----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/67134/#review203413 -----------------------------------------------------------
General question? Who is authorized to perform this operation? Is it just admin? Is it tested? sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java Lines 192-195 (patched) <https://reviews.apache.org/r/67134/#comment285619> createShowGrantTask is called only when ast.getType() is HiveParser.TOK_SHOW_GRANT. Do we need explicit check for this? sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java Line 192 (original), 201-213 (patched) <https://reviews.apache.org/r/67134/#comment285620> Why is it sepeate written in if else and not part of the switch statement below. sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java Lines 208 (patched) <https://reviews.apache.org/r/67134/#comment285623> why are you using PrincipalType.USER? sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java Line 302 (original), 327-331 (patched) <https://reviews.apache.org/r/67134/#comment285622> This change is to support show grant for database? Looks to me a unrelated change. You should either change the title OR submit in seperate jira. sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/DefaultSentryAccessController.java Lines 210 (patched) <https://reviews.apache.org/r/67134/#comment285624> Why do you need to pass principle here when you know that it is empty and when you doesn't expect it? sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/DefaultSentryAccessController.java Lines 299 (patched) <https://reviews.apache.org/r/67134/#comment285625> error message is wrong. sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java Line 1595 (original), 1595 (patched) <https://reviews.apache.org/r/67134/#comment285618> Looks to me as a unrelated change. Can you explain? - kalyan kumar kalvagadda On May 17, 2018, 4:46 a.m., Arjun Mishra wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/67134/ > ----------------------------------------------------------- > > (Updated May 17, 2018, 4:46 a.m.) > > > Review request for sentry, kalyan kumar kalvagadda, Na Li, Steve Moist, and > Sergio Pena. > > > Repository: sentry > > > Description > ------- > > Currently Sentry doesn't support Hive command to show privileges on > authorizables without mentioning any role or user name > > > Diffs > ----- > > > sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/hadoop/hive/ql/exec/SentryHivePrivilegeObjectDesc.java > 4fa4221b4 > > sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java > 23246c903 > > sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/DefaultSentryAccessController.java > fc2427cbf > > sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/binding/hive/TestSentryHiveAuthorizationTaskFactory.java > 2e3fd7f36 > > sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java > cafe2b597 > > sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestShowGrants.java > PRE-CREATION > > > Diff: https://reviews.apache.org/r/67134/diff/2/ > > > Testing > ------- > > $ mvn -f sentry-binding/pom.xml test > $ mvn -f sentry-provider/pom.xml test > > > Thanks, > > Arjun Mishra > >
