Zhihua Deng created SENTRY-2566: ----------------------------------- Summary: Output failed privileges when HiveAuthzBinding throws AuthorizationException Key: SENTRY-2566 URL: https://issues.apache.org/jira/browse/SENTRY-2566 Project: Sentry Issue Type: Improvement Reporter: Zhihua Deng
When using MetastoreAuthzBindingBase to authorize meta changes like creating tables, if user does not have the right privileges, the hive client gets the error message like this: {noformat} User u_dengzhihua does not have privileges for CREATETABLE{noformat} It's not easy for the user to figure out what privileges are missing. We should output the failed message like the DefaultSentryValidator does, the message would be like this: {noformat} User u_dengzhihua does not have privileges Server=server1->Db=test->action=create for CREATETABLE{noformat} -- This message was sent by Atlassian Jira (v8.3.4#803005)