sentry-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sra...@apache.org
Subject git commit: SENTRY-369: Update changelog.txt, notice.txt, etc... for 1.4.0 release ( Tuong Truong via Sravya Tirukkovalur)
Date Tue, 05 Aug 2014 20:28:02 GMT
Repository: incubator-sentry
Updated Branches:
  refs/heads/branch-1.4.0 1f1252e10 -> 73dcf8967


SENTRY-369: Update changelog.txt, notice.txt, etc... for 1.4.0 release ( Tuong Truong via
Sravya Tirukkovalur)


Project: http://git-wip-us.apache.org/repos/asf/incubator-sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-sentry/commit/73dcf896
Tree: http://git-wip-us.apache.org/repos/asf/incubator-sentry/tree/73dcf896
Diff: http://git-wip-us.apache.org/repos/asf/incubator-sentry/diff/73dcf896

Branch: refs/heads/branch-1.4.0
Commit: 73dcf89677b2764d6ad842cca85798d56c4be985
Parents: 1f1252e
Author: Sravya Tirukkovalur <sravya@clouera.com>
Authored: Tue Aug 5 13:27:20 2014 -0700
Committer: Sravya Tirukkovalur <sravya@clouera.com>
Committed: Tue Aug 5 13:27:20 2014 -0700

----------------------------------------------------------------------
 CHANGELOG.txt | 214 ++++++++++++++++++++++++++++++++++++++++++-----------
 NOTICE.txt    |   2 +-
 2 files changed, 172 insertions(+), 44 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/73dcf896/CHANGELOG.txt
----------------------------------------------------------------------
diff --git a/CHANGELOG.txt b/CHANGELOG.txt
index 759ea94..962ac73 100644
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@@ -1,53 +1,181 @@
-Release Notes - Sentry - Version v1.2.0
+Release Notes - Sentry - Version 1.4.0
+
+** Sub-task
+    * [SENTRY-97] - Create service configuration properties
+    * [SENTRY-129] - Implement Hive Sentry Authz DDL Task Factory
+    * [SENTRY-134] - Use BoneCP, add unique constraint to GROUP_NAME, and expose jdo/datanucleus
properties
+    * [SENTRY-137] - Validate privilege scope in sentry service
+    * [SENTRY-138] - Use server timestamp for createTime for role, privilege and group
+    * [SENTRY-142] - Create database backed ProviderBackend
+    * [SENTRY-143] - Merge db_policy_store branch into master
+    * [SENTRY-153] - Add Hive e2e test with grant/revoke statements
+    * [SENTRY-156] - Support local privilege validation APIs
+    * [SENTRY-160] - Class to table mapping in package.jdo is incorrect
+    * [SENTRY-364] - Bump up hive and hadoop versions from SNAPSHOT to released bits
+    * [SENTRY-365] - Create release branch for 1.4.0
+    * [SENTRY-369] - Update changelog.txt, notice.txt, etc... for 1.4.0 release
+
+
 
 ** Bug
-    * [SENTRY-15] - log4j.properties file under sentry-tests references the old access package
-    * [SENTRY-1] - use default on HiveServer2 fails with invalid privileges exception
-    * [SENTRY-2] - Code cleanup in various poms
-    * [ACCESS-8] - Log warning if authorization is not used with strong authentication
-    * [ACCESS-49] - Modify test cases to restrict LOAD from specific locations
-    * [ACCESS-140] - malformatted policy is permitted conditionally
-    * [ACCESS-164] - policy file doesn't check non-exist entity mapping
-    * [ACCESS-174] - access only throw first error message in HiveServer2 log, and ignore
the rest
-    * [ACCESS-180] - per DB policy file usability issues
-    * [ACCESS-197] - Child authorizeable objects are not inheriting permissions from parent
-    * [ACCESS-201] - Bad error message in HiveAuthzBinding
-    * [ACCESS-203] - Update trunk version to 1.1 and update dependencies
-    * [ACCESS-230] - CREATE TABLE AS works even if user does not have DB-level access
-    * [ACCESS-231] - ALTER TABLE SET TBLPROPERTIES allows updates to tables even when the
user doesn't have the right privileges
-    * [ACCESS-232] - The per-db policy fies can't be accessed if they are not in the same
file system as the global policy file.
-    * [ACCESS-233] - The URI permission checks should append path separator before checking
the parent path
-    * [ACCESS-235] - Format unqualified URI as DFS uri by default
+    * [SENTRY-118] - cast udf should be added to sentry udf whitelist for hive
+    * [SENTRY-131] - bin/sentry script doesn't find config-tool.sh under some circumstances
+    * [SENTRY-133] - Alter table create partition if not exists - results in error
+    * [SENTRY-161] - Sentry master branch is trying to download Hadoop tarball from nonexisting
URL
+    * [SENTRY-162] - Cleanup DB store privilege metadata on Hive DDL statements
+    * [SENTRY-166] - Sentry does not accept URIs with an equals sign (=) in path. Fails with
llegalArgumentException: Invalid key value
+    * [SENTRY-169] - JAAS login options not compatible with IBM JDK  
+    * [SENTRY-172] - config-tool.sh is missing from master branch
+    * [SENTRY-174] - Sentry should not package hadoop, hive and other jars
+    * [SENTRY-175] - sentry script throws error for the dbstore service invocation
+    * [SENTRY-176] - Not able to read policy files on HDFS (Regression)
+    * [SENTRY-177] - Sentry Policy Service does not treat role names as case insensitive
+    * [SENTRY-178] - Poor performance for Sentry Policy Service as #of privileges is scaled
up
+    * [SENTRY-181] - Add a test case for duplicate privileges
+    * [SENTRY-182] - Granting ALL privileges to table does not seem to do the right thing
when using the SimpleDbPolicyProvider
+    * [SENTRY-183] - Sentry Policy Service goes into an unusable state when granting privileges.
Subsequent access fail with a DataNucleusException: "Iteration request failed: SELECT ..."
+    * [SENTRY-186] - e2e tests for solr document-level security
+    * [SENTRY-187] - Use invariants rather than default for specification of update index
level authorization
+    * [SENTRY-188] - Reduce the logging level during per-db policy loading
+    * [SENTRY-190] - Support for getting set of roles from ProviderBackend
+    * [SENTRY-191] - Sentry Policy Service should not require passing the RPC requestor's
user/group information
+    * [SENTRY-192] - Convert solr doc-level e2e test to be based on roles rather than groups
+    * [SENTRY-194] - Sentry script should note use Hive script by default for service and
tool execution
+    * [SENTRY-195] - Sentry schema tool can't process comments inside statement
+    * [SENTRY-200] - Remove sentry-provider dependencies on hive 
+    * [SENTRY-201] - TestDatabaseProvider tests fail after Sentry schema tool was added.
+    * [SENTRY-202] - Sentry end to end tests which use ClusterDFS will need to explicitly
add the policy file to HDFS
+    * [SENTRY-203] - Column name mismatch causes DataNucleus to throw exceptions
+    * [SENTRY-204] - Test cases extending SentryServiceIntegrationBase are failing
+    * [SENTRY-205] - Sentry throws Exception when trying to revoke Table level privileges
+    * [SENTRY-206] - Sentry distribution should include a template config file for the service
+    * [SENTRY-207] - Sentry script should return non-zero exist status in error conditions
+    * [SENTRY-209] - Empty list returned when calling listPrivilegesByRoleName
+    * [SENTRY-210] - Exception Thrown When Trying to grantRoleToGroup
+    * [SENTRY-212] - Restrict access to hive config property hive.sentry.active.role.set
which is set by Sentry Hive binding
+    * [SENTRY-213] - Sentry schema tool doesn't handle sentry.javax.jdo.* properties
+    * [SENTRY-214] - Sentry Service does not allow the same Privilege to be associated to
multiple Roles
+    * [SENTRY-217] - Add Insert and URI tests for Sentry DB provider
+    * [SENTRY-218] - Use defaults for user, password and driver in SchemaTool 
+    * [SENTRY-219] - Sentry Cache Backend Provider initialization does not work as expected
+    * [SENTRY-220] - Trivial fix to SentrySchemaTool to set default driver
+    * [SENTRY-221] - Privilege scope is case sensitive
+    * [SENTRY-222] - Privileges are sometimes granted to the wrong roles
+    * [SENTRY-224] - Provider resource should not be required for DB provider backend
+    * [SENTRY-229] - SentrySchemaTool initSchema does not work with postgres 8.1and oracle
+    * [SENTRY-231] - Fix JDK 6 build
+    * [SENTRY-235] - Change tests in TestSentryServerWithoutKerberos to use new Sentry service
APIs
+    * [SENTRY-236] - Sentry PolicyFile provider incorrectly logs error messages when reading
policy file
+    * [SENTRY-237] - Support log4j configuration for Sentry service
+    * [SENTRY-238] - Denied Show roles and show role grant throw thrift exception
+    * [SENTRY-239] - Setup in TestDatabaseProvider is flaky
+    * [SENTRY-241] - Sentry GrantRevokeTask should fire the sentry failure look
+    * [SENTRY-243] - The operation type needs to be set in the grant/revoke task context
for the failure hook
+    * [SENTRY-244] - Sentry deprecated properties do not work
+    * [SENTRY-245] - Fix failing db provider tests
+    * [SENTRY-246] - Load command does not seem to work with filter push down
+    * [SENTRY-247] - Go back to using filter push down once the bugs are fixed
+    * [SENTRY-248] - The sentry-provider-cache dependency is not correctly set
+    * [SENTRY-249] - "Use default" should be allowed for all the users even when using filter
push down
+    * [SENTRY-250] - Create external table fails with filter push down
+    * [SENTRY-251] - PolicyProviderForTest.addPrivilege breaks in some cases
+    * [SENTRY-252] - Per db policy files based tests should be updated for dbprovider usage
+    * [SENTRY-253] - Creating external table seems to be failing when using provider db.
+    * [SENTRY-254] - Privilege name in provider db has a limit of length 128 which might
be very low for long uris.
+    * [SENTRY-255] - Revoke on Server privilege fails
+    * [SENTRY-256] - Fix TestDbEndToEnd.testEndToEnd1
+    * [SENTRY-257] - Upgrade master to use version 1.4.0-incubating-SNAPSHOT
+    * [SENTRY-259] - Implement Hive metastore plugin
+    * [SENTRY-260] - Add support to use DB2  as database for sentry metastore
+    * [SENTRY-262] - Updating patch for SENTRY-178
+    * [SENTRY-263] - Remove usage of getHostString() from AbstractTestWithStaticConfiguration
+    * [SENTRY-266] - Implement _HOST substitution in principal
+    * [SENTRY-268] - Allow only granted roles to be set in "SET ROLE <roleName>"
+    * [SENTRY-269] - Add a test case for Denied Alter table, should fire SentryOnFailureHook
+    * [SENTRY-271] - Test TestSentryServiceIntegration is flaky
+    * [SENTRY-272] - Test TestSentryStoreToAuthorizable.testUri is failing on comparing URI
string
+    * [SENTRY-273] - org.apache.sentry.tests.e2e.dbprovider.TestDbUriPermissions is failing
+    * [SENTRY-274] - MySQL init scripts contains invalid comments
+    * [SENTRY-275] - Fix compilation error in SentryService
+    * [SENTRY-276] - SentryService tests are currently timing out
+    * [SENTRY-277] - Add Pig+HCat test for Metastore auth plugin
+    * [SENTRY-278] -  TestSearchModelAuthorizables.testTooManyKV and  TestDBModelAuthorizables.testTooManyKV
fail
+    * [SENTRY-279] - Revert back using lowercase for uri label
+    * [SENTRY-280] - Sentry-202 missing changes
+    * [SENTRY-281] - Revoking a parent privilege should revoke all child privileges
+    * [SENTRY-282] - Select on DB should give privileges to query tables within it.
+    * [SENTRY-283] - Secure connection from HS2 to Sentry service fails
+    * [SENTRY-284] - Create test for creating external partition
+    * [SENTRY-285] - privilege->action=all is not same as privilege
+    * [SENTRY-288] - Dissable MetastoreBinding for test cases that do not require it
+    * [SENTRY-289] - Kerberos based connection from HS2 and Metastore to Sentry service fails
+    * [SENTRY-290] - Handle null pointer in SentryPolicyProcessor
+    * [SENTRY-294] - The Sentry service client should execute UGI privilege action by default
+    * [SENTRY-297] - Increase privilege_name to 4000 in mysql to be consistent with other
dbs
+    * [SENTRY-299] - Partial Revoke Fails under certain conditions
+    * [SENTRY-300] - HiveAuthzBinding checks for Hive server2 config which is not available
when using Sentry with Hive meta store server
+    * [SENTRY-301] - Sentry plugin fails access service from secure Hive Metastore 
+    * [SENTRY-302] - Partial revoke on Table fails if both ALL and a SELECT/INSERT grant
exists
+    * [SENTRY-304] - Limit on index key in MYSQL (innoDB ) is 767 bytes
+    * [SENTRY-305] - SHOW CURRENT ROLES shouldn't require admin privileges
+    * [SENTRY-306] - Fix grant all on table in db based provider
+    * [SENTRY-307] - Unqualified URIs should be reconstructed in a standard way
+    * [SENTRY-309] - Metastore binding should use fully qualified URI for validating alter
table operations
+    * [SENTRY-310] - Make Hive operation to required privileges more granular
+    * [SENTRY-311] - Metastore plugin needs to be changed to updated privilege model
+    * [SENTRY-312] - Add 'decimal' and 'date' to default UDF whitelist
+    * [SENTRY-313] - Fix some uri failing tests
+    * [SENTRY-314] - Metastore plugin should verify the storage descriptor before referencing
+    * [SENTRY-315] - SHOW CURRENT ROLE fails if the one of the groups doesn't have any roles
granted
+    * [SENTRY-317] - Fix TestDbOperations.testLoad test
+    * [SENTRY-319] - group names should be case sensitive.
+    * [SENTRY-321] - SentryMetastorePostEventListener should use sentry config to create
SentryClient
+    * [SENTRY-332] - A role may got empty privilege, although the role have some privileges
+    * [SENTRY-336] - Fix test failures on real cluster
+    * [SENTRY-337] - When the parameter sentry.metastore.service.users isn't set or set empty,
starting metastore will throw java.lang.NullPointerException
+    * [SENTRY-363] - CTAS from view is requiring select on underlying table
+
+
 
 
 ** Improvement
-    * [SENTRY-5] - Normalize the usernames used in the end to end tests
-    * [ACCESS-100] - ResourceAuthzProvider should ensure the subject name is non-null before
doing the group lookup
-    * [ACCESS-157] - Access hard codes hive authentication method none
-    * [ACCESS-211] - Add maven profile for compiling access with upstream Apache hadoop/hive
-    * [ACCESS-221] - Restrict the URI access granted from a per-database policy file
+    * [SENTRY-106] - Make solr testing work against apache 4.7 version
+    * [SENTRY-193] - Add schematool for creating Sentry store schema from the SQL scripts
+    * [SENTRY-211] - Do the user: group lookup in the Sentry db policy server
+    * [SENTRY-258] - Increase field PRIVILEGE_NAME to 4000 characters to enable long URIs
+    * [SENTRY-293] - Create a new mvn cluster test profile for provider db tests
+    * [SENTRY-303] - Allow users to grant/revoke SELECT/INSERT to ALL tables in a Database
+    * [SENTRY-333] - Add conf directory to sentry distribution
+    * [SENTRY-361] - Sentry server should use sentry-site.xml in conf directory by default
+
+** New Feature
+    * [SENTRY-3] - Create a diagnostics tool for configuration validation
+    * [SENTRY-37] - Implement a DB backed policy store
+    * [SENTRY-115] - Give bindings the ability to access the group mappings
+    * [SENTRY-157] - Support filter pushdown in DB Store client to reduce data transfer from
DB Store service
+    * [SENTRY-158] - Hive bindings should enable MR level ACLs for session user
+    * [SENTRY-165] - Implement createShowRolesTask() in SentryHiveAuthorizationTaskFactoryImpl
+    * [SENTRY-184] - Add Sentry service APIs to query roles and privileges
+    * [SENTRY-199] - Create tool that will convert policy file into into DB store
+    * [SENTRY-215] - SHOW GRANT ROLE xxx ON [SERVER, DATABASE, TABLE, URI] xxx
+    * [SENTRY-216] - Support SHOW CURRENT ROLES
+
 
 
 
 ** Task
-    * [ACCESS-16] - Implement the test cases in the test plan
-    * [ACCESS-34] - Analyze Path Security
-    * [ACCESS-115] - Format all files using a consistent code style formatter for the project
-    * [ACCESS-122] - Remove context.close() mid-test
-    * [ACCESS-123] - Fix confusing communication mechanism to request if ANY access is exists
-    * [ACCESS-125] - TestUserManagement major issues
-    * [ACCESS-127] - TestSandboxOps Major issues
-    * [ACCESS-130] - TestMovingToProduction major issues
-    * [ACCESS-136] - TestCrossDbOps major issues
-    * [ACCESS-145] - TestMetadataObjectRetrieval major issues
-    * [ACCESS-147] - TestPrivilegeAtTransform major issues
-    * [ACCESS-149] - TestPrivilegesAtDatabaseScope major issues
-    * [ACCESS-152] - TestPrivilegesAtTableScope minor issues
-    * [ACCESS-166] - Policy Engine should do expanded validation of policy file
-    * [ACCESS-194] - Explore options for metastore access restriction
-    * [ACCESS-195] - Support username mapping at access level
+    * [SENTRY-159] - Convert AbstractSolrSentryTestBase to use MiniSolrCloudCluster rather
than Lucene test hierarchy
+    * [SENTRY-164] - Missing implementation for  HiveAuthorizationTaskFactory: createShowRolesTask()
+    * [SENTRY-230] - e2e test for doc level security to cover failure scenarios around Index
level auth
+    * [SENTRY-356] - Apache Sentry 1.4.0 Release
+
+
+** Test
+    * [SENTRY-223] - Add a test for updates with doc-level security
+    * [SENTRY-233] - Disable hdfs blockcache during solr e2e tests
+    * [SENTRY-261] - Improve test coverage for grant/revoke statements in Hive e2e tests
+    * [SENTRY-287] - Add test case for giving select privieleges on a table in a non default
database
+    * [SENTRY-291] - Remove duplicate testSameGrantTwice
+
+
 
-** Sub-task
-    * [ACCESS-101] - Implement more test cases regarding subquery
-    * [ACCESS-209] - be able to run e2e test in cluster mode
-    * [ACCESS-225] - Update master branch version to 1.2.0-SNAPSHOT

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/73dcf896/NOTICE.txt
----------------------------------------------------------------------
diff --git a/NOTICE.txt b/NOTICE.txt
index 7232bcb..9fde419 100644
--- a/NOTICE.txt
+++ b/NOTICE.txt
@@ -1,5 +1,5 @@
 Apache Sentry
-Copyright 2013 The Apache Software Foundation
+Copyright 2013-2014  The Apache Software Foundation
 
 This product includes software developed at
 The Apache Software Foundation (http://www.apache.org/).


Mime
View raw message