[jira] [Commented] (SENTRY-2265) Translate owner privilege in sentry binding for authorization
[
https://issues.apache.org/jira/browse/SENTRY-2265?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16516566#comment-16516566
]
Hadoop QA commented on SENTRY-2265:
---
Here are the results of testing the latest attachment
https://issues.apache.org/jira/secure/attachment/12928268/SENTRY-2265.1.patch
against master.
{color:green}Overall:{color} +1 all checks pass
{color:green}SUCCESS:{color} all tests passed
Console output:
https://builds.apache.org/job/PreCommit-SENTRY-Build/3892/console
This message is automatically generated.
> Translate owner privilege in sentry binding for authorization
> -
>
> Key: SENTRY-2265
> URL: https://issues.apache.org/jira/browse/SENTRY-2265
> Project: Sentry
> Issue Type: Sub-task
> Components: Sentry
>Reporter: kalyan kumar kalvagadda
>Assignee: Sergio Peña
>Priority: Major
> Attachments: SENTRY-2265.1.patch
>
>
> When authorization is done, sentry binding should translate owner privilege
> to "ALL" before using it.
> In CommonPrivilege, need to add Owner privilege and treat it as ALL privilege
> for authorization
> {code}
> private boolean impliesResource(ImplyMethodType implyMethodType, String
> policyValue, String requestValue) {
> // wildcard support, "*", "+", "all"("+" and "all" are for backward
> compatibility) are represented as wildcard
> // if requestValue is wildcard, means privilege request is to match with
> any value of given resource
> if (SentryConstants.RESOURCE_WILDCARD_VALUE.equals(policyValue)
> || SentryConstants.RESOURCE_WILDCARD_VALUE.equals(requestValue)
> ||
> SentryConstants.RESOURCE_WILDCARD_VALUE_ALL.equalsIgnoreCase(policyValue)
> ||
> SentryConstants.RESOURCE_WILDCARD_VALUE_ALL.equalsIgnoreCase(requestValue)
> ||
> SentryConstants.RESOURCE_WILDCARD_VALUE_SOME.equals(requestValue)) {
> return true;
> }
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (SENTRY-2265) Translate owner privilege in sentry binding for authorization
[
https://issues.apache.org/jira/browse/SENTRY-2265?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16516436#comment-16516436
]
Sergio Peña commented on SENTRY-2265:
-
[~kkalyan] Can you review?
> Translate owner privilege in sentry binding for authorization
> -
>
> Key: SENTRY-2265
> URL: https://issues.apache.org/jira/browse/SENTRY-2265
> Project: Sentry
> Issue Type: Sub-task
> Components: Sentry
>Reporter: kalyan kumar kalvagadda
>Assignee: Sergio Peña
>Priority: Major
> Attachments: SENTRY-2265.1.patch
>
>
> When authorization is done, sentry binding should translate owner privilege
> to "ALL" before using it.
> In CommonPrivilege, need to add Owner privilege and treat it as ALL privilege
> for authorization
> {code}
> private boolean impliesResource(ImplyMethodType implyMethodType, String
> policyValue, String requestValue) {
> // wildcard support, "*", "+", "all"("+" and "all" are for backward
> compatibility) are represented as wildcard
> // if requestValue is wildcard, means privilege request is to match with
> any value of given resource
> if (SentryConstants.RESOURCE_WILDCARD_VALUE.equals(policyValue)
> || SentryConstants.RESOURCE_WILDCARD_VALUE.equals(requestValue)
> ||
> SentryConstants.RESOURCE_WILDCARD_VALUE_ALL.equalsIgnoreCase(policyValue)
> ||
> SentryConstants.RESOURCE_WILDCARD_VALUE_ALL.equalsIgnoreCase(requestValue)
> ||
> SentryConstants.RESOURCE_WILDCARD_VALUE_SOME.equals(requestValue)) {
> return true;
> }
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Updated] (SENTRY-2265) Translate owner privilege in sentry binding for authorization
[
https://issues.apache.org/jira/browse/SENTRY-2265?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sergio Peña updated SENTRY-2265:
Attachment: SENTRY-2265.1.patch
> Translate owner privilege in sentry binding for authorization
> -
>
> Key: SENTRY-2265
> URL: https://issues.apache.org/jira/browse/SENTRY-2265
> Project: Sentry
> Issue Type: Sub-task
> Components: Sentry
>Reporter: kalyan kumar kalvagadda
>Assignee: Sergio Peña
>Priority: Major
> Attachments: SENTRY-2265.1.patch
>
>
> When authorization is done, sentry binding should translate owner privilege
> to "ALL" before using it.
> In CommonPrivilege, need to add Owner privilege and treat it as ALL privilege
> for authorization
> {code}
> private boolean impliesResource(ImplyMethodType implyMethodType, String
> policyValue, String requestValue) {
> // wildcard support, "*", "+", "all"("+" and "all" are for backward
> compatibility) are represented as wildcard
> // if requestValue is wildcard, means privilege request is to match with
> any value of given resource
> if (SentryConstants.RESOURCE_WILDCARD_VALUE.equals(policyValue)
> || SentryConstants.RESOURCE_WILDCARD_VALUE.equals(requestValue)
> ||
> SentryConstants.RESOURCE_WILDCARD_VALUE_ALL.equalsIgnoreCase(policyValue)
> ||
> SentryConstants.RESOURCE_WILDCARD_VALUE_ALL.equalsIgnoreCase(requestValue)
> ||
> SentryConstants.RESOURCE_WILDCARD_VALUE_SOME.equals(requestValue)) {
> return true;
> }
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Updated] (SENTRY-2265) Translate owner privilege in sentry binding for authorization
[
https://issues.apache.org/jira/browse/SENTRY-2265?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sergio Peña updated SENTRY-2265:
Status: Patch Available (was: Open)
> Translate owner privilege in sentry binding for authorization
> -
>
> Key: SENTRY-2265
> URL: https://issues.apache.org/jira/browse/SENTRY-2265
> Project: Sentry
> Issue Type: Sub-task
> Components: Sentry
>Reporter: kalyan kumar kalvagadda
>Assignee: Sergio Peña
>Priority: Major
> Attachments: SENTRY-2265.1.patch
>
>
> When authorization is done, sentry binding should translate owner privilege
> to "ALL" before using it.
> In CommonPrivilege, need to add Owner privilege and treat it as ALL privilege
> for authorization
> {code}
> private boolean impliesResource(ImplyMethodType implyMethodType, String
> policyValue, String requestValue) {
> // wildcard support, "*", "+", "all"("+" and "all" are for backward
> compatibility) are represented as wildcard
> // if requestValue is wildcard, means privilege request is to match with
> any value of given resource
> if (SentryConstants.RESOURCE_WILDCARD_VALUE.equals(policyValue)
> || SentryConstants.RESOURCE_WILDCARD_VALUE.equals(requestValue)
> ||
> SentryConstants.RESOURCE_WILDCARD_VALUE_ALL.equalsIgnoreCase(policyValue)
> ||
> SentryConstants.RESOURCE_WILDCARD_VALUE_ALL.equalsIgnoreCase(requestValue)
> ||
> SentryConstants.RESOURCE_WILDCARD_VALUE_SOME.equals(requestValue)) {
> return true;
> }
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Assigned] (SENTRY-2265) Translate owner privilege in sentry binding for authorization
[
https://issues.apache.org/jira/browse/SENTRY-2265?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sergio Peña reassigned SENTRY-2265:
---
Assignee: Sergio Peña (was: kalyan kumar kalvagadda)
> Translate owner privilege in sentry binding for authorization
> -
>
> Key: SENTRY-2265
> URL: https://issues.apache.org/jira/browse/SENTRY-2265
> Project: Sentry
> Issue Type: Sub-task
> Components: Sentry
>Reporter: kalyan kumar kalvagadda
>Assignee: Sergio Peña
>Priority: Major
>
> When authorization is done, sentry binding should translate owner privilege
> to "ALL" before using it.
> In CommonPrivilege, need to add Owner privilege and treat it as ALL privilege
> for authorization
> {code}
> private boolean impliesResource(ImplyMethodType implyMethodType, String
> policyValue, String requestValue) {
> // wildcard support, "*", "+", "all"("+" and "all" are for backward
> compatibility) are represented as wildcard
> // if requestValue is wildcard, means privilege request is to match with
> any value of given resource
> if (SentryConstants.RESOURCE_WILDCARD_VALUE.equals(policyValue)
> || SentryConstants.RESOURCE_WILDCARD_VALUE.equals(requestValue)
> ||
> SentryConstants.RESOURCE_WILDCARD_VALUE_ALL.equalsIgnoreCase(policyValue)
> ||
> SentryConstants.RESOURCE_WILDCARD_VALUE_ALL.equalsIgnoreCase(requestValue)
> ||
> SentryConstants.RESOURCE_WILDCARD_VALUE_SOME.equals(requestValue)) {
> return true;
> }
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (SENTRY-2224) Support SHOW GRANT on HIVE_OBJECT
[
https://issues.apache.org/jira/browse/SENTRY-2224?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16516414#comment-16516414
]
Hadoop QA commented on SENTRY-2224:
---
Here are the results of testing the latest attachment
https://issues.apache.org/jira/secure/attachment/12928244/SENTRY-2224.06.patch
against master.
{color:red}Overall:{color} -1 due to 80 errors
{color:red}ERROR:{color} mvn test exited 1
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.dbprovider.TestDbColumnLevelMetaDataOps
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.dbprovider.TestDbMetadataPermissions
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.dbprovider.TestDbExportImportPrivileges
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.hive.TestPrivilegesAtTableScopePart2
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.dbprovider.TestDbPrivilegesAtDatabaseScope
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.hdfs.TestDbHdfsExtMaxGroups
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.hive.TestRuntimeMetadataRetrieval
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.dbprovider.TestDbPrivilegesAtFunctionScope
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.dbprovider.TestDbPrivilegesAtColumnScope
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.dbprovider.TestDbRuntimeMetadataRetrieval
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.dbprovider.TestDbPrivilegeAtTransform
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.dbprovider.TestDbOperationsPart2
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.dbprovider.TestDbPrivilegesAtTableScopePart2
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.hive.TestPrivilegesAtColumnScope
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.dbprovider.TestDbMovingToProduction
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.hive.TestUserManagement
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.hive.TestPrivilegesAtDatabaseScope
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.dbprovider.TestDbComplexView
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.hive.TestReloadPrivileges
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.hdfs.TestDbHdfsMaxGroups
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.hive.TestLockPrivileges
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.hive.TestPerDBConfiguration
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.hdfs.TestHDFSIntegrationWithHA
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.hdfs.TestHDFSIntegrationWithHA
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.hdfs.TestHDFSIntegrationWithHA
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.hdfs.TestHDFSIntegrationWithHA
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.hdfs.TestHDFSIntegrationWithHA
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.hdfs.TestHDFSIntegrationWithHA
{color:red}ERROR:{color} Failed: org.apache.sentry.tests.e2e.hive.TestEndToEnd
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.hive.TestMetadataObjectRetrieval
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.hive.TestServerConfiguration
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.hive.TestServerConfiguration
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.hive.TestServerConfiguration
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.hive.TestServerConfiguration
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.hive.TestServerConfiguration
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.hive.TestServerConfiguration
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.hive.TestServerConfiguration
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.dbprovider.TestDbSandboxOps
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.dbprovider.TestGrantUserToRole
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.dbprovider.TestConcurrentClients
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.hive.TestJDBCInterface
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.dbprovider.TestDatabaseProvider
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.dbprovider.TestDbEndToEnd
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.dbprovider.TestDbCrossOperations
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.hive.fs.TestTableOnExtFS
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.dbprovider.TestDbDDLAuditLog
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.dbprovider.TestShowGrants
{color:red}ERROR:{color} Failed:
org.apache.sentry.tests.e2e.hive.TestPolicyImportExport
{color:red}ERROR:{color} Failed:
[jira] [Resolved] (SENTRY-2217) Extend sentry policy client to handle user privileges
[ https://issues.apache.org/jira/browse/SENTRY-2217?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sergio Peña resolved SENTRY-2217. - Resolution: Won't Fix This subtask is not needed for owner privileges. I will close it as 'won't fix' > Extend sentry policy client to handle user privileges > - > > Key: SENTRY-2217 > URL: https://issues.apache.org/jira/browse/SENTRY-2217 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > > Sentry client for policy service should be be extended to grant and revoke > permissions to users. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENTRY-2272) Fix the sentry store logic for listing user privileges
[ https://issues.apache.org/jira/browse/SENTRY-2272?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16516378#comment-16516378 ] Sergio Peña commented on SENTRY-2272: - Why is it not correct? Shouldn't the client handle the exception and just displays empty in the case of Hive? For roles, Sentry throws an exception, so why not for users? > Fix the sentry store logic for listing user privileges > --- > > Key: SENTRY-2272 > URL: https://issues.apache.org/jira/browse/SENTRY-2272 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: kalyan kumar kalvagadda >Priority: Major > > Currently sentry store throws exception when privileges are requested for a > user that does not exist. This doesn't seem correct. Rather sentry store > should return empty list. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENTRY-2251) Update user privileges based on changes to authorizables
[
https://issues.apache.org/jira/browse/SENTRY-2251?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16516333#comment-16516333
]
Hadoop QA commented on SENTRY-2251:
---
Here are the results of testing the latest attachment
https://issues.apache.org/jira/secure/attachment/12928253/SENTRY-2251.001.patch
against master.
{color:red}Overall:{color} -1 due to 5 errors
{color:red}ERROR:{color} mvn test exited 1
{color:red}ERROR:{color} Failed:
org.apache.sentry.provider.db.service.persistent.TestHMSFollowerSentryStoreIntegration
{color:red}ERROR:{color} Failed:
org.apache.sentry.api.service.thrift.TestSentryServiceIntegration
{color:red}ERROR:{color} Failed:
org.apache.sentry.api.service.thrift.TestSentryServiceIntegration
{color:red}ERROR:{color} Failed:
org.apache.sentry.provider.db.service.persistent.TestSentryStore
Console output:
https://builds.apache.org/job/PreCommit-SENTRY-Build/3891/console
This message is automatically generated.
> Update user privileges based on changes to authorizables
>
>
> Key: SENTRY-2251
> URL: https://issues.apache.org/jira/browse/SENTRY-2251
> Project: Sentry
> Issue Type: Sub-task
> Components: Sentry
>Affects Versions: 2.1.0
>Reporter: kalyan kumar kalvagadda
>Assignee: kalyan kumar kalvagadda
>Priority: Major
> Attachments: SENTRY-2251.001.patch
>
>
> # User privileges granted to user on tables/databases should be removed when
> the authorizable is dropped.
> # User privileges granted to user on tables/databases should be updated when
> the authorizable are renamed.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Updated] (SENTRY-2272) Fix the sentry store logic for listing user privileges
[ https://issues.apache.org/jira/browse/SENTRY-2272?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2272: Summary: Fix the sentry store logic for listing user privileges (was: Fix the sentry store logic in listing user privileges ) > Fix the sentry store logic for listing user privileges > --- > > Key: SENTRY-2272 > URL: https://issues.apache.org/jira/browse/SENTRY-2272 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: kalyan kumar kalvagadda >Priority: Major > > Currently sentry store throws exception when privileges are requested for a > user that does not exist. This doesn't seem correct. Rather sentry store > should return empty list. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2251) Update user privileges based on changes to authorizables
[ https://issues.apache.org/jira/browse/SENTRY-2251?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2251: Status: Patch Available (was: In Progress) > Update user privileges based on changes to authorizables > > > Key: SENTRY-2251 > URL: https://issues.apache.org/jira/browse/SENTRY-2251 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2251.001.patch > > > # User privileges granted to user on tables/databases should be removed when > the authorizable is dropped. > # User privileges granted to user on tables/databases should be updated when > the authorizable are renamed. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2251) Update user privileges based on changes to authorizables
[ https://issues.apache.org/jira/browse/SENTRY-2251?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2251: Attachment: SENTRY-2251.001.patch > Update user privileges based on changes to authorizables > > > Key: SENTRY-2251 > URL: https://issues.apache.org/jira/browse/SENTRY-2251 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2251.001.patch > > > # User privileges granted to user on tables/databases should be removed when > the authorizable is dropped. > # User privileges granted to user on tables/databases should be updated when > the authorizable are renamed. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (SENTRY-2271) Wrong message seen when db upgrade failure.
[
https://issues.apache.org/jira/browse/SENTRY-2271?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Arjun Mishra reassigned SENTRY-2271:
Assignee: Arjun Mishra
> Wrong message seen when db upgrade failure.
> ---
>
> Key: SENTRY-2271
> URL: https://issues.apache.org/jira/browse/SENTRY-2271
> Project: Sentry
> Issue Type: Bug
> Components: Sentry
>Affects Versions: 2.1.0
>Reporter: kalyan kumar kalvagadda
>Assignee: Arjun Mishra
>Priority: Major
>
> SentryStoreSchemaInfo has log which still refer "Metastore". Here is an
> example
> {noformat}
> throw new SentryUserException("Unknown version specified for upgrade "
> + fromSchemaVer + " Metastore schema may be too old or newer");
> {noformat}
>
> We need to asses if there are any other message like like and fix them.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Updated] (SENTRY-2224) Support SHOW GRANT on HIVE_OBJECT
[ https://issues.apache.org/jira/browse/SENTRY-2224?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Arjun Mishra updated SENTRY-2224: - Attachment: SENTRY-2224.06.patch > Support SHOW GRANT on HIVE_OBJECT > - > > Key: SENTRY-2224 > URL: https://issues.apache.org/jira/browse/SENTRY-2224 > Project: Sentry > Issue Type: Sub-task >Reporter: Arjun Mishra >Assignee: Arjun Mishra >Priority: Major > Attachments: SENTRY-2224.002.patch, SENTRY-2224.004.patch, > SENTRY-2224.01.patch, SENTRY-2224.02.patch, SENTRY-2224.03.patch, > SENTRY-2224.04.patch, SENTRY-2224.05.patch, SENTRY-2224.06.patch > > > Currently Sentry doesn't support Hive command to show privileges on > authorizables without mentioning any role or user name -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (SENTRY-2272) Fix the sentry store logic in listing user privileges
[ https://issues.apache.org/jira/browse/SENTRY-2272?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda reassigned SENTRY-2272: --- Assignee: (was: kalyan kumar kalvagadda) > Fix the sentry store logic in listing user privileges > -- > > Key: SENTRY-2272 > URL: https://issues.apache.org/jira/browse/SENTRY-2272 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: kalyan kumar kalvagadda >Priority: Major > > Currently sentry store throws exception when privileges are requested for a > user that does not exist. This doesn't seem correct. Rather sentry store > should return empty list. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (SENTRY-2272) Fix the sentry store logic in listing user privileges
kalyan kumar kalvagadda created SENTRY-2272: --- Summary: Fix the sentry store logic in listing user privileges Key: SENTRY-2272 URL: https://issues.apache.org/jira/browse/SENTRY-2272 Project: Sentry Issue Type: Sub-task Components: Sentry Affects Versions: 2.1.0 Reporter: kalyan kumar kalvagadda Assignee: kalyan kumar kalvagadda Currently sentry store throws exception when privileges are requested for a user that does not exist. This doesn't seem correct. Rather sentry store should return empty list. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENTRY-2241) Extend the Sync Listener to pass owner information to sentry server.
[
https://issues.apache.org/jira/browse/SENTRY-2241?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16516112#comment-16516112
]
Hadoop QA commented on SENTRY-2241:
---
Here are the results of testing the latest attachment
https://issues.apache.org/jira/secure/attachment/12928229/SENTRY-2241.005.patch
against master.
{color:green}Overall:{color} +1 all checks pass
{color:green}SUCCESS:{color} all tests passed
Console output:
https://builds.apache.org/job/PreCommit-SENTRY-Build/3889/console
This message is automatically generated.
> Extend the Sync Listener to pass owner information to sentry server.
>
>
> Key: SENTRY-2241
> URL: https://issues.apache.org/jira/browse/SENTRY-2241
> Project: Sentry
> Issue Type: Sub-task
> Components: Sentry
>Affects Versions: 2.1.0
>Reporter: kalyan kumar kalvagadda
>Assignee: kalyan kumar kalvagadda
>Priority: Major
> Attachments: SENTRY-2241.001.patch, SENTRY-2241.004.patch,
> SENTRY-2241.005.patch
>
>
> Sentry has SentrySyncHMSNotificationsPostEventListener which is added a post
> listener in HMS. This listener should be extended to get the owner
> information of tables and databases.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (SENTRY-2272) Fix the sentry store logic in listing user privileges
[ https://issues.apache.org/jira/browse/SENTRY-2272?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16516113#comment-16516113 ] kalyan kumar kalvagadda commented on SENTRY-2272: - [~spena] and [~lina.li] What do you say? > Fix the sentry store logic in listing user privileges > -- > > Key: SENTRY-2272 > URL: https://issues.apache.org/jira/browse/SENTRY-2272 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > > Currently sentry store throws exception when privileges are requested for a > user that does not exist. This doesn't seem correct. Rather sentry store > should return empty list. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2260) Update HDFS ACL's based on owner privileges.
[ https://issues.apache.org/jira/browse/SENTRY-2260?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2260: Fix Version/s: 2.1.0 > Update HDFS ACL's based on owner privileges. > > > Key: SENTRY-2260 > URL: https://issues.apache.org/jira/browse/SENTRY-2260 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Fix For: 2.1.0 > > Attachments: SENTRY-2260.001.patch > > > When owner privileges are implicitly granted/revoked, sentry ACL's in > Namenode plug-in should be updated accordingly. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (SENTRY-2251) Update user privileges based on changes to authorizables
[ https://issues.apache.org/jira/browse/SENTRY-2251?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda reassigned SENTRY-2251: --- Assignee: kalyan kumar kalvagadda (was: Na Li) > Update user privileges based on changes to authorizables > > > Key: SENTRY-2251 > URL: https://issues.apache.org/jira/browse/SENTRY-2251 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > > # User privileges granted to user on tables/databases should be removed when > the authorizable is dropped. > # User privileges granted to user on tables/databases should be updated when > the authorizable are renamed. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2260) Update HDFS ACL's based on owner privileges.
[ https://issues.apache.org/jira/browse/SENTRY-2260?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2260: Resolution: Fixed Status: Resolved (was: Patch Available) > Update HDFS ACL's based on owner privileges. > > > Key: SENTRY-2260 > URL: https://issues.apache.org/jira/browse/SENTRY-2260 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2260.001.patch > > > When owner privileges are implicitly granted/revoked, sentry ACL's in > Namenode plug-in should be updated accordingly. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2241) Extend the Sync Listener to pass owner information to sentry server.
[ https://issues.apache.org/jira/browse/SENTRY-2241?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2241: Attachment: SENTRY-2241.005.patch > Extend the Sync Listener to pass owner information to sentry server. > > > Key: SENTRY-2241 > URL: https://issues.apache.org/jira/browse/SENTRY-2241 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2241.001.patch, SENTRY-2241.004.patch, > SENTRY-2241.005.patch > > > Sentry has SentrySyncHMSNotificationsPostEventListener which is added a post > listener in HMS. This listener should be extended to get the owner > information of tables and databases. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2241) Extend the Sync Listener to pass owner information to sentry server.
[ https://issues.apache.org/jira/browse/SENTRY-2241?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2241: Attachment: (was: SENTRY-2241.005.patch) > Extend the Sync Listener to pass owner information to sentry server. > > > Key: SENTRY-2241 > URL: https://issues.apache.org/jira/browse/SENTRY-2241 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2241.001.patch, SENTRY-2241.004.patch, > SENTRY-2241.005.patch > > > Sentry has SentrySyncHMSNotificationsPostEventListener which is added a post > listener in HMS. This listener should be extended to get the owner > information of tables and databases. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
