Hao Hao has posted comments on this change. ( http://gerrit.cloudera.org:8080/11659 )
Change subject: [sentry] add AuthzProvider ...................................................................... Patch Set 8: (6 comments) http://gerrit.cloudera.org:8080/#/c/11659/7/src/kudu/master/authz_provider.h File src/kudu/master/authz_provider.h: http://gerrit.cloudera.org:8080/#/c/11659/7/src/kudu/master/authz_provider.h@33 PS7, Line 33: virtual Status Start() = 0; : : // Stops the AuthzProvider instance. : virtual void Stop() = > The same reason as for having the AuthorizeXxx() method as pure virtual in It is hard to say it is not important for Start()/Stop() in that sense, so updated it. http://gerrit.cloudera.org:8080/#/c/11659/7/src/kudu/master/sentry_authz_provider-test.cc File src/kudu/master/sentry_authz_provider-test.cc: http://gerrit.cloudera.org:8080/#/c/11659/7/src/kudu/master/sentry_authz_provider-test.cc@147 PS7, Line 147: > Oh, I guess 'Authorize' in this sense means 'check the for authorization'. I will update it to avoid confusion. Thanks! http://gerrit.cloudera.org:8080/#/c/11659/7/src/kudu/master/sentry_authz_provider-test.cc@238 PS7, Line 238: ASSERT_OK(sentry_authz_provider_->AuthorizeGetTableMetadata("db.table", kTestUser)); > What happens if Sentry server is not responsive e.g., due network errors or Yeah, in L249 it is testing what error we are getting when Sentry service is not responsive. I will add a simulation of busy server too though. http://gerrit.cloudera.org:8080/#/c/11659/7/src/kudu/master/sentry_authz_provider.h File src/kudu/master/sentry_authz_provider.h: http://gerrit.cloudera.org:8080/#/c/11659/7/src/kudu/master/sentry_authz_provider.h@51 PS7, Line 51: TABLE, > nit: here and below drop 'virtual' since that's a derived class and the 'ov Done http://gerrit.cloudera.org:8080/#/c/11659/7/src/kudu/master/sentry_authz_provider.cc File src/kudu/master/sentry_authz_provider.cc: http://gerrit.cloudera.org:8080/#/c/11659/7/src/kudu/master/sentry_authz_provider.cc@56 PS7, Line 56: server_name > Ah, OK. Thank you for clarification. Done http://gerrit.cloudera.org:8080/#/c/11659/7/src/kudu/master/sentry_authz_provider.cc@235 PS7, Line 235: RETURN_NOT_OK(Authorize(table_authorizable, table_action, user)); > I don't think this needs to be a part of the SentryAuthzProvider class. May Done -- To view, visit http://gerrit.cloudera.org:8080/11659 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I254828d640cd905e33dbaf0fe100d660bc9e6772 Gerrit-Change-Number: 11659 Gerrit-PatchSet: 8 Gerrit-Owner: Hao Hao <[email protected]> Gerrit-Reviewer: Adar Dembo <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Reviewer: Andrew Wong <[email protected]> Gerrit-Reviewer: Dan Burkert <[email protected]> Gerrit-Reviewer: Hao Hao <[email protected]> Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241) Gerrit-Comment-Date: Thu, 01 Nov 2018 20:04:05 +0000 Gerrit-HasComments: Yes
