[jira] [Commented] (SENTRY-2259) SQL CONSTRAINT name is too long for Oracle 11.2
[ https://issues.apache.org/jira/browse/SENTRY-2259?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16504130#comment-16504130 ] Hadoop QA commented on SENTRY-2259: --- Here are the results of testing the latest attachment https://issues.apache.org/jira/secure/attachment/12926811/SENTRY-2259.001.patch against master. {color:green}Overall:{color} +1 all checks pass {color:green}SUCCESS:{color} all tests passed Console output: https://builds.apache.org/job/PreCommit-SENTRY-Build/3865/console This message is automatically generated. > SQL CONSTRAINT name is too long for Oracle 11.2 > --- > > Key: SENTRY-2259 > URL: https://issues.apache.org/jira/browse/SENTRY-2259 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1.0 >Reporter: Na Li >Assignee: Na Li >Priority: Major > Attachments: SENTRY-2259.001.patch > > > Prior to Oracle version 12.2, identifiers are not allowed to exceed 30 > characters in length > Names must be from 1 to 30 bytes long with these exceptions: > Names of databases are limited to 8 bytes. > Names of database links can be as long as 128 bytes. > The following index name is 32 bytes, and cause exception "ORA-00972: > identifier is too long" on oracle DB 11.2. > SENTRY_USER_DB_PRIVILEGE_MAP_PK > SEN_USR_DB_PRV_MAP_SN_DB_PRV_FK > {code} > ALTER TABLE SENTRY_USER_DB_PRIVILEGE_MAP > ADD CONSTRAINT SENTRY_USER_DB_PRIVILEGE_MAP_PK PRIMARY KEY > (USER_ID,DB_PRIVILEGE_ID); > ALTER TABLE SENTRY_USER_DB_PRIVILEGE_MAP >ADD CONSTRAINT SEN_USR_DB_PRV_MAP_SN_DB_PRV_FK >FOREIGN KEY (DB_PRIVILEGE_ID) REFERENCES > SENTRY_DB_PRIVILEGE(DB_PRIVILEGE_ID); > {code} > Need to change the constrain name to be smaller than 30 characters -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2259) SQL CONSTRAINT name is too long for Oracle 11.2
[ https://issues.apache.org/jira/browse/SENTRY-2259?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Na Li updated SENTRY-2259: -- Status: Patch Available (was: Open) > SQL CONSTRAINT name is too long for Oracle 11.2 > --- > > Key: SENTRY-2259 > URL: https://issues.apache.org/jira/browse/SENTRY-2259 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1.0 >Reporter: Na Li >Assignee: Na Li >Priority: Major > Attachments: SENTRY-2259.001.patch > > > Prior to Oracle version 12.2, identifiers are not allowed to exceed 30 > characters in length > Names must be from 1 to 30 bytes long with these exceptions: > Names of databases are limited to 8 bytes. > Names of database links can be as long as 128 bytes. > The following index name is 32 bytes, and cause exception "ORA-00972: > identifier is too long" on oracle DB 11.2. > SENTRY_USER_DB_PRIVILEGE_MAP_PK > SEN_USR_DB_PRV_MAP_SN_DB_PRV_FK > {code} > ALTER TABLE SENTRY_USER_DB_PRIVILEGE_MAP > ADD CONSTRAINT SENTRY_USER_DB_PRIVILEGE_MAP_PK PRIMARY KEY > (USER_ID,DB_PRIVILEGE_ID); > ALTER TABLE SENTRY_USER_DB_PRIVILEGE_MAP >ADD CONSTRAINT SEN_USR_DB_PRV_MAP_SN_DB_PRV_FK >FOREIGN KEY (DB_PRIVILEGE_ID) REFERENCES > SENTRY_DB_PRIVILEGE(DB_PRIVILEGE_ID); > {code} > Need to change the constrain name to be smaller than 30 characters -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2259) SQL CONSTRAINT name is too long for Oracle 11.2
[ https://issues.apache.org/jira/browse/SENTRY-2259?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Na Li updated SENTRY-2259: -- Attachment: SENTRY-2259.001.patch > SQL CONSTRAINT name is too long for Oracle 11.2 > --- > > Key: SENTRY-2259 > URL: https://issues.apache.org/jira/browse/SENTRY-2259 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1.0 >Reporter: Na Li >Assignee: Na Li >Priority: Major > Attachments: SENTRY-2259.001.patch > > > Prior to Oracle version 12.2, identifiers are not allowed to exceed 30 > characters in length > Names must be from 1 to 30 bytes long with these exceptions: > Names of databases are limited to 8 bytes. > Names of database links can be as long as 128 bytes. > The following index name is 32 bytes, and cause exception "ORA-00972: > identifier is too long" on oracle DB 11.2. > SENTRY_USER_DB_PRIVILEGE_MAP_PK > SEN_USR_DB_PRV_MAP_SN_DB_PRV_FK > {code} > ALTER TABLE SENTRY_USER_DB_PRIVILEGE_MAP > ADD CONSTRAINT SENTRY_USER_DB_PRIVILEGE_MAP_PK PRIMARY KEY > (USER_ID,DB_PRIVILEGE_ID); > ALTER TABLE SENTRY_USER_DB_PRIVILEGE_MAP >ADD CONSTRAINT SEN_USR_DB_PRV_MAP_SN_DB_PRV_FK >FOREIGN KEY (DB_PRIVILEGE_ID) REFERENCES > SENTRY_DB_PRIVILEGE(DB_PRIVILEGE_ID); > {code} > Need to change the constrain name to be smaller than 30 characters -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENTRY-2146) Add better error handling to ResourceAuthorizationProvider and improve logging in related classes
[ https://issues.apache.org/jira/browse/SENTRY-2146?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16503957#comment-16503957 ] Hadoop QA commented on SENTRY-2146: --- Here are the results of testing the latest attachment https://issues.apache.org/jira/secure/attachment/12914849/SENTRY-2146.03.patch against master. {color:green}Overall:{color} +1 all checks pass {color:green}SUCCESS:{color} all tests passed Console output: https://builds.apache.org/job/PreCommit-SENTRY-Build/3864/console This message is automatically generated. > Add better error handling to ResourceAuthorizationProvider and improve > logging in related classes > - > > Key: SENTRY-2146 > URL: https://issues.apache.org/jira/browse/SENTRY-2146 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.0.0 >Reporter: Arjun Mishra >Assignee: Arjun Mishra >Priority: Major > Attachments: SENTRY-2146.002.patch, SENTRY-2146.01.patch, > SENTRY-2146.02.patch, SENTRY-2146.03.patch > > > There are a bunch of improvements that should be made to > ResourceAuthorizationProvider. For example, exceptions thrown by > privilegeFactory.createPrivilege are not gracefully handled. Makes debugging > hard. > We also need to add a lot more logging to related classes -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2162) Retrieve and list user privileges for authorization
[ https://issues.apache.org/jira/browse/SENTRY-2162?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sergio Peña updated SENTRY-2162: Resolution: Fixed Status: Resolved (was: Patch Available) > Retrieve and list user privileges for authorization > --- > > Key: SENTRY-2162 > URL: https://issues.apache.org/jira/browse/SENTRY-2162 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: Na Li >Assignee: Sergio Peña >Priority: Major > Fix For: 2.1.0 > > Attachments: SENTRY-2162.1.patch, SENTRY-2162.2.patch, > SENTRY-2162.3.patch, SENTRY-2162.4.patch > > > Make sure the implicit privileges assigned to user directly are retried and > applied for authorization request. This may require the code change in > SentryPolicyStoreProcessor and several other places. > For example, > after user_A creates table_B and get "all" privilege on table_B, user_A can > insert rows into that table. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENTRY-2162) Retrieve and list user privileges for authorization
[ https://issues.apache.org/jira/browse/SENTRY-2162?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16503953#comment-16503953 ] Hadoop QA commented on SENTRY-2162: --- Here are the results of testing the latest attachment https://issues.apache.org/jira/secure/attachment/12926778/SENTRY-2162.4.patch against master. {color:green}Overall:{color} +1 all checks pass {color:green}SUCCESS:{color} all tests passed Console output: https://builds.apache.org/job/PreCommit-SENTRY-Build/3863/console This message is automatically generated. > Retrieve and list user privileges for authorization > --- > > Key: SENTRY-2162 > URL: https://issues.apache.org/jira/browse/SENTRY-2162 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: Na Li >Assignee: Sergio Peña >Priority: Major > Fix For: 2.1.0 > > Attachments: SENTRY-2162.1.patch, SENTRY-2162.2.patch, > SENTRY-2162.3.patch, SENTRY-2162.4.patch > > > Make sure the implicit privileges assigned to user directly are retried and > applied for authorization request. This may require the code change in > SentryPolicyStoreProcessor and several other places. > For example, > after user_A creates table_B and get "all" privilege on table_B, user_A can > insert rows into that table. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2245) Remove privileges that do not associate with a role or a user
[ https://issues.apache.org/jira/browse/SENTRY-2245?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Na Li updated SENTRY-2245: -- Resolution: Fixed Status: Resolved (was: Patch Available) [~kkalyan][~spena] Thanks for reviewing the change > Remove privileges that do not associate with a role or a user > - > > Key: SENTRY-2245 > URL: https://issues.apache.org/jira/browse/SENTRY-2245 > Project: Sentry > Issue Type: Sub-task >Reporter: Na Li >Assignee: Na Li >Priority: Major > Attachments: SENTRY-2245.003.patch, SENTRY-2245.004.patch, > SENTRY-2245.005.patch, SENTRY-2245.006.patch, SENTRY-2245.006.patch > > > After a privilege is detached from a role or a user, we should check if this > privilege is not associated with any role nor any user. Then, we should > remove this privilege from DB. Otherwise, the orphan privileges will grow > overtime. > One example place is in alterSentryRoleGrantPrivilegeCore. After removing > role from mInsert, this privilege may not be associated with any role or > user, and should be removed. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2244) Alter sentry role or user at granting privilege can avoid extra query to database
[ https://issues.apache.org/jira/browse/SENTRY-2244?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Na Li updated SENTRY-2244: -- Resolution: Fixed Status: Resolved (was: Patch Available) > Alter sentry role or user at granting privilege can avoid extra query to > database > - > > Key: SENTRY-2244 > URL: https://issues.apache.org/jira/browse/SENTRY-2244 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: Na Li >Assignee: Na Li >Priority: Major > Attachments: SENTRY-2244.001.patch, SENTRY-2244.002.patch, > SENTRY-2244.002.patch > > > In alterSentryRoleGrantPrivilegeCore and alterSentryUserGrantPrivilegeCore , > all of the privileges of a role or a user are already fetched from DB. In > following processing, there is no need to query DB to get privilege INSERT, > SELECT, ALL of this role again. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2258) Remove user when it is not associated with other objects
[ https://issues.apache.org/jira/browse/SENTRY-2258?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Na Li updated SENTRY-2258: -- Resolution: Fixed Status: Resolved (was: Patch Available) > Remove user when it is not associated with other objects > > > Key: SENTRY-2258 > URL: https://issues.apache.org/jira/browse/SENTRY-2258 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: Na Li >Assignee: Na Li >Priority: Major > Attachments: SENTRY-2258.001.patch, SENTRY-2258.002.patch > > Original Estimate: 72h > Remaining Estimate: 72h > > When a privilege is created and assigned to a user, this user is > automatically created if it does not exist. > So when a privilege is removed from a user, or a role is removed from a user, > this user should be removed when it is not associated with other objects > (like privileges and roles) -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2260) Update HDFS ACL's based on owner privileges.
[ https://issues.apache.org/jira/browse/SENTRY-2260?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2260: Summary: Update HDFS ACL's based on owner privileges. (was: Update HDFS ACL's when owner privileges are granted/revoked.) > Update HDFS ACL's based on owner privileges. > > > Key: SENTRY-2260 > URL: https://issues.apache.org/jira/browse/SENTRY-2260 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > > When owner privileges are implicitly granted/revoked, sentry ACL's in > Namenode plug-in should be updated accordingly. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENTRY-2245) Remove privileges that do not associate with a role or a user
[ https://issues.apache.org/jira/browse/SENTRY-2245?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16503786#comment-16503786 ] Hadoop QA commented on SENTRY-2245: --- Here are the results of testing the latest attachment https://issues.apache.org/jira/secure/attachment/12926756/SENTRY-2245.006.patch against master. {color:green}Overall:{color} +1 all checks pass {color:green}SUCCESS:{color} all tests passed Console output: https://builds.apache.org/job/PreCommit-SENTRY-Build/3861/console This message is automatically generated. > Remove privileges that do not associate with a role or a user > - > > Key: SENTRY-2245 > URL: https://issues.apache.org/jira/browse/SENTRY-2245 > Project: Sentry > Issue Type: Sub-task >Reporter: Na Li >Assignee: Na Li >Priority: Major > Attachments: SENTRY-2245.003.patch, SENTRY-2245.004.patch, > SENTRY-2245.005.patch, SENTRY-2245.006.patch, SENTRY-2245.006.patch > > > After a privilege is detached from a role or a user, we should check if this > privilege is not associated with any role nor any user. Then, we should > remove this privilege from DB. Otherwise, the orphan privileges will grow > overtime. > One example place is in alterSentryRoleGrantPrivilegeCore. After removing > role from mInsert, this privilege may not be associated with any role or > user, and should be removed. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2162) Retrieve and list user privileges for authorization
[ https://issues.apache.org/jira/browse/SENTRY-2162?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sergio Peña updated SENTRY-2162: Attachment: SENTRY-2162.4.patch > Retrieve and list user privileges for authorization > --- > > Key: SENTRY-2162 > URL: https://issues.apache.org/jira/browse/SENTRY-2162 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: Na Li >Assignee: Sergio Peña >Priority: Major > Fix For: 2.1.0 > > Attachments: SENTRY-2162.1.patch, SENTRY-2162.2.patch, > SENTRY-2162.3.patch, SENTRY-2162.4.patch > > > Make sure the implicit privileges assigned to user directly are retried and > applied for authorization request. This may require the code change in > SentryPolicyStoreProcessor and several other places. > For example, > after user_A creates table_B and get "all" privilege on table_B, user_A can > insert rows into that table. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENTRY-2257) Implement Sentry store API's to update owner privilege on a authorizable
[ https://issues.apache.org/jira/browse/SENTRY-2257?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16503766#comment-16503766 ] Hadoop QA commented on SENTRY-2257: --- Here are the results of testing the latest attachment https://issues.apache.org/jira/secure/attachment/12926751/SENTRY-2257.004.patch against master. {color:green}Overall:{color} +1 all checks pass {color:green}SUCCESS:{color} all tests passed Console output: https://builds.apache.org/job/PreCommit-SENTRY-Build/3860/console This message is automatically generated. > Implement Sentry store API's to update owner privilege on a authorizable > > > Key: SENTRY-2257 > URL: https://issues.apache.org/jira/browse/SENTRY-2257 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Fix For: 2.1.0 > > Attachments: SENTRY-2257.001.patch, SENTRY-2257.002.patch, > SENTRY-2257.003.patch, SENTRY-2257.004.patch > > > Implement functionality in sentry store to update owner privilege on an > authorizable. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2259) SQL CONSTRAINT name is too long for Oracle 11.2
[ https://issues.apache.org/jira/browse/SENTRY-2259?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Na Li updated SENTRY-2259: -- Summary: SQL CONSTRAINT name is too long for Oracle 11.2 (was: SQL Constrain name is too long for Oracle 11.2) > SQL CONSTRAINT name is too long for Oracle 11.2 > --- > > Key: SENTRY-2259 > URL: https://issues.apache.org/jira/browse/SENTRY-2259 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1.0 >Reporter: Na Li >Assignee: Na Li >Priority: Major > > Prior to Oracle version 12.2, identifiers are not allowed to exceed 30 > characters in length > Names must be from 1 to 30 bytes long with these exceptions: > Names of databases are limited to 8 bytes. > Names of database links can be as long as 128 bytes. > The following index name is 32 bytes, and cause exception "ORA-00972: > identifier is too long" on oracle DB 11.2. > SENTRY_USER_DB_PRIVILEGE_MAP_PK > SEN_USR_DB_PRV_MAP_SN_DB_PRV_FK > {code} > ALTER TABLE SENTRY_USER_DB_PRIVILEGE_MAP > ADD CONSTRAINT SENTRY_USER_DB_PRIVILEGE_MAP_PK PRIMARY KEY > (USER_ID,DB_PRIVILEGE_ID); > ALTER TABLE SENTRY_USER_DB_PRIVILEGE_MAP >ADD CONSTRAINT SEN_USR_DB_PRV_MAP_SN_DB_PRV_FK >FOREIGN KEY (DB_PRIVILEGE_ID) REFERENCES > SENTRY_DB_PRIVILEGE(DB_PRIVILEGE_ID); > {code} > Need to change the constrain name to be smaller than 30 characters -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENTRY-2146) Add better error handling to ResourceAuthorizationProvider and improve logging in related classes
[ https://issues.apache.org/jira/browse/SENTRY-2146?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16503755#comment-16503755 ] kalyan kumar kalvagadda commented on SENTRY-2146: - [~arjunmishra13] I understand that we are trying to improve logging but adding changes to specific class might not cover things at breadth. Instead, it would be better to scenario's. Here are some of them # Granting Privilege# # Revoke Privilege # Authorization Request # HMS Fullsnapshot # HDFS Full Update # HMS notification fetch/processing # Delta Updates to NN plug-in > Add better error handling to ResourceAuthorizationProvider and improve > logging in related classes > - > > Key: SENTRY-2146 > URL: https://issues.apache.org/jira/browse/SENTRY-2146 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.0.0 >Reporter: Arjun Mishra >Assignee: Arjun Mishra >Priority: Major > Attachments: SENTRY-2146.002.patch, SENTRY-2146.01.patch, > SENTRY-2146.02.patch, SENTRY-2146.03.patch > > > There are a bunch of improvements that should be made to > ResourceAuthorizationProvider. For example, exceptions thrown by > privilegeFactory.createPrivilege are not gracefully handled. Makes debugging > hard. > We also need to add a lot more logging to related classes -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Comment Edited] (SENTRY-2146) Add better error handling to ResourceAuthorizationProvider and improve logging in related classes
[ https://issues.apache.org/jira/browse/SENTRY-2146?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16503755#comment-16503755 ] kalyan kumar kalvagadda edited comment on SENTRY-2146 at 6/6/18 7:05 PM: - [~arjunmishra13] I understand that we are trying to improve logging but adding changes to specific class might not cover things at breadth. Instead, it would be better to scenario's. Here are some of them # Granting Privilege # Revoke Privilege # Authorization Request # HMS Fullsnapshot # HDFS Full Update # HMS notification fetch/processing # Delta Updates to NN plug-in was (Author: kkalyan): [~arjunmishra13] I understand that we are trying to improve logging but adding changes to specific class might not cover things at breadth. Instead, it would be better to scenario's. Here are some of them # Granting Privilege# # Revoke Privilege # Authorization Request # HMS Fullsnapshot # HDFS Full Update # HMS notification fetch/processing # Delta Updates to NN plug-in > Add better error handling to ResourceAuthorizationProvider and improve > logging in related classes > - > > Key: SENTRY-2146 > URL: https://issues.apache.org/jira/browse/SENTRY-2146 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.0.0 >Reporter: Arjun Mishra >Assignee: Arjun Mishra >Priority: Major > Attachments: SENTRY-2146.002.patch, SENTRY-2146.01.patch, > SENTRY-2146.02.patch, SENTRY-2146.03.patch > > > There are a bunch of improvements that should be made to > ResourceAuthorizationProvider. For example, exceptions thrown by > privilegeFactory.createPrivilege are not gracefully handled. Makes debugging > hard. > We also need to add a lot more logging to related classes -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENTRY-2162) Retrieve and list user privileges for authorization
[ https://issues.apache.org/jira/browse/SENTRY-2162?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16503639#comment-16503639 ] Hadoop QA commented on SENTRY-2162: --- Here are the results of testing the latest attachment https://issues.apache.org/jira/secure/attachment/12926760/SENTRY-2162.3.patch against master. {color:red}Overall:{color} -1 due to an error {color:red}ERROR:{color} failed to build with patch (exit code 1) Console output: https://builds.apache.org/job/PreCommit-SENTRY-Build/3862/console This message is automatically generated. > Retrieve and list user privileges for authorization > --- > > Key: SENTRY-2162 > URL: https://issues.apache.org/jira/browse/SENTRY-2162 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: Na Li >Assignee: Sergio Peña >Priority: Major > Fix For: 2.1.0 > > Attachments: SENTRY-2162.1.patch, SENTRY-2162.2.patch, > SENTRY-2162.3.patch > > > Make sure the implicit privileges assigned to user directly are retried and > applied for authorization request. This may require the code change in > SentryPolicyStoreProcessor and several other places. > For example, > after user_A creates table_B and get "all" privilege on table_B, user_A can > insert rows into that table. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2162) Retrieve and list user privileges for authorization
[ https://issues.apache.org/jira/browse/SENTRY-2162?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sergio Peña updated SENTRY-2162: Attachment: SENTRY-2162.3.patch > Retrieve and list user privileges for authorization > --- > > Key: SENTRY-2162 > URL: https://issues.apache.org/jira/browse/SENTRY-2162 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: Na Li >Assignee: Sergio Peña >Priority: Major > Fix For: 2.1.0 > > Attachments: SENTRY-2162.1.patch, SENTRY-2162.2.patch, > SENTRY-2162.3.patch > > > Make sure the implicit privileges assigned to user directly are retried and > applied for authorization request. This may require the code change in > SentryPolicyStoreProcessor and several other places. > For example, > after user_A creates table_B and get "all" privilege on table_B, user_A can > insert rows into that table. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENTRY-2245) Remove privileges that do not associate with a role or a user
[ https://issues.apache.org/jira/browse/SENTRY-2245?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16503581#comment-16503581 ] Na Li commented on SENTRY-2245: --- The failure for patch 006 seems not caused by code change, but by "[ERROR] Failed to execute goal org.apache.maven.plugins:maven-surefire-plugin:2.20.1:test (default-test) on project sentry-tests-hive: There are test failures." reattach the patch again to run test https://builds.apache.org/job/PreCommit-SENTRY-Build/3859/artifact/test-output/test.txt {code} [INFO] Rat check: Summary of files. Unapproved: 0 unknown: 0 generated: 0 approved: 1 licence. [INFO] [INFO] Reactor Summary: [INFO] [INFO] Sentry SUCCESS [2.627s] [INFO] Sentry Core ... SUCCESS [0.169s] [INFO] Sentry Core Common SUCCESS [6.255s] [INFO] Sentry Core Model DB .. SUCCESS [1.911s] [INFO] Sentry Core Model Indexer . SUCCESS [1.126s] [INFO] Sentry Core Model Solr SUCCESS [2.213s] [INFO] Sentry Core Model Sqoop ... SUCCESS [1.233s] [INFO] Sentry Core Model Kafka ... SUCCESS [1.121s] [INFO] Sentry Policies ... SUCCESS [0.085s] [INFO] Sentry Policy Common .. SUCCESS [1.446s] [INFO] Sentry Providers .. SUCCESS [0.155s] [INFO] Sentry Provider Common SUCCESS [1.548s] [INFO] Sentry Provider File .. SUCCESS [1.774s] [INFO] Sentry Policy Engine .. SUCCESS [0.299s] [INFO] Sentry Bindings ... SUCCESS [0.118s] [INFO] Sentry Hive Binding Configuration . SUCCESS [2.701s] [INFO] Hive follower for Sentry .. SUCCESS [2.991s] [INFO] Sentry HDFS ... SUCCESS [0.080s] [INFO] Sentry HDFS Common SUCCESS [22.078s] [INFO] Sentry Service SUCCESS [0.103s] [INFO] Sentry Service API SUCCESS [1.651s] [INFO] Sentry Service Client . SUCCESS [0.545s] [INFO] Sentry Provider DB SUCCESS [6.681s] [INFO] Sentry Binding for Kafka .. SUCCESS [12.247s] [INFO] Sentry Provider Cache . SUCCESS [1.584s] [INFO] Sentry Hive Binding Common SUCCESS [1.897s] [INFO] Sentry Binding for Solr ... SUCCESS [17.711s] [INFO] Sentry Binding for Sqoop .. SUCCESS [10.208s] [INFO] Sentry Binding for HBase Indexer .. SUCCESS [4.103s] [INFO] Sentry Binding for Hive ... SUCCESS [25.373s] [INFO] Sentry Solr ... SUCCESS [0.074s] [INFO] Solr Sentry handler ... SUCCESS [2.814s] [INFO] Sentry Service Server . SUCCESS [10:21.329s] [INFO] Sentry Tests .. SUCCESS [0.118s] [INFO] Sentry Solr Tests . SUCCESS [2:16.965s] [INFO] Sentry Sqoop Tests SUCCESS [2:34.408s] [INFO] Sentry Kafka Tests SUCCESS [3:03.556s] [INFO] Sentry HDFS Service ... SUCCESS [6:56.989s] [INFO] Sentry HDFS Namenode Plugin ... SUCCESS [8.056s] [INFO] Sentry Hive Tests . FAILURE [1:29:06.506s] [INFO] Sentry HDFS Dist .. SUCCESS [2.512s] [INFO] sentry-tools .. SUCCESS [2:35.910s] [INFO] Sentry Distribution ... SUCCESS [39.906s] [INFO] [INFO] BUILD FAILURE [INFO] [INFO] Total time: 2:00:02.134s [INFO] Finished at: Wed Jun 06 00:33:49 UTC 2018 [INFO] Final Memory: 221M/1695M [INFO] [ERROR] Failed to execute goal org.apache.maven.plugins:maven-surefire-plugin:2.20.1:test (default-test) on project sentry-tests-hive: There are test failures. [ERROR] [ERROR] Please refer to /home/jenkins/jenkins-slave/workspace/PreCommit-SENTRY-Build/sentry-tests/sentry-tests-hive/target/surefire-reports for the individual test results. [ERROR] Please refer to dump files (if any exist) [date]-jvmRun[N].dump, [date].dumpstream and [date]-jvmRun[N].dumpstream. [ERROR] ExecutionException The forked VM terminated
[jira] [Created] (SENTRY-2259) SQL Constrain name is too long for Oracle 11.2
Na Li created SENTRY-2259: - Summary: SQL Constrain name is too long for Oracle 11.2 Key: SENTRY-2259 URL: https://issues.apache.org/jira/browse/SENTRY-2259 Project: Sentry Issue Type: Bug Components: Sentry Affects Versions: 2.1.0 Reporter: Na Li Assignee: Na Li Prior to Oracle version 12.2, identifiers are not allowed to exceed 30 characters in length Names must be from 1 to 30 bytes long with these exceptions: Names of databases are limited to 8 bytes. Names of database links can be as long as 128 bytes. The following index name is 32 bytes, and cause exception "ORA-00972: identifier is too long" on oracle DB 11.2. SENTRY_USER_DB_PRIVILEGE_MAP_PK SEN_USR_DB_PRV_MAP_SN_DB_PRV_FK {code} ALTER TABLE SENTRY_USER_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_USER_DB_PRIVILEGE_MAP_PK PRIMARY KEY (USER_ID,DB_PRIVILEGE_ID); ALTER TABLE SENTRY_USER_DB_PRIVILEGE_MAP ADD CONSTRAINT SEN_USR_DB_PRV_MAP_SN_DB_PRV_FK FOREIGN KEY (DB_PRIVILEGE_ID) REFERENCES SENTRY_DB_PRIVILEGE(DB_PRIVILEGE_ID); {code} Need to change the constrain name to be smaller than 30 characters -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2257) Implement Sentry store API's to update owner privilege on a authorizable
[ https://issues.apache.org/jira/browse/SENTRY-2257?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2257: Attachment: SENTRY-2257.004.patch > Implement Sentry store API's to update owner privilege on a authorizable > > > Key: SENTRY-2257 > URL: https://issues.apache.org/jira/browse/SENTRY-2257 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Fix For: 2.1.0 > > Attachments: SENTRY-2257.001.patch, SENTRY-2257.002.patch, > SENTRY-2257.003.patch, SENTRY-2257.004.patch > > > Implement functionality in sentry store to update owner privilege on an > authorizable. -- This message was sent by Atlassian JIRA (v7.6.3#76005)