You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hawq.apache.org by yo...@apache.org on 2017/04/25 00:04:17 UTC
[24/50] [abbrv] incubator-hawq-docs git commit: misc ranger doc
updates (closes #113)
misc ranger doc updates (closes #113)
Project: http://git-wip-us.apache.org/repos/asf/incubator-hawq-docs/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-hawq-docs/commit/51428eb2
Tree: http://git-wip-us.apache.org/repos/asf/incubator-hawq-docs/tree/51428eb2
Diff: http://git-wip-us.apache.org/repos/asf/incubator-hawq-docs/diff/51428eb2
Branch: refs/heads/master
Commit: 51428eb20bf32c98e3b322675333d27635c4113a
Parents: d57b25b
Author: Lisa Owen <lo...@pivotal.io>
Authored: Tue Apr 4 09:53:44 2017 -0700
Committer: David Yozie <yo...@apache.org>
Committed: Tue Apr 4 09:53:44 2017 -0700
----------------------------------------------------------------------
markdown/ranger/ranger-overview.html.md.erb | 2 +-
markdown/ranger/ranger-resource-perms.html.md.erb | 4 ++--
markdown/ranger/ranger-sqlcmd-summary.html.md.erb | 12 ++----------
3 files changed, 5 insertions(+), 13 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-hawq-docs/blob/51428eb2/markdown/ranger/ranger-overview.html.md.erb
----------------------------------------------------------------------
diff --git a/markdown/ranger/ranger-overview.html.md.erb b/markdown/ranger/ranger-overview.html.md.erb
index c7aad86..f88a093 100644
--- a/markdown/ranger/ranger-overview.html.md.erb
+++ b/markdown/ranger/ranger-overview.html.md.erb
@@ -44,5 +44,5 @@ The Ranger plug-in service is not compatible with Highly-Available HAWQ deployme
Ranger User Group policies cannot be used with HAWQ in this release. Only User Policies are currently supported.
-Some authorization checks for superuser-restricted authorization events are handled by HAWQ natively, even when Ranger integration is enabled. See [HAWQ-Native Authorization](ranger-policy-creation.html#alwaysnative).
+Some authorization checks for superuser-restricted authorization events are handled by HAWQ natively, even when Ranger integration is enabled. See [HAWQ-Native Authorization](../clientaccess/hawq-access-checks.html#alwaysnative).
http://git-wip-us.apache.org/repos/asf/incubator-hawq-docs/blob/51428eb2/markdown/ranger/ranger-resource-perms.html.md.erb
----------------------------------------------------------------------
diff --git a/markdown/ranger/ranger-resource-perms.html.md.erb b/markdown/ranger/ranger-resource-perms.html.md.erb
index c7d0dbf..c7d44e5 100644
--- a/markdown/ranger/ranger-resource-perms.html.md.erb
+++ b/markdown/ranger/ranger-resource-perms.html.md.erb
@@ -65,8 +65,8 @@ specifying these permissions:
| Permission | Allows SQL Commands | Equivalent GRANT Command |
|-------------|------------------------------|----------------------|
-| usage-schema | TOO MANY TO LIST?, built-in HAWQ functions | GRANT USAGE ON SCHEMA \<schema-name\> TO \<user-name\> |
-| create | CREATE [EXTERNAL] TABLE, CREATE SEQUENCE, CREATE FUNCTION, CREATE OPERATOR, CREATE OPERATOR CLASS (superuser only), CREATE AGGREGATE, CREATE VIEW, CREATE TYPE, SELECT INTO, ?MORE? | GRANT CREATE ON SCHEMA \<schema-name\> TO \<user-name\> |
+| usage-schema | MANY | GRANT USAGE ON SCHEMA \<schema-name\> TO \<user-name\> |
+| create | ALTER/CREATE AGGREGATE, ALTER TABLE, CREATE [EXTERNAL] TABLE, CREATE FUNCTION, CREATE OPERATOR, CREATE OPERATOR CLASS (superuser only), CREATE SEQUENCE, CREATE VIEW, CREATE TYPE, SELECT INTO | GRANT CREATE ON SCHEMA \<schema-name\> TO \<user-name\> |
## <a id="tblops"></a> Policies for Table Operations
http://git-wip-us.apache.org/repos/asf/incubator-hawq-docs/blob/51428eb2/markdown/ranger/ranger-sqlcmd-summary.html.md.erb
----------------------------------------------------------------------
diff --git a/markdown/ranger/ranger-sqlcmd-summary.html.md.erb b/markdown/ranger/ranger-sqlcmd-summary.html.md.erb
index 2e53f69..f28b357 100644
--- a/markdown/ranger/ranger-sqlcmd-summary.html.md.erb
+++ b/markdown/ranger/ranger-sqlcmd-summary.html.md.erb
@@ -164,19 +164,11 @@ The following table identifies the permissions required for common SQL commands.
<tr class="even">
-<td rowspan="4">CREATE FUNCTION<p><func-name><p>(untrusted <language-name>) &&</td>
+<td rowspan="2">CREATE FUNCTION<p><func-name><p>(untrusted <language-name>) &&</td>
<td>usage-schema, create</td>
<td><db-name>/<schema-name>/*</td>
</tr>
<tr class="odd">
-<td>usage</td>
-<td><db-name>/<language-name></td>
-</tr>
-<tr class="even">
-<td>execute</td>
-<td><db-name>/<schema-name>/<func-name></td>
-</tr>
-<tr class="odd">
<td></td>
<td>##</td>
</tr>
@@ -217,7 +209,7 @@ The following table identifies the permissions required for common SQL commands.
</tr>
<tr class="even">
-<td rowspan="2">CREATE ... TABLESPACE<p><tablespace-name></td>
+<td rowspan="2">CREATE TABLE ...<p>TABLESPACE<p><tablespace-name></td>
<td>usage-schema, create</td>
<td><db-name>/<schema-name>/*</td>
</tr>