Riza Suminto has posted comments on this change. ( http://gerrit.cloudera.org:8080/23569 )
Change subject: IMPALA-14507: Register column-level privilege requests for INSERT ...................................................................... Patch Set 5: (2 comments) Giving my initial review here. http://gerrit.cloudera.org:8080/#/c/23569/5/fe/src/main/java/org/apache/impala/authorization/BaseAuthorizationChecker.java File fe/src/main/java/org/apache/impala/authorization/BaseAuthorizationChecker.java: http://gerrit.cloudera.org:8080/#/c/23569/5/fe/src/main/java/org/apache/impala/authorization/BaseAuthorizationChecker.java@158 PS5, Line 158: Set<Privilege> allowedTablePrivileges = EnumSet.of(Privilege.SELECT, : Privilege.INSERT, Privilege.CREATE, Privilege.ALL); Can you turn this into a constant of ImmutableSet? See FileSystemUtil.SCHEME_WRITEABLE_BY_IMPALA for example. http://gerrit.cloudera.org:8080/#/c/23569/5/tests/authorization/test_ranger.py File tests/authorization/test_ranger.py: http://gerrit.cloudera.org:8080/#/c/23569/5/tests/authorization/test_ranger.py@1509 PS5, Line 1509: admin_client.execute("grant insert on table {0}.{1} to user {2}" : .format(unique_database, unique_table, grantee_user)) : admin_client.execute("refresh authorization") : : TestRanger._add_deny_policy(unique_name, grantee_user, unique_database, : unique_table, "id", "update") : admin_client.execute("refresh authorization") : : result = self.execute_query_expect_failure(non_owner_client, : test_insert_query) Can you add comments on these test steps? I don't quite understand what happen. At first, it was granted insert privilege, then denied update on column 'id', then insert into is expected to fail? Can you add test inserting into the other column, 'bigint_col', and show that one works? -- To view, visit http://gerrit.cloudera.org:8080/23569 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: Impala-ASF Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I2ef61801d3b394c56702b193c250492a62b111df Gerrit-Change-Number: 23569 Gerrit-PatchSet: 5 Gerrit-Owner: Fang-Yu Rao <[email protected]> Gerrit-Reviewer: Fang-Yu Rao <[email protected]> Gerrit-Reviewer: Impala Public Jenkins <[email protected]> Gerrit-Reviewer: Noemi Pap-Takacs <[email protected]> Gerrit-Reviewer: Quanlong Huang <[email protected]> Gerrit-Reviewer: Riza Suminto <[email protected]> Gerrit-Comment-Date: Thu, 06 Nov 2025 00:14:49 +0000 Gerrit-HasComments: Yes
