You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@sentry.apache.org by sd...@apache.org on 2016/07/14 02:26:27 UTC

[1/2] sentry git commit: SENTRY-1357: SentryMetastorePostEventListenerBase.onAlterTable should check for null dereference (Ke Jia via Dapeng Sun)

Repository: sentry
Updated Branches:
  refs/heads/master c6c9fabb4 -> a53b20ad4


SENTRY-1357: SentryMetastorePostEventListenerBase.onAlterTable should check for null dereference (Ke Jia via Dapeng Sun)


Project: http://git-wip-us.apache.org/repos/asf/sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/29e5fd02
Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/29e5fd02
Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/29e5fd02

Branch: refs/heads/master
Commit: 29e5fd0253e9b2f63dbcc21a65f7ebbcde118007
Parents: c6c9fab
Author: Sun Dapeng <sd...@apache.org>
Authored: Thu Jul 14 10:12:48 2016 +0800
Committer: Sun Dapeng <sd...@apache.org>
Committed: Thu Jul 14 10:12:48 2016 +0800

----------------------------------------------------------------------
 .../SentryMetastorePostEventListenerBase.java   | 23 ++++++++++++++------
 1 file changed, 16 insertions(+), 7 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/sentry/blob/29e5fd02/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/sentry/binding/metastore/SentryMetastorePostEventListenerBase.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/sentry/binding/metastore/SentryMetastorePostEventListenerBase.java b/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/sentry/binding/metastore/SentryMetastorePostEventListenerBase.java
index 46363a5..262db11 100644
--- a/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/sentry/binding/metastore/SentryMetastorePostEventListenerBase.java
+++ b/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/sentry/binding/metastore/SentryMetastorePostEventListenerBase.java
@@ -217,13 +217,22 @@ public class SentryMetastorePostEventListenerBase extends MetaStoreEventListener
         " since the operation failed. \n");
       return;
     }
-
-    renameSentryTablePrivilege(tableEvent.getOldTable().getDbName(),
-        tableEvent.getOldTable().getTableName(),
-        tableEvent.getOldTable().getSd().getLocation(),
-        tableEvent.getNewTable().getDbName(),
-        tableEvent.getNewTable().getTableName(),
-        tableEvent.getNewTable().getSd().getLocation());
+    String oldLoc = null, newLoc = null;
+    org.apache.hadoop.hive.metastore.api.Table oldTal = tableEvent.getOldTable();
+    org.apache.hadoop.hive.metastore.api.Table newTal = tableEvent.getNewTable();
+    if (oldTal != null && oldTal.getSd() != null) {
+      oldLoc = oldTal.getSd().getLocation();
+    }
+    if (newTal != null && newTal.getSd() != null) {
+      newLoc = newTal.getSd().getLocation();
+    }
+    if (oldLoc != null && newLoc != null && !oldLoc.equals(newLoc)) {
+      String oldDbName = tableEvent.getOldTable().getDbName();
+      String oldTbName = tableEvent.getOldTable().getTableName();
+      String newTbName = tableEvent.getNewTable().getTableName();
+      String newDbName = tableEvent.getNewTable().getDbName();
+      renameSentryTablePrivilege(oldDbName, oldTbName, oldLoc, newDbName, newTbName, newLoc);
+    }
   }
 
   @Override

[2/2] sentry git commit: SENTRY-1327: Enable show grant role roleName on all command (Ke Jia via Dapeng Sun)

Posted by sd...@apache.org.

SENTRY-1327: Enable show grant role roleName on all command (Ke Jia via Dapeng Sun)


Project: http://git-wip-us.apache.org/repos/asf/sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/a53b20ad
Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/a53b20ad
Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/a53b20ad

Branch: refs/heads/master
Commit: a53b20ad4aae6a9f2037e87addea2f7c93bbed17
Parents: 29e5fd0
Author: Sun Dapeng <sd...@apache.org>
Authored: Thu Jul 14 10:21:38 2016 +0800
Committer: Sun Dapeng <sd...@apache.org>
Committed: Thu Jul 14 10:21:38 2016 +0800

----------------------------------------------------------------------
 .../SentryHiveAuthorizationTaskFactoryImpl.java |  3 +++
 .../e2e/dbprovider/TestDatabaseProvider.java    | 22 ++++++++++++++++++++
 2 files changed, 25 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/sentry/blob/a53b20ad/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java
index 25531af..013d227 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java
@@ -214,6 +214,9 @@ public class SentryHiveAuthorizationTaskFactoryImpl implements HiveAuthorization
       ASTNode child = (ASTNode) ast.getChild(1);
       if (child.getToken().getType() == HiveParser.TOK_PRIV_OBJECT_COL) {
         privHiveObj = analyzePrivilegeObject(child);
+      } else if(child.getToken().getType() == HiveParser.TOK_RESOURCE_ALL) {
+        //if privHiveObj is null, it will return all priveleges.
+        privHiveObj = null;
       } else {
         throw new SemanticException("Unrecognized Token: " + child.getToken().getType());
       }

http://git-wip-us.apache.org/repos/asf/sentry/blob/a53b20ad/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDatabaseProvider.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDatabaseProvider.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDatabaseProvider.java
index 82c706e..438f87e 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDatabaseProvider.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDatabaseProvider.java
@@ -2223,4 +2223,26 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration {
     connection.close();
   }
 
+  @Test
+  public void testShowGrantOnALL() throws Exception {
+
+    // setup db objects needed by the test
+    Connection connection = context.createConnection(ADMIN1);
+    Statement statement = context.createStatement(connection);
+    statement.execute("DROP DATABASE IF EXISTS db_1 CASCADE");
+    statement.execute("DROP DATABASE IF EXISTS db_2 CASCADE");
+    statement.execute("CREATE DATABASE db_1");
+    statement.execute("CREATE ROLE group1_role");
+    statement.execute("GRANT ALL ON DATABASE db_1 TO ROLE group1_role");
+    statement.execute("grant select on database db_1 to role group1_role");
+    ResultSet res = statement.executeQuery("show grant role group1_role on all");
+    List<String> returnedResult = new ArrayList<String>();
+    List<String> expectedResult = new ArrayList<String>();
+    expectedResult.add("db_1");
+    while (res.next()) {
+      returnedResult.add(res.getString(1).trim());
+    }
+    validateReturnedResult(expectedResult, returnedResult);
+    connection.close();
+  }
 }