Alexander Kolbasov created SENTRY-1543:
------------------------------------------
Summary: dropOrRenamePrivilegeForAllRoles() has confusing code
Key: SENTRY-1543
URL: https://issues.apache.org/jira/browse/SENTRY-1543
Project: Sentry
Issue Type: Improvement
Components: Sentry
Affects Versions: 1.8.0, sentry-ha-redesign
Reporter: Alexander Kolbasov
Priority: Minor
{code}
private void dropOrRenamePrivilegeForAllRoles(PersistenceManager pm,
TSentryPrivilege tPrivilege,
TSentryPrivilege newTPrivilege) throws SentryNoSuchObjectException,
SentryInvalidInputException {
HashSet<MSentryRole> roleSet = Sets.newHashSet();
List<MSentryPrivilege> mPrivileges = getMSentryPrivileges(tPrivilege, pm);
if (mPrivileges != null && !mPrivileges.isEmpty()) {
for (MSentryPrivilege mPrivilege : mPrivileges) {
roleSet.addAll(ImmutableSet.copyOf(mPrivilege.getRoles()));
}
}
MSentryPrivilege parent = getMSentryPrivilege(tPrivilege, pm);
...
}
{code}
Note that first we do getMSentryPrivileges(tPrivilege) and then
getMSentryPrivilege(tPrivilege). In the first case the list of multiple entries
is returned, in the second only a single element is returned.
The two calls construct query a bit differently - the getMSentryPrivilege()
unconditionally adds filters for all components.
So the intent here is rather confusing and it would be good to clarify in the
comments.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
