> On June 19, 2018, 6:47 p.m., Arjun Mishra wrote: > > sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java > > Lines 797 (patched) > > <https://reviews.apache.org/r/67648/diff/1/?file=2042383#file2042383line797> > > > > Why should we create a user if it doesn't exist?
when a user privilege is granted to a user which does not have any privileges, sentry might not have user information. It should be created. > On June 19, 2018, 6:47 p.m., Arjun Mishra wrote: > > sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java > > Lines 2719 (patched) > > <https://reviews.apache.org/r/67648/diff/1/?file=2042383#file2042383line2720> > > > > Is this also going to remove the roles from the database when all > > privileges from that role are revoked? Removing a user when there are no privileges granted to it is an existing behavior.I'm not changing that. Similar logic should not be added for roles as roles are explicitly created by admintrator they should be removed when an explcitly removed by administrator. in short, no - kalyan kumar ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/67648/#review205012 ----------------------------------------------------------- On June 19, 2018, 10:22 p.m., kalyan kumar kalvagadda wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/67648/ > ----------------------------------------------------------- > > (Updated June 19, 2018, 10:22 p.m.) > > > Review request for sentry, Arjun Mishra, Na Li, and Sergio Pena. > > > Bugs: SENTRY-2251 > https://issues.apache.org/jira/browse/SENTRY-2251 > > > Repository: sentry > > > Description > ------- > > User privileges granted to user on tables/databases should be removed when > the authorizable is dropped. > User privileges granted to user on tables/databases should be updated when > the authorizable are renamed. > > > Diffs > ----- > > > sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java > f0e373a9aa5342d1b507e8b192cfdbc444242227 > > sentry-service/sentry-service-server/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java > c056446262ddcf61db307eafbb785eac42973c80 > > > Diff: https://reviews.apache.org/r/67648/diff/2/ > > > Testing > ------- > > Made sure all the existing tests pass. Also updated tests to cover new use > cases added by this patch. > > > Thanks, > > kalyan kumar kalvagadda > >
