zhangbutao commented on code in PR #3218:
URL: https://github.com/apache/hive/pull/3218#discussion_r2425135876
##########
ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HivePrivilegeObject.java:
##########
@@ -144,20 +162,22 @@ public enum HivePrivObjectActionType {
// is applied to the table.
private String rowFilterExpression;
- public HivePrivilegeObject(HivePrivilegeObjectType type, String dbname,
String objectName) {
- this(type, dbname, objectName, HivePrivObjectActionType.OTHER);
+ public HivePrivilegeObject(HivePrivilegeObjectType type, String objectName) {
Review Comment:
If the Hive dependencies for Spark or Ranger haven't been upgraded, Ranger
can still use lower-version(<4.0) Hive dependencies to authorize operations on
higher-version(4.2) Hive, as long as the Hive APIs used remain backward
compatible. However, if the higher-version(4.2) Hive API (such as
HivePrivilegeObject) introduces compatibility-breaking changes, Ranger will no
longer be able to use lower-version(<4.0) Hive dependencies to authorize
higher-version Hive. In such cases, Ranger and Spark would have to upgrade
their Hive version, but this upgrade process could be very slow (for example,
as seen in https://github.com/apache/spark/pull/52099/files). During this
period, users might be unable to use Ranger for authorization, leading to
significant usage issues.
Therefore, it is necessary to retain the original API, which at least
ensures that Ranger can authorize databases and tables under the default `hive
`catalog without upgrading its Hive dependencies.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
