You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@sentry.apache.org by "Alexander Kolbasov (JIRA)" <ji...@apache.org> on 2016/11/20 20:37:58 UTC
[jira] [Created] (SENTRY-1540)
SentryStore.isMultiActionsSupported() is always true
Alexander Kolbasov created SENTRY-1540:
------------------------------------------
Summary: SentryStore.isMultiActionsSupported() is always true
Key: SENTRY-1540
URL: https://issues.apache.org/jira/browse/SENTRY-1540
Project: Sentry
Issue Type: Bug
Components: Sentry
Affects Versions: 1.8.0, sentry-ha-redesign
Reporter: Alexander Kolbasov
The SentryStore.isMultiActionsSupported() function:
{code}
// Currently INSERT/SELECT/ALL are supported for Table and DB level privileges
private boolean isMultiActionsSupported(TSentryPrivilege tPrivilege) {
return tPrivilege.getDbName() != null;
}
{code}
It is called in two places - in drop_privileges():
{code}
TSentryPrivilege tPrivilege = toSentryPrivilege(tAuthorizable);
try {
if (isMultiActionsSupported(tPrivilege)) {
...
{code}
The toSentryPrivilege() function:
{code}
private TSentryPrivilege toSentryPrivilege(TSentryAuthorizable tAuthorizable)
throws SentryInvalidInputException {
TSentryPrivilege tSentryPrivilege = new TSentryPrivilege();
tSentryPrivilege.setDbName(fromNULLCol(tAuthorizable.getDb()));
tSentryPrivilege.setServerName(fromNULLCol(tAuthorizable.getServer()));
tSentryPrivilege.setTableName(fromNULLCol(tAuthorizable.getTable()));
tSentryPrivilege.setColumnName(fromNULLCol(tAuthorizable.getColumn()));
tSentryPrivilege.setURI(fromNULLCol(tAuthorizable.getUri()));
...
{code}
So all fields are initialized to an emoty string which means that isMultiActionsSupported is always true.
The same is true for the second usage in renamePrivilege().
So currently the function is meaningless. So it should be either removed or changed to verify that dbName is non-empty and not "__NULL__".
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)