[
https://issues.apache.org/jira/browse/IMPALA-8385?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16815685#comment-16815685
]
ASF subversion and git services commented on IMPALA-8385:
---------------------------------------------------------
Commit 284a9814aad89877fe6b80456c628cdaaa286b24 in impala's branch
refs/heads/master from Fredy Wijaya
[ https://gitbox.apache.org/repos/asf?p=impala.git;h=284a981 ]
IMPALA-8385: Refactor Sentry admin user check
This patch moves the hardcoded Sentry admin user check from the generic
"show roles" and "show grant" catalog operations to Sentry authorization
plugin, i.e. SentryImpaladAuthorizationManager. This patch also removes
isAdmin() from AuthorizationManager interface.
Testing:
- Added a new authorization E2E test to test for Sentry admin check
- Ran all FE tests
- Ran all authorization E2E tests
Change-Id: I911228b09af7eed5d5dc002b20591ef64dc625d3
Reviewed-on: http://gerrit.cloudera.org:8080/12963
Reviewed-by: Impala Public Jenkins <[email protected]>
Tested-by: Impala Public Jenkins <[email protected]>
> Refactor Sentry admin user check
> --------------------------------
>
> Key: IMPALA-8385
> URL: https://issues.apache.org/jira/browse/IMPALA-8385
> Project: IMPALA
> Issue Type: Sub-task
> Components: Catalog, Frontend
> Reporter: Fredy Wijaya
> Assignee: Fredy Wijaya
> Priority: Critical
> Fix For: Impala 3.3.0
>
>
> Currently Sentry admin check is hardcoded, for example:
> https://github.com/apache/impala/blob/5670f96b828d57f9e36510bb9af02bcc31de775c/be/src/service/client-request-state.cc#L366
> This check needs to be moved out to SentryAuthorizationManager instead.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
