[
https://issues.apache.org/jira/browse/SENTRY-2143?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16373956#comment-16373956
]
Na Li commented on SENTRY-2143:
-------------------------------
[~akolb] I looked more into the code, in order for table rename to work with
HMS sync, hive meta store code has to change.
1) SentrySyncHMSNotificationsPostEventListener.syncNotificationEvents does not
do anything for {color:red}*alter table event*{color} because HiveMetaStore
does not set the notification ID in the event's parameter
{code}
private void syncNotificationEvents(ListenerEvent event, String eventName) {
// Do not sync notifications if the event has failed.
if (failedEvent(event, eventName)) {
return;
}
Map<String, String> eventParameters = event.getParameters();
if
(!eventParameters.containsKey(MetaStoreEventListenerConstants.DB_NOTIFICATION_EVENT_ID_KEY_NAME))
{
return;
}
{code}
2) Notification ID is set for create database, create table etc, but not set
for alter table event.
2.1) in HiveMetaStore, create_table_core calls transactional listener, and the
notification ID of the corresponding event is stored in
*transactionalListenerResponses*. The notification ID in
transactionalListenerResponses is set to create table event as event parameter
for event listener. in
transactionalListenerResponses =
MetaStoreListenerNotifier.notifyEvent(this.transactionalListeners,
EventType.CREATE_TABLE, new CreateTableEvent(tbl, true, this), envContext);
{code}
+ create_table_core
if (primaryKeys == null && foreignKeys == null) {
ms.createTable(tbl);
} else {
ms.createTableWithConstraints(tbl, primaryKeys, foreignKeys);
}
if (!this.transactionalListeners.isEmpty()) {
transactionalListenerResponses =
MetaStoreListenerNotifier.notifyEvent(this.transactionalListeners,
EventType.CREATE_TABLE, new CreateTableEvent(tbl, true, this), envContext);
}
success = ms.commitTransaction();
} finally {
if (!success) {
ms.rollbackTransaction();
if (madeDir) {
this.wh.deleteDir(tblPath, true);
}
}
if (!this.listeners.isEmpty()) {
MetaStoreListenerNotifier.notifyEvent(this.listeners,
EventType.CREATE_TABLE, new CreateTableEvent(tbl, success, this), envContext,
transactionalListenerResponses, ms);
}
{code}
2.2) in HiveMetaStore, alter_table_core does NOT call transactional listener,
and the notification ID is the alter table event is NOT set in the event
parameters.
{code}
+ alter_table_core
try {
Table oldt = this.get_table_core(dbname, name);
this.firePreEvent(new PreAlterTableEvent(oldt, newTable, this));
this.alterHandler.alterTable(this.getMS(), this.wh, dbname, name,
newTable, envContext, this);
success = true;
if (!this.listeners.isEmpty()) {
MetaStoreListenerNotifier.notifyEvent(this.listeners,
EventType.ALTER_TABLE, new AlterTableEvent(oldt, newTable, true, this),
envContext);
}
} catch (NoSuchObjectException var12) {
ex = var12;
throw new InvalidOperationException(var12.getMessage());
} catch (Exception var13) {
ex = var13;
if (var13 instanceof MetaException) {
throw (MetaException)var13;
}
if (var13 instanceof InvalidOperationException) {
throw (InvalidOperationException)var13;
}
throw newMetaException(var13);
} finally {
this.endFunction("alter_table", success, (Exception)ex, name);
}
{code}
2.3) In order for table rename sync to work, *{color:red}HiveMetaStore{color}*
has to change to set the notification ID in event parameters.
> Table renames should synchronize with Sentry
> --------------------------------------------
>
> Key: SENTRY-2143
> URL: https://issues.apache.org/jira/browse/SENTRY-2143
> Project: Sentry
> Issue Type: Bug
> Components: Sentry
> Affects Versions: 2.1.0
> Reporter: Alexander Kolbasov
> Assignee: Na Li
> Priority: Major
> Attachments: SENTRY-2143.001.patch, SENTRY-2143.002.patch,
> SENTRY-2143.003.patch, SENTRY-2143.004.patch
>
>
> Currently table renames are not synchronized from Hive (while table
> creates/drops are). This creates a problem since the renamed table doesn't
> have correct privileges for a bit until it is processed by Sentry. So
> perfectly valid scripts that rename tables and expect the rename table to
> retain the privileges are going to fail.
> The fix is to update {{SentrySyncHMSNotificationsPostEventListener}} to
> synchronize table renames as well.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
