[
https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16184569#comment-16184569
]
Thejas M Nair commented on HIVE-17606:
--------------------------------------
I see one possible issue with the test case.
If the "rsp = metaStoreClient.getNextNotification(firstEventId, 0, null);" that
is supposed to work throws an exception, the test would still pass. Is that
right ?
> Improve security for DB notification related APIs
> -------------------------------------------------
>
> Key: HIVE-17606
> URL: https://issues.apache.org/jira/browse/HIVE-17606
> Project: Hive
> Issue Type: Improvement
> Components: Metastore
> Reporter: Tao Li
> Assignee: Tao Li
> Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch,
> HIVE-17606.3.patch, HIVE-17606.4.patch, HIVE-17606.5.patch,
> HIVE-17606.6.patch, HIVE-17606.7.patch, HIVE-17606.8.patch
>
>
> The purpose is to make sure only the superusers which are specified in the
> proxyuser settings can make the db notification related API calls, since this
> is supposed to be called by superuser/admin instead of any end user.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
