You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues-all@impala.apache.org by "Abhishek (Jira)" <ji...@apache.org> on 2022/06/24 13:38:00 UTC
[jira] [Created] (IMPALA-11393) User allowed to insert data into an Impala table when there is a deny policy on a table column
Abhishek created IMPALA-11393:
---------------------------------
Summary: User allowed to insert data into an Impala table when there is a deny policy on a table column
Key: IMPALA-11393
URL: https://issues.apache.org/jira/browse/IMPALA-11393
Project: IMPALA
Issue Type: Bug
Reporter: Abhishek
A user is allowed to enter data into a table even if there is a deny policy present
on one of the table columns.
Test scenario details :-
Policy setup :-
policy 1 :- all access policy for hrt_qa, hive and impala users
resources - database - * , table - *, column - *
users : hrt_qa, hive, impala
access - all access allowed
policy 2 :- policy on test_1.table_1 for hrt_5
users : hrt_5
resources : database - test_1, table - table_1, column - *
access :- all access allowed
policy 3 :- deny policy on test_1.table_1.c0 for hrt_5
users : hrt_5
resources : database - test_1, table - table_1, column - c0
access - all access denied
data setup :-
database - test_1
table - table_1(c0 int, c1 int)
The user is able to insert data into the table
But the user is denied access when the user tries to retrieve data from the table
The behaviour is not consistent as the user is allowed to insert data in one case
and is denied access to perform a select operation in another case.
The expected behaviour is that the user should be denied access to insert
data into the table
h4.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-all-unsubscribe@impala.apache.org
For additional commands, e-mail: issues-all-help@impala.apache.org