-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58912/
-----------------------------------------------------------
Review request for ranger, Madhan Neethiraj and Selvamohan Neethiraj.
Bugs: RANGER-1553
https://issues.apache.org/jira/browse/RANGER-1553
Repository: ranger
Description
-------
If hive service is associated with a tag service then when a ‘show databases’ command
is authorized by Ranger, potentially, all tags associated with all hive entities are evaluated
to determine the authorization of the command. Consequently, the audit log record generated
for it will show, in the tags field, every tag provisioned for any hive entity in Ranger.
When a large number of tags are associated with hive entities the audit log is very cluttered
and does not convey meaningful information.
For this specific command, tags information in the generated audit log record is scrubbed.
Diffs
-----
hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuditHandler.java
9dea37a
Diff: https://reviews.apache.org/r/58912/diff/1/
Testing
-------
Tested with local VM
Thanks,
Abhay Kulkarni
|