[jira] [Comment Edited] (SENTRY-2439) "is not match table meta grammar error" with sentry-1.7
[ https://issues.apache.org/jira/browse/SENTRY-2439?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16669540#comment-16669540 ] Hao Zhu edited comment on SENTRY-2439 at 10/31/18 3:04 AM: --- Hi Team, We need to fix all below regex to support backtick. {code:java} $ grep REGEX sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/util/SimpleSemanticAnalyzer.java private static final String CREATE_TABLE_REGEX = "^(CREATE)\\s+" + "(TEMPORARY\\s+)?" private static final String DROP_DB_REGEX = "^DROP\\s+" + "(DATABASE|SCHEMA)\\s+" private static final String DROP_TABLE_REGEX = "^DROP\\s+" + "TABLE\\s+" + "(IF\\s+EXISTS\\s+)?" private static final String DROP_VIEW_REGEX = "^DROP\\s+" + "VIEW\\s+" + "(IF\\s+EXISTS\\s+)?" private static final String DESCRIBE_DB_REGEX = "^DESCRIBE\\s+" + "(DATABASE|SCHEMA)\\s+" private static final String DESCRIBE_TABLE_REGEX = "^DESCRIBE\\s+" private static final String SHOW_INDEX_REGEX = "^SHOW\\s+" + "(FORMATTED\\s+)?" private static final String SHOW_TBLPROPERTIES_REGEX = "^SHOW\\s+" + "TBLPROPERTIES\\s+" private static final String ALTER_TABLE_REGEX = "^ALTER\\s+" + "TABLE\\s+" + "([A-Za-z0-9._]+)"; private static final String ALTER_VIEW_REGEX = "^ALTER\\s+" + "VIEW\\s+" + "([A-Za-z0-9._]+)"; private static final String MSCK_REGEX = "^MSCK\\s+" + "REPAIR\\s" + "TABLE\\s" private static final String ALTER_INDEX_REGEX = "^ALTER\\s+" + "INDEX\\s+" private static final String CREATE_FUNCTION_REGEX = "^CREATE\\s+" + "(TEMPORARY\\s+)?"{code} was (Author: haozhu): Hi Team, We need to fix all below regex to support backtick. $ grep REGEX sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/util/SimpleSemanticAnalyzer.java private static final String CREATE_TABLE_REGEX = "^(CREATE)\\s+" + "(TEMPORARY\\s+)?" private static final String DROP_DB_REGEX = "^DROP\\s+" + "(DATABASE|SCHEMA)\\s+" private static final String DROP_TABLE_REGEX = "^DROP\\s+" + "TABLE\\s+" + "(IF\\s+EXISTS\\s+)?" private static final String DROP_VIEW_REGEX = "^DROP\\s+" + "VIEW\\s+" + "(IF\\s+EXISTS\\s+)?" private static final String DESCRIBE_DB_REGEX = "^DESCRIBE\\s+" + "(DATABASE|SCHEMA)\\s+" private static final String DESCRIBE_TABLE_REGEX = "^DESCRIBE\\s+" private static final String SHOW_INDEX_REGEX = "^SHOW\\s+" + "(FORMATTED\\s+)?" private static final String SHOW_TBLPROPERTIES_REGEX = "^SHOW\\s+" + "TBLPROPERTIES\\s+" private static final String ALTER_TABLE_REGEX = "^ALTER\\s+" + "TABLE\\s+" + "([A-Za-z0-9._]+)"; private static final String ALTER_VIEW_REGEX = "^ALTER\\s+" + "VIEW\\s+" + "([A-Za-z0-9._]+)"; private static final String MSCK_REGEX = "^MSCK\\s+" + "REPAIR\\s" + "TABLE\\s" private static final String ALTER_INDEX_REGEX = "^ALTER\\s+" + "INDEX\\s+" private static final String CREATE_FUNCTION_REGEX = "^CREATE\\s+" + "(TEMPORARY\\s+)?" One possible fix is to add backtick support: eg: {color:#00}String {color}{color:#7e504f}DROP_TABLE_REGEX{color}{color:#00} = {color}"^DROP\\s+"{color:#00} + {color}"TABLE\\s+"{color:#00} + {color}"(IF\\s+EXISTS\\s+)?" {color:#00} + {color}"`?([A-Za-z0-9._]+)`?"{color:#00};{color} > "is not match table meta grammar error" with sentry-1.7 > > > Key: SENTRY-2439 > URL: https://issues.apache.org/jira/browse/SENTRY-2439 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 1.7.0 >Reporter: Shishr Prakash >Priority: Major > > [What happened] > After enabling sentry I am getting below error with DDLs like DROP table . > similar to sentry bug-1845. > [1] https://issues.apache.org/jira/browse/SENTRY-1845 > Error === > 2 rows selected (0.171 seconds) > 0: jdbc:hive2://maprtest03:1> DROP TABLE project_dev_out_hive; > Error: Error while compiling statement: FAILED: HiveAuthzPluginException > class > org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException: > this command DROP TABLE project_dev_out_hive is not match table meta grammar > (state=42000,code=4) > == > It is not the same issue, but a similar issue for DROP TABLE command. The > Sentry regex pattern for DROP TABLE command does not seem to be supporting > backtick. > String DROP_TABLE_REGEX = "^DROP\s+" + "TABLE\s+" + "(IF\s+EXISTS\s+)?" + > "([A-Za-z0-9._]+)"; > Looks like it is not fixed in the latest version as well (the same pattern is > used in the master branch as well). Hive seems to be supporting this syntax. > ## Steps to Reproduce > Try dropping hive table with backticks as below > DROP TABLE `project_dev_out_hive`; > ### What you expected to happen > Sentry should understand backticks and it should
[jira] [Commented] (SENTRY-2439) "is not match table meta grammar error" with sentry-1.7
[ https://issues.apache.org/jira/browse/SENTRY-2439?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16669540#comment-16669540 ] Hao Zhu commented on SENTRY-2439: - Hi Team, We need to fix all below regex to support backtick. $ grep REGEX sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/util/SimpleSemanticAnalyzer.java private static final String CREATE_TABLE_REGEX = "^(CREATE)\\s+" + "(TEMPORARY\\s+)?" private static final String DROP_DB_REGEX = "^DROP\\s+" + "(DATABASE|SCHEMA)\\s+" private static final String DROP_TABLE_REGEX = "^DROP\\s+" + "TABLE\\s+" + "(IF\\s+EXISTS\\s+)?" private static final String DROP_VIEW_REGEX = "^DROP\\s+" + "VIEW\\s+" + "(IF\\s+EXISTS\\s+)?" private static final String DESCRIBE_DB_REGEX = "^DESCRIBE\\s+" + "(DATABASE|SCHEMA)\\s+" private static final String DESCRIBE_TABLE_REGEX = "^DESCRIBE\\s+" private static final String SHOW_INDEX_REGEX = "^SHOW\\s+" + "(FORMATTED\\s+)?" private static final String SHOW_TBLPROPERTIES_REGEX = "^SHOW\\s+" + "TBLPROPERTIES\\s+" private static final String ALTER_TABLE_REGEX = "^ALTER\\s+" + "TABLE\\s+" + "([A-Za-z0-9._]+)"; private static final String ALTER_VIEW_REGEX = "^ALTER\\s+" + "VIEW\\s+" + "([A-Za-z0-9._]+)"; private static final String MSCK_REGEX = "^MSCK\\s+" + "REPAIR\\s" + "TABLE\\s" private static final String ALTER_INDEX_REGEX = "^ALTER\\s+" + "INDEX\\s+" private static final String CREATE_FUNCTION_REGEX = "^CREATE\\s+" + "(TEMPORARY\\s+)?" One possible fix is to add backtick support: eg: {color:#00}String {color}{color:#7e504f}DROP_TABLE_REGEX{color}{color:#00} = {color}"^DROP\\s+"{color:#00} + {color}"TABLE\\s+"{color:#00} + {color}"(IF\\s+EXISTS\\s+)?" {color:#00} + {color}"`?([A-Za-z0-9._]+)`?"{color:#00};{color} > "is not match table meta grammar error" with sentry-1.7 > > > Key: SENTRY-2439 > URL: https://issues.apache.org/jira/browse/SENTRY-2439 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 1.7.0 >Reporter: Shishr Prakash >Priority: Major > > [What happened] > After enabling sentry I am getting below error with DDLs like DROP table . > similar to sentry bug-1845. > [1] https://issues.apache.org/jira/browse/SENTRY-1845 > Error === > 2 rows selected (0.171 seconds) > 0: jdbc:hive2://maprtest03:1> DROP TABLE project_dev_out_hive; > Error: Error while compiling statement: FAILED: HiveAuthzPluginException > class > org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException: > this command DROP TABLE project_dev_out_hive is not match table meta grammar > (state=42000,code=4) > == > It is not the same issue, but a similar issue for DROP TABLE command. The > Sentry regex pattern for DROP TABLE command does not seem to be supporting > backtick. > String DROP_TABLE_REGEX = "^DROP\s+" + "TABLE\s+" + "(IF\s+EXISTS\s+)?" + > "([A-Za-z0-9._]+)"; > Looks like it is not fixed in the latest version as well (the same pattern is > used in the master branch as well). Hive seems to be supporting this syntax. > ## Steps to Reproduce > Try dropping hive table with backticks as below > DROP TABLE `project_dev_out_hive`; > ### What you expected to happen > Sentry should understand backticks and it should work for every command. > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENTRY-2439) "is not match table meta grammar error" with sentry-1.7
[ https://issues.apache.org/jira/browse/SENTRY-2439?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16669343#comment-16669343 ] Shishr Prakash commented on SENTRY-2439: The issue is a side effect of changes introduced with Sentry version 1.7.0 with JIRA (SENTRY-498) This "SimpleSemanticAnalyzer.java" is added started from Sentry 1.7.0 based github. === $ git checkout remotes/origin/branch-1.6.0 $ grep -r DROP_TABLE_REGEX * $ git checkout remotes/origin/branch-1.7.0 Previous HEAD position was 85f2f676 SENTRY-900: User could access sentry metric info by curl without authorization (Dapeng Sun, reviewed by Colin Ma) HEAD is now at e98bc77c Adding signing configuration mbp-e825:sentry hzu$ grep -r DROP_TABLE_REGEX * sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/util/SimpleSemanticAnalyzer.java: private static final String DROP_TABLE_REGEX = "^DROP\\s+" + "TABLE\\s+" + "(IF\\s+EXISTS\\s+)?" sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/util/SimpleSemanticAnalyzer.java: OP_REGEX_MAP.put(HiveOperation.DROPTABLE, DROP_TABLE_REGEX); === > "is not match table meta grammar error" with sentry-1.7 > > > Key: SENTRY-2439 > URL: https://issues.apache.org/jira/browse/SENTRY-2439 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 1.7.0 >Reporter: Shishr Prakash >Priority: Major > > [What happened] > After enabling sentry I am getting below error with DDLs like DROP table . > similar to sentry bug-1845. > [1] https://issues.apache.org/jira/browse/SENTRY-1845 > Error === > 2 rows selected (0.171 seconds) > 0: jdbc:hive2://maprtest03:1> DROP TABLE project_dev_out_hive; > Error: Error while compiling statement: FAILED: HiveAuthzPluginException > class > org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException: > this command DROP TABLE project_dev_out_hive is not match table meta grammar > (state=42000,code=4) > == > It is not the same issue, but a similar issue for DROP TABLE command. The > Sentry regex pattern for DROP TABLE command does not seem to be supporting > backtick. > String DROP_TABLE_REGEX = "^DROP\s+" + "TABLE\s+" + "(IF\s+EXISTS\s+)?" + > "([A-Za-z0-9._]+)"; > Looks like it is not fixed in the latest version as well (the same pattern is > used in the master branch as well). Hive seems to be supporting this syntax. > ## Steps to Reproduce > Try dropping hive table with backticks as below > DROP TABLE `project_dev_out_hive`; > ### What you expected to happen > Sentry should understand backticks and it should work for every command. > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2433) Dropping object privileges does not include update of dropping user privileges
[ https://issues.apache.org/jira/browse/SENTRY-2433?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Na Li updated SENTRY-2433: -- Resolution: Fixed Status: Resolved (was: Patch Available) > Dropping object privileges does not include update of dropping user privileges > -- > > Key: SENTRY-2433 > URL: https://issues.apache.org/jira/browse/SENTRY-2433 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1.0, 2.2.0 >Reporter: Na Li >Assignee: Na Li >Priority: Major > Attachments: SENTRY-2433.001.patch, SENTRY-2433.001.patch, > SENTRY-2433.002.patch, SENTRY-2433.002.patch, SENTRY-2433.002.patch, > SENTRY-2433.002.patch, SENTRY-2433.002a.patch > > > When dropping privileges of an object, the update of this processing only > includes dropping role based privileges, and does not includes dropping user > based privileges. > If the to-be-dropped object is an external table, the path at HDFS still > exists, and the user access wills till be there even after sentry privileges > associated with that external table is dropped. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2437) When granting privileges a single transaction per grant causes long delays
[ https://issues.apache.org/jira/browse/SENTRY-2437?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Arjun Mishra updated SENTRY-2437: - Resolution: Fixed Status: Resolved (was: Patch Available) > When granting privileges a single transaction per grant causes long delays > -- > > Key: SENTRY-2437 > URL: https://issues.apache.org/jira/browse/SENTRY-2437 > Project: Sentry > Issue Type: Bug > Components: Sentry >Reporter: Arjun Mishra >Assignee: Arjun Mishra >Priority: Major > Attachments: SENTRY-2437.01.patch, SENTRY-2437.02.patch, > SENTRY-2437.03.patch > > > Currently sentry creates a transaction for each TSentryPrivilege object it > needs to grant. If the list of privileges is very large creating a single > transaction for each significantly affects performance. This is particularly > impactful for tables with large columns and if a user grants privileges to > many of those columns -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENTRY-2436) Add annotations for classes that are used in binding as public
[ https://issues.apache.org/jira/browse/SENTRY-2436?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16669305#comment-16669305 ] Hadoop QA commented on SENTRY-2436: --- Here are the results of testing the latest attachment https://issues.apache.org/jira/secure/attachment/12946248/SENTRY-2436.001.patch against master. {color:green}Overall:{color} +1 all checks pass {color:green}SUCCESS:{color} all tests passed Console output: https://builds.apache.org/job/PreCommit-SENTRY-Build/4216/console This message is automatically generated. > Add annotations for classes that are used in binding as public > -- > > Key: SENTRY-2436 > URL: https://issues.apache.org/jira/browse/SENTRY-2436 > Project: Sentry > Issue Type: Task >Reporter: Xinran Tinney >Assignee: Xinran Tinney >Priority: Minor > Attachments: SENTRY-2436.001.patch > > > Some classes e.g. PolicyEngine etc are used in the bindings. These classes > should be annotated as public. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENTRY-2437) When granting privileges a single transaction per grant causes long delays
[ https://issues.apache.org/jira/browse/SENTRY-2437?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16669265#comment-16669265 ] Hadoop QA commented on SENTRY-2437: --- Here are the results of testing the latest attachment https://issues.apache.org/jira/secure/attachment/12946250/SENTRY-2437.03.patch against master. {color:green}Overall:{color} +1 all checks pass {color:green}SUCCESS:{color} all tests passed Console output: https://builds.apache.org/job/PreCommit-SENTRY-Build/4217/console This message is automatically generated. > When granting privileges a single transaction per grant causes long delays > -- > > Key: SENTRY-2437 > URL: https://issues.apache.org/jira/browse/SENTRY-2437 > Project: Sentry > Issue Type: Bug > Components: Sentry >Reporter: Arjun Mishra >Assignee: Arjun Mishra >Priority: Major > Attachments: SENTRY-2437.01.patch, SENTRY-2437.02.patch, > SENTRY-2437.03.patch > > > Currently sentry creates a transaction for each TSentryPrivilege object it > needs to grant. If the list of privileges is very large creating a single > transaction for each significantly affects performance. This is particularly > impactful for tables with large columns and if a user grants privileges to > many of those columns -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENTRY-2433) Dropping object privileges does not include update of dropping user privileges
[ https://issues.apache.org/jira/browse/SENTRY-2433?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16669144#comment-16669144 ] Hadoop QA commented on SENTRY-2433: --- Here are the results of testing the latest attachment https://issues.apache.org/jira/secure/attachment/12946219/SENTRY-2433.002a.patch against master. {color:red}Overall:{color} -1 due to 2 errors {color:red}ERROR:{color} mvn test exited 1 {color:red}ERROR:{color} Failed: org.apache.sentry.tests.e2e.dbprovider.TestHmsNotificationProcessing Console output: https://builds.apache.org/job/PreCommit-SENTRY-Build/4215/console This message is automatically generated. > Dropping object privileges does not include update of dropping user privileges > -- > > Key: SENTRY-2433 > URL: https://issues.apache.org/jira/browse/SENTRY-2433 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1.0, 2.2.0 >Reporter: Na Li >Assignee: Na Li >Priority: Major > Attachments: SENTRY-2433.001.patch, SENTRY-2433.001.patch, > SENTRY-2433.002.patch, SENTRY-2433.002.patch, SENTRY-2433.002.patch, > SENTRY-2433.002.patch, SENTRY-2433.002a.patch > > > When dropping privileges of an object, the update of this processing only > includes dropping role based privileges, and does not includes dropping user > based privileges. > If the to-be-dropped object is an external table, the path at HDFS still > exists, and the user access wills till be there even after sentry privileges > associated with that external table is dropped. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENTRY-2433) Dropping object privileges does not include update of dropping user privileges
[ https://issues.apache.org/jira/browse/SENTRY-2433?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16669142#comment-16669142 ] Hadoop QA commented on SENTRY-2433: --- Here are the results of testing the latest attachment https://issues.apache.org/jira/secure/attachment/12946219/SENTRY-2433.002a.patch against master. {color:green}Overall:{color} +1 all checks pass {color:green}SUCCESS:{color} all tests passed Console output: https://builds.apache.org/job/PreCommit-SENTRY-Build/4214/console This message is automatically generated. > Dropping object privileges does not include update of dropping user privileges > -- > > Key: SENTRY-2433 > URL: https://issues.apache.org/jira/browse/SENTRY-2433 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1.0, 2.2.0 >Reporter: Na Li >Assignee: Na Li >Priority: Major > Attachments: SENTRY-2433.001.patch, SENTRY-2433.001.patch, > SENTRY-2433.002.patch, SENTRY-2433.002.patch, SENTRY-2433.002.patch, > SENTRY-2433.002.patch, SENTRY-2433.002a.patch > > > When dropping privileges of an object, the update of this processing only > includes dropping role based privileges, and does not includes dropping user > based privileges. > If the to-be-dropped object is an external table, the path at HDFS still > exists, and the user access wills till be there even after sentry privileges > associated with that external table is dropped. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2437) When granting privileges a single transaction per grant causes long delays
[ https://issues.apache.org/jira/browse/SENTRY-2437?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Arjun Mishra updated SENTRY-2437: - Attachment: SENTRY-2437.03.patch > When granting privileges a single transaction per grant causes long delays > -- > > Key: SENTRY-2437 > URL: https://issues.apache.org/jira/browse/SENTRY-2437 > Project: Sentry > Issue Type: Bug > Components: Sentry >Reporter: Arjun Mishra >Assignee: Arjun Mishra >Priority: Major > Attachments: SENTRY-2437.01.patch, SENTRY-2437.02.patch, > SENTRY-2437.03.patch > > > Currently sentry creates a transaction for each TSentryPrivilege object it > needs to grant. If the list of privileges is very large creating a single > transaction for each significantly affects performance. This is particularly > impactful for tables with large columns and if a user grants privileges to > many of those columns -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (SENTRY-2439) "is not match table meta grammar error" with sentry-1.7
Shishr Prakash created SENTRY-2439: -- Summary: "is not match table meta grammar error" with sentry-1.7 Key: SENTRY-2439 URL: https://issues.apache.org/jira/browse/SENTRY-2439 Project: Sentry Issue Type: Bug Components: Sentry Affects Versions: 1.7.0 Reporter: Shishr Prakash [What happened] After enabling sentry I am getting below error with DDLs like DROP table . similar to sentry bug-1845. [1] https://issues.apache.org/jira/browse/SENTRY-1845 Error === 2 rows selected (0.171 seconds) 0: jdbc:hive2://maprtest03:1> DROP TABLE project_dev_out_hive; Error: Error while compiling statement: FAILED: HiveAuthzPluginException class org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException: this command DROP TABLE project_dev_out_hive is not match table meta grammar (state=42000,code=4) == It is not the same issue, but a similar issue for DROP TABLE command. The Sentry regex pattern for DROP TABLE command does not seem to be supporting backtick. String DROP_TABLE_REGEX = "^DROP\s+" + "TABLE\s+" + "(IF\s+EXISTS\s+)?" + "([A-Za-z0-9._]+)"; Looks like it is not fixed in the latest version as well (the same pattern is used in the master branch as well). Hive seems to be supporting this syntax. ## Steps to Reproduce Try dropping hive table with backticks as below DROP TABLE `project_dev_out_hive`; ### What you expected to happen Sentry should understand backticks and it should work for every command. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2436) Add annotations for classes that are used in binding as public
[ https://issues.apache.org/jira/browse/SENTRY-2436?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Xinran Tinney updated SENTRY-2436: -- Attachment: SENTRY-2436.001.patch Status: Patch Available (was: In Progress) > Add annotations for classes that are used in binding as public > -- > > Key: SENTRY-2436 > URL: https://issues.apache.org/jira/browse/SENTRY-2436 > Project: Sentry > Issue Type: Task >Reporter: Xinran Tinney >Assignee: Xinran Tinney >Priority: Minor > Attachments: SENTRY-2436.001.patch > > > Some classes e.g. PolicyEngine etc are used in the bindings. These classes > should be annotated as public. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2433) Dropping object privileges does not include update of dropping user privileges
[ https://issues.apache.org/jira/browse/SENTRY-2433?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Na Li updated SENTRY-2433: -- Attachment: SENTRY-2433.002a.patch > Dropping object privileges does not include update of dropping user privileges > -- > > Key: SENTRY-2433 > URL: https://issues.apache.org/jira/browse/SENTRY-2433 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1.0, 2.2.0 >Reporter: Na Li >Assignee: Na Li >Priority: Major > Attachments: SENTRY-2433.001.patch, SENTRY-2433.001.patch, > SENTRY-2433.002.patch, SENTRY-2433.002.patch, SENTRY-2433.002.patch, > SENTRY-2433.002.patch, SENTRY-2433.002a.patch > > > When dropping privileges of an object, the update of this processing only > includes dropping role based privileges, and does not includes dropping user > based privileges. > If the to-be-dropped object is an external table, the path at HDFS still > exists, and the user access wills till be there even after sentry privileges > associated with that external table is dropped. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2433) Dropping object privileges does not include update of dropping user privileges
[ https://issues.apache.org/jira/browse/SENTRY-2433?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Na Li updated SENTRY-2433: -- Attachment: SENTRY-2433.002.patch > Dropping object privileges does not include update of dropping user privileges > -- > > Key: SENTRY-2433 > URL: https://issues.apache.org/jira/browse/SENTRY-2433 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1.0, 2.2.0 >Reporter: Na Li >Assignee: Na Li >Priority: Major > Attachments: SENTRY-2433.001.patch, SENTRY-2433.001.patch, > SENTRY-2433.002.patch, SENTRY-2433.002.patch, SENTRY-2433.002.patch, > SENTRY-2433.002.patch > > > When dropping privileges of an object, the update of this processing only > includes dropping role based privileges, and does not includes dropping user > based privileges. > If the to-be-dropped object is an external table, the path at HDFS still > exists, and the user access wills till be there even after sentry privileges > associated with that external table is dropped. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENTRY-2433) Dropping object privileges does not include update of dropping user privileges
[ https://issues.apache.org/jira/browse/SENTRY-2433?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16668282#comment-16668282 ] Hadoop QA commented on SENTRY-2433: --- Here are the results of testing the latest attachment https://issues.apache.org/jira/secure/attachment/12946162/SENTRY-2433.002.patch against master. {color:red}Overall:{color} -1 due to an error {color:red}ERROR:{color} mvn test exited 1 Console output: https://builds.apache.org/job/PreCommit-SENTRY-Build/4213/console This message is automatically generated. > Dropping object privileges does not include update of dropping user privileges > -- > > Key: SENTRY-2433 > URL: https://issues.apache.org/jira/browse/SENTRY-2433 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1.0, 2.2.0 >Reporter: Na Li >Assignee: Na Li >Priority: Major > Attachments: SENTRY-2433.001.patch, SENTRY-2433.001.patch, > SENTRY-2433.002.patch, SENTRY-2433.002.patch, SENTRY-2433.002.patch > > > When dropping privileges of an object, the update of this processing only > includes dropping role based privileges, and does not includes dropping user > based privileges. > If the to-be-dropped object is an external table, the path at HDFS still > exists, and the user access wills till be there even after sentry privileges > associated with that external table is dropped. -- This message was sent by Atlassian JIRA (v7.6.3#76005)