[jira] [Comment Edited] (SENTRY-2439) "is not match table meta grammar error" with sentry-1.7
[
https://issues.apache.org/jira/browse/SENTRY-2439?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16669540#comment-16669540
]
Hao Zhu edited comment on SENTRY-2439 at 10/31/18 3:04 AM:
---
Hi Team,
We need to fix all below regex to support backtick.
{code:java}
$ grep REGEX
sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/util/SimpleSemanticAnalyzer.java
private static final String CREATE_TABLE_REGEX = "^(CREATE)\\s+" +
"(TEMPORARY\\s+)?"
private static final String DROP_DB_REGEX = "^DROP\\s+" +
"(DATABASE|SCHEMA)\\s+"
private static final String DROP_TABLE_REGEX = "^DROP\\s+" + "TABLE\\s+" +
"(IF\\s+EXISTS\\s+)?"
private static final String DROP_VIEW_REGEX = "^DROP\\s+" + "VIEW\\s+" +
"(IF\\s+EXISTS\\s+)?"
private static final String DESCRIBE_DB_REGEX = "^DESCRIBE\\s+" +
"(DATABASE|SCHEMA)\\s+"
private static final String DESCRIBE_TABLE_REGEX = "^DESCRIBE\\s+"
private static final String SHOW_INDEX_REGEX = "^SHOW\\s+" +
"(FORMATTED\\s+)?"
private static final String SHOW_TBLPROPERTIES_REGEX = "^SHOW\\s+" +
"TBLPROPERTIES\\s+"
private static final String ALTER_TABLE_REGEX = "^ALTER\\s+" + "TABLE\\s+" +
"([A-Za-z0-9._]+)";
private static final String ALTER_VIEW_REGEX = "^ALTER\\s+" + "VIEW\\s+" +
"([A-Za-z0-9._]+)";
private static final String MSCK_REGEX = "^MSCK\\s+" + "REPAIR\\s" +
"TABLE\\s"
private static final String ALTER_INDEX_REGEX = "^ALTER\\s+" + "INDEX\\s+"
private static final String CREATE_FUNCTION_REGEX = "^CREATE\\s+" +
"(TEMPORARY\\s+)?"{code}
was (Author: haozhu):
Hi Team,
We need to fix all below regex to support backtick.
$ grep REGEX
sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/util/SimpleSemanticAnalyzer.java
private static final String CREATE_TABLE_REGEX = "^(CREATE)\\s+" +
"(TEMPORARY\\s+)?"
private static final String DROP_DB_REGEX = "^DROP\\s+" +
"(DATABASE|SCHEMA)\\s+"
private static final String DROP_TABLE_REGEX = "^DROP\\s+" + "TABLE\\s+" +
"(IF\\s+EXISTS\\s+)?"
private static final String DROP_VIEW_REGEX = "^DROP\\s+" + "VIEW\\s+" +
"(IF\\s+EXISTS\\s+)?"
private static final String DESCRIBE_DB_REGEX = "^DESCRIBE\\s+" +
"(DATABASE|SCHEMA)\\s+"
private static final String DESCRIBE_TABLE_REGEX = "^DESCRIBE\\s+"
private static final String SHOW_INDEX_REGEX = "^SHOW\\s+" +
"(FORMATTED\\s+)?"
private static final String SHOW_TBLPROPERTIES_REGEX = "^SHOW\\s+" +
"TBLPROPERTIES\\s+"
private static final String ALTER_TABLE_REGEX = "^ALTER\\s+" + "TABLE\\s+" +
"([A-Za-z0-9._]+)";
private static final String ALTER_VIEW_REGEX = "^ALTER\\s+" + "VIEW\\s+" +
"([A-Za-z0-9._]+)";
private static final String MSCK_REGEX = "^MSCK\\s+" + "REPAIR\\s" +
"TABLE\\s"
private static final String ALTER_INDEX_REGEX = "^ALTER\\s+" + "INDEX\\s+"
private static final String CREATE_FUNCTION_REGEX = "^CREATE\\s+" +
"(TEMPORARY\\s+)?"
One possible fix is to add backtick support:
eg:
{color:#00}String
{color}{color:#7e504f}DROP_TABLE_REGEX{color}{color:#00} =
{color}"^DROP\\s+"{color:#00} + {color}"TABLE\\s+"{color:#00} +
{color}"(IF\\s+EXISTS\\s+)?"
{color:#00} + {color}"`?([A-Za-z0-9._]+)`?"{color:#00};{color}
> "is not match table meta grammar error" with sentry-1.7
>
>
> Key: SENTRY-2439
> URL: https://issues.apache.org/jira/browse/SENTRY-2439
> Project: Sentry
> Issue Type: Bug
> Components: Sentry
>Affects Versions: 1.7.0
>Reporter: Shishr Prakash
>Priority: Major
>
> [What happened]
> After enabling sentry I am getting below error with DDLs like DROP table .
> similar to sentry bug-1845.
> [1] https://issues.apache.org/jira/browse/SENTRY-1845
> Error ===
> 2 rows selected (0.171 seconds)
> 0: jdbc:hive2://maprtest03:1> DROP TABLE project_dev_out_hive;
> Error: Error while compiling statement: FAILED: HiveAuthzPluginException
> class
> org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException:
> this command DROP TABLE project_dev_out_hive is not match table meta grammar
> (state=42000,code=4)
> ==
> It is not the same issue, but a similar issue for DROP TABLE command. The
> Sentry regex pattern for DROP TABLE command does not seem to be supporting
> backtick.
> String DROP_TABLE_REGEX = "^DROP\s+" + "TABLE\s+" + "(IF\s+EXISTS\s+)?" +
> "([A-Za-z0-9._]+)";
> Looks like it is not fixed in the latest version as well (the same pattern is
> used in the master branch as well). Hive seems to be supporting this syntax.
> ## Steps to Reproduce
> Try dropping hive table with backticks as below
> DROP TABLE `project_dev_out_hive`;
> ### What you expected to happen
> Sentry should understand backticks and it should
[jira] [Commented] (SENTRY-2439) "is not match table meta grammar error" with sentry-1.7
[
https://issues.apache.org/jira/browse/SENTRY-2439?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16669540#comment-16669540
]
Hao Zhu commented on SENTRY-2439:
-
Hi Team,
We need to fix all below regex to support backtick.
$ grep REGEX
sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/util/SimpleSemanticAnalyzer.java
private static final String CREATE_TABLE_REGEX = "^(CREATE)\\s+" +
"(TEMPORARY\\s+)?"
private static final String DROP_DB_REGEX = "^DROP\\s+" +
"(DATABASE|SCHEMA)\\s+"
private static final String DROP_TABLE_REGEX = "^DROP\\s+" + "TABLE\\s+" +
"(IF\\s+EXISTS\\s+)?"
private static final String DROP_VIEW_REGEX = "^DROP\\s+" + "VIEW\\s+" +
"(IF\\s+EXISTS\\s+)?"
private static final String DESCRIBE_DB_REGEX = "^DESCRIBE\\s+" +
"(DATABASE|SCHEMA)\\s+"
private static final String DESCRIBE_TABLE_REGEX = "^DESCRIBE\\s+"
private static final String SHOW_INDEX_REGEX = "^SHOW\\s+" +
"(FORMATTED\\s+)?"
private static final String SHOW_TBLPROPERTIES_REGEX = "^SHOW\\s+" +
"TBLPROPERTIES\\s+"
private static final String ALTER_TABLE_REGEX = "^ALTER\\s+" + "TABLE\\s+" +
"([A-Za-z0-9._]+)";
private static final String ALTER_VIEW_REGEX = "^ALTER\\s+" + "VIEW\\s+" +
"([A-Za-z0-9._]+)";
private static final String MSCK_REGEX = "^MSCK\\s+" + "REPAIR\\s" +
"TABLE\\s"
private static final String ALTER_INDEX_REGEX = "^ALTER\\s+" + "INDEX\\s+"
private static final String CREATE_FUNCTION_REGEX = "^CREATE\\s+" +
"(TEMPORARY\\s+)?"
One possible fix is to add backtick support:
eg:
{color:#00}String
{color}{color:#7e504f}DROP_TABLE_REGEX{color}{color:#00} =
{color}"^DROP\\s+"{color:#00} + {color}"TABLE\\s+"{color:#00} +
{color}"(IF\\s+EXISTS\\s+)?"
{color:#00} + {color}"`?([A-Za-z0-9._]+)`?"{color:#00};{color}
> "is not match table meta grammar error" with sentry-1.7
>
>
> Key: SENTRY-2439
> URL: https://issues.apache.org/jira/browse/SENTRY-2439
> Project: Sentry
> Issue Type: Bug
> Components: Sentry
>Affects Versions: 1.7.0
>Reporter: Shishr Prakash
>Priority: Major
>
> [What happened]
> After enabling sentry I am getting below error with DDLs like DROP table .
> similar to sentry bug-1845.
> [1] https://issues.apache.org/jira/browse/SENTRY-1845
> Error ===
> 2 rows selected (0.171 seconds)
> 0: jdbc:hive2://maprtest03:1> DROP TABLE project_dev_out_hive;
> Error: Error while compiling statement: FAILED: HiveAuthzPluginException
> class
> org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException:
> this command DROP TABLE project_dev_out_hive is not match table meta grammar
> (state=42000,code=4)
> ==
> It is not the same issue, but a similar issue for DROP TABLE command. The
> Sentry regex pattern for DROP TABLE command does not seem to be supporting
> backtick.
> String DROP_TABLE_REGEX = "^DROP\s+" + "TABLE\s+" + "(IF\s+EXISTS\s+)?" +
> "([A-Za-z0-9._]+)";
> Looks like it is not fixed in the latest version as well (the same pattern is
> used in the master branch as well). Hive seems to be supporting this syntax.
> ## Steps to Reproduce
> Try dropping hive table with backticks as below
> DROP TABLE `project_dev_out_hive`;
> ### What you expected to happen
> Sentry should understand backticks and it should work for every command.
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (SENTRY-2439) "is not match table meta grammar error" with sentry-1.7
[ https://issues.apache.org/jira/browse/SENTRY-2439?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16669343#comment-16669343 ] Shishr Prakash commented on SENTRY-2439: The issue is a side effect of changes introduced with Sentry version 1.7.0 with JIRA (SENTRY-498) This "SimpleSemanticAnalyzer.java" is added started from Sentry 1.7.0 based github. === $ git checkout remotes/origin/branch-1.6.0 $ grep -r DROP_TABLE_REGEX * $ git checkout remotes/origin/branch-1.7.0 Previous HEAD position was 85f2f676 SENTRY-900: User could access sentry metric info by curl without authorization (Dapeng Sun, reviewed by Colin Ma) HEAD is now at e98bc77c Adding signing configuration mbp-e825:sentry hzu$ grep -r DROP_TABLE_REGEX * sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/util/SimpleSemanticAnalyzer.java: private static final String DROP_TABLE_REGEX = "^DROP\\s+" + "TABLE\\s+" + "(IF\\s+EXISTS\\s+)?" sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/util/SimpleSemanticAnalyzer.java: OP_REGEX_MAP.put(HiveOperation.DROPTABLE, DROP_TABLE_REGEX); === > "is not match table meta grammar error" with sentry-1.7 > > > Key: SENTRY-2439 > URL: https://issues.apache.org/jira/browse/SENTRY-2439 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 1.7.0 >Reporter: Shishr Prakash >Priority: Major > > [What happened] > After enabling sentry I am getting below error with DDLs like DROP table . > similar to sentry bug-1845. > [1] https://issues.apache.org/jira/browse/SENTRY-1845 > Error === > 2 rows selected (0.171 seconds) > 0: jdbc:hive2://maprtest03:1> DROP TABLE project_dev_out_hive; > Error: Error while compiling statement: FAILED: HiveAuthzPluginException > class > org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException: > this command DROP TABLE project_dev_out_hive is not match table meta grammar > (state=42000,code=4) > == > It is not the same issue, but a similar issue for DROP TABLE command. The > Sentry regex pattern for DROP TABLE command does not seem to be supporting > backtick. > String DROP_TABLE_REGEX = "^DROP\s+" + "TABLE\s+" + "(IF\s+EXISTS\s+)?" + > "([A-Za-z0-9._]+)"; > Looks like it is not fixed in the latest version as well (the same pattern is > used in the master branch as well). Hive seems to be supporting this syntax. > ## Steps to Reproduce > Try dropping hive table with backticks as below > DROP TABLE `project_dev_out_hive`; > ### What you expected to happen > Sentry should understand backticks and it should work for every command. > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2433) Dropping object privileges does not include update of dropping user privileges
[ https://issues.apache.org/jira/browse/SENTRY-2433?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Na Li updated SENTRY-2433: -- Resolution: Fixed Status: Resolved (was: Patch Available) > Dropping object privileges does not include update of dropping user privileges > -- > > Key: SENTRY-2433 > URL: https://issues.apache.org/jira/browse/SENTRY-2433 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1.0, 2.2.0 >Reporter: Na Li >Assignee: Na Li >Priority: Major > Attachments: SENTRY-2433.001.patch, SENTRY-2433.001.patch, > SENTRY-2433.002.patch, SENTRY-2433.002.patch, SENTRY-2433.002.patch, > SENTRY-2433.002.patch, SENTRY-2433.002a.patch > > > When dropping privileges of an object, the update of this processing only > includes dropping role based privileges, and does not includes dropping user > based privileges. > If the to-be-dropped object is an external table, the path at HDFS still > exists, and the user access wills till be there even after sentry privileges > associated with that external table is dropped. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2437) When granting privileges a single transaction per grant causes long delays
[ https://issues.apache.org/jira/browse/SENTRY-2437?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Arjun Mishra updated SENTRY-2437: - Resolution: Fixed Status: Resolved (was: Patch Available) > When granting privileges a single transaction per grant causes long delays > -- > > Key: SENTRY-2437 > URL: https://issues.apache.org/jira/browse/SENTRY-2437 > Project: Sentry > Issue Type: Bug > Components: Sentry >Reporter: Arjun Mishra >Assignee: Arjun Mishra >Priority: Major > Attachments: SENTRY-2437.01.patch, SENTRY-2437.02.patch, > SENTRY-2437.03.patch > > > Currently sentry creates a transaction for each TSentryPrivilege object it > needs to grant. If the list of privileges is very large creating a single > transaction for each significantly affects performance. This is particularly > impactful for tables with large columns and if a user grants privileges to > many of those columns -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENTRY-2436) Add annotations for classes that are used in binding as public
[
https://issues.apache.org/jira/browse/SENTRY-2436?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16669305#comment-16669305
]
Hadoop QA commented on SENTRY-2436:
---
Here are the results of testing the latest attachment
https://issues.apache.org/jira/secure/attachment/12946248/SENTRY-2436.001.patch
against master.
{color:green}Overall:{color} +1 all checks pass
{color:green}SUCCESS:{color} all tests passed
Console output:
https://builds.apache.org/job/PreCommit-SENTRY-Build/4216/console
This message is automatically generated.
> Add annotations for classes that are used in binding as public
> --
>
> Key: SENTRY-2436
> URL: https://issues.apache.org/jira/browse/SENTRY-2436
> Project: Sentry
> Issue Type: Task
>Reporter: Xinran Tinney
>Assignee: Xinran Tinney
>Priority: Minor
> Attachments: SENTRY-2436.001.patch
>
>
> Some classes e.g. PolicyEngine etc are used in the bindings. These classes
> should be annotated as public.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (SENTRY-2437) When granting privileges a single transaction per grant causes long delays
[
https://issues.apache.org/jira/browse/SENTRY-2437?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16669265#comment-16669265
]
Hadoop QA commented on SENTRY-2437:
---
Here are the results of testing the latest attachment
https://issues.apache.org/jira/secure/attachment/12946250/SENTRY-2437.03.patch
against master.
{color:green}Overall:{color} +1 all checks pass
{color:green}SUCCESS:{color} all tests passed
Console output:
https://builds.apache.org/job/PreCommit-SENTRY-Build/4217/console
This message is automatically generated.
> When granting privileges a single transaction per grant causes long delays
> --
>
> Key: SENTRY-2437
> URL: https://issues.apache.org/jira/browse/SENTRY-2437
> Project: Sentry
> Issue Type: Bug
> Components: Sentry
>Reporter: Arjun Mishra
>Assignee: Arjun Mishra
>Priority: Major
> Attachments: SENTRY-2437.01.patch, SENTRY-2437.02.patch,
> SENTRY-2437.03.patch
>
>
> Currently sentry creates a transaction for each TSentryPrivilege object it
> needs to grant. If the list of privileges is very large creating a single
> transaction for each significantly affects performance. This is particularly
> impactful for tables with large columns and if a user grants privileges to
> many of those columns
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (SENTRY-2433) Dropping object privileges does not include update of dropping user privileges
[
https://issues.apache.org/jira/browse/SENTRY-2433?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16669144#comment-16669144
]
Hadoop QA commented on SENTRY-2433:
---
Here are the results of testing the latest attachment
https://issues.apache.org/jira/secure/attachment/12946219/SENTRY-2433.002a.patch
against master.
{color:red}Overall:{color} -1 due to 2 errors
{color:red}ERROR:{color} mvn test exited 1
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.dbprovider.TestHmsNotificationProcessing
Console output:
https://builds.apache.org/job/PreCommit-SENTRY-Build/4215/console
This message is automatically generated.
> Dropping object privileges does not include update of dropping user privileges
> --
>
> Key: SENTRY-2433
> URL: https://issues.apache.org/jira/browse/SENTRY-2433
> Project: Sentry
> Issue Type: Bug
> Components: Sentry
>Affects Versions: 2.1.0, 2.2.0
>Reporter: Na Li
>Assignee: Na Li
>Priority: Major
> Attachments: SENTRY-2433.001.patch, SENTRY-2433.001.patch,
> SENTRY-2433.002.patch, SENTRY-2433.002.patch, SENTRY-2433.002.patch,
> SENTRY-2433.002.patch, SENTRY-2433.002a.patch
>
>
> When dropping privileges of an object, the update of this processing only
> includes dropping role based privileges, and does not includes dropping user
> based privileges.
> If the to-be-dropped object is an external table, the path at HDFS still
> exists, and the user access wills till be there even after sentry privileges
> associated with that external table is dropped.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (SENTRY-2433) Dropping object privileges does not include update of dropping user privileges
[
https://issues.apache.org/jira/browse/SENTRY-2433?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16669142#comment-16669142
]
Hadoop QA commented on SENTRY-2433:
---
Here are the results of testing the latest attachment
https://issues.apache.org/jira/secure/attachment/12946219/SENTRY-2433.002a.patch
against master.
{color:green}Overall:{color} +1 all checks pass
{color:green}SUCCESS:{color} all tests passed
Console output:
https://builds.apache.org/job/PreCommit-SENTRY-Build/4214/console
This message is automatically generated.
> Dropping object privileges does not include update of dropping user privileges
> --
>
> Key: SENTRY-2433
> URL: https://issues.apache.org/jira/browse/SENTRY-2433
> Project: Sentry
> Issue Type: Bug
> Components: Sentry
>Affects Versions: 2.1.0, 2.2.0
>Reporter: Na Li
>Assignee: Na Li
>Priority: Major
> Attachments: SENTRY-2433.001.patch, SENTRY-2433.001.patch,
> SENTRY-2433.002.patch, SENTRY-2433.002.patch, SENTRY-2433.002.patch,
> SENTRY-2433.002.patch, SENTRY-2433.002a.patch
>
>
> When dropping privileges of an object, the update of this processing only
> includes dropping role based privileges, and does not includes dropping user
> based privileges.
> If the to-be-dropped object is an external table, the path at HDFS still
> exists, and the user access wills till be there even after sentry privileges
> associated with that external table is dropped.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Updated] (SENTRY-2437) When granting privileges a single transaction per grant causes long delays
[ https://issues.apache.org/jira/browse/SENTRY-2437?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Arjun Mishra updated SENTRY-2437: - Attachment: SENTRY-2437.03.patch > When granting privileges a single transaction per grant causes long delays > -- > > Key: SENTRY-2437 > URL: https://issues.apache.org/jira/browse/SENTRY-2437 > Project: Sentry > Issue Type: Bug > Components: Sentry >Reporter: Arjun Mishra >Assignee: Arjun Mishra >Priority: Major > Attachments: SENTRY-2437.01.patch, SENTRY-2437.02.patch, > SENTRY-2437.03.patch > > > Currently sentry creates a transaction for each TSentryPrivilege object it > needs to grant. If the list of privileges is very large creating a single > transaction for each significantly affects performance. This is particularly > impactful for tables with large columns and if a user grants privileges to > many of those columns -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (SENTRY-2439) "is not match table meta grammar error" with sentry-1.7
Shishr Prakash created SENTRY-2439: -- Summary: "is not match table meta grammar error" with sentry-1.7 Key: SENTRY-2439 URL: https://issues.apache.org/jira/browse/SENTRY-2439 Project: Sentry Issue Type: Bug Components: Sentry Affects Versions: 1.7.0 Reporter: Shishr Prakash [What happened] After enabling sentry I am getting below error with DDLs like DROP table . similar to sentry bug-1845. [1] https://issues.apache.org/jira/browse/SENTRY-1845 Error === 2 rows selected (0.171 seconds) 0: jdbc:hive2://maprtest03:1> DROP TABLE project_dev_out_hive; Error: Error while compiling statement: FAILED: HiveAuthzPluginException class org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException: this command DROP TABLE project_dev_out_hive is not match table meta grammar (state=42000,code=4) == It is not the same issue, but a similar issue for DROP TABLE command. The Sentry regex pattern for DROP TABLE command does not seem to be supporting backtick. String DROP_TABLE_REGEX = "^DROP\s+" + "TABLE\s+" + "(IF\s+EXISTS\s+)?" + "([A-Za-z0-9._]+)"; Looks like it is not fixed in the latest version as well (the same pattern is used in the master branch as well). Hive seems to be supporting this syntax. ## Steps to Reproduce Try dropping hive table with backticks as below DROP TABLE `project_dev_out_hive`; ### What you expected to happen Sentry should understand backticks and it should work for every command. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2436) Add annotations for classes that are used in binding as public
[ https://issues.apache.org/jira/browse/SENTRY-2436?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Xinran Tinney updated SENTRY-2436: -- Attachment: SENTRY-2436.001.patch Status: Patch Available (was: In Progress) > Add annotations for classes that are used in binding as public > -- > > Key: SENTRY-2436 > URL: https://issues.apache.org/jira/browse/SENTRY-2436 > Project: Sentry > Issue Type: Task >Reporter: Xinran Tinney >Assignee: Xinran Tinney >Priority: Minor > Attachments: SENTRY-2436.001.patch > > > Some classes e.g. PolicyEngine etc are used in the bindings. These classes > should be annotated as public. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2433) Dropping object privileges does not include update of dropping user privileges
[ https://issues.apache.org/jira/browse/SENTRY-2433?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Na Li updated SENTRY-2433: -- Attachment: SENTRY-2433.002a.patch > Dropping object privileges does not include update of dropping user privileges > -- > > Key: SENTRY-2433 > URL: https://issues.apache.org/jira/browse/SENTRY-2433 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1.0, 2.2.0 >Reporter: Na Li >Assignee: Na Li >Priority: Major > Attachments: SENTRY-2433.001.patch, SENTRY-2433.001.patch, > SENTRY-2433.002.patch, SENTRY-2433.002.patch, SENTRY-2433.002.patch, > SENTRY-2433.002.patch, SENTRY-2433.002a.patch > > > When dropping privileges of an object, the update of this processing only > includes dropping role based privileges, and does not includes dropping user > based privileges. > If the to-be-dropped object is an external table, the path at HDFS still > exists, and the user access wills till be there even after sentry privileges > associated with that external table is dropped. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2433) Dropping object privileges does not include update of dropping user privileges
[ https://issues.apache.org/jira/browse/SENTRY-2433?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Na Li updated SENTRY-2433: -- Attachment: SENTRY-2433.002.patch > Dropping object privileges does not include update of dropping user privileges > -- > > Key: SENTRY-2433 > URL: https://issues.apache.org/jira/browse/SENTRY-2433 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1.0, 2.2.0 >Reporter: Na Li >Assignee: Na Li >Priority: Major > Attachments: SENTRY-2433.001.patch, SENTRY-2433.001.patch, > SENTRY-2433.002.patch, SENTRY-2433.002.patch, SENTRY-2433.002.patch, > SENTRY-2433.002.patch > > > When dropping privileges of an object, the update of this processing only > includes dropping role based privileges, and does not includes dropping user > based privileges. > If the to-be-dropped object is an external table, the path at HDFS still > exists, and the user access wills till be there even after sentry privileges > associated with that external table is dropped. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENTRY-2433) Dropping object privileges does not include update of dropping user privileges
[
https://issues.apache.org/jira/browse/SENTRY-2433?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16668282#comment-16668282
]
Hadoop QA commented on SENTRY-2433:
---
Here are the results of testing the latest attachment
https://issues.apache.org/jira/secure/attachment/12946162/SENTRY-2433.002.patch
against master.
{color:red}Overall:{color} -1 due to an error
{color:red}ERROR:{color} mvn test exited 1
Console output:
https://builds.apache.org/job/PreCommit-SENTRY-Build/4213/console
This message is automatically generated.
> Dropping object privileges does not include update of dropping user privileges
> --
>
> Key: SENTRY-2433
> URL: https://issues.apache.org/jira/browse/SENTRY-2433
> Project: Sentry
> Issue Type: Bug
> Components: Sentry
>Affects Versions: 2.1.0, 2.2.0
>Reporter: Na Li
>Assignee: Na Li
>Priority: Major
> Attachments: SENTRY-2433.001.patch, SENTRY-2433.001.patch,
> SENTRY-2433.002.patch, SENTRY-2433.002.patch, SENTRY-2433.002.patch
>
>
> When dropping privileges of an object, the update of this processing only
> includes dropping role based privileges, and does not includes dropping user
> based privileges.
> If the to-be-dropped object is an external table, the path at HDFS still
> exists, and the user access wills till be there even after sentry privileges
> associated with that external table is dropped.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
