Return-Path: 
 <issues-return-13063-apmail-hive-issues-archive=hive.apache.org@hive.apache.org>
X-Original-To: apmail-hive-issues-archive@minotaur.apache.org
Delivered-To: apmail-hive-issues-archive@minotaur.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id EDC3F187B4
	for <apmail-hive-issues-archive@minotaur.apache.org>;
 Tue,  7 Jul 2015 17:49:04 +0000 (UTC)
Received: (qmail 3125 invoked by uid 500); 7 Jul 2015 17:49:04 -0000
Delivered-To: apmail-hive-issues-archive@hive.apache.org
Received: (qmail 3103 invoked by uid 500); 7 Jul 2015 17:49:04 -0000
Mailing-List: contact issues-help@hive.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:issues-help@hive.apache.org>
List-Unsubscribe: <mailto:issues-unsubscribe@hive.apache.org>
List-Post: <mailto:issues@hive.apache.org>
List-Id: <issues.hive.apache.org>
Reply-To: dev@hive.apache.org
Delivered-To: mailing list issues@hive.apache.org
Received: (qmail 3093 invoked by uid 99); 7 Jul 2015 17:49:04 -0000
Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 07 Jul 2015 17:49:04 +0000
Date: Tue, 7 Jul 2015 17:49:04 +0000 (UTC)
From: "Thejas M Nair (JIRA)" <jira@apache.org>
To: issues@hive.apache.org
Message-ID: <JIRA.12843102.1436248277000.120086.1436291344598@Atlassian.JIRA>
In-Reply-To: <JIRA.12843102.1436248277000@Atlassian.JIRA>
References: <JIRA.12843102.1436248277000@Atlassian.JIRA>
 <JIRA.12843102.1436248277176@arcas>
Subject: [jira] [Commented] (HIVE-11190) ConfVars.METASTORE_FILTER_HOOK in
 authorization V2 should not be hard code when the value is not default
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394


    [ https://issues.apache.org/jira/browse/HIVE-11190?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14617059#comment-14617059 ] 

Thejas M Nair commented on HIVE-11190:
--------------------------------------

[~dapengsun] When V2 authorization mode is used, the HiveAuthorizer.filterListCmdObjects is expected to be called by authorization implementations. 
The SessionState.setAuthorizerV2Config call sets up the config so that things work appropriately for V2 authorization, and it includes this change.
My concern is that if user might set this field to a custom value without ensuring that the HiveAuthorizer  call also gets made.

What is the use case you have in mind ? Are you using sql standard authorization in this case or another custom V2 authorization implementation ? Would it work to move the logic from your custom filter hook to HiveAuthorizer.filterListCmdObjects implementation ?


> ConfVars.METASTORE_FILTER_HOOK in authorization V2 should not be hard code when the value is not default
> --------------------------------------------------------------------------------------------------------
>
>                 Key: HIVE-11190
>                 URL: https://issues.apache.org/jira/browse/HIVE-11190
>             Project: Hive
>          Issue Type: Bug
>            Reporter: Dapeng Sun
>            Assignee: Dapeng Sun
>         Attachments: HIVE-11190.001.patch
>
>
> ConfVars.METASTORE_FILTER_HOOK in authorization V2 should not be hard code when the value is not default.
> it will cause user failed to customize the METASTORE_FILTER_HOOK



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)