[SENTRY-2152] Only Admin can set dbproperty 'owner.privileges' - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Sub-task
Status: Closed
Priority: Major
Resolution: Won't Fix
Affects Version/s: 2.1.0
Fix Version/s: 2.1.0
Component/s: Sentry
Labels:
None

Description

Right now, anyone can set database property. We should add authorization when setting dbproperty 'owner.privileges' from hive, so only admin can do it.
The allowed values are: none, all, all with grant

For example, when a non-admin user issues command

alter database db1 set dbproperty('owner.privileges'='all with grant')

The command should fail and the error message indicating the user does not have right to set this value.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Na Li

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 06/Mar/18 21:48

Updated:: 04/May/18 20:24

Resolved:: 04/May/18 20:23