Passing username for impersonation #334
Conversation
|
Can you add a test for this feature? Maybe you can use the effective_user() builtin function to make sure that it had the intended effect. |
|
Do you mean kind of: |
|
Something along those lines, yeah. I think the second part of that test is the most important. Mainly to prove that the 'effective_user' value gets plumbed all the way through to Impala correctly. |
| @@ -41,7 +41,7 @@ def connect(host='localhost', port=21050, database=None, timeout=None, | |||
| use_ssl=False, ca_cert=None, auth_mechanism='NOSASL', user=None, | |||
| password=None, kerberos_service_name='impala', use_ldap=None, | |||
| ldap_user=None, ldap_password=None, use_kerberos=None, | |||
| protocol=None): | |||
| protocol=None,username=None): | |||
There was a problem hiding this comment.
nit: space after comma to be consistent with surrounding code and PEP8
| log.debug('HiveServer2Connection(service=%s, default_db=%s)', service, | ||
| default_db) | ||
| self.service = service | ||
| self.default_db = default_db | ||
| self.impersonate=impersonate |
There was a problem hiding this comment.
nit: spaces around = to be consistent with surrounding code and PEP8
| @@ -122,6 +124,12 @@ def cursor(self, user=None, configuration=None, convert_types=True, | |||
|
|
|||
| log.debug('.cursor(): getting new session_handle') | |||
|
|
|||
| if self.impersonate != None: | |||
There was a problem hiding this comment.
Should be "is not None" - see https://docs.quantifiedcode.com/python-anti-patterns/readability/comparison_to_none.html
|
#281 indicates that impersonation works on a per-cursor basis. Therefore can this PR be closed? I think it will be confusing to support impersonation in multiple places and this could lead to unintentional security issues where connections are re-used. |
|
Not needed |
No description provided.