[jira] [Commented] (HIVE-16497) FileUtils. isActionPermittedForFileHierarchy, isOwnerOfFileHierarchy file system operations should be impersonated

Fri, 21 Apr 2017 02:09:28 -0700 

    [ 
https://issues.apache.org/jira/browse/HIVE-16497?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15978355#comment-15978355
 ] 

ASF GitHub Bot commented on HIVE-16497:
---------------------------------------

GitHub user thejasmn opened a pull request:

    https://github.com/apache/hive/pull/171

    HIVE-16497 : FileUtils. isActionPermittedForFileHierarchy, isOwnerOfF…

    …ileHierarchy file system operations should be impersonated

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/thejasmn/hive HIVE-16497

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/hive/pull/171.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #171
    
----
commit e1d0953b99203e76e4e42f673e82d8bf59baed3b
Author: Thejas M Nair <the...@hortonworks.com>
Date:   2017-04-21T09:07:31Z

    HIVE-16497 : FileUtils. isActionPermittedForFileHierarchy, 
isOwnerOfFileHierarchy file system operations should be impersonated

----


> FileUtils. isActionPermittedForFileHierarchy, isOwnerOfFileHierarchy file 
> system operations should be impersonated
> ------------------------------------------------------------------------------------------------------------------
>
>                 Key: HIVE-16497
>                 URL: https://issues.apache.org/jira/browse/HIVE-16497
>             Project: Hive
>          Issue Type: Bug
>          Components: Authorization
>            Reporter: Thejas M Nair
>            Assignee: Thejas M Nair
>             Fix For: 3.0.0
>
>         Attachments: HIVE-16497.1.patch
>
>
> FileUtils.isActionPermittedForFileHierarchy checks if user has permissions 
> for given action. The checks are made by impersonating the user.
> However, the listing of child dirs are done as the hiveserver2 user. If the 
> hive user doesn't have permissions on the filesystem, it gives incorrect 
> error that the user doesn't have permissions to perform the action.
> Impersonating the end user for all file operations in that function is also 
> logically correct thing to do.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Reply via email to