Description
When a client opens a table, the master authorizes DML actions on it and returns a list of allowed actions to the client which is then forwarded to the tablet servers so that it doesn't have to talk to Ranger. This significantly reduces the number of requests to Ranger, but it messes with the audit logs, as it will show ALL, and if it's denied, then also SELECT, UPDATE, INSERT and DELETE for each open table request, even if the client is only doing one of these things. which can be confusing.