[SENTRY-693] The generic model has not successfully revoke part of privileges from existed ALL privilege - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 1.5.0
Fix Version/s: 1.5.0
Component/s: None
Labels:
None

Description

When the ~~SENTRY-612~~ has done the integration test with Sqoop team. I found there existed a revoke problem as following:
sqoop:000> grant privilege -a read --resource-type connector --resource 3 --principal-type role --principal user1
sqoop:000> grant privilege -a all --resource-type connector --resource 3 --principal-type role --principal user1
sqoop:000> show privilege --principal-type role --principal user1

Action	Resource Name	Resource Type	With Grant
ALL	3	CONNECTOR	false

sqoop:000> revoke privilege -a read --resource-type connector --resource 3 --principal-type role --principal user1
Revoked action read on resource connector 3 to principal role user1 successfully
sqoop:000> show privilege --principal-type role --principal user1

Action	Resource Name	Resource Type	With Grant

It is not correct. It should be show the write privilege.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

SENTRY-693.001.patch
03/Apr/15 09:43
6 kB
shenguoquan

Activity

People

Assignee:: shenguoquan

Reporter:: shenguoquan

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 03/Apr/15 07:28

Updated:: 07/Apr/15 02:48

Resolved:: 07/Apr/15 01:12