Details
-
Bug
-
Status: Open
-
Minor
-
Resolution: Unresolved
-
None
-
None
-
None
-
ghx-label-9
Description
This issue is initially reported in IMPALA-5998 but was marked as "cannot reproduce". I encountered this exact same issue on the upstream:
[localhost:21000] default> show current roles;
Query: show current roles
-----------
role_name |
-----------
guest |
-----------
Fetched 1 row(s) in 0.05s
[localhost:21000] default> show grant role guest;
Query: show grant role guest
------------------------------------------------------------------------------------------+
scope | database | table | column | uri | privilege | grant_option | create_time |
------------------------------------------------------------------------------------------+
database | _impala_builtins | select | false | Fri, Dec 13 2019 13:45:00.917 | |||
database | default | all | false | Tue, Dec 10 2019 15:43:50.497 | |||
column | tpch | test | c | select | false | Fri, Dec 13 2019 09:43:21.112 |
------------------------------------------------------------------------------------------+
Fetched 3 row(s) in 0.01s
[localhost:21000] default> show create table tpch.test;
Query: show create table tpch.test
ERROR: AuthorizationException: User 'test' does not have privileges to access: tpch.test
[localhost:21000] default> select * from tpch.test;
Query: select * from tpch.test
Query submitted at: 2019-12-29 15:56:37 (Coordinator: http://dnode:25000)
Query progress can be monitored at: http://dnode:25000/query_plan?query_id=234e59a328fc8046:e78b625d00000000
-----
c |
-----
100 |
-----
Fetched 1 row(s) in 0.23s
[localhost:21000] default> create view test_view as select * from tpch.test;
Query: create view test_view as select * from tpch.test
Query submitted at: 2019-12-29 15:57:02 (Coordinator: http://dnode:25000)
Query progress can be monitored at: http://dnode:25000/query_plan?query_id=ee48927ef97bdc09:1ec2396100000000
------------------------
summary |
------------------------
View has been created. |
------------------------
Fetched 1 row(s) in 0.12s
[localhost:21000] default> select * from test_view;
Query: select * from test_view
Query submitted at: 2019-12-29 15:57:07 (Coordinator: http://dnode:25000)
Query progress can be monitored at: http://dnode:25000/query_plan?query_id=5742d31eee7501ab:2945693500000000
-----
c |
-----
100 |
-----
Fetched 1 row(s) in 5.40s
[localhost:21000] default> explain select * from test_view;
Query: explain select * from test_view
ERROR: AuthorizationException: User 'test' does not have privileges to EXPLAIN this statement.
[localhost:21000] default> show create view test_view;
Query: show create view test_view
ERROR: AuthorizationException: User 'test' does not have privileges to see the definition of view 'default.test_view'.
I think there are 2 issues here:
1) User could not see the VIEW definition after creating it
2) User could not explain the VIEW, even with all columns granted