You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by "SentryQA (JIRA)" <ji...@apache.org> on 2014/09/09 12:25:29 UTC
[jira] [Commented] (SENTRY-390) Extend Thrift API to support
column-level privilege
[ https://issues.apache.org/jira/browse/SENTRY-390?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14126829#comment-14126829 ]
SentryQA commented on SENTRY-390:
---------------------------------
Here are the results of testing the latest attachment
https://issues.apache.org/jira/secure/attachment/12667383/SENTRY-390.002.patch against master.
{color:red}Overall:{color} -1 due to an error
{color:red}ERROR:{color} failed to apply patch (exit code 1):
The patch does not appear to apply with p0, p1, or p2
Console output: http://bigtop01.cloudera.org:8080/job/PreCommit-SENTRY-Build/307/console
This message is automatically generated.
> Extend Thrift API to support column-level privilege
> ---------------------------------------------------
>
> Key: SENTRY-390
> URL: https://issues.apache.org/jira/browse/SENTRY-390
> Project: Sentry
> Issue Type: Sub-task
> Reporter: Dapeng Sun
> Assignee: Dapeng Sun
> Fix For: 1.5.0
>
> Attachments: SENTRY-390.002.patch, SENTRY-390.patch
>
>
> The jira include:
> # SENTRY Thrift API changed :
> #* We change the field {{TSentryPrivilege privilege}} to {{set<TSentryPrivilege> privileges}} in {{TAlterSentryRoleGrantPrivilegeRequest}} and {{TAlterSentryRoleRevokePrivilegeRequest}}, The reason is the HIVE GRANT may like {{Grant SELECT (tb1.col1, tb2.col2) on TABLE table1 to role roleName}}, it contains two privileges ({{col1}} and {{col2}}) for SENTRY, to reduce the request API calls, we make it change.
> #* Another way to Implement it, maybe add a {{column list}} to {{TSentryPrivilege}}, but it will bring more problems, we know SentryStore has many convert methods between {{TSentryPrivilege}} and {{MSentryPrivilege}}, and query an unique {{MSentryPrivilege}} use {{TSentryPrivilege}} as query condition, so we should make them one-to-one correspondence.
> # Change {{SentryStore}} after Thrift API changed
> # Change {{SentryPolicyStoreProcessor}} and {{SentryPolicyServiceClient}} after Thrift API changed, include the grant/revoke methods about column privilege
> # Change {{Auditlog}} after Thrift API changed
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)