hive-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Thejas Nair" <the...@hortonworks.com>
Subject Re: Review Request 17939: authorize role ops
Date Tue, 11 Feb 2014 16:40:03 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/17939/#review34195
-----------------------------------------------------------



trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java
<https://reviews.apache.org/r/17939/#comment64206>

    non admin users should be allowed to grant/revoke role if they have admin privileges on
the role.
    But that can be addressed in followup jira as well.
    



trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java
<https://reviews.apache.org/r/17939/#comment64207>

    It should return true only if the admin role is among the current roles (getCurrentRoles()).
    Can you also add that to this function javadoc ?
    


- Thejas Nair


On Feb. 11, 2014, 6:53 a.m., Ashutosh Chauhan wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/17939/
> -----------------------------------------------------------
> 
> (Updated Feb. 11, 2014, 6:53 a.m.)
> 
> 
> Review request for hive.
> 
> 
> Bugs: HIVE-5944
>     https://issues.apache.org/jira/browse/HIVE-5944
> 
> 
> Repository: hive
> 
> 
> Description
> -------
> 
> authorize role ops
> 
> 
> Diffs
> -----
> 
>   trunk/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java 1566991 
>   trunk/itests/util/src/main/java/org/apache/hadoop/hive/ql/QTestUtil.java 1566991 
>   trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAccessControlException.java
1566991 
>   trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAccessController.java
1566991 
>   trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAuthorizer.java
1566991 
>   trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAuthorizerImpl.java
1566991 
>   trunk/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/sqlstd/SQLStdHiveAccessController.java
1566991 
>   trunk/ql/src/test/queries/clientnegative/authorization_create_role_no_admin.q PRE-CREATION

>   trunk/ql/src/test/queries/clientnegative/authorization_role_cycles1.q 1566991 
>   trunk/ql/src/test/queries/clientnegative/authorization_role_cycles2.q 1566991 
>   trunk/ql/src/test/queries/clientnegative/authorization_show_roles_no_admin.q PRE-CREATION

>   trunk/ql/src/test/queries/clientpositive/authorization_1_sql_std.q 1566991 
>   trunk/ql/src/test/queries/clientpositive/authorization_role_grant1.q 1566991 
>   trunk/ql/src/test/queries/clientpositive/authorization_set_show_current_role.q 1566991

>   trunk/ql/src/test/results/clientnegative/authorization_create_role_no_admin.q.out PRE-CREATION

>   trunk/ql/src/test/results/clientnegative/authorization_show_roles_no_admin.q.out PRE-CREATION

>   trunk/ql/src/test/results/clientpositive/authorization_1_sql_std.q.out 1566991 
>   trunk/ql/src/test/results/clientpositive/authorization_role_grant1.q.out 1566991 
>   trunk/ql/src/test/results/clientpositive/authorization_set_show_current_role.q.out
1566991 
> 
> Diff: https://reviews.apache.org/r/17939/diff/
> 
> 
> Testing
> -------
> 
> Added new tests.
> 
> 
> Thanks,
> 
> Ashutosh Chauhan
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message