You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@hive.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2021/10/22 15:59:00 UTC

[jira] [Work logged] (HIVE-25547) ALTER VIEW AS SELECT statement should create authorizable events in HiveServer2

     [ https://issues.apache.org/jira/browse/HIVE-25547?focusedWorklogId=669012&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-669012 ]

ASF GitHub Bot logged work on HIVE-25547:
-----------------------------------------

                Author: ASF GitHub Bot
            Created on: 22/Oct/21 15:58
            Start Date: 22/Oct/21 15:58
    Worklog Time Spent: 10m 
      Work Description: nrg4878 commented on pull request #2666:
URL: https://github.com/apache/hive/pull/2666#issuecomment-949758430


   Fix has been pushed to master. Please close this out.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


Issue Time Tracking
-------------------

    Worklog Id:     (was: 669012)
    Time Spent: 20m  (was: 10m)

> ALTER VIEW AS SELECT statement should create authorizable events in HiveServer2
> -------------------------------------------------------------------------------
>
>                 Key: HIVE-25547
>                 URL: https://issues.apache.org/jira/browse/HIVE-25547
>             Project: Hive
>          Issue Type: Bug
>    Affects Versions: 4.0.0
>            Reporter: Sai Hemanth Gantasala
>            Assignee: Sai Hemanth Gantasala
>            Priority: Major
>              Labels: pull-request-available
>             Fix For: 4.0.0
>
>          Time Spent: 20m
>  Remaining Estimate: 0h
>
> Consider the scenario:
> {code:java}
> -- A privileged user is doing the following actions.
> Create table foo_tbl(i int);
> Create table foo_bar(name string);
> Create view foo_view as select * from foo_tbl;
> -- An unprivileged user can do the following operation, when he/she has select privileges on foo_bar table but he/she doesn't have any privileges on foo_tbl or foo_view.
> alter view foo_view as select * from foo_bar;{code}
> An unauthorized user shouldn't be able to alter the view schema when he/she doesn't have any privileges on that view.
>  
>  
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)