[jira] [Work logged] (HIVE-16497) FileUtils. isActionPermittedForFileHierarchy, isOwnerOfFileHierarchy file system operations should be impersonated

[ASF GitHub Bot (Jira)]

     [ 
https://issues.apache.org/jira/browse/HIVE-16497?focusedWorklogId=446719&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-446719
 ]

ASF GitHub Bot logged work on HIVE-16497:
-----------------------------------------

                Author: ASF GitHub Bot
            Created on: 16/Jun/20 16:56
            Start Date: 16/Jun/20 16:56
    Worklog Time Spent: 10m 
      Work Description: github-actions[bot] commented on pull request #171:
URL: https://github.com/apache/hive/pull/171#issuecomment-644888176


   This pull request has been automatically marked as stale because it has not 
had recent activity. It will be closed if no further activity occurs.
   Feel free to reach out on the d...@hive.apache.org list if the patch is in 
need of reviews.


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


Issue Time Tracking
-------------------

            Worklog Id:     (was: 446719)
    Remaining Estimate: 0h
            Time Spent: 10m

> FileUtils. isActionPermittedForFileHierarchy, isOwnerOfFileHierarchy file 
> system operations should be impersonated
> ------------------------------------------------------------------------------------------------------------------
>
>                 Key: HIVE-16497
>                 URL: https://issues.apache.org/jira/browse/HIVE-16497
>             Project: Hive
>          Issue Type: Bug
>          Components: Authorization
>            Reporter: Thejas Nair
>            Assignee: Thejas Nair
>            Priority: Major
>             Fix For: 3.0.0
>
>         Attachments: HIVE-16497.1.patch, HIVE-16497.2.patch
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> FileUtils.isActionPermittedForFileHierarchy checks if user has permissions 
> for given action. The checks are made by impersonating the user.
> However, the listing of child dirs are done as the hiveserver2 user. If the 
> hive user doesn't have permissions on the filesystem, it gives incorrect 
> error that the user doesn't have permissions to perform the action.
> Impersonating the end user for all file operations in that function is also 
> logically correct thing to do.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)