[
https://issues.apache.org/jira/browse/SENTRY-750?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
guoquan updated SENTRY-750:
---------------------------
Description: When the user1 is the owner of job1, the user1 can delete
job1. The Sqoop Server receives the user1's request for deleting job1. It will
check the job1's owner, if the owner equals user1, the Sqoop server will not do
the authorizaiton check. When the repository delete the job1, the Sqoop server
will send a request to Sentry service for removing the privileges related the
job1. The Sqoop Server should send the server principal as the requestor to
Sentry Service not the user1.
> Use the Sqoop Server principal as the requester when removing the Sqoop
> resource
> --------------------------------------------------------------------------------
>
> Key: SENTRY-750
> URL: https://issues.apache.org/jira/browse/SENTRY-750
> Project: Sentry
> Issue Type: Bug
> Affects Versions: 1.6.0
> Reporter: guoquan
> Assignee: guoquan
>
> When the user1 is the owner of job1, the user1 can delete job1. The Sqoop
> Server receives the user1's request for deleting job1. It will check the
> job1's owner, if the owner equals user1, the Sqoop server will not do the
> authorizaiton check. When the repository delete the job1, the Sqoop server
> will send a request to Sentry service for removing the privileges related the
> job1. The Sqoop Server should send the server principal as the requestor to
> Sentry Service not the user1.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
