[ 
https://issues.apache.org/jira/browse/HIVE-14157?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Pengcheng Xiong updated HIVE-14157:
-----------------------------------
    Attachment: DB2BP_Security_RCAC_0412.pdf

> deal with ACID operations (insert, update, delete)
> --------------------------------------------------
>
>                 Key: HIVE-14157
>                 URL: https://issues.apache.org/jira/browse/HIVE-14157
>             Project: Hive
>          Issue Type: Sub-task
>          Components: Security
>            Reporter: Pengcheng Xiong
>            Assignee: Pengcheng Xiong
>             Fix For: 2.1.0
>
>         Attachments: DB2BP_Security_RCAC_0412.pdf
>
>
> INSERT statement
> When you issue an INSERT statement against a table for which row-level access 
> control
> is activated, the rules specified in all the enabled row permissions defined 
> on that table
> determine whether the row can be inserted. To be inserted, the row must 
> conform to the
> enabled row permissions that are defined on the table. A conformant row is a 
> row that, if
> inserted, can be retrieved back by using a SELECT statement by the same user. 
> This
> behavior is identical to how an insert into a symmetric view works. In other 
> words, you
> cannot insert a row that you cannot select. 
> UPDATE statement
> When you issue an UPDATE statement against a table for which row-level access 
> control
> is activated, the rules specified in all the enabled row permissions that are 
> defined on that
> table determine whether the row can be updated. Enabled row permissions are 
> used as
> follows during UPDATE operations:
> 1. The enabled row permissions filter the set of rows to be updated. In other 
> words,
> you cannot update rows that you cannot select.
> 2. The updated rows (if any) must conform to the enabled row permissions. A
> conformant updated row is a row that can be retrieved back using a SELECT
> statement by the same user. This is identical to how an update of a symmetric
> view works. In other words, you cannot update a row such that you can no
> longer select that row.
> DELETE statement
> When a DELETE statement is issued against a table for which row-level access 
> control is
> activated, the rules specified in all the enabled row permissions that are 
> defined on that
> table determine which rows can be deleted. The enabled row permissions filter 
> the set of
> rows to be deleted. In other words, you cannot delete rows that you cannot 
> select.
> MERGE statement
> A MERGE statement can be thought of as both an INSERT and an UPDATE operation.
> The processing of a MERGE follows the processing of INSERT and UPDATE.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to