Uploaded image for project: 'Hive'
  1. Hive
  2. HIVE-5837 SQL standard based secure authorization for hive
  3. HIVE-5954

SQL std auth - get_privilege_set should check role hierarchy

    XMLWordPrintableJSON

Details

    • Sub-task
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 0.13.0
    • Authorization
    • None

    Description

      A role can belong to another role. But get_privilege_set in hive metastore api checks only the privileges of the immediate roles a user belongs to.

      Attachments

        1. HIVE-5954.3.patch
          24 kB
          Thejas Nair
        2. HIVE-5954.2.patch
          24 kB
          Thejas Nair
        3. HIVE-5954.1.patch
          21 kB
          Thejas Nair

        Issue Links

          duplicates

          Bug - A problem which impairs or prevents the functions of the product. HIVE-6203 Privileges of role granted indrectily to user is not applied

          • Major - Major loss of function.
          • Resolved
          is related to

          Bug - A problem which impairs or prevents the functions of the product. HIVE-6203 Privileges of role granted indrectily to user is not applied

          • Major - Major loss of function.
          • Resolved

          Improvement - An improvement or enhancement to an existing feature or task. HIVE-6494 support list_roles metastore api that returns all the roles in hierarchy

          • Major - Major loss of function.
          • Open
          links to

          Web Link review board

          Activity

            People

              Unassigned Unassigned
              thejas Thejas Nair
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - 24h
                  24h
                  Remaining:
                  Remaining Estimate - 24h
                  24h
                  Logged:
                  Time Spent - Not Specified
                  Not Specified