You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@sentry.apache.org by "Alexander Kolbasov (JIRA)" <ji...@apache.org> on 2016/11/20 20:50:58 UTC

[jira] [Updated] (SENTRY-1540) SentryStore.isMultiActionsSupported() is always true

     [ https://issues.apache.org/jira/browse/SENTRY-1540?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Alexander Kolbasov updated SENTRY-1540:
---------------------------------------
    Priority: Minor  (was: Major)

> SentryStore.isMultiActionsSupported() is always true
> ----------------------------------------------------
>
>                 Key: SENTRY-1540
>                 URL: https://issues.apache.org/jira/browse/SENTRY-1540
>             Project: Sentry
>          Issue Type: Improvement
>          Components: Sentry
>    Affects Versions: 1.8.0, sentry-ha-redesign
>            Reporter: Alexander Kolbasov
>            Priority: Minor
>              Labels: bite-sized
>
> The SentryStore.isMultiActionsSupported() function:
> {code}
>   // Currently INSERT/SELECT/ALL are supported for Table and DB level privileges
>   private boolean isMultiActionsSupported(TSentryPrivilege tPrivilege) {
>     return tPrivilege.getDbName() != null;
>   }
> {code}
> It is called in two places  - in drop_privileges():
> {code}
>             TSentryPrivilege tPrivilege = toSentryPrivilege(tAuthorizable);
>             try {
>               if (isMultiActionsSupported(tPrivilege)) {
>               ...
> {code}
> The toSentryPrivilege() function:
> {code}
>   private TSentryPrivilege toSentryPrivilege(TSentryAuthorizable tAuthorizable)
>       throws SentryInvalidInputException {
>     TSentryPrivilege tSentryPrivilege = new TSentryPrivilege();
>     tSentryPrivilege.setDbName(fromNULLCol(tAuthorizable.getDb()));
>     tSentryPrivilege.setServerName(fromNULLCol(tAuthorizable.getServer()));
>     tSentryPrivilege.setTableName(fromNULLCol(tAuthorizable.getTable()));
>     tSentryPrivilege.setColumnName(fromNULLCol(tAuthorizable.getColumn()));
>     tSentryPrivilege.setURI(fromNULLCol(tAuthorizable.getUri()));
>     ...
> {code}
> So all fields are initialized to an emoty string which means that isMultiActionsSupported is always true.
> The same is true for the second usage in renamePrivilege().
> So currently the function is meaningless. So it should be either removed or changed to verify that dbName is non-empty and not "__NULL__".



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)