Uploaded image for project: 'Sentry (Retired)'
  1. Sentry (Retired)
  2. SENTRY-666

Grant assumes Table object when not passed both an object and a name

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Minor
    • Resolution: Unresolved
    • 1.4.0
    • None
    • None

    Description

      If you pass only one argument to the grant statement it assumes you are setting privileges for the table object.

      0: jdbc:hive2://ryan-p-2.ent.cloudera.com:100> grant all on server1 to role test;
      No rows affected (0.198 seconds)
      0: jdbc:hive2://ryan-p-2.ent.cloudera.com:100> show grant role test;
      --------------------------------------------------------------------------------------------------------------------

      database table partition column principal_name principal_type privilege grant_option grant_time grantor

      --------------------------------------------------------------------------------------------------------------------

      default test     test ROLE
      		false 1425774500157000
      /tmp       test ROLE
      		false 1425775719259000
      default ta     test ROLE
      		false 1425777721565000
      default server1     test ROLE
      		false 1421854212609000
      default testpatch     test ROLE select false 1425774558034000

      --------------------------------------------------------------------------------------------------------------------
      5 rows selected (0.217 seconds)

      I understand this was probably done for convenience but it can cause confusion for first-time users. At a quick glance it would appear as if I am granting all on server server1 to role test.

      Attachments

        Activity

          People

            Unassigned Unassigned
            Ryan P Ryan P
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated: