Uploaded image for project: 'Hive'
  1. Hive
  2. HIVE-11901

StorageBasedAuthorizationProvider requires write permission on table for SELECT statements

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.2.1
    • Fix Version/s: 1.3.0, 2.0.0
    • Component/s: Authorization
    • Labels:
      None

      Description

      With HIVE-7895, it will require write permission on the table directory even for a SELECT statement.

      Looking at the stacktrace, it seems the method StorageBasedAuthorizationProvider#authorize(Table table, Partition part, Privilege[] readRequiredPriv, Privilege[] writeRequiredPriv) always treats a null partition as a CREATE statement, which can also be a SELECT.

      We may have to check readRequiredPriv and writeRequiredPriv first in order to tell which statement it is.

        Attachments

        1. HIVE-11901.01.patch
          2 kB
          Chengbing Liu
        2. HIVE-11901.02.patch
          4 kB
          Chengbing Liu
        3. HIVE-11901.03.patch
          5 kB
          Chengbing Liu

          Activity

            People

            • Assignee:
              chengbing.liu Chengbing Liu
              Reporter:
              chengbing.liu Chengbing Liu
            • Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: