You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@sentry.apache.org by "kalyan kumar kalvagadda (JIRA)" <ji...@apache.org> on 2018/07/06 15:55:00 UTC
[jira] [Created] (SENTRY-2297) Optimize the logic to update/drop
privileges.
kalyan kumar kalvagadda created SENTRY-2297:
-----------------------------------------------
Summary: Optimize the logic to update/drop privileges.
Key: SENTRY-2297
URL: https://issues.apache.org/jira/browse/SENTRY-2297
Project: Sentry
Issue Type: Bug
Components: Sentry
Affects Versions: 2.1.0
Reporter: kalyan kumar kalvagadda
Assignee: kalyan kumar kalvagadda
Current logic to rename and drop the privileges based on changes to authorizable is not efficient. There are a lot un-necessary db operations also done. This has to be cleaned up.
For Example(when table/database is dropped:
{noformat}
dropOrRenamePrivilegeForAllEntities(...)
{
Collection<PrivilegeEntity> entitySet = new HashSet<>();
List<MSentryPrivilege> mPrivileges = getMSentryPrivileges(tPrivilege, pm);
for (MSentryPrivilege mPrivilege : mPrivileges) {
entitySet.addAll(ImmutableSet.copyOf(mPrivilege.getRoles()));
entitySet.addAll(ImmutableSet.copyOf(mPrivilege.getUsers()));
}
// Dropping the privilege
if (newTPrivilege == null) {
for (PrivilegeEntity entity : entitySet) {
alterSentryRevokePrivilegeCore(pm, entity.getType(), entity.getEntityName(), tPrivilege);
}
return;
}
}
{noformat}
This logic gathers all the entities associated with the privileges and performs drop for each entity. Moreover, dropOrRenamePrivilegeForAllEntities is called for each operation that is supported by sentry.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)