You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by "Sravya Tirukkovalur (JIRA)" <ji...@apache.org> on 2014/05/06 03:03:35 UTC

[jira] [Updated] (SENTRY-150) Support various SHOW commands

     [ https://issues.apache.org/jira/browse/SENTRY-150?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Sravya Tirukkovalur updated SENTRY-150:
---------------------------------------

    Attachment: SENTRY-150.0.patch

Adding a working patch. The only thing I am not sure is in which format do we display privileges in the "SHOW GRANT ROLE <roleName>". I tried looking in hive, but this statement doesnt seem to work.

> Support various SHOW commands
> -----------------------------
>
>                 Key: SENTRY-150
>                 URL: https://issues.apache.org/jira/browse/SENTRY-150
>             Project: Sentry
>          Issue Type: Sub-task
>            Reporter: Brock Noland
>            Assignee: Sravya Tirukkovalur
>         Attachments: SENTRY-150.0.patch
>
>
> Specifically, I think we have to implement
> * SHOW ROLES
> * SHOW GRANT ROLE xxx ON [SERVER, DATABASE, TABLE, URI] xxx
> * SHOW ROLE GRANT GROUP xxxx.
> The following is the output of testing hive with these commands
> {noformat}
> > CREATE ROLE r1;
> > GRANT ROLE r1 to GROUP staff;
> > GRANT ALL ON DATABASE default TO ROLE r1;
> > SHOW GRANT ROLE r1 ON DATABASE default; 
> default                    r1     ROLE     All     false     1395109913000     noland
> > CREATE TABLE t1 (c1 string)
> > GRANT ALL ON TABLE t1 TO ROLE r1;
> > SHOW GRANT ROLE r1 ON TABLE t1;       
> default     t1               r1     ROLE     All     false     1395110129000     noland
>       appendNonNull(builder, resource.getDbName(), true);
>       appendNonNull(builder, resource.getObjectName());
>       appendNonNull(builder, resource.getPartValues());
>       appendNonNull(builder, resource.getColumnName());
>       appendNonNull(builder, privilege.getPrincipalName());
>       appendNonNull(builder, privilege.getPrincipalType());
>       appendNonNull(builder, grantInfo.getPrivilege());
>       appendNonNull(builder, grantInfo.isGrantOption());
>       appendNonNull(builder, testMode ? -1 : grantInfo.getCreateTime() * 1000L);
>       appendNonNull(builder, grantInfo.getGrantor());
> > SHOW ROLE GRANT GROUP staff;
> r1     1395109787000     staff     GROUP     false     1395109830000     noland
>       appendNonNull(builder, role.getRoleName(), true);
>       appendNonNull(builder, testMode ? -1 : role.getCreateTime() * 1000L);
>       appendNonNull(builder, role.getPrincipalName());
>       appendNonNull(builder, role.getPrincipalType());
>       appendNonNull(builder, role.isGrantOption());
>       appendNonNull(builder, testMode ? -1 : role.getGrantTime() * 1000L);
>       appendNonNull(builder, role.getGrantor());
> > SHOW ROLES;
> r1
>         for (String roleName : roleNames) {
>           outStream.writeBytes(roleName);
>           outStream.write(terminator);
> >SHOW CURRENT ROLES;
> list of roles current set from SET ROLE statement
> +      List<HiveRole> currentRoles = authorizer.getCurrentRoles();
> +      List<String> roleNames = new ArrayList<String>(currentRoles.size());
> +      for (HiveRole role : currentRoles) {
> +        roleNames.add(role.getRoleName());
> +      }
> +      writeListToF
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.2#6252)