Repository: incubator-sentry Updated Branches: refs/heads/master c7c52424f -> 4d6f63876
SENTRY-591: create table should have output privilege in DB scope (Reviewed by Prasad Mujumdar) Project: http://git-wip-us.apache.org/repos/asf/incubator-sentry/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-sentry/commit/4d6f6387 Tree: http://git-wip-us.apache.org/repos/asf/incubator-sentry/tree/4d6f6387 Diff: http://git-wip-us.apache.org/repos/asf/incubator-sentry/diff/4d6f6387 Branch: refs/heads/master Commit: 4d6f6387672f5ba6da3aa61cc7b0a71088b2b70b Parents: c7c5242 Author: Huang Xiaomeng <[email protected]> Authored: Thu Jan 29 15:26:24 2015 +0800 Committer: Huang Xiaomeng <[email protected]> Committed: Thu Jan 29 15:26:24 2015 +0800 ---------------------------------------------------------------------- .../apache/sentry/binding/hive/authz/HiveAuthzPrivilegesMap.java | 2 +- .../org/apache/sentry/binding/hive/TestHiveAuthzBindings.java | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/4d6f6387/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzPrivilegesMap.java ---------------------------------------------------------------------- diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzPrivilegesMap.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzPrivilegesMap.java index e767ac8..cfa2ca9 100644 --- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzPrivilegesMap.java +++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzPrivilegesMap.java @@ -43,7 +43,7 @@ public class HiveAuthzPrivilegesMap { build(); HiveAuthzPrivileges tableCreatePrivilege = new HiveAuthzPrivileges.AuthzPrivilegeBuilder(). - addInputObjectPriviledge(AuthorizableType.Db, EnumSet.of(DBModelAction.CREATE)). + addOutputObjectPriviledge(AuthorizableType.Db, EnumSet.of(DBModelAction.CREATE)). addInputObjectPriviledge(AuthorizableType.URI, EnumSet.of(DBModelAction.ALL)).//TODO: make it optional setOperationScope(HiveOperationScope.DATABASE). setOperationType(HiveOperationType.DDL). http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/4d6f6387/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/binding/hive/TestHiveAuthzBindings.java ---------------------------------------------------------------------- diff --git a/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/binding/hive/TestHiveAuthzBindings.java b/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/binding/hive/TestHiveAuthzBindings.java index 7961e05..0622b43 100644 --- a/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/binding/hive/TestHiveAuthzBindings.java +++ b/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/binding/hive/TestHiveAuthzBindings.java @@ -163,7 +163,7 @@ public class TestHiveAuthzBindings { */ @Test public void testValidateCreateTabPrivilegesForAdmin() throws Exception { - inputTabHierarcyList.add(buildObjectHierarchy(SERVER1, CUSTOMER_DB, null)); + outputTabHierarcyList.add(buildObjectHierarchy(SERVER1, CUSTOMER_DB, null)); testAuth.authorize(HiveOperation.CREATETABLE, createTabPrivileges, ADMIN_SUBJECT, inputTabHierarcyList, outputTabHierarcyList); } @@ -173,7 +173,7 @@ public class TestHiveAuthzBindings { */ @Test public void testValidateCreateTabPrivilegesForUser() throws Exception { - inputTabHierarcyList.add(buildObjectHierarchy(SERVER1, JUNIOR_ANALYST_DB, null)); + outputTabHierarcyList.add(buildObjectHierarchy(SERVER1, JUNIOR_ANALYST_DB, null)); testAuth.authorize(HiveOperation.CREATETABLE, createTabPrivileges, MANAGER_SUBJECT, inputTabHierarcyList, outputTabHierarcyList); }
