[
https://issues.apache.org/jira/browse/SENTRY-552?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14231052#comment-14231052
]
Hadoop QA commented on SENTRY-552:
----------------------------------
Here are the results of testing the latest attachment
https://issues.apache.org/jira/secure/attachment/12684559/SENTRY-552.004.patch
against master.
{color:green}Overall:{color} +1 all checks pass
{color:green}SUCCESS:{color} all tests passed
Console output: https://builds.apache.org/job/PreCommit-SENTRY-Build/111/console
This message is automatically generated.
> Downgrading privileges does not always work for column-level privileges
> -----------------------------------------------------------------------
>
> Key: SENTRY-552
> URL: https://issues.apache.org/jira/browse/SENTRY-552
> Project: Sentry
> Issue Type: Bug
> Affects Versions: 1.5.0
> Reporter: Lenni Kuff
> Assignee: Dapeng Sun
> Fix For: 1.5.0
>
> Attachments: SENTRY-552.002.patch, SENTRY-552.003.patch,
> SENTRY-552.004.patch, SENTRY-552.patch
>
>
> The following doesn't work properly:
> grant all on col1
> grant all on col2
> revoke select on col2
> -- at this point, will have ALL on col1, INSERT on col2
> revoke INSERT from table <--- Does not do the proper thing.
> The expectation is that revoking INSERT from the table would remove INSERT
> privilege on col2 and also downgrade the ALL privilege on col1 to SELECT.
> Instead the privilege on col1 stays in-tact.
> Note that this was exposed as part of the fix for SENTRY-543. Prior to that
> the REVOKE would incorrectly remove both privileges.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
