Tao Wang created SENTRY-1469:
--------------------------------
Summary: Few questions about columnar/row-level/view access control
Key: SENTRY-1469
URL: https://issues.apache.org/jira/browse/SENTRY-1469
Project: Sentry
Issue Type: Wish
Reporter: Tao Wang
Hello everyone,
recently we have demands on access control for sql components(hive and spark
sql), so we wanna check if Sentry is a proper option for us.
After reading some official docs, we still have few questions which are not
very clear, mainly about privillges mapping between file and database object.
1.We know table privilleges are mapping to files which belongs to that table,
and from SENTRY-755 we can know user cannot get file permissions when it get
only partial columns privilleges. But if user has no permisson of that file,
how can it do read/write operations in sql task?
2.From official docs I cound not find the detail description of
columnar/row-level access control. In SENTRY-74 the design docs only tell us
about the database storage/rpc message/policy, but no information about how
file permissions are mapping to sql objects. Can you guys offer a rules
description or some docs for me? I'd appreciate a lot.
3.How about those in view? I mean if we grant privilleges of view on user, what
will the file permissions of the table related be like?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
