Uploaded image for project: 'Sentry (Retired)'
  1. Sentry (Retired)
  2. SENTRY-591

create table should have output privilege in DB scope

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 1.5.0
    • None
    • None

    Description

      Currently Create Table in sentry need input permission in DB like below:

      HiveAuthzPrivileges tableCreatePrivilege = new HiveAuthzPrivileges.AuthzPrivilegeBuilder().
        addInputObjectPriviledge(AuthorizableType.Db, EnumSet.of(DBModelAction.CREATE)).
        addInputObjectPriviledge(AuthorizableType.URI, EnumSet.of(DBModelAction.ALL)).//TODO: make it optional
        setOperationScope(HiveOperationScope.DATABASE).
        setOperationType(HiveOperationType.DDL).
        build();

      But when we execute "create table", we can get entities from WriteEntity, and get nothing from ReadEntity, so we should change input to output for "CreateTable".
      This jira also blocks V2 feature, in V2, I just get enities from ReadEnity/WriteEnity.

      Attachments

        1. SENTRY-591.001.patch
          2 kB
          Xiaomeng Huang

        Issue Links

          blocks

          New Feature - A new feature of the product, which has yet to be developed. SENTRY-498 Sentry integration with Hive authorization framework V2

          • Major - Major loss of function.
          • Resolved
          is depended upon by

          Sub-task - The sub-task of the issue SENTRY-514 Enable e2e tests for authorization V2

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              Huang Xiaomeng Xiaomeng Huang
              Huang Xiaomeng Xiaomeng Huang
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: