Internal Jenkins has submitted this change and it was merged. Change subject: IMPALA-4000: Restricted Sentry authorization for Kudu Tables ......................................................................
IMPALA-4000: Restricted Sentry authorization for Kudu Tables At this time, there is no comprehensive way of enforcing a Sentry authorization policy against tables stored in Kudu. The following behavior was implemented in this patch: - Only the ALL privilege level can be granted to Kudu tables. Finer-grained levels such as only SELECT or only INSERT are not supported. - Column level permissions on Kudu tables are not supported. - Only users with ALL privileges on SERVER may create external Kudu tables. Change-Id: I183f08ad8ce80deee011a6b90ad67b9cefc0452c Reviewed-on: http://gerrit.cloudera.org:8080/5047 Reviewed-by: Taras Bobrovytsky <[email protected]> Tested-by: Internal Jenkins --- M fe/src/main/java/org/apache/impala/analysis/Analyzer.java M fe/src/main/java/org/apache/impala/analysis/CreateTableStmt.java M fe/src/main/java/org/apache/impala/analysis/PrivilegeSpec.java M fe/src/main/java/org/apache/impala/authorization/PrivilegeRequestBuilder.java M fe/src/test/java/org/apache/impala/analysis/AnalyzeAuthStmtsTest.java M fe/src/test/java/org/apache/impala/analysis/AuthorizationTest.java 6 files changed, 58 insertions(+), 2 deletions(-) Approvals: Taras Bobrovytsky: Looks good to me, approved Internal Jenkins: Verified -- To view, visit http://gerrit.cloudera.org:8080/5047 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-MessageType: merged Gerrit-Change-Id: I183f08ad8ce80deee011a6b90ad67b9cefc0452c Gerrit-PatchSet: 8 Gerrit-Project: Impala-ASF Gerrit-Branch: master Gerrit-Owner: Taras Bobrovytsky <[email protected]> Gerrit-Reviewer: Alex Behm <[email protected]> Gerrit-Reviewer: Dimitris Tsirogiannis <[email protected]> Gerrit-Reviewer: Internal Jenkins Gerrit-Reviewer: Taras Bobrovytsky <[email protected]>
