You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by sr...@apache.org on 2014/07/10 23:12:00 UTC
git commit: SENTRY-329: Alter table rename fails when we enable data
objects and privileges syncing via hive meta store (Prasad Mujumdar via
Sravya Tirukkovalur)
Repository: incubator-sentry
Updated Branches:
refs/heads/master 56d4f563b -> 26b208ed3
SENTRY-329: Alter table rename fails when we enable data objects and privileges syncing via hive meta store (Prasad Mujumdar via Sravya Tirukkovalur)
Project: http://git-wip-us.apache.org/repos/asf/incubator-sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-sentry/commit/26b208ed
Tree: http://git-wip-us.apache.org/repos/asf/incubator-sentry/tree/26b208ed
Diff: http://git-wip-us.apache.org/repos/asf/incubator-sentry/diff/26b208ed
Branch: refs/heads/master
Commit: 26b208ed3032f6979ad92e978cd9f71328c0be99
Parents: 56d4f56
Author: Sravya Tirukkovalur <sr...@clouera.com>
Authored: Thu Jul 10 14:01:37 2014 -0700
Committer: Sravya Tirukkovalur <sr...@clouera.com>
Committed: Thu Jul 10 14:10:39 2014 -0700
----------------------------------------------------------------------
.../provider/db/service/persistent/SentryStore.java | 13 ++++++++++---
.../db/service/thrift/SentryPolicyStoreProcessor.java | 2 +-
.../db/service/persistent/TestSentryStore.java | 4 +++-
3 files changed, 14 insertions(+), 5 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/26b208ed/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
index 50507ea..ff8acdc 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
@@ -1242,13 +1242,14 @@ public class SentryStore {
* @throws SentryInvalidInputException
*/
public void renamePrivilege(TSentryAuthorizable tAuthorizable,
- TSentryAuthorizable newTAuthorizable) throws SentryNoSuchObjectException,
- SentryInvalidInputException {
+ TSentryAuthorizable newTAuthorizable, String grantorPrincipal)
+ throws SentryNoSuchObjectException, SentryInvalidInputException {
PersistenceManager pm = null;
boolean rollbackTransaction = true;
TSentryPrivilege tPrivilege = toSentryPrivilege(tAuthorizable);
- TSentryPrivilege newPrivilege = toSentryPrivilege(newTAuthorizable);
+ TSentryPrivilege newPrivilege = toSentryPrivilege(newTAuthorizable,
+ grantorPrincipal);
try {
pm = openTransaction();
// In case of tables or DBs, check all actions
@@ -1329,11 +1330,17 @@ public class SentryStore {
// convert TSentryAuthorizable to TSentryPrivilege
private TSentryPrivilege toSentryPrivilege(TSentryAuthorizable tAuthorizable)
throws SentryInvalidInputException {
+ return toSentryPrivilege(tAuthorizable, null);
+ }
+
+ private TSentryPrivilege toSentryPrivilege(TSentryAuthorizable tAuthorizable,
+ String grantorPrincipal) throws SentryInvalidInputException {
TSentryPrivilege tSentryPrivilege = new TSentryPrivilege();
tSentryPrivilege.setDbName(tAuthorizable.getDb());
tSentryPrivilege.setServerName(tAuthorizable.getServer());
tSentryPrivilege.setTableName(tAuthorizable.getTable());
tSentryPrivilege.setURI(tAuthorizable.getUri());
+ tSentryPrivilege.setGrantorPrincipal(grantorPrincipal);
PrivilegeScope scope;
if (tSentryPrivilege.getTableName() != null) {
scope = PrivilegeScope.TABLE;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/26b208ed/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
index 40ac881..3bb7285 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
@@ -477,7 +477,7 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface {
try {
authorize(request.getRequestorUserName(), adminGroups);
sentryStore.renamePrivilege(request.getOldAuthorizable(),
- request.getNewAuthorizable());
+ request.getNewAuthorizable(), request.getRequestorUserName());
response.setStatus(Status.OK());
} catch (SentryAccessDeniedException e) {
LOGGER.error(e.getMessage(), e);
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/26b208ed/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
index b23f477..7637376 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
@@ -534,7 +534,7 @@ public class TestSentryStore {
TSentryAuthorizable oldTable = toTSentryAuthorizable(privilege_tbl1);
TSentryAuthorizable newTable = toTSentryAuthorizable(privilege_tbl1);
newTable.setTable(table2);
- sentryStore.renamePrivilege(oldTable, newTable);
+ sentryStore.renamePrivilege(oldTable, newTable, System.getProperty("user.name"));
for (String roleName : Sets.newHashSet(roleName1, roleName2, roleName3)) {
Set<TSentryPrivilege> privilegeSet = sentryStore
@@ -542,6 +542,8 @@ public class TestSentryStore {
assertEquals(1, privilegeSet.size());
for (TSentryPrivilege privilege : privilegeSet) {
assertTrue(table2.equalsIgnoreCase(privilege.getTableName()));
+ assertEquals(System.getProperty("user.name"),
+ privilege.getGrantorPrincipal());
}
}
}