Details
-
Improvement
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
Description
Problem
Currently, many components are integrated with Sentry, eg, Solr, Sqoop. But when do the integration, some duplicated work need to be done, for example, sentry-core-model-xxx and sentry-policy-xxx should be created for new component and the code is kind of duplicated. These makes the integration complex and the source maintenance will be hard.
Considering others components will be integrated with Sentry, eg, Kafka. The Sentry should be refactored to be easy integrated.
Refactor point
1. PolicyEngine: Currently, Sentry has many PolicyEngine, eg, SimpleSearchPolicyEngine for Solr, SimpleSqoopPolicyEngine for Sqoop. One CommonPolicyEngine should be ok for these external components.
2. Privilege: Currently, SearchWildcardPrivilege, IndexerWildcardPrivilege, SqoopWildcardPrivilege have the same implementation. One CommonPrivilege is enough.
3. Action: Currently, SearchActionFactory, SqoopActionFactory are never used in Privilege.imply(). The idea for these ActionFactory is good, but it is component related and should be located in sentry-xxx-binding project.
Attachments
Attachments
Issue Links
- is related to
-
SENTRY-1204 Add method to enforce validator when creating the privileges if possible
- Open
-
SENTRY-1205 Refactor the code for sentry-provider-db and create sentry-service module
- Resolved
-
SENTRY-1206 Add document for how to integrate with Sentry
- Resolved
-
SENTRY-2043 Understand the reason of the KeyValue class design
- Resolved
- relates to
-
SENTRY-1080 Uber Jira for improving/redesigning sentry generic model
- Open
- links to
1.
|
Create CommonPrivilege for external component | Resolved | Colin | |
2.
|
Improvement for CommonPrivilege | Resolved | Colin | |
3.
|
Create Model for specific components | Resolved | Colin | |
4.
|
Move Class KeyValue and PolicyConstants to sentry-core-common | Resolved | Colin | |
5.
|
Create CommonPolicy for external component | Resolved | Colin | |
6.
|
Move validator from sentry-policy-xxx to sentry-core-model-xxx | Resolved | Colin | |
7.
|
Add method in Privilege model to create privilege validators | Resolved | Colin | |
8.
|
Refactor the constructor of PolicyEngine | Resolved | Colin | |
9.
|
Add test cases for Hive, Solr, Index, Sqoop with the CommonPrivilege | Resolved | Colin | |
10.
|
Move test cases from sentry-policy-xxx to sentry-binding-xxx | Resolved | Colin | |
11.
|
Refactor ResourceAuthorizationProvider with CommonPrivilege and CommonPolicy | Resolved | Colin | |
12.
|
Authorizable names' case sensitivity must be decided by plugins | Resolved | Colin | |
13.
|
Remove unnecessary sentry-policy-xxx | Resolved | Colin | |
14.
|
Rebase the code | Resolved | Colin |