[ 
https://issues.apache.org/jira/browse/SENTRY-2143?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16374606#comment-16374606
 ] 

Sergio Peña commented on SENTRY-2143:
-------------------------------------

[~akolb] I chat with [~LinaAtAustin] offline. The issue is about the EVENT_ID 
that is passed to the post-listener in order for HMS to synchronize with Sentry 
and block the HMS operation until the EVENT_ID is fetched.

This is the example of the CREATE_TABLE event:
{noformat}
if (!transactionalListeners.isEmpty()) {
  transactionalListenerResponses =
      MetaStoreListenerNotifier.notifyEvent(transactionalListeners,
                                            EventType.CREATE_TABLE,
                                            new CreateTableEvent(tbl, true, 
this),
                                            envContext);
}

...

if (!listeners.isEmpty()) {
  MetaStoreListenerNotifier.notifyEvent(listeners,
                                        EventType.CREATE_TABLE,
                                        new CreateTableEvent(tbl, success, 
this),
                                        envContext,
                                        transactionalListenerResponses, ms);
}
{noformat}
As you see, when the transactional listener is called, it returns the EVENT_ID 
on the transactionalListenerResponses which are passed to the post-listener so 
it is used by Sentry to wait for such id.

But, in the ALTER_TABLE  event, this is EVENT_ID is not passed. See
{noformat}
if (!listeners.isEmpty()) {
  MetaStoreListenerNotifier.notifyEvent(listeners,
                                        EventType.ALTER_TABLE,
                                        new AlterTableEvent(oldt, newTable, 
true, this),
                                        envContext);
}
{noformat}
There is not transactionalListenerResponses passed to the method. So, the 
SentrySyncHMSNotificationPostEventListener will not sync with Sentry on ALTER 
events because there is no ID to sync, see:
{noformat}
private void syncNotificationEvents(ListenerEvent event, String eventName) {
...
Map<String, String> eventParameters = event.getParameters();
if 
(!eventParameters.containsKey(MetaStoreEventListenerConstants.DB_NOTIFICATION_EVENT_ID_KEY_NAME))
 {
  return;
}
...
}{noformat}
Does it make sense?

[~LinaAtAustin] That is correct, right?

> Table renames should synchronize with Sentry
> --------------------------------------------
>
>                 Key: SENTRY-2143
>                 URL: https://issues.apache.org/jira/browse/SENTRY-2143
>             Project: Sentry
>          Issue Type: Bug
>          Components: Sentry
>    Affects Versions: 2.1.0
>            Reporter: Alexander Kolbasov
>            Assignee: Na Li
>            Priority: Major
>         Attachments: SENTRY-2143.001.patch, SENTRY-2143.002.patch, 
> SENTRY-2143.003.patch, SENTRY-2143.004.patch
>
>
> Currently table renames are not synchronized from Hive (while table 
> creates/drops are). This creates a problem since the renamed table doesn't 
> have correct privileges for a bit until it is processed by Sentry. So 
> perfectly valid scripts that rename tables and expect the rename table to 
> retain the privileges are going to fail.
> The fix is to update {{SentrySyncHMSNotificationsPostEventListener}} to 
> synchronize table renames as well.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to