[HIVE-11901] StorageBasedAuthorizationProvider requires write permission on table for SELECT statements - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 1.2.1
Fix Version/s: 1.3.0, 2.0.0
Component/s: Authorization
Labels:
None

Description

With ~~HIVE-7895~~, it will require write permission on the table directory even for a SELECT statement.

Looking at the stacktrace, it seems the method StorageBasedAuthorizationProvider#authorize(Table table, Partition part, Privilege[] readRequiredPriv, Privilege[] writeRequiredPriv) always treats a null partition as a CREATE statement, which can also be a SELECT.

We may have to check readRequiredPriv and writeRequiredPriv first in order to tell which statement it is.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HIVE-11901.03.patch
22/Oct/15 02:28
5 kB
Chengbing Liu
HIVE-11901.02.patch
21/Oct/15 08:59
4 kB
Chengbing Liu
HIVE-11901.01.patch
22/Sep/15 01:30
2 kB
Chengbing Liu

Activity

People

Assignee:: Chengbing Liu

Reporter:: Chengbing Liu

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Dates

Created:: 21/Sep/15 10:19

Updated:: 16/Feb/16 23:53

Resolved:: 23/Oct/15 06:44