You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@hive.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2022/03/01 19:01:00 UTC

[jira] [Work logged] (HIVE-25988) CreateTableEvent should have database object as one of the hive privilege object.

     [ https://issues.apache.org/jira/browse/HIVE-25988?focusedWorklogId=734866&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-734866 ]

ASF GitHub Bot logged work on HIVE-25988:
-----------------------------------------

                Author: ASF GitHub Bot
            Created on: 01/Mar/22 19:00
            Start Date: 01/Mar/22 19:00
    Worklog Time Spent: 10m 
      Work Description: nrg4878 commented on a change in pull request #3057:
URL: https://github.com/apache/hive/pull/3057#discussion_r817056805



##########
File path: ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/metastore/events/CreateTableEvent.java
##########
@@ -56,16 +57,28 @@ public HiveMetaStoreAuthzInfo getAuthzContext() {
     return ret;
   }
 
-  private List<HivePrivilegeObject> getInputHObjs() { return Collections.emptyList(); }
+  private List<HivePrivilegeObject> getInputHObjs() {
+    List<HivePrivilegeObject> ret   = new ArrayList<>();
+    PreCreateTableEvent       event = (PreCreateTableEvent) preEventContext;
+    Table                     table = event.getTable();
+    String                    uri   = getSdLocation(table.getSd());
+

Review comment:
       Shouldn't we also add the table itself to this set? Looks like we are adding just the location check




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


Issue Time Tracking
-------------------

    Worklog Id:     (was: 734866)
    Time Spent: 20m  (was: 10m)

> CreateTableEvent should have database object as one of the hive privilege object.
> ---------------------------------------------------------------------------------
>
>                 Key: HIVE-25988
>                 URL: https://issues.apache.org/jira/browse/HIVE-25988
>             Project: Hive
>          Issue Type: Bug
>          Components: Hive, Standalone Metastore
>            Reporter: Sai Hemanth Gantasala
>            Assignee: Sai Hemanth Gantasala
>            Priority: Major
>              Labels: pull-request-available
>          Time Spent: 20m
>  Remaining Estimate: 0h
>
> The CreateTableEvent in HMS should have a database object as one of the HivePrivilege Objects so that it is consistent with HS2's CreateTable Event.
> Also, we need to move the DFS_URI object into the InputList so that this is also consistent with HS2's behavior.
> Having database objects in the create table events hive privilege objects helps to determine if a user has the right permissions to create a table in a particular database via ranger/sentry.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)