Fang-Yu Rao has posted comments on this change. ( http://gerrit.cloudera.org:8080/20916 )
Change subject: IMPALA-12578: Pass owner user of database and table to Ranger in GRANT/REVOKE ...................................................................... Patch Set 3: (2 comments) Hi all, I have tried to address Csaba's comments on patch set 2. Hopefully patch set 3 looks better. Let me know if there is still any additional suggestion. Thanks! http://gerrit.cloudera.org:8080/#/c/20916/2/tests/authorization/test_ranger.py File tests/authorization/test_ranger.py: http://gerrit.cloudera.org:8080/#/c/20916/2/tests/authorization/test_ranger.py@1185 PS2, Line 1185: s a column. : self._test_grant_revoke_by_owner_on_column(privilege, column_names, > Optional: lot of these parameters are just constants or come getuser(). The Thanks for the suggestion! In the next patch I will make some of them global variables and some of them local variables within the respective functions. Hopefully this will make it easier to read and digest the code. 'resource_owner_role' will probably remain here since it is also needed in _test_grant_revoke_by_owner() when we clean up the roles created at the beginning. http://gerrit.cloudera.org:8080/#/c/20916/2/tests/authorization/test_ranger.py@1206 PS2, Line 1206: show_grant_database_stmt = "show grant {0} {1} on database {2}" : set_database_owner_user_stmt = "alter database {0} set owner user {1}" : set_database_owner_group_stmt = "alter database {0} set owner group {1}" : set_database_owner_role_stmt = "alter database {0} set owner role {1}" : resource_owner_group = OWNER_USER : admin_client = self.create_impala_client() : : try: : self._run_query_as_user(grant_database_stmt : .format(privilege, unique_database, grantee_type, grantee), OWNER_USER, : True) : result = admin_client.execute(show_grant_database_stmt : .format(grantee_type, grantee, unique_database), user=ADMIN) : TestRanger._check_privileges(result, [ : [grantee_type, grantee, unique_database, "" > optional: Couldn't this cleanup code go into the individual functions, e.g. Thanks! I will move this piece of cleanup code into the individual functions in the next patch. -- To view, visit http://gerrit.cloudera.org:8080/20916 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: Impala-ASF Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: Ibac5335c65a860963ef0ccd890a926af80585ef3 Gerrit-Change-Number: 20916 Gerrit-PatchSet: 3 Gerrit-Owner: Fang-Yu Rao <[email protected]> Gerrit-Reviewer: Aman Sinha <[email protected]> Gerrit-Reviewer: Csaba Ringhofer <[email protected]> Gerrit-Reviewer: Fang-Yu Rao <[email protected]> Gerrit-Reviewer: Impala Public Jenkins <[email protected]> Gerrit-Reviewer: Quanlong Huang <[email protected]> Gerrit-Comment-Date: Mon, 05 Feb 2024 23:56:36 +0000 Gerrit-HasComments: Yes
