Uploaded image for project: 'Sentry'
  1. Sentry
  2. SENTRY-777

SentryServiceIntegrationBase#after() should be run under client subject

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.5.0
    • Fix Version/s: 1.6.0
    • Component/s: None
    • Labels:
      None

      Description

        @After
        public void after() throws Exception {
              if (client != null) {
                Set<TSentryRole> tRoles = client.listRoles(ADMIN_USER);
                if (tRoles != null) {
                  for (TSentryRole tRole : tRoles) {
                    client.dropRole(ADMIN_USER, tRole.getRoleName());
                  }
                }
                client.close();
              }
              policyFilePath.delete();
        }
      
      • client in after() isn't run under client subject, if client need client subject, such as in Kerberos mode, it may throw an exception.
      • policyFilePath.delete(); may not execute if the client throws an exception when it does operations like clean db or close, there should be a try-catch-finally statement.

        Attachments

        1. SENTRY-777.001.patch
          12 kB
          Dapeng Sun
        2. SENTRY-777.002.patch
          12 kB
          Dapeng Sun
        3. SENTRY-777.003.patch
          12 kB
          Dapeng Sun
        4. SENTRY-777.004.patch
          12 kB
          Dapeng Sun

          Activity

            People

            • Assignee:
              dapengsun Dapeng Sun
              Reporter:
              dapengsun Dapeng Sun
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: