Uploaded image for project: 'IMPALA'
  1. IMPALA
  2. IMPALA-4315

USE <db> statement throws auth error if user only has column privileges

    XMLWordPrintableJSON

    Details

      Description

      From an admin account:

      USE test_db;
GRANT SELECT (col_name) ON TABLE foo TO ROLE `test-role`;

      If that's the only permission that role 'test-role' has, then any account that belongs to that role cannot run a "USE test_db" statement:

      USE test_db;
AuthorizationException: User 'testuser' does not have privileges to access: test_db.*

      The following statement works though:

      select col_name from test_db.foo;

      The problem is that checking for ANY privileges, when accessing a database during the analysis of a USE statement, does not seem to be taking column level privileges into account.

        Attachments

          Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. IMPALA-4951 Impala does not show database if the user only has column-level access

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved

            Activity

              People

              • Assignee:
                csringhofer Csaba Ringhofer
                Reporter:
                dtsirogiannis Dimitris Tsirogiannis
              • Votes:
                1 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: