-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/20251/
-----------------------------------------------------------
Review request for sentry, Brock Noland and Sravya Tirukkovalur.
Bugs: SENTRY-152
https://issues.apache.org/jira/browse/SENTRY-152
Repository: sentry
Description
-------
When Hive compiler parses a query with view, it includes both view and the base
tables as the input entities. The table entities added for view have reference
to view as parent object. Sentry uses this to filter out such tables from
authorization check.
In case of partitioned tables, Hive includes the partition input entity for
partitions accessed in the query. Sentry extracts the underlying tables. Now
for the case of view defined on partition table, we get partition entities with
view as parent reference. Just like tables, these partitions should also be
skipped since they are added for the base table.
The patch is just extending this filtering logic to include partitions as well.
Diffs
-----
sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/HiveAuthzBindingHook.java
8e5cf4e
sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestViewPrivileges.java
PRE-CREATION
Diff: https://reviews.apache.org/r/20251/diff/
Testing
-------
Added new test case for queries on view with partition tables. The tests fail
without the patch and passes with the patch.
Thanks,
Prasad Mujumdar
