Fredy Wijaya created IMPALA-8716:
------------------------------------
Summary: Log a a group of privileges into a single audit log
Key: IMPALA-8716
URL: https://issues.apache.org/jira/browse/IMPALA-8716
Project: IMPALA
Issue Type: Sub-task
Components: Frontend
Reporter: Fredy Wijaya
Assignee: Fredy Wijaya
Some privileges, such as VIEW_METADATA consists of multiple privileges (INSERT,
SELECT, REFRESH). For example if we have run "show partitions foo.barfoo.bar"
and we have SELECT privilege on table "foo.bar", we will be creating 2 audit
logs:
- Attempt to check if there's INSERT privilege on table "foo.bar" -- denied,
INSERT, foo.bar
- Attempt to check if there's SELECT privilege on table "foo.bar" -- allowed,
SELECT, foo.bar
This can be confusing. A better solution is to log this as a single audit log,
e.g.
- allowed, VIEW_METADATA, foo.bar
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
