hive-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Thejas M Nair (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HIVE-5923) sql std auth - parser changes
Date Tue, 03 Dec 2013 04:15:36 GMT

    [ https://issues.apache.org/jira/browse/HIVE-5923?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13837309#comment-13837309
] 

Thejas M Nair commented on HIVE-5923:
-------------------------------------


new statements in proposal 
- SET ROLE
- SHOW CURRENT ROLES
- SHOW ALL ROLES
- DESCRIBE ROLE


- Grant privilege and revoke privilege statements need to be changed to remove the requirement
(but not the option) for the noise word TABLE.  In the SQL specification table is the assumed
default for grant and revoke statements.  Today Hive’s syntax is GRANT action ON TABLE table
TO grantee.  It should be GRANT action ON [TABLE] table TO grantee.
- Grant privilege and revoke privilege statements need to be changed to remove the requirement
to specify whether the grantee is a user or role.  That is, today Hive’s syntax is GRANT
action ON [TABLE] table TO grantee where grantee is USER|ROLE identifier.  The keywords USER
or ROLE do not belong here.  It should not be legal to have a role that shares a name with
a user.  For backward compatibility we will allow these extra keywords but warn that the usage
is deprecated.
- Grant role and revoke role statements need to be changed to remove the keyword ROLE.  Current
Hive syntax is GRANT ROLE rolename TO grantee.  It should be GRANT rolename TO grantee.  The
same applies for revoke role.
- Support for WITH ADMIN OPTION needs to be added to grant role and revoke role statements.
- Support for GRANTED BY needs to be added to all grant and revoke statements.
- Privileges INSERT and DELETE need to be added to the language.
- New statements SHOW ROLE and SHOW ROLE roleid need to be added to the language.


> sql std auth - parser changes
> -----------------------------
>
>                 Key: HIVE-5923
>                 URL: https://issues.apache.org/jira/browse/HIVE-5923
>             Project: Hive
>          Issue Type: Sub-task
>          Components: Authorization
>            Reporter: Thejas M Nair
>
> There are new access control statements proposed in the functional spec in HIVE-5837
. It also proposes some small changes to the existing query syntax (mostly extensions and
some optional keywords).
> The syntax supported should depend on the current authorization mode.



--
This message was sent by Atlassian JIRA
(v6.1#6144)

Mime
View raw message