hive-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Thejas M Nair (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HIVE-11190) ConfVars.METASTORE_FILTER_HOOK in authorization V2 should not be hard code when the value is not default
Date Tue, 07 Jul 2015 17:49:04 GMT

    [ https://issues.apache.org/jira/browse/HIVE-11190?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14617059#comment-14617059
] 

Thejas M Nair commented on HIVE-11190:
--------------------------------------

[~dapengsun] When V2 authorization mode is used, the HiveAuthorizer.filterListCmdObjects is
expected to be called by authorization implementations. 
The SessionState.setAuthorizerV2Config call sets up the config so that things work appropriately
for V2 authorization, and it includes this change.
My concern is that if user might set this field to a custom value without ensuring that the
HiveAuthorizer  call also gets made.

What is the use case you have in mind ? Are you using sql standard authorization in this case
or another custom V2 authorization implementation ? Would it work to move the logic from your
custom filter hook to HiveAuthorizer.filterListCmdObjects implementation ?


> ConfVars.METASTORE_FILTER_HOOK in authorization V2 should not be hard code when the value
is not default
> --------------------------------------------------------------------------------------------------------
>
>                 Key: HIVE-11190
>                 URL: https://issues.apache.org/jira/browse/HIVE-11190
>             Project: Hive
>          Issue Type: Bug
>            Reporter: Dapeng Sun
>            Assignee: Dapeng Sun
>         Attachments: HIVE-11190.001.patch
>
>
> ConfVars.METASTORE_FILTER_HOOK in authorization V2 should not be hard code when the value
is not default.
> it will cause user failed to customize the METASTORE_FILTER_HOOK



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message