[kudu-CR] [ranger] fix incorrect authz enforcement in Ranger authz provider

Andrew Wong (Code Review) Sat, 14 Mar 2020 12:40:51 -0700

Andrew Wong has posted comments on this change. ( 
http://gerrit.cloudera.org:8080/15436 )


Change subject: [ranger] fix incorrect authz enforcement in Ranger authz 
provider
......................................................................


Patch Set 1:

(1 comment)

http://gerrit.cloudera.org:8080/#/c/15436/1/src/kudu/ranger/ranger_client.h
File src/kudu/ranger/ranger_client.h:

http://gerrit.cloudera.org:8080/#/c/15436/1/src/kudu/ranger/ranger_client.h@57
PS1, Line 57:   // note that a privilege scope cannot imply another in Ranger.
Is this what we want? Doesn't that mean we should check for database privileges 
before doing anything? Then table, then column?



--
To view, visit http://gerrit.cloudera.org:8080/15436
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings

Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: comment
Gerrit-Change-Id: I267aabc5f224ee7ceeffd6187785595dd6f16487
Gerrit-Change-Number: 15436
Gerrit-PatchSet: 1
Gerrit-Owner: Hao Hao <hao....@cloudera.com>
Gerrit-Reviewer: Adar Dembo <a...@cloudera.com>
Gerrit-Reviewer: Andrew Wong <aw...@cloudera.com>
Gerrit-Reviewer: Attila Bukor <abu...@apache.org>
Gerrit-Reviewer: Hao Hao <hao....@cloudera.com>
Gerrit-Reviewer: Kudu Jenkins (120)
Gerrit-Comment-Date: Sat, 14 Mar 2020 19:40:29 +0000
Gerrit-HasComments: Yes

[kudu-CR] [ranger] fix incorrect authz enforcement in Ranger authz provider

Reply via email to