hive-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "youchuikai (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HIVE-15687) SQL Standard auth: INSERT and DELETE privileges don't actually exist.
Date Tue, 29 Aug 2017 02:45:01 GMT

    [ https://issues.apache.org/jira/browse/HIVE-15687?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16144672#comment-16144672
] 

youchuikai commented on HIVE-15687:
-----------------------------------

[~cltlfcjin] Do you have method to solved the question of HIVE-15687?
You say:set hive.security.authorization.manager to org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdConfOnlyAuthorizerFactory
to get v2 authorization to grant INSERT | DELETE,Is this method able to sovle the problem?

> SQL Standard auth: INSERT and DELETE privileges don't actually exist.
> ---------------------------------------------------------------------
>
>                 Key: HIVE-15687
>                 URL: https://issues.apache.org/jira/browse/HIVE-15687
>             Project: Hive
>          Issue Type: Bug
>            Reporter: Carter Shanklin
>            Assignee: Lantao Jin
>
> The documentation states https://cwiki.apache.org/confluence/display/Hive/SQL+Standard+Based+Hive+Authorization#SQLStandardBasedHiveAuthorization-ObjectPrivilegeCommands
that there are privilege types of INSERT | SELECT | UPDATE | DELETE | ALL.
> Experience suggests otherwise:
> {code}
> : jdbc:hive2://localhost:10000/default> grant select on table secured_table to role
my_role;
> No rows affected (0.034 seconds)
> 0: jdbc:hive2://localhost:10000/default> grant insert on table secured_table to role
my_role;
> Error: Error while compiling statement: FAILED: SemanticException Undefined privilege
Insert (state=42000,code=40000)
> 0: jdbc:hive2://localhost:10000/default> grant update on table secured_table to role
my_role;
> No rows affected (0.037 seconds)
> 0: jdbc:hive2://localhost:10000/default> grant delete on table secured_table to role
my_role;
> Error: Error while compiling statement: FAILED: SemanticException Undefined privilege
Delete (state=42000,code=40000)
> 0: jdbc:hive2://localhost:10000/default> select version();
> +--------------------------------------------------------------+--+
> |                             _c0                              |
> +--------------------------------------------------------------+--+
> | 2.1.0.2.6.0.0-369 r434bfeb707d21f6b44121ac7dfe5adbadb746387  |
> +--------------------------------------------------------------+--+
> {code}
> It would be good to support these, especially since Hive supports updates and deletions.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message