Details
-
Sub-task
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
-
None
Description
Specifically, I think we have to implement
- SHOW ROLES
- SHOW GRANT ROLE xxx ON [SERVER, DATABASE, TABLE, URI] xxx
- SHOW ROLE GRANT GROUP xxxx.
The following is the output of testing hive with these commands
> CREATE ROLE r1; > GRANT ROLE r1 to GROUP staff; > GRANT ALL ON DATABASE default TO ROLE r1; > SHOW GRANT ROLE r1 ON DATABASE default; default r1 ROLE All false 1395109913000 noland > CREATE TABLE t1 (c1 string) > GRANT ALL ON TABLE t1 TO ROLE r1; > SHOW GRANT ROLE r1 ON TABLE t1; default t1 r1 ROLE All false 1395110129000 noland appendNonNull(builder, resource.getDbName(), true); appendNonNull(builder, resource.getObjectName()); appendNonNull(builder, resource.getPartValues()); appendNonNull(builder, resource.getColumnName()); appendNonNull(builder, privilege.getPrincipalName()); appendNonNull(builder, privilege.getPrincipalType()); appendNonNull(builder, grantInfo.getPrivilege()); appendNonNull(builder, grantInfo.isGrantOption()); appendNonNull(builder, testMode ? -1 : grantInfo.getCreateTime() * 1000L); appendNonNull(builder, grantInfo.getGrantor()); > SHOW ROLE GRANT GROUP staff; r1 1395109787000 staff GROUP false 1395109830000 noland appendNonNull(builder, role.getRoleName(), true); appendNonNull(builder, testMode ? -1 : role.getCreateTime() * 1000L); appendNonNull(builder, role.getPrincipalName()); appendNonNull(builder, role.getPrincipalType()); appendNonNull(builder, role.isGrantOption()); appendNonNull(builder, testMode ? -1 : role.getGrantTime() * 1000L); appendNonNull(builder, role.getGrantor()); > SHOW ROLES; r1 for (String roleName : roleNames) { outStream.writeBytes(roleName); outStream.write(terminator); >SHOW CURRENT ROLES; list of roles current set from SET ROLE statement + List<HiveRole> currentRoles = authorizer.getCurrentRoles(); + List<String> roleNames = new ArrayList<String>(currentRoles.size()); + for (HiveRole role : currentRoles) { + roleNames.add(role.getRoleName()); + } + writeListToF
Attachments
Attachments
Issue Links
- depends upon
-
SENTRY-184 Add Sentry service APIs to query roles and privileges
- Resolved
- incorporates
-
SENTRY-165 Implement createShowRolesTask() in SentryHiveAuthorizationTaskFactoryImpl
- Resolved
-
SENTRY-184 Add Sentry service APIs to query roles and privileges
- Resolved
- relates to
-
SENTRY-215 SHOW GRANT ROLE xxx ON [SERVER, DATABASE, TABLE, URI] xxx
- Resolved
-
SENTRY-216 Support SHOW CURRENT ROLES
- Resolved
- links to
(1 links to)