[
https://issues.apache.org/jira/browse/HIVE-11205?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14619613#comment-14619613
]
Thejas M Nair commented on HIVE-11205:
--------------------------------------
Thanks for the patch [~szczeles]!
I see that the current code is incorrect. Does the code later end up calling
authorization for create table ? ie, do we still get the error if the "create
table ro_db.test(.. )" is called ? (I am not as familiar with the legacy auth
mode, so I can't quickly tell).
Will you also be able to include a test case for this ?
You can create one similar to
./ql/src/test/queries/clientpositive/authorization_1.q
To run test
cd itests; mvn test -Dtest=TestCliDriver
'-Dqfile_regex=.*<your_new_authorization_test>.*'
(replace <your_new_authorization_test> with your new test file name)
> Unable to create table being in read-only database
> --------------------------------------------------
>
> Key: HIVE-11205
> URL: https://issues.apache.org/jira/browse/HIVE-11205
> Project: Hive
> Issue Type: Bug
> Affects Versions: 1.2.0, 1.2.1
> Reporter: Mariusz Strzelecki
> Assignee: Mariusz Strzelecki
> Attachments: HIVE-11205.patch
>
>
> With enabled Legacy Authorization I cannot create table being in database
> that is read-only to me. For example:
> {noformat}
> > use ro_db;
> No rows affected (1.222 seconds)
> > create table rw_db.test (s string);
> Error: Error while compiling statement: No privilege 'Create' found for
> outputs { database:ro_db} (state=42000,code=403)
> > use rw_db;
> No rows affected (0.407 seconds)
> > create table rw_db.test (s string);
> No rows affected (2.216 seconds)
> {noformat}
> This happens because doAuthorization method checks write permissions against
> current database and then againts output database. Check for current database
> is not needed.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
