You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hive.apache.org by "Thejas M Nair (JIRA)" <ji...@apache.org> on 2013/12/04 04:35:35 UTC
[jira] [Updated] (HIVE-5940) SQL std auth - support new 'show
grant..' statements
[ https://issues.apache.org/jira/browse/HIVE-5940?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Thejas M Nair updated HIVE-5940:
--------------------------------
Description:
list of objects, privileges, and who granted the grantee rights on that object
a. When used by a user who does not participate in the SUPERUSER role, it can be
used in three ways
i. SHOW GRANTS; This will show all grants effective for the current user or
roles, whichever is currently determining the user’s privileges.
ii. SHOW GRANTS FOR role; This will show grants effective for a given
role. The user must participate in that role, otherwise permission will be
denied.
iii. SHOW GRANTS FOR user; where user is the username of the current
user. This will show grants effective for the user. Attempts to list grants
effective for other users will be denied.
b. When used by a user who does participate in the SUPERUSER role, it can be
used in three ways:
i. SHOW GRANTS; As in the previous section.
ii. SHOW GRANTS FOR role; This will show grants effective for a given
role. Any role, regardless of whether the current user participates in it,
can be shown.
iii. SHOW GRANTS FOR user; where user is a valid username. This will
show grants effective for that user. Any user, regardless of whether it is
the current user, can be shown
> SQL std auth - support new 'show grant..' statements
> ----------------------------------------------------
>
> Key: HIVE-5940
> URL: https://issues.apache.org/jira/browse/HIVE-5940
> Project: Hive
> Issue Type: Sub-task
> Components: Authorization
> Reporter: Thejas M Nair
> Original Estimate: 24h
> Remaining Estimate: 24h
>
> list of objects, privileges, and who granted the grantee rights on that object
> a. When used by a user who does not participate in the SUPERUSER role, it can be
> used in three ways
> i. SHOW GRANTS; This will show all grants effective for the current user or
> roles, whichever is currently determining the user’s privileges.
> ii. SHOW GRANTS FOR role; This will show grants effective for a given
> role. The user must participate in that role, otherwise permission will be
> denied.
> iii. SHOW GRANTS FOR user; where user is the username of the current
> user. This will show grants effective for the user. Attempts to list grants
> effective for other users will be denied.
> b. When used by a user who does participate in the SUPERUSER role, it can be
> used in three ways:
> i. SHOW GRANTS; As in the previous section.
> ii. SHOW GRANTS FOR role; This will show grants effective for a given
> role. Any role, regardless of whether the current user participates in it,
> can be shown.
> iii. SHOW GRANTS FOR user; where user is a valid username. This will
> show grants effective for that user. Any user, regardless of whether it is
> the current user, can be shown
--
This message was sent by Atlassian JIRA
(v6.1#6144)