You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sentry.apache.org by Jerry Chen <ha...@intel.com> on 2016/04/01 07:54:56 UTC

Re: Review Request 34087: SENTRY-735: Update AuthorizationProvider and e2e test for grant user to role

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/34087/#review126549
-----------------------------------------------------------




sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ResourceAuthorizationProvider.java (line 104)
<https://reviews.apache.org/r/34087/#comment189579>

    So this is the only place to check the enforcement of user privileges.
    
    Check that we don't miss any other places.



sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ResourceAuthorizationProvider.java (line 131)
<https://reviews.apache.org/r/34087/#comment189569>

    We may don't need to specially check the privilege for user. If it is not support, it simply doesn't have any privilege for the user. 
    
    So the call we be always:
    getPrivilege(grous, users, roleSet, authroizables)



sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ResourceAuthorizationProvider.java (line 186)
<https://reviews.apache.org/r/34087/#comment189570>

    The same that we always call the getPrivileges method with groups and users, if it doesn't has user privilege, simply no additioal privilege is added.



sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/PolicyFile.java (line 98)
<https://reviews.apache.org/r/34087/#comment189573>

    What's the concept of "customer" here?



sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestGrantUserToRole.java (line 106)
<https://reviews.apache.org/r/34087/#comment189574>

    Let's remove the trailing white space here.



sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestGrantUserToRole.java (line 139)
<https://reviews.apache.org/r/34087/#comment189575>

    Let's remove the trailing white space here.


- Jerry Chen


On May 12, 2015, 7:14 a.m., Colin Ma wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/34087/
> -----------------------------------------------------------
> 
> (Updated May 12, 2015, 7:14 a.m.)
> 
> 
> Review request for sentry, Dapeng Sun, shen guoquan, and Prasad Mujumdar.
> 
> 
> Repository: sentry
> 
> 
> Description
> -------
> 
> Update AuthorizationProvider and e2e test for grant user to role
> 
> 
> Diffs
> -----
> 
>   sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ResourceAuthorizationProvider.java 06573b7 
>   sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestGetGroupMapping.java f57198a 
>   sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/PolicyFile.java 32b2d72 
>   sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestGrantUserToRole.java PRE-CREATION 
>   sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/AbstractTestWithStaticConfiguration.java 3a8a6ef 
> 
> Diff: https://reviews.apache.org/r/34087/diff/
> 
> 
> Testing
> -------
> 
> 
> Thanks,
> 
> Colin Ma
> 
>