GitHub user robertamarton opened a pull request:
https://github.com/apache/trafodion/pull/1568
TRAFODION-1573: Additional GET commands for privileges
TRAFODION-3074: Failed to register/unregister user when security disabled
TRAFODION-1573 changes:
- Added support for the following commands:
get privileges on <object>
<object>: [LIBRARY | PROCEDURE | FUNCTION | TABLE_MAPPING FUNCTION | SEQUENCE]
- Added support for the FOR CLAUSE on all supported objects
Removed the need to specify keyword 'USER" before username. If USER is
included, then it is ignored.
get privileges on <object> FOR [USER] <user or role name>
<objects>: [TABLES, VIEWS, LIBRARIES, PROCEDURES, FUNCTIONS,
TABLE_MAPPING FUNCTIONS, SEQUENCES]
- The following get command can only be run by DB__ROOT or a user that has been
granted the DB__ROOTROLE or DB__HIVEROLE role
get <objects> in schema hive.xx.xx;
<objects>: [TABLES, OBJECTS, VIEWS]
- The following get command can only be run by DB__ROOT or a user that has been
granted the DB__ROOTROLE or DB__HBASEROLE role
get external hbase objects;
- The following get commands retrieve privilege details from Trafodion metadata;
users can only see objects where they have been granted at least one privilege
get hive registered tables in catalog trafodion;
get hbase registered tables in catalog trafodion;
- get privileges commands now return owner's privileges in output
- Cleaned up code in the parser.
TRAFODION-3074 changes
- register user - fixed query to find next available authID
- unregister user - added checks to not read privilege metadata if authorization
is not enabled
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/robertamarton/incubator-trafodion get-stmts
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/trafodion/pull/1568.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #1568
----
commit 88e2a742b019dd8d22c22c79d1b64048395cfdb1
Author: Roberta Marton <roberta.marton@...>
Date: 2018-05-18T16:45:06Z
TRAFODION-1573: Additional GET commands for privileges
TRAFODION-3074: Failed to register/unregister user when security disabled
TRAFODION-1573 changes:
- Added support for the following commands:
get privileges on <object>
<object>: [LIBRARY | PROCEDURE | FUNCTION | TABLE_MAPPING FUNCTION | SEQUENCE]
- Added support for the FOR CLAUSE on all supported objects
Removed the need to specify keyword 'USER" before username. If USER is
included, then it is ignored.
get privileges on <object> FOR [USER] <user or role name>
<objects>: [TABLES, VIEWS, LIBRARIES, PROCEDURES, FUNCTIONS,
TABLE_MAPPING FUNCTIONS, SEQUENCES]
- The following get command can only be run by DB__ROOT or a user that has been
granted the DB__ROOTROLE or DB__HIVEROLE role
get <objects> in schema hive.xx.xx;
<objects>: [TABLES, OBJECTS, VIEWS]
- The following get command can only be run by DB__ROOT or a user that has been
granted the DB__ROOTROLE or DB__HBASEROLE role
get external hbase objects;
- The following get commands retrieve privilege details from Trafodion metadata;
users can only see objects where they have been granted at least one privilege
get hive registered tables in catalog trafodion;
get hbase registered tables in catalog trafodion;
- get privileges commands now return owner's privileges in output
- Cleaned up code in the parser.
TRAFODION-3074 changes
- register user - fixed query to find next available authID
- unregister user - added checks to not read privilege metadata if authorization
is not enabled
----
---
|