You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by sr...@apache.org on 2014/07/10 23:12:00 UTC

git commit: SENTRY-329: Alter table rename fails when we enable data objects and privileges syncing via hive meta store (Prasad Mujumdar via Sravya Tirukkovalur)

Repository: incubator-sentry
Updated Branches:
  refs/heads/master 56d4f563b -> 26b208ed3


SENTRY-329: Alter table rename fails when we enable data objects and privileges syncing via hive meta store (Prasad Mujumdar via Sravya Tirukkovalur)


Project: http://git-wip-us.apache.org/repos/asf/incubator-sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-sentry/commit/26b208ed
Tree: http://git-wip-us.apache.org/repos/asf/incubator-sentry/tree/26b208ed
Diff: http://git-wip-us.apache.org/repos/asf/incubator-sentry/diff/26b208ed

Branch: refs/heads/master
Commit: 26b208ed3032f6979ad92e978cd9f71328c0be99
Parents: 56d4f56
Author: Sravya Tirukkovalur <sr...@clouera.com>
Authored: Thu Jul 10 14:01:37 2014 -0700
Committer: Sravya Tirukkovalur <sr...@clouera.com>
Committed: Thu Jul 10 14:10:39 2014 -0700

----------------------------------------------------------------------
 .../provider/db/service/persistent/SentryStore.java    | 13 ++++++++++---
 .../db/service/thrift/SentryPolicyStoreProcessor.java  |  2 +-
 .../db/service/persistent/TestSentryStore.java         |  4 +++-
 3 files changed, 14 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/26b208ed/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
index 50507ea..ff8acdc 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
@@ -1242,13 +1242,14 @@ public class SentryStore {
    * @throws SentryInvalidInputException
    */
   public void renamePrivilege(TSentryAuthorizable tAuthorizable,
-      TSentryAuthorizable newTAuthorizable) throws SentryNoSuchObjectException,
-      SentryInvalidInputException {
+      TSentryAuthorizable newTAuthorizable, String grantorPrincipal)
+      throws SentryNoSuchObjectException, SentryInvalidInputException {
     PersistenceManager pm = null;
     boolean rollbackTransaction = true;
 
     TSentryPrivilege tPrivilege = toSentryPrivilege(tAuthorizable);
-    TSentryPrivilege newPrivilege = toSentryPrivilege(newTAuthorizable);
+    TSentryPrivilege newPrivilege = toSentryPrivilege(newTAuthorizable,
+        grantorPrincipal);
     try {
       pm = openTransaction();
       // In case of tables or DBs, check all actions
@@ -1329,11 +1330,17 @@ public class SentryStore {
   // convert TSentryAuthorizable to TSentryPrivilege
   private TSentryPrivilege toSentryPrivilege(TSentryAuthorizable tAuthorizable)
       throws SentryInvalidInputException {
+    return toSentryPrivilege(tAuthorizable, null);
+  }
+
+  private TSentryPrivilege toSentryPrivilege(TSentryAuthorizable tAuthorizable,
+      String grantorPrincipal) throws SentryInvalidInputException {
     TSentryPrivilege tSentryPrivilege = new TSentryPrivilege();
     tSentryPrivilege.setDbName(tAuthorizable.getDb());
     tSentryPrivilege.setServerName(tAuthorizable.getServer());
     tSentryPrivilege.setTableName(tAuthorizable.getTable());
     tSentryPrivilege.setURI(tAuthorizable.getUri());
+    tSentryPrivilege.setGrantorPrincipal(grantorPrincipal);
     PrivilegeScope scope;
     if (tSentryPrivilege.getTableName() != null) {
       scope = PrivilegeScope.TABLE;

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/26b208ed/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
index 40ac881..3bb7285 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
@@ -477,7 +477,7 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface {
     try {
       authorize(request.getRequestorUserName(), adminGroups);
       sentryStore.renamePrivilege(request.getOldAuthorizable(),
-          request.getNewAuthorizable());
+          request.getNewAuthorizable(), request.getRequestorUserName());
       response.setStatus(Status.OK());
     } catch (SentryAccessDeniedException e) {
       LOGGER.error(e.getMessage(), e);

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/26b208ed/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
index b23f477..7637376 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
@@ -534,7 +534,7 @@ public class TestSentryStore {
     TSentryAuthorizable oldTable = toTSentryAuthorizable(privilege_tbl1);
     TSentryAuthorizable newTable = toTSentryAuthorizable(privilege_tbl1);
     newTable.setTable(table2);
-    sentryStore.renamePrivilege(oldTable, newTable);
+    sentryStore.renamePrivilege(oldTable, newTable, System.getProperty("user.name"));
 
     for (String roleName : Sets.newHashSet(roleName1, roleName2, roleName3)) {
       Set<TSentryPrivilege> privilegeSet = sentryStore
@@ -542,6 +542,8 @@ public class TestSentryStore {
       assertEquals(1, privilegeSet.size());
       for (TSentryPrivilege privilege : privilegeSet) {
         assertTrue(table2.equalsIgnoreCase(privilege.getTableName()));
+        assertEquals(System.getProperty("user.name"),
+            privilege.getGrantorPrincipal());
       }
     }
   }