-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72647/
-----------------------------------------------------------
Review request for ranger and Madhan Neethiraj.
Bugs: RANGER-2896
https://issues.apache.org/jira/browse/RANGER-2896
Repository: ranger
Description
-------
show grant can not display grant_time, because RANGER-836 pruned the content of
policy download.
When using show grant, grant_time will always be 0.
```bash
+-----------+--------+------------+---------+-----------------+-----------------+------------+---------------+-------------+----------+
| database | table | partition | column | principal_name | principal_type
| privilege | grant_option | grant_time | grantor |
+-----------+--------+------------+---------+-----------------+-----------------+------------+---------------+-------------+----------+
| default | * | [] | [] | hadoop | USER
| ALTER | true | 0 | ranger |
| default | * | [] | [] | hadoop | USER
| CREATE | true | 0 | ranger |
| default | * | [] | [] | hadoop | USER
| DROP | true | 0 | ranger |
| default | * | [] | [] | hadoop | USER
| INDEX | true | 0 | ranger |
| default | * | [] | [] | hadoop | USER
| LOCK | true | 0 | ranger |
| default | * | [] | [] | hadoop | USER
| READ | true | 0 | ranger |
| default | * | [] | [] | hadoop | USER
| SELECT | true | 0 | ranger |
| default | * | [] | [] | hadoop | USER
| UPDATE | true | 0 | ranger |
| default | * | [] | [] | hadoop | USER
| WRITE | true | 0 | ranger |
+-----------+--------+------------+---------+-----------------+-----------------+------------+---------------+-------------+----------+
```
In RangerHiveAuthorizer.createHivePrivilegeInfo function, it gets creationDate
from policy.getCreateTime().
```java
if (accessTypes.contains(aclName.toLowerCase()) &&
(users.contains(hivePrincipal.getName()) ||
groups.contains(hivePrincipal.getName()))) {
creationDate = (policy.getCreateTime() == null) ? creationDate : (int)
(policy.getCreateTime().getTime()/1000);
delegateAdmin = (policyItem.getDelegateAdmin() == null) ? delegateAdmin :
policyItem.getDelegateAdmin().booleanValue();
}
```
Diffs
-----
security-admin/src/main/java/org/apache/ranger/common/RangerServicePoliciesCache.java
a09a35295
Diff: https://reviews.apache.org/r/72647/diff/1/
Testing
-------
show grant can display grant_time.
```bash
+-----------+--------+------------+---------+-----------------+-----------------+------------+---------------+----------------+----------+
| database | table | partition | column | principal_name | principal_type
| privilege | grant_option | grant_time | grantor |
+-----------+--------+------------+---------+-----------------+-----------------+------------+---------------+----------------+----------+
| default | * | [] | [] | hadoop | USER
| ALTER | true | 1594004452000 | ranger |
| default | * | [] | [] | hadoop | USER
| CREATE | true | 1594004452000 | ranger |
| default | * | [] | [] | hadoop | USER
| DROP | true | 1594004452000 | ranger |
| default | * | [] | [] | hadoop | USER
| INDEX | true | 1594004452000 | ranger |
| default | * | [] | [] | hadoop | USER
| LOCK | true | 1594004452000 | ranger |
| default | * | [] | [] | hadoop | USER
| READ | true | 1594004452000 | ranger |
| default | * | [] | [] | hadoop | USER
| SELECT | true | 1594004452000 | ranger |
| default | * | [] | [] | hadoop | USER
| UPDATE | true | 1594004452000 | ranger |
| default | * | [] | [] | hadoop | USER
| WRITE | true | 1594004452000 | ranger |
+-----------+--------+------------+---------+-----------------+-----------------+------------+---------------+----------------+----------+
```
Thanks,
Jiayi Liu
