[
https://issues.apache.org/jira/browse/HIVE-11901?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14959584#comment-14959584
]
Thejas M Nair commented on HIVE-11901:
--------------------------------------
[~chengbing.liu] It is better to include the tests with fix as far as possible.
Otherwise, the tests don't often get added, and we won't notice the regression
if it happens again.
Please take a look at the test cases in
TestStorageBasedMetastoreAuthorizationReads or
TestStorageBasedMetastoreAuthorizationDrops for examples on how to create the
test case.
Let me know if you need help with that.
> StorageBasedAuthorizationProvider requires write permission on table for
> SELECT statements
> ------------------------------------------------------------------------------------------
>
> Key: HIVE-11901
> URL: https://issues.apache.org/jira/browse/HIVE-11901
> Project: Hive
> Issue Type: Bug
> Components: Authorization
> Affects Versions: 1.2.1
> Reporter: Chengbing Liu
> Assignee: Chengbing Liu
> Attachments: HIVE-11901.01.patch
>
>
> With HIVE-7895, it will require write permission on the table directory even
> for a SELECT statement.
> Looking at the stacktrace, it seems the method
> {{StorageBasedAuthorizationProvider#authorize(Table table, Partition part,
> Privilege[] readRequiredPriv, Privilege[] writeRequiredPriv)}} always treats
> a null partition as a CREATE statement, which can also be a SELECT.
> We may have to check {{readRequiredPriv}} and {{writeRequiredPriv}} first
> in order to tell which statement it is.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
