[jira] [Resolved] (RANGER-1297) Provide correct Ranger HiveAccessControlException message for DESCRIBE when authorization fails due to lack of SELECT on all columns Ramesh Mani (JIRA) Mon, 09 Jan 2017 13:37:52 -0800 [ https://issues.apache.org/jira/browse/RANGER-1297?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Ramesh Mani resolved RANGER-1297. --------------------------------- Resolution: Fixed > Provide correct Ranger HiveAccessControlException message for DESCRIBE > <TABLE> when authorization fails due to lack of SELECT on all columns > -------------------------------------------------------------------------------------------------------------------------------------------- > > Key: RANGER-1297 > URL: https://issues.apache.org/jira/browse/RANGER-1297 > Project: Ranger > Issue Type: Bug > Reporter: Ramesh Mani > Assignee: Ramesh Mani > > Provide correct Ranger HiveAccessControlException message for DESCRIBE > <TABLE> when authorization fails due to lack of SELECT on all columns > Currently the message is misleading because it gives > HiveAccessControlException Permission denied: user [user1] does not have > [SELECT] privilege on [database/table] . > It doesn't provide which column it doesn't have SELECT permission. > It should have SELECT permission on all columns (\*) by default to DESCRIBE > as Hive doesn't provide ranger the necessary hooks to filter out the columns > which user doesn't have access to. Until hive provides this, the policy in > ranger should have SELECT on "*" for columns on a table in order for > describer to succeed. -- This message was sent by Atlassian JIRA (v6.3.4#6332) Previous message View by thread View by date Next message Reply via email to Search the site The Mail Archive home dev - all messages dev - about the list Expand Previous message Next message The Mail Archive home Add your mailing list FAQ Support Privacy JIRA.13032742.1483750726000.689711.1483997818970@Atlassian.JIRA

[Ramesh Mani (JIRA)]

     [ 
https://issues.apache.org/jira/browse/RANGER-1297?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani resolved RANGER-1297.
---------------------------------
    Resolution: Fixed

> Provide correct Ranger HiveAccessControlException message for DESCRIBE 
> <TABLE> when authorization fails due to lack of SELECT on all columns
> --------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: RANGER-1297
>                 URL: https://issues.apache.org/jira/browse/RANGER-1297
>             Project: Ranger
>          Issue Type: Bug
>            Reporter: Ramesh Mani
>            Assignee: Ramesh Mani
>
> Provide correct Ranger HiveAccessControlException message for DESCRIBE 
> <TABLE> when authorization fails due to lack of SELECT on all columns
> Currently the message is misleading because it gives 
> HiveAccessControlException Permission denied: user [user1] does not have 
> [SELECT] privilege on [database/table] . 
> It doesn't provide which column it doesn't have SELECT permission. 
> It should have SELECT permission on all columns (\*) by default to DESCRIBE 
> as Hive doesn't provide ranger the necessary hooks to filter out the columns 
> which user doesn't have access to. Until hive provides this, the policy in 
> ranger should have SELECT on  "*" for columns on a table in order for  
> describer to succeed.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)