sentry-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lsk...@apache.org
Subject incubator-sentry git commit: SENTRY-442: Follow on review comments from SENTRY-331: Add more granular privs (Sravya Tirukkovalur via Lenni Kuff)
Date Sat, 06 Dec 2014 08:30:02 GMT
Repository: incubator-sentry
Updated Branches:
  refs/heads/master ea8663e98 -> 2d3ff339c


SENTRY-442: Follow on review comments from SENTRY-331: Add more granular privs (Sravya Tirukkovalur
via Lenni Kuff)


Project: http://git-wip-us.apache.org/repos/asf/incubator-sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-sentry/commit/2d3ff339
Tree: http://git-wip-us.apache.org/repos/asf/incubator-sentry/tree/2d3ff339
Diff: http://git-wip-us.apache.org/repos/asf/incubator-sentry/diff/2d3ff339

Branch: refs/heads/master
Commit: 2d3ff339c08b511be33a25645bd2f13992113640
Parents: ea8663e
Author: Lenni Kuff <lskuff@cloudera.com>
Authored: Sat Dec 6 00:29:23 2014 -0800
Committer: Lenni Kuff <lskuff@cloudera.com>
Committed: Sat Dec 6 00:29:23 2014 -0800

----------------------------------------------------------------------
 .../apache/hadoop/hive/SentryHiveConstants.java |  4 +--
 .../hive/ql/exec/SentryGrantRevokeTask.java     | 26 ++++++++++----------
 .../metastore/SentryPolicyProviderForDb.java    |  1 -
 3 files changed, 14 insertions(+), 17 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/2d3ff339/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/SentryHiveConstants.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/SentryHiveConstants.java
b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/SentryHiveConstants.java
index f5b1f4d..5238414 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/SentryHiveConstants.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/SentryHiveConstants.java
@@ -22,9 +22,7 @@ import java.util.EnumSet;
 import org.apache.hadoop.hive.ql.security.authorization.PrivilegeType;
 
 public class SentryHiveConstants {
-  public static final EnumSet<PrivilegeType> ALLOWED_PRIVS = EnumSet.of(
-      PrivilegeType.ALL, PrivilegeType.SELECT, PrivilegeType.INSERT, PrivilegeType.CREATE,
PrivilegeType.DROP,
-      PrivilegeType.ALTER_METADATA, PrivilegeType.INDEX, PrivilegeType.LOCK);
+  public static final EnumSet<PrivilegeType> ALLOWED_PRIVS = EnumSet.allOf(PrivilegeType.class);
 
   public static final String PRIVILEGE_NOT_SUPPORTED = "Sentry does not support privilege:
";
   public static final String PARTITION_PRIVS_NOT_SUPPORTED = "Sentry does not support partition
level authorization";

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/2d3ff339/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryGrantRevokeTask.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryGrantRevokeTask.java
b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryGrantRevokeTask.java
index 5357180..10704a1 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryGrantRevokeTask.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryGrantRevokeTask.java
@@ -619,27 +619,27 @@ public class SentryGrantRevokeTask extends Task<DDLWork> implements
Serializable
   }
 
   private static String toDbSentryAction(PrivilegeType privilegeType) throws SentryUserException{
-    if (PrivilegeType.ALL.equals(privilegeType)) {
-      return AccessConstants.ALL;
-    } else {
-      if (PrivilegeType.SELECT.equals(privilegeType)) {
+    switch(privilegeType) {
+      case ALL:
+        return AccessConstants.ALL;
+      case SELECT:
         return AccessConstants.SELECT;
-      } else if (PrivilegeType.INSERT.equals(privilegeType)) {
+      case INSERT:
         return AccessConstants.INSERT;
-      } else if (PrivilegeType.CREATE.equals(privilegeType)){
+      case CREATE:
         return AccessConstants.CREATE;
-      } else if (PrivilegeType.DROP.equals(privilegeType)){
+      case DROP:
         return AccessConstants.DROP;
-      } else if (PrivilegeType.ALTER_METADATA.equals(privilegeType)){
+      case ALTER_METADATA:
         return AccessConstants.ALTER;
-      } else if (PrivilegeType.INDEX.equals(privilegeType)){
+      case INDEX:
         return AccessConstants.INDEX;
-      } else if (PrivilegeType.LOCK.equals(privilegeType)){
+      case LOCK:
         return AccessConstants.LOCK;
-      } else {
-        throw new SentryUserException(privilegeType + " not handled correctly");
+      default:
+        throw new SentryUserException("Unknown privilege type: " + privilegeType);
+        //Exception is thrown here only for development purposes.
       }
-    }
   }
 
   private static SentryHivePrivilegeObjectDesc toSentryHivePrivilegeObjectDesc(PrivilegeObjectDesc
privSubjectObjDesc)

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/2d3ff339/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/metastore/SentryPolicyProviderForDb.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/metastore/SentryPolicyProviderForDb.java
b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/metastore/SentryPolicyProviderForDb.java
index b056a7e..d0994b6 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/metastore/SentryPolicyProviderForDb.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/metastore/SentryPolicyProviderForDb.java
@@ -153,7 +153,6 @@ public class SentryPolicyProviderForDb extends PolicyFile {
         sentryClient.grantURIPrivilege(ADMIN1, roleName, serverName, uriPath);
       } else if (serverName != null) {
         sentryClient.grantServerPrivilege(ADMIN1, roleName, serverName, action);
-        ;
       }
     }
 


Mime
View raw message