----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/22550/#review46165 -----------------------------------------------------------
It looks good Prasad !! You might want to rebase with head though.. SENTRY-281 handles the case where if there already exists a ALL privilege for a Table, a SELECT/INSERT will be ignored.. Interested to see how your testcase functions (especially the Overlapped privilege one) once you rebase... Thanks !! sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java <https://reviews.apache.org/r/22550/#comment81412> nit : I think we should use the safeLowerTrim() static method sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java <https://reviews.apache.org/r/22550/#comment81414> Aah.. looks like you are doing a toUpper(). I seem to remember a case where this was needed.. But I think we shouldn't be doing this.. since we are doing a toLower before storing it. Maybe unrelated to this patch.. but we should clean this up and make it consistent sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java <https://reviews.apache.org/r/22550/#comment81417> You might have to do this for Db also.. once SENTRY-303 is committed sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java <https://reviews.apache.org/r/22550/#comment81415> Same as above - Arun Suresh On June 16, 2014, 1:34 a.m., Prasad Mujumdar wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/22550/ > ----------------------------------------------------------- > > (Updated June 16, 2014, 1:34 a.m.) > > > Review request for sentry, Arun Suresh and Sravya Tirukkovalur. > > > Bugs: SENTRY-162 > https://issues.apache.org/jira/browse/SENTRY-162 > > > Repository: sentry > > > Description > ------- > > Sentry store supports a new method to drop the privileges and role mapping > for given Authorizable object. > The new API is exposed over thrift and implemented in sentry service and > client > Metastore post even hook call this API to remove the privileges related to > object being dropped > > > Diffs > ----- > > > sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/conf/HiveAuthzConf.java > c126743 > > sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/SentryMetastorePostEventListener.java > PRE-CREATION > > sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryPrivilege.java > 6679193 > > sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java > 91669d6 > > sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java > 9e2c200 > > sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java > 097056b > > sentry-provider/sentry-provider-db/src/main/resources/sentry_policy_service.thrift > 86ff221 > > sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java > 35ba83a > > sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegeCleanupOnDrop.java > PRE-CREATION > > sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/AbstractTestWithStaticConfiguration.java > fd969a6 > > sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestExportImportPrivileges.java > b6c985e > > sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/hiveserver/HiveServerFactory.java > 0165806 > > Diff: https://reviews.apache.org/r/22550/diff/ > > > Testing > ------- > > Added unit tests and E2E tests. > > > Thanks, > > Prasad Mujumdar > >
