TRAFODION-3046: Privilege support for native HBase tables -- Grants and revokes against native HBase tables are enforced similar to hive -- Privilege checking added when creating and dropping native HBase tables -- Removing dependent Trafodion metadata when native HBase tables are dropped -- Added regression test (privs2/TEST146) -- Reorg - split PrivMgrComponents into 2 files: PrivMgrComponents and PrivMgrUserPrivs
An hbase table can be referenced using one of the following types: "_CELL_" - references cell data "_ROW_" - references row data "_MAP_" - references data defined by the mapped (external) table
Privileges are granted against each of these types, so if you: select * from hbase."_CELL_".hbase1; You must have the select privileges on this table For example: "grant select on hbase."_CELL_".hbase1 to user1"
Likewise for other hbase types, grants are required to gain accessibility grant select on hbase."_MAP_".hbase1 to user1 grant select on hbase."_ROW_".hbase1 to role1
[TRAFODION-2542] Grantor is not correct when granting privileges for a role When granting privileges and the authorization ID is not the current user but one of roles granted to the current user, then the "granted by" clause is required. In addition, the grantor of the privileges becomes the role specified in the grant statement instead of the current user.
Added a CQD ALLOW_WGO_FOR_ROLES that will return an error if the user tries to grant a privilege as a role.
Added error message (1194) when a component operation is not defined.
Added a check to not allow the WITH GRANT OPTION when granting privileges to public