Uploaded image for project: 'IMPALA'
  1. IMPALA
  2. IMPALA-12190

Renaming table will cause losing privileges for non-admin users

    XMLWordPrintableJSON

Details

    • ghx-label-12

    Description

      Let's say user 'a' gets some privileges on table 't'. When this table gets renamed (even by user 'a') then user 'a' loses its privileges on that table.

       

      Repro steps:

      1. Start impala with Ranger
      2. start impala-shell as admin (-u admin)
      3. create table tmp (i int, s string) stored as parquet;
      4. grant all on table tmp to user <username>;
      5. grant all on table tmp to user <username>;
      Query: show grant user <username> on table tmp
      +----------------+----------------+----------+-------+--------+-----+--------------+-------------+-----+-----------+--------------+-------------+
      | principal_type | principal_name | database | table | column | uri | storage_type | storage_uri | udf | privilege | grant_option | create_time |
      +----------------+----------------+----------+-------+--------+-----+--------------+-------------+-----+-----------+--------------+-------------+
      | USER           | <username>    | default  | tmp   | *      |     |              |             |     | all       | false        | NULL        |
      +----------------+----------------+----------+-------+--------+-----+--------------+-------------+-----+-----------+--------------+-------------+
      Fetched 1 row(s) in 0.01s 
      1.  alter table tmp rename to tmp_1234;
      2. show grant user <username> on table tmp_1234;
      Query: show grant user <username> on table tmp_1234
      Fetched 0 row(s) in 0.17s

      Attachments

        Activity

          People

            Unassigned Unassigned
            gaborkaszab Gabor Kaszab
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated: