-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/27846/
-----------------------------------------------------------
(Updated Nov. 21, 2014, 7:47 p.m.)
Review request for sentry.
Changes
-------
Finally, have a working version. Fixed some bugs in the cleanup thread loop,
and most importantly rewrote the way the cleanup thread finds objects into a
two-step process: first find candidate privilege objects that might be
unassociated with a role, and then get those objects via DN, verify they have
no roles, and delete them.
Bugs: SENTRY-140
https://issues.apache.org/jira/browse/SENTRY-140
Repository: sentry
Description
-------
Due to the M-to-N relationship of roles to privileges, when a role is removed
from a privilege (or vice versa) that privilege is not deleted from the
database.
This fix introduces a thread that periodically (currently, once every 10 times
a role and a privilege are disassociated) runs a SQL query that searches for
all orphaned privileges and deletes them.
Diffs (updated)
-----
sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
3615661
sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java
03ed378
sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
70917b7
Diff: https://reviews.apache.org/r/27846/diff/
Testing
-------
Wrote a test case; local testing.
Thanks,
Mike Yoder
