Details

    • Type: Sub-task Sub-task
    • Status: Open
    • Priority: Major Major
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Authorization
    • Labels:
      None

      Description

      SHOW GRANTS statement -
      It will give a list of objects, privileges, and who granted the grantee rights on that object

      • When used by a user who does not participate in the SUPERUSER role, it can be
        used in three ways
        • SHOW GRANTS; This will show all grants effective for the current user or
          roles, whichever is currently determining the user’s privileges.
        • SHOW GRANTS FOR role; This will show grants effective for a given
          role. The user must participate in that role, otherwise permission will be
          denied.
        • SHOW GRANTS FOR user; where user is the username of the current
          user. This will show grants effective for the user. Attempts to list grants
          effective for other users will be denied.
      • When used by a user who does participate in the SUPERUSER role, it can be
        used in three ways:
        • SHOW GRANTS; As in the previous section.
        • SHOW GRANTS FOR role; This will show grants effective for a given
          role. Any role, regardless of whether the current user participates in it,
          can be shown.
        • SHOW GRANTS FOR user; where user is a valid username. This will
          show grants effective for that user. Any user, regardless of whether it is
          the current user, can be shown

      Task includes authorization of the statement.

        Issue Links

          Activity

          Thejas M Nair made changes -
          Summary SQL std auth - support new 'show grant..' statements SQL std auth - support,authorize new 'show grant..' statements
          Thejas M Nair made changes -
          Link This issue is blocked by HIVE-5923 [ HIVE-5923 ]
          Thejas M Nair made changes -
          Original Estimate 24h [ 86400 ] 36h [ 129600 ]
          Remaining Estimate 24h [ 86400 ] 36h [ 129600 ]
          Thejas M Nair made changes -
          Description SHOW GRANTS statement -
          It will give a list of objects, privileges, and who granted the grantee rights on that object
          - When used by a user who does not participate in the SUPERUSER role, it can be
          used in three ways
          -- SHOW GRANTS; This will show all grants effective for the current user or
          roles, whichever is currently determining the user’s privileges.
          -- SHOW GRANTS FOR role; This will show grants effective for a given
          role. The user must participate in that role, otherwise permission will be
          denied.
          -- SHOW GRANTS FOR user; where user is the username of the current
          user. This will show grants effective for the user. Attempts to list grants
          effective for other users will be denied.
          - When used by a user who does participate in the SUPERUSER role, it can be
          used in three ways:
          -- SHOW GRANTS; As in the previous section.
          -- SHOW GRANTS FOR role; This will show grants effective for a given
          role. Any role, regardless of whether the current user participates in it,
          can be shown.
          -- SHOW GRANTS FOR user; where user is a valid username. This will
          show grants effective for that user. Any user, regardless of whether it is
          the current user, can be shown
          SHOW GRANTS statement -
          It will give a list of objects, privileges, and who granted the grantee rights on that object
          - When used by a user who does not participate in the SUPERUSER role, it can be
          used in three ways
          -- SHOW GRANTS; This will show all grants effective for the current user or
          roles, whichever is currently determining the user’s privileges.
          -- SHOW GRANTS FOR role; This will show grants effective for a given
          role. The user must participate in that role, otherwise permission will be
          denied.
          -- SHOW GRANTS FOR user; where user is the username of the current
          user. This will show grants effective for the user. Attempts to list grants
          effective for other users will be denied.
          - When used by a user who does participate in the SUPERUSER role, it can be
          used in three ways:
          -- SHOW GRANTS; As in the previous section.
          -- SHOW GRANTS FOR role; This will show grants effective for a given
          role. Any role, regardless of whether the current user participates in it,
          can be shown.
          -- SHOW GRANTS FOR user; where user is a valid username. This will
          show grants effective for that user. Any user, regardless of whether it is
          the current user, can be shown

          Task includes authorization of the statement.
          Thejas M Nair made changes -
          Description list of objects, privileges, and who granted the grantee rights on that object
          a. When used by a user who does not participate in the SUPERUSER role, it can be
          used in three ways
          i. SHOW GRANTS; This will show all grants effective for the current user or
          roles, whichever is currently determining the user’s privileges.
          ii. SHOW GRANTS FOR role; This will show grants effective for a given
          role. The user must participate in that role, otherwise permission will be
          denied.
          iii. SHOW GRANTS FOR user; where user is the username of the current
          user. This will show grants effective for the user. Attempts to list grants
          effective for other users will be denied.
          b. When used by a user who does participate in the SUPERUSER role, it can be
          used in three ways:
          i. SHOW GRANTS; As in the previous section.
          ii. SHOW GRANTS FOR role; This will show grants effective for a given
          role. Any role, regardless of whether the current user participates in it,
          can be shown.
          iii. SHOW GRANTS FOR user; where user is a valid username. This will
          show grants effective for that user. Any user, regardless of whether it is
          the current user, can be shown
          SHOW GRANTS statement -
          It will give a list of objects, privileges, and who granted the grantee rights on that object
          - When used by a user who does not participate in the SUPERUSER role, it can be
          used in three ways
          -- SHOW GRANTS; This will show all grants effective for the current user or
          roles, whichever is currently determining the user’s privileges.
          -- SHOW GRANTS FOR role; This will show grants effective for a given
          role. The user must participate in that role, otherwise permission will be
          denied.
          -- SHOW GRANTS FOR user; where user is the username of the current
          user. This will show grants effective for the user. Attempts to list grants
          effective for other users will be denied.
          - When used by a user who does participate in the SUPERUSER role, it can be
          used in three ways:
          -- SHOW GRANTS; As in the previous section.
          -- SHOW GRANTS FOR role; This will show grants effective for a given
          role. Any role, regardless of whether the current user participates in it,
          can be shown.
          -- SHOW GRANTS FOR user; where user is a valid username. This will
          show grants effective for that user. Any user, regardless of whether it is
          the current user, can be shown
          Thejas M Nair made changes -
          Description list of objects, privileges, and who granted the grantee rights on that object
          a. When used by a user who does not participate in the SUPERUSER role, it can be
          used in three ways
          i. SHOW GRANTS; This will show all grants effective for the current user or
          roles, whichever is currently determining the user’s privileges.
          ii. SHOW GRANTS FOR role; This will show grants effective for a given
          role. The user must participate in that role, otherwise permission will be
          denied.
          iii. SHOW GRANTS FOR user; where user is the username of the current
          user. This will show grants effective for the user. Attempts to list grants
          effective for other users will be denied.
          b. When used by a user who does participate in the SUPERUSER role, it can be
          used in three ways:
          i. SHOW GRANTS; As in the previous section.
          ii. SHOW GRANTS FOR role; This will show grants effective for a given
          role. Any role, regardless of whether the current user participates in it,
          can be shown.
          iii. SHOW GRANTS FOR user; where user is a valid username. This will
          show grants effective for that user. Any user, regardless of whether it is
          the current user, can be shown
          Thejas M Nair made changes -
          Link This issue is blocked by HIVE-5933 [ HIVE-5933 ]
          Thejas M Nair made changes -
          Field Original Value New Value
          Component/s Authorization [ 12317300 ]
          Thejas M Nair created issue -

            People

            • Assignee:
              Unassigned
              Reporter:
              Thejas M Nair
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:

                Time Tracking

                Estimated:
                Original Estimate - 36h
                36h
                Remaining:
                Remaining Estimate - 36h
                36h
                Logged:
                Time Spent - Not Specified
                Not Specified

                  Development