Re: Review Request 26011: SENTRY-469: TListSentryPrivilegesByAuthRequest API should support impersonation

Wed, 24 Sep 2014 19:49:42 -0700 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/26011/#review54502
-----------------------------------------------------------

Ship it!



sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
<https://reviews.apache.org/r/26011/#comment94684>

    role is case insensitive, and we persist lower cased roles in db. Hence we 
need to do toLower here.


- Sravya Tirukkovalur


On Sept. 25, 2014, 1:36 a.m., Prasad Mujumdar wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/26011/
> -----------------------------------------------------------
> 
> (Updated Sept. 25, 2014, 1:36 a.m.)
> 
> 
> Review request for sentry, Lenni Kuff and Sravya Tirukkovalur.
> 
> 
> Bugs: SENTRY-469
>     https://issues.apache.org/jira/browse/SENTRY-469
> 
> 
> Repository: sentry
> 
> 
> Description
> -------
> 
> list_sentry_privileges_by_authorizable API should support impersonation 
> similar to other Sentry service RPCs.
> - Add requester username as required argument for the API
> - Verify the admin status of the requesting user
> - Validate that the requesting user is part of groups and the roles it's 
> trying to access
> 
> 
> Diffs
> -----
> 
>   
> sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java
>  0668912 
>   
> sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
>  e3cdfc2 
>   
> sentry-provider/sentry-provider-db/src/main/resources/sentry_policy_service.thrift
>  d8357aa 
>   
> sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceIntegration.java
>  38cb39b 
> 
> Diff: https://reviews.apache.org/r/26011/diff/
> 
> 
> Testing
> -------
> 
> Added test case to validated various options of the 
> list_sentry_privileges_by_authorizable() for non-admin user.
> 
> 
> Thanks,
> 
> Prasad Mujumdar
> 
>

Reply via email to