[
https://issues.apache.org/jira/browse/SENTRY-1957?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16197073#comment-16197073
]
Sergio Peña commented on SENTRY-1957:
-------------------------------------
[~LinaAtAustin] This patch may fail for other DDL commands because the fix is
not included in any Hive release, right?
Btw, I was thinking that we could make things easier instead of fixing the
checkPrivileges() method. Seems we're going to use the semantic hooks to get
extra information from some DDL commands, but if we're doing that, why we don't
just go back to the original privilege checks from the semantic hooks? The Hive
code does not have any extra benefit on using the semantic hooks or the
checkPrivileges() method. Both are executed during the query compilation and
seems we get better info from the semantic hooks.
What do you think?
FYI [~kkalyan] [~coheig]
> Do not parse hive sql string in Sentry
> --------------------------------------
>
> Key: SENTRY-1957
> URL: https://issues.apache.org/jira/browse/SENTRY-1957
> Project: Sentry
> Issue Type: Task
> Components: Sentry
> Affects Versions: 2.0.0
> Reporter: Na Li
> Assignee: Na Li
> Attachments: SENTRY-1957.002.patch, SENTRY-1957.003.patch
>
>
> In current authorization 2 API, Hive does not provide parsed sql string to
> Sentry. So sentry parses the sql string to get database name and table name.
> Once the API changes to include the parsed sql string, sentry should remove
> the code that parses the sql string in SimpleSemanticAnalyzer.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
