You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@sentry.apache.org by "kalyan kumar kalvagadda (JIRA)" <ji...@apache.org> on 2017/02/16 01:54:41 UTC

[jira] [Commented] (SENTRY-1631) Not able to revoke privilege for actions like ALTER/CREATE/DROP

    [ https://issues.apache.org/jira/browse/SENTRY-1631?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15868970#comment-15868970 ] 

kalyan kumar kalvagadda commented on SENTRY-1631:
-------------------------------------------------

I have added below test to reproduce in dev environment.

{noformat}
  @Test
  public void testPrivilegeCleanup5() throws Exception {
    final String roleName = "test-priv-cleanup";
    final String grantor = "g1";
    final String server = "server";
    final String dBase = "db";
    final String table = "table-";

    sentryStore.createSentryRole(roleName);

    // Create NUM_PRIVS unique privilege objects in the database once more,
    // this time granting ALL and revoking SELECT to make INSERT.
    for (int i=0 ; i < NUM_PRIVS; i++) {
      TSentryPrivilege priv = new TSentryPrivilege();
      priv.setPrivilegeScope("DATABASE");
      priv.setServerName(server);
      priv.setAction(AccessConstants.ALTER);
      priv.setCreateTime(System.currentTimeMillis());
      priv.setTableName(table + i);
      priv.setDbName(dBase);
      priv.setGrantOption(TSentryGrantOption.TRUE);
      sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, priv);

      priv.setAction(AccessConstants.ALTER);
      sentryStore.alterSentryRoleRevokePrivilege(grantor, roleName, priv);

      MSentryRole role = sentryStore.getMSentryRoleByName(roleName);
      assertEquals("Privilege Count", 0, role.getPrivileges().size());
    }
  }
{noformat}

> Not able to revoke privilege for actions like ALTER/CREATE/DROP
> ---------------------------------------------------------------
>
>                 Key: SENTRY-1631
>                 URL: https://issues.apache.org/jira/browse/SENTRY-1631
>             Project: Sentry
>          Issue Type: Bug
>          Components: Sentry
>            Reporter: kalyan kumar kalvagadda
>            Assignee: kalyan kumar kalvagadda
>
> javax.jdo.JDODetachedFieldAccessException is observed when a privilege with ALTER/CREATE/DROPis revoked.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)