You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@sentry.apache.org by "Tao Wang (JIRA)" <ji...@apache.org> on 2016/09/13 07:04:20 UTC

[jira] [Created] (SENTRY-1469) Few questions about columnar/row-level/view access control

Tao Wang created SENTRY-1469:
--------------------------------

             Summary: Few questions about columnar/row-level/view access control
                 Key: SENTRY-1469
                 URL: https://issues.apache.org/jira/browse/SENTRY-1469
             Project: Sentry
          Issue Type: Wish
            Reporter: Tao Wang


Hello everyone,

recently we have demands on access control for sql components(hive and spark sql), so we wanna check if Sentry is a proper option for us.

After reading some official docs, we still have few questions which are not very clear, mainly about privillges mapping between file and database object.

1.We know table privilleges are mapping to files which belongs to that table, and from SENTRY-755 we can know user cannot get file permissions when it get only partial columns privilleges. But if user has no permisson of that file, how can it do read/write operations in sql task?

2.From official docs I cound not find the detail description of columnar/row-level access control. In SENTRY-74 the design docs only tell us about the database storage/rpc message/policy, but no information about how file permissions are mapping to sql objects. Can you guys offer a rules description or some docs for me? I'd appreciate a lot.

3.How about those in view? I mean if we grant privilleges of view on user, what will the file permissions of the table related be like?



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)