You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@hive.apache.org by "Aihua Xu (JIRA)" <ji...@apache.org> on 2017/10/02 03:18:02 UTC
[jira] [Updated] (HIVE-17544) Provide classname info for function
authorization
[ https://issues.apache.org/jira/browse/HIVE-17544?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Aihua Xu updated HIVE-17544:
----------------------------
Attachment: HIVE-17544.2.patch
> Provide classname info for function authorization
> -------------------------------------------------
>
> Key: HIVE-17544
> URL: https://issues.apache.org/jira/browse/HIVE-17544
> Project: Hive
> Issue Type: Task
> Components: Authorization
> Affects Versions: 2.1.1
> Reporter: Na Li
> Assignee: Aihua Xu
> Priority: Critical
> Attachments: HIVE-17544.1.patch, HIVE-17544.2.patch
>
>
> Right now, for authorization 2, the HiveAuthorizationValidator.checkPrivileges(HiveOperationType var1, List<HivePrivilegeObject> var2, List<HivePrivilegeObject> var3, HiveAuthzContext var4) does not contain the parsed sql command string as input. Therefore, Sentry has to parse the command again.
> The API should be changed to include all required information as input, so Sentry does not need to parse the sql command string again.
> known situations:
> 1) when dropping a database which does not exist, hive should not call sentry or it calls sentry with database name as input
> 2) when creating function, hive should provide UDF class name as input.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)