You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by pr...@apache.org on 2021/01/02 12:37:41 UTC
[ranger] 03/03: RANGER-3137: add select permission for lookup user
in hive-agent
This is an automated email from the ASF dual-hosted git repository.
pradeep pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
commit 6fcab6993e8beb94c80514dd44f53d9d5e63db8c
Author: rujia1019 <82...@163.com>
AuthorDate: Wed Dec 30 17:18:08 2020 +0800
RANGER-3137: add select permission for lookup user in hive-agent
Signed-off-by: pradeep <pr...@apache.org>
---
.../main/java/org/apache/ranger/services/hive/RangerServiceHive.java | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/hive-agent/src/main/java/org/apache/ranger/services/hive/RangerServiceHive.java b/hive-agent/src/main/java/org/apache/ranger/services/hive/RangerServiceHive.java
index dbec221..e3b245c 100644
--- a/hive-agent/src/main/java/org/apache/ranger/services/hive/RangerServiceHive.java
+++ b/hive-agent/src/main/java/org/apache/ranger/services/hive/RangerServiceHive.java
@@ -128,8 +128,11 @@ public class RangerServiceHive extends RangerBaseService {
if (defaultPolicy.getName().contains("all") && StringUtils.isNotBlank(lookUpUser)) {
RangerPolicyItem policyItemForLookupUser = new RangerPolicyItem();
+ List<RangerPolicyItemAccess> accessListForLookupUser = new ArrayList<>();
+ accessListForLookupUser.add(new RangerPolicyItemAccess(ACCESS_TYPE_READ));
+ accessListForLookupUser.add(new RangerPolicyItemAccess(ACCESS_TYPE_SELECT));
policyItemForLookupUser.setUsers(Collections.singletonList(lookUpUser));
- policyItemForLookupUser.setAccesses(Collections.singletonList(new RangerPolicyItemAccess(ACCESS_TYPE_READ)));
+ policyItemForLookupUser.setAccesses(accessListForLookupUser);
policyItemForLookupUser.setDelegateAdmin(false);
defaultPolicy.getPolicyItems().add(policyItemForLookupUser);
}