You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sentry.apache.org by Jerry Chen <ha...@intel.com> on 2016/04/01 07:54:56 UTC
Re: Review Request 34087: SENTRY-735: Update AuthorizationProvider
and e2e test for grant user to role
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/34087/#review126549
-----------------------------------------------------------
sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ResourceAuthorizationProvider.java (line 104)
<https://reviews.apache.org/r/34087/#comment189579>
So this is the only place to check the enforcement of user privileges.
Check that we don't miss any other places.
sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ResourceAuthorizationProvider.java (line 131)
<https://reviews.apache.org/r/34087/#comment189569>
We may don't need to specially check the privilege for user. If it is not support, it simply doesn't have any privilege for the user.
So the call we be always:
getPrivilege(grous, users, roleSet, authroizables)
sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ResourceAuthorizationProvider.java (line 186)
<https://reviews.apache.org/r/34087/#comment189570>
The same that we always call the getPrivileges method with groups and users, if it doesn't has user privilege, simply no additioal privilege is added.
sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/PolicyFile.java (line 98)
<https://reviews.apache.org/r/34087/#comment189573>
What's the concept of "customer" here?
sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestGrantUserToRole.java (line 106)
<https://reviews.apache.org/r/34087/#comment189574>
Let's remove the trailing white space here.
sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestGrantUserToRole.java (line 139)
<https://reviews.apache.org/r/34087/#comment189575>
Let's remove the trailing white space here.
- Jerry Chen
On May 12, 2015, 7:14 a.m., Colin Ma wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/34087/
> -----------------------------------------------------------
>
> (Updated May 12, 2015, 7:14 a.m.)
>
>
> Review request for sentry, Dapeng Sun, shen guoquan, and Prasad Mujumdar.
>
>
> Repository: sentry
>
>
> Description
> -------
>
> Update AuthorizationProvider and e2e test for grant user to role
>
>
> Diffs
> -----
>
> sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ResourceAuthorizationProvider.java 06573b7
> sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestGetGroupMapping.java f57198a
> sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/PolicyFile.java 32b2d72
> sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestGrantUserToRole.java PRE-CREATION
> sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/AbstractTestWithStaticConfiguration.java 3a8a6ef
>
> Diff: https://reviews.apache.org/r/34087/diff/
>
>
> Testing
> -------
>
>
> Thanks,
>
> Colin Ma
>
>