You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by "sneha_surjuse (Jira)" <ji...@apache.org> on 2023/05/16 09:43:00 UTC
[jira] [Assigned] (RANGER-3786) User allowed to insert data into a hive table when there is a deny policy on a table column
[ https://issues.apache.org/jira/browse/RANGER-3786?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
sneha_surjuse reassigned RANGER-3786:
-------------------------------------
Assignee: sneha_surjuse
> User allowed to insert data into a hive table when there is a deny policy on a table column
> -------------------------------------------------------------------------------------------
>
> Key: RANGER-3786
> URL: https://issues.apache.org/jira/browse/RANGER-3786
> Project: Ranger
> Issue Type: Bug
> Components: Ranger
> Reporter: Abhishek
> Assignee: sneha_surjuse
> Priority: Major
>
> A user is allowed to enter data into a table even if there is a deny policy present
> on one of the table columns.
> Test scenario details :-
> Policy setup :-
> policy 1 :- all access policy for hrt_qa, hive and impala users
> resources - database - * , table - *, column - *
> users : hrt_qa, hive, impala
> access - all access allowed
> policy 2 :- policy on test_1.table_1 for hrt_5
> users : hrt_5
> resources : database - test_1, table - table_1, column - *
> access :- all access allowed
> policy 3 :- deny policy on test_1.table_1.c0 for hrt_5
> users : hrt_5
> resources : database - test_1, table - table_1, column - c0
> access - all access denied
> data setup :-
> database - test_1
> table - table_1(c0 int, c1 int)
> Run insert command on test_1.table_1 as user hrt_5.
> User is able to insert data into the table when there is a deny policy for the user
--
This message was sent by Atlassian Jira
(v8.20.10#820010)