[jira] [Updated] (HIVE-28022) Authorization fails for nested view + with clause + union all

Tue, 23 Jan 2024 09:27:05 -0800 


     [ 
https://issues.apache.org/jira/browse/HIVE-28022?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Taraka Rama Rao Lethavadla updated HIVE-28022:
----------------------------------------------
    Summary: Authorization fails for nested view + with clause +  union all   
(was: Authorization fails for nested view with a union all )

> Authorization fails for nested view + with clause +  union all 
> ---------------------------------------------------------------
>
>                 Key: HIVE-28022
>                 URL: https://issues.apache.org/jira/browse/HIVE-28022
>             Project: Hive
>          Issue Type: Bug
>          Components: Hive
>            Reporter: Taraka Rama Rao Lethavadla
>            Priority: Major
>
> Test Case:
> set 
> hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
> {noformat}
> create database table_db;
> create database view_db_outer;
> create database view_db_inner;
> create database view_db_inner_inner;{noformat}
> {noformat}
> create table table_db.test_tbl(col1 string);
> create view view_db_outer.outer_view1 as select col1 from table_db.test_tbl;
> create view view_db_outer.outer_view2 as select col1 from table_db.test_tbl;
> create view view_db_inner.inner_view as with wct as (select ov1.col1 from 
> view_db_outer.outer_view1 ov1 union all select ov2.col1 from 
> view_db_outer.outer_view2 ov2) select * from wct;
> create view view_db_inner_inner.inner_inner_view as select * from 
> view_db_inner.inner_view;{noformat}
> Enable authorization
> {code:java}
> set hive.security.authorization.enabled=true; {code}
> Grant permissions to the final view
> {code:java}
> grant select on table view_db_inner_inner.inner_inner_view to user 
> hive_test_user;{code}
>  select * from view_db_inner_inner.inner_inner_view; --Fails with exception 
> unauthorized
> {noformat}
> ql.Driver: Authorization failed:No privilege 'Select' found for inputs { 
> database:view_db_outer, table:outer_view1, columnName:col1}. Use SHOW GRANT 
> to get more details.{noformat}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to