You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ranger.apache.org by "Madhan Neethiraj (Jira)" <ji...@apache.org> on 2022/07/24 01:57:00 UTC

[jira] [Updated] (RANGER-3840) SHOW DATABASES command should list databases owned by the user

     [ https://issues.apache.org/jira/browse/RANGER-3840?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Madhan Neethiraj updated RANGER-3840:
-------------------------------------
    Attachment: RANGER-3840.patch

> SHOW DATABASES command should list databases owned by the user
> --------------------------------------------------------------
>
>                 Key: RANGER-3840
>                 URL: https://issues.apache.org/jira/browse/RANGER-3840
>             Project: Ranger
>          Issue Type: Bug
>          Components: plugins
>            Reporter: Madhan Neethiraj
>            Assignee: Madhan Neethiraj
>            Priority: Major
>             Fix For: 3.0.0
>
>         Attachments: RANGER-3840.patch
>
>
> SHOW DATABASES command returns only databases in which the user has some access i.e., it will exclude databases in which the user has no permission. However, Ranger Hive authorizer does not take into permissions given to database owner user while processing list of databases for SHOW DATABASES command.
> Consider the following usecase:
>  # User user1 is the owner for database db_user1
>  # User user2 is the owner for database db_user2
>  # For user1, databases list returned by SHOW DATABASES should include db_user1 - since default policies allow \{OWNER} user all permissions in the database
>  # Similarly, for user2, databases list returned by SHOW DATABASES command should include db_user2
> However, the databases list returned by SHOW DATABASES command does not include the database owned by the user - unless additional policies explicitly grant the user permissions in the database.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)