://issues.apache.org/jira/browse/RANGER-1195?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15635434#comment-15635434
]
Ramesh Mani edited comment on RANGER-1195 at 11/4/16 6:52 AM:
--------------------------------------------------------------
[~Jaraxal] We should also include SHOW COLUMNS (FROM|IN) table_name [(FROM|IN)
db_name] as it also provide the same functionality. Ranger HiveAuthorizer
should show all the columns for DESCRIBE/SHOW COLUMNS on table if user has any
access on database/table/column
was (Author: rmani):
[~Jaraxal] We should also include SHOW COLUMNS (FROM|IN) table_name [(FROM|IN)
db_name] as it also provide the same functionality.Hive Ranger Plugin should
allow access to DESCRIBE/SHOW COLUMNS on table if user has any access on
database/table/column
> Ranger should allow for "select *" and "describe" on tables where user access
> is limited to a subset of columns.
> ----------------------------------------------------------------------------------------------------------------
>
> Key: RANGER-1195
> URL: https://issues.apache.org/jira/browse/RANGER-1195
> Project: Ranger
> Issue Type: Improvement
> Components: plugins
> Affects Versions: 0.5.1, 0.5.2, 0.6.0, 0.5.3, 0.6.1
> Reporter: Michael Young
> Fix For: 0.7.0
>
>
> If you create a Hive policy in Ranger which allows only a subset of columns
> in a table, users are unable to "select * from tablename" or "describe
> tablename". The user must know in advance to which columns they are allowed
> access, but they can't use "describe" to see a list of columns they are
> allowed.
> When doing either select or describe in Hive, Ranger should dynamically
> filter the columns the user is not allowed to see.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
