Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
1.5.0
-
None
-
None
Description
When the SENTRY-612 has done the integration test with Sqoop team. I found there existed a revoke problem as following:
sqoop:000> grant privilege -a read --resource-type connector --resource 3 --principal-type role --principal user1
sqoop:000> grant privilege -a all --resource-type connector --resource 3 --principal-type role --principal user1
sqoop:000> show privilege --principal-type role --principal user1
Action | Resource Name | Resource Type | With Grant |
ALL | 3 | CONNECTOR | false |
sqoop:000> revoke privilege -a read --resource-type connector --resource 3 --principal-type role --principal user1
Revoked action read on resource connector 3 to principal role user1 successfully
sqoop:000> show privilege --principal-type role --principal user1
Action | Resource Name | Resource Type | With Grant |
It is not correct. It should be show the write privilege.