You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sentry.apache.org by Xiaomeng Huang <xi...@intel.com> on 2015/03/11 03:50:11 UTC
Re: Review Request 29650: SENTRY-498: Sentry Hive authorization V2
via Hive authorization framework
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/29650/
-----------------------------------------------------------
(Updated March 11, 2015, 2:50 a.m.)
Review request for sentry and Prasad Mujumdar.
Changes
-------
fix some test cases failed and memory leak issue.
Bugs: SENTRY-498
https://issues.apache.org/jira/browse/SENTRY-498
Repository: sentry
Description
-------
Currently Sentry grant/revoke privileges via hook DDLTask, and do authorization via HiveSemanticAnalyzerHook. Now hive has a pluggable authorization framework via exposing some interfaces HiveAccessController and HiveAuthorizationValidator. In this patch, SentryAccessController is used to grant/revoke roles and privileges, and SentryAuthorizationValidator is used to do fine-grained authorization.
Now it still blocked by some sentry jiras and a hive improvement(Prasad in working on this).
Diffs (updated)
-----
sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/SentryConfigTool.java ecbd664
sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/v2/HiveAuthzBindingSessionHookV2.java PRE-CREATION
sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/v2/SentryAccessController.java PRE-CREATION
sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/v2/SentryAuthorizationValidator.java PRE-CREATION
sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/v2/SentryAuthorizerFactory.java PRE-CREATION
sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/v2/impl/DefaultSentryAccessController.java PRE-CREATION
sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/v2/impl/DefaultSentryAuthorizationValidator.java PRE-CREATION
sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/v2/impl/SentryAuthorizationTaskFactoryImplV2.java PRE-CREATION
sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/v2/impl/SentryAuthorizerImpl.java PRE-CREATION
sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/v2/impl/SimpleSemanticAnalyzer.java PRE-CREATION
sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/v2/util/SentryAccessControlException.java PRE-CREATION
sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/v2/util/SentryAuthorizerUtil.java PRE-CREATION
sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/binding/hive/v2/TestDefaultSentryAuthorizationValidator.java PRE-CREATION
sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/binding/hive/v2/TestSentryAuthorizerUtil.java PRE-CREATION
sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/binding/hive/v2/TestSentryHiveAuthorizerFactory.java PRE-CREATION
sentry-core/sentry-core-model-db/src/main/java/org/apache/sentry/core/model/db/PrivilegeInfo.java PRE-CREATION
sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java 7a9f0df
sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java 44681ca
sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceClientFactory.java 574f23c
sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/SimpleFileProviderBackend.java fa5ab69
sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/AbstractTestWithDbProvider.java 04f50ed
sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestColumnEndToEnd.java 742c74f
sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDatabaseProvider.java f9e8f80
sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbDDLAuditLog.java 2cecdfd
sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbEndToEnd.java acb789f
sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegeCleanupOnDrop.java a35cf21
sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbSentryOnFailureHookLoading.java 1af8baa
sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/ha/TestHaEnd2End.java 78894d1
sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/AbstractTestWithStaticConfiguration.java 3a8a6ef
sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMovingToProduction.java a6edf03
sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestOperations.java 2fbdfa6
sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtDatabaseScope.java 7c9a66d
sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtTableScope.java 7abc684
sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestRuntimeMetadataRetrieval.java c47686b
sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestServerConfiguration.java d8ebea6
sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/hiveserver/HiveServerFactory.java 1014361
sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/hiveserver/InternalHiveServer.java 0e53d3d
Diff: https://reviews.apache.org/r/29650/diff/
Testing
-------
Thanks,
Xiaomeng Huang