Andrew Wong has posted comments on this change. ( http://gerrit.cloudera.org:8080/15207 )
Change subject: [WIP] Ranger authorization provider ...................................................................... Patch Set 8: (1 comment) http://gerrit.cloudera.org:8080/#/c/15207/5/src/kudu/master/ranger_authz_provider.cc File src/kudu/master/ranger_authz_provider.cc: http://gerrit.cloudera.org:8080/#/c/15207/5/src/kudu/master/ranger_authz_provider.cc@120 PS5, Line 120: Status RangerAuthzProvider::AuthorizeGetTableStatistics(const string& tabl > I'm not sure what you mean, do you mean the C++ Ranger client should cache I meant that we should validate that the Ranger plugin actually caches privileges in an acceptable way. For instance, will the below 5 calls to AuthorizeAction() actually result in 5 calls to the Ranger server? If so, is that the best we can do? Or are there things we can do to improve our hit rates? For instance, it's unclear to me whether the current single-action, single-table API for the RangerClient here is better than passing multiple Actions to the RangerClient for this table so that the Ranger plugin can authorize in bulk. If Ranger's bulk-authorization API means it can cache more efficiently, we might even want to consider passing the requests for column privileges together with the rest of the requests for table privileges. -- To view, visit http://gerrit.cloudera.org:8080/15207 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I6e7672a5947d6406e0cad83a0c900bf5b2c03012 Gerrit-Change-Number: 15207 Gerrit-PatchSet: 8 Gerrit-Owner: Attila Bukor <[email protected]> Gerrit-Reviewer: Andrew Wong <[email protected]> Gerrit-Reviewer: Attila Bukor <[email protected]> Gerrit-Reviewer: Hao Hao <[email protected]> Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241) Gerrit-Comment-Date: Mon, 24 Feb 2020 03:43:33 +0000 Gerrit-HasComments: Yes
