[
https://issues.apache.org/jira/browse/SENTRY-591?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14289658#comment-14289658
]
Prasad Mujumdar commented on SENTRY-591:
----------------------------------------
+1
Looks fine to me.
> create table should have output privilege in DB scope
> -----------------------------------------------------
>
> Key: SENTRY-591
> URL: https://issues.apache.org/jira/browse/SENTRY-591
> Project: Sentry
> Issue Type: Bug
> Reporter: Xiaomeng Huang
> Assignee: Xiaomeng Huang
> Attachments: SENTRY-591.001.patch
>
>
> Currently Create Table in sentry need input permission in DB like below:
> {code}
> HiveAuthzPrivileges tableCreatePrivilege = new
> HiveAuthzPrivileges.AuthzPrivilegeBuilder().
> addInputObjectPriviledge(AuthorizableType.Db,
> EnumSet.of(DBModelAction.CREATE)).
> addInputObjectPriviledge(AuthorizableType.URI,
> EnumSet.of(DBModelAction.ALL)).//TODO: make it optional
> setOperationScope(HiveOperationScope.DATABASE).
> setOperationType(HiveOperationType.DDL).
> build();
> {code}
> But when we execute "create table", we can get entities from WriteEntity, and
> get nothing from ReadEntity, so we should change input to output for
> "CreateTable".
> This jira also blocks V2 feature, in V2, I just get enities from
> ReadEnity/WriteEnity.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
