> On 八月 28, 2015, 1:47 a.m., Li Li wrote: > > sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryFilterDDLTask.java, > > line 79 > > <https://reviews.apache.org/r/37794/diff/4/?file=1055835#file1055835line79> > > > > As showColumns is public method in its parent class, it may have > > potential security problem when client directly call > > SentryFilterDDLTask.showColumns(..). Maybe it is better to just override > > showColumns like the one used in your first version?
The reason why I change this source code is I found all of show function in the DDLTask is private except showColumn. I don't want to override the only showColumn function. I will do some next jiras about show metadata such as "describe table" and "show tables". I want to keep code consistency. So I change it. Thanks for your comment. > On 八月 28, 2015, 1:47 a.m., Li Li wrote: > > sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryFilterDDLTask.java, > > line 107 > > <https://reviews.apache.org/r/37794/diff/4/?file=1055835#file1055835line107> > > > > Shall we use the same way in DDLTask.showColumns? > > if (dbName == null) { > > table = db.getTable(tableName); > > } else { > > table = db.getTable(dbName, tableName); > > } I am sorry. I can't found this part code: if (dbName == null) { table = db.getTable(tableName); } else { table = db.getTable(dbName, tableName); } - shen ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/37794/#review96815 ----------------------------------------------------------- On 八月 27, 2015, 8:21 a.m., shen guoquan wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/37794/ > ----------------------------------------------------------- > > (Updated 八月 27, 2015, 8:21 a.m.) > > > Review request for sentry, Colin Ma, Dapeng Sun, and Sravya Tirukkovalur. > > > Repository: sentry > > > Description > ------- > > grant select(s) on table test_tb to role test_role; > > show columns in test_tb; > > Error: Error while compiling statement: FAILED: SemanticException No valid > privileges > Required privileges for this query: > Server=server1->Db=test_db->Table=test_tb->action=insert;Server=server1->Db=test_db->Table=test_tb->action=select; > (state=42000,code=40000) > > It should show s column > > > Diffs > ----- > > > sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryFilterDDLTask.java > PRE-CREATION > > sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/HiveAuthzBindingHook.java > ddfb222 > > sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzPrivileges.java > 8cd82ef > > sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzPrivilegesMap.java > 0291b6c > > sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/SimpleFileProviderBackend.java > 526a0e0 > > sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestColumnEndToEnd.java > 159b9d9 > > Diff: https://reviews.apache.org/r/37794/diff/ > > > Testing > ------- > > Run local unit case > > > Thanks, > > shen guoquan > >
