Uploaded image for project: 'IMPALA'
  1. IMPALA
  2. IMPALA-4315

USE <db> statement throws auth error if user only has column privileges

    XMLWordPrintableJSON

Details

    Description

      From an admin account:

      USE test_db;
GRANT SELECT (col_name) ON TABLE foo TO ROLE `test-role`;

      If that's the only permission that role 'test-role' has, then any account that belongs to that role cannot run a "USE test_db" statement:

      USE test_db;
AuthorizationException: User 'testuser' does not have privileges to access: test_db.*

      The following statement works though:

      select col_name from test_db.foo;

      The problem is that checking for ANY privileges, when accessing a database during the analysis of a USE statement, does not seem to be taking column level privileges into account.

      Attachments

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. IMPALA-4951 Impala does not show database if the user only has column-level access

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved

          Activity

            People

              csringhofer Csaba Ringhofer
              dtsirogiannis Dimitris Tsirogiannis
              Votes:
              1 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: