You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by ak...@apache.org on 2017/06/14 21:22:29 UTC
[1/2] sentry git commit: SENTRY-1801
Repository: sentry
Updated Branches:
refs/heads/sentry-ha-redesign 46c806912 -> a29596e5f
SENTRY-1801
Project: http://git-wip-us.apache.org/repos/asf/sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/2d6179cd
Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/2d6179cd
Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/2d6179cd
Branch: refs/heads/sentry-ha-redesign
Commit: 2d6179cdbbed8dd441e87fe148d40878fcc6bbcf
Parents: 46c8069
Author: Alexander Kolbasov <ak...@cloudera.com>
Authored: Wed Jun 14 14:19:34 2017 -0700
Committer: Alexander Kolbasov <ak...@cloudera.com>
Committed: Wed Jun 14 14:19:34 2017 -0700
----------------------------------------------------------------------
pom.xml | 1 +
1 file changed, 1 insertion(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/sentry/blob/2d6179cd/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index ba13a0d..24ab448 100644
--- a/pom.xml
+++ b/pom.xml
@@ -23,6 +23,7 @@ limitations under the License.
<version>17</version>
</parent>
+
<groupId>org.apache.sentry</groupId>
<artifactId>sentry</artifactId>
<version>1.8.0-SNAPSHOT</version>
[2/2] sentry git commit: SENTRY-1801: Sentry Namenode Plugin should
handle unknown permissions (Alex Kolbasov, reviewed by Vamsee Yarlagadda)
Posted by ak...@apache.org.
SENTRY-1801: Sentry Namenode Plugin should handle unknown permissions (Alex Kolbasov, reviewed by Vamsee Yarlagadda)
Project: http://git-wip-us.apache.org/repos/asf/sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/a29596e5
Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/a29596e5
Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/a29596e5
Branch: refs/heads/sentry-ha-redesign
Commit: a29596e5fdc2d23bb84ad6a2223724934f0e7069
Parents: 2d6179c
Author: Alexander Kolbasov <ak...@cloudera.com>
Authored: Wed Jun 14 14:22:13 2017 -0700
Committer: Alexander Kolbasov <ak...@cloudera.com>
Committed: Wed Jun 14 14:22:13 2017 -0700
----------------------------------------------------------------------
.../sentry/hdfs/UpdateableAuthzPermissions.java | 20 +++++++++-----------
1 file changed, 9 insertions(+), 11 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/sentry/blob/a29596e5/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/UpdateableAuthzPermissions.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/UpdateableAuthzPermissions.java b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/UpdateableAuthzPermissions.java
index 431c7fe..0259f44 100644
--- a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/UpdateableAuthzPermissions.java
+++ b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/UpdateableAuthzPermissions.java
@@ -17,7 +17,7 @@
*/
package org.apache.sentry.hdfs;
-import java.util.LinkedList;
+import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.Set;
@@ -35,19 +35,17 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public class UpdateableAuthzPermissions implements AuthzPermissions, Updateable<PermissionsUpdate> {
- public static final ImmutableMap<String, FsAction> ACTION_MAPPING = ImmutableMap.<String, FsAction>builder()
+ private static final ImmutableMap<String, FsAction> ACTION_MAPPING = ImmutableMap.<String, FsAction>builder()
.put("ALL", FsAction.ALL)
.put("*", FsAction.ALL)
.put("SELECT", FsAction.READ_EXECUTE)
- .put("select", FsAction.READ_EXECUTE)
.put("INSERT", FsAction.WRITE_EXECUTE)
- .put("insert", FsAction.WRITE_EXECUTE)
.build();
private static final int MAX_UPDATES_PER_LOCK_USE = 99;
private static final String UPDATABLE_TYPE_NAME = "perm_authz_update";
private static final Logger LOG = LoggerFactory.getLogger(UpdateableAuthzPermissions.class);
- private volatile SentryPermissions perms = new SentryPermissions();
+ private final SentryPermissions perms = new SentryPermissions();
private final AtomicLong seqNum = new AtomicLong(0);
@Override
@@ -174,7 +172,7 @@ public class UpdateableAuthzPermissions implements AuthzPermissions, Updateable<
perms.removeParentChildMappings(pUpdate.getAuthzObj());
break;
}
- List<PrivilegeInfo> parentAndChild = new LinkedList<PrivilegeInfo>();
+ List<PrivilegeInfo> parentAndChild = new ArrayList<>();
parentAndChild.add(pInfo);
Set<String> children = perms.getChildren(pInfo.getAuthzObj());
if (children != null) {
@@ -199,16 +197,16 @@ public class UpdateableAuthzPermissions implements AuthzPermissions, Updateable<
}
}
- static FsAction getFAction(String sentryPriv) {
+ private static FsAction getFAction(String sentryPriv) {
String[] strPrivs = sentryPriv.trim().split(",");
FsAction retVal = FsAction.NONE;
for (String strPriv : strPrivs) {
FsAction action = ACTION_MAPPING.get(strPriv.toUpperCase());
- /* Passing null to FsAction.or() method causes NullPointerException.
- * Better to throw more informative exception instead
- */
if (action == null) {
- throw new IllegalArgumentException("Unsupported Action " + strPriv);
+ // Encountered a privilege that is not supported. Since we do not know what
+ // to do with it we just drop all access.
+ LOG.warn("Unsupported privilege {}, disabling all access", strPriv);
+ action = FsAction.NONE;
}
retVal = retVal.or(action);
}