[RANGER-3142] Access control based on groups not working for presto plugin - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: 2.1.0
Fix Version/s: None
Component/s: plugins
Labels:
None
Environment:
ranger-2.1.0-presto-plugin.tar.gz
presto-server-347.tar.gz

Description

I'm using ranger-2.1.0 for access control in prestosql-347.

A policy with user list in 'allow conditions' works i.e. if I connect to presto with a user in the allowed list, my query returns the expected results.

But instead of users, if I use group in the policy and try accessing presto with a user belonging to that group, then I'm denied access.

%presto
show tables in default

Query failed (#20210106_032741_00000_dddsy): Access Denied: Cannot access catalog hive

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

image-2021-01-29-19-53-59-145.png
29/Jan/21 10:54
11 kB
sooyeon shin
image-2021-01-29-19-54-02-248.png
29/Jan/21 10:54
13 kB
sooyeon shin
image-2021-01-29-19-54-28-329.png
29/Jan/21 10:54
19 kB
sooyeon shin
image-2021-01-29-19-54-50-303.png
29/Jan/21 10:54
68 kB
sooyeon shin
image-2021-01-29-19-55-01-685.png
29/Jan/21 10:55
50 kB
sooyeon shin
image-2021-01-29-19-59-42-929.png
29/Jan/21 10:59
39 kB
sooyeon shin
image-2021-01-29-20-00-54-796.png
29/Jan/21 11:00
103 kB
sooyeon shin

Activity

People

Assignee:: Unassigned

Reporter:: Anchal Agarwal

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Dates

Created:: 06/Jan/21 04:15

Updated:: 14/Feb/22 09:33