Uploaded image for project: 'IMPALA'
  1. IMPALA
  2. IMPALA-4315

USE <db> statement throws auth error if user only has column privileges

    Details

      Description

      From an admin account:

      USE test_db;
      GRANT SELECT (col_name) ON TABLE foo TO ROLE `test-role`;
      

      If that's the only permission that role 'test-role' has, then any account that belongs to that role cannot run a "USE test_db" statement:

      USE test_db;
      AuthorizationException: User 'testuser' does not have privileges to access: test_db.*
      

      The following statement works though:

      select col_name from test_db.foo;
      

      The problem is that checking for ANY privileges, when accessing a database during the analysis of a USE statement, does not seem to be taking column level privileges into account.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                csringhofer Csaba Ringhofer
                Reporter:
                dtsirogiannis Dimitris Tsirogiannis
              • Votes:
                1 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: