sentry-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dapeng Sun (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (SENTRY-777) SentryServiceIntegrationBase#after() should be run under client subject
Date Tue, 23 Jun 2015 11:05:00 GMT

     [ https://issues.apache.org/jira/browse/SENTRY-777?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Dapeng Sun updated SENTRY-777:
------------------------------
    Attachment: SENTRY-777.003.patch

> SentryServiceIntegrationBase#after() should be run under client subject
> -----------------------------------------------------------------------
>
>                 Key: SENTRY-777
>                 URL: https://issues.apache.org/jira/browse/SENTRY-777
>             Project: Sentry
>          Issue Type: Bug
>    Affects Versions: 1.5.0
>            Reporter: Dapeng Sun
>            Assignee: Dapeng Sun
>             Fix For: 1.6.0
>
>         Attachments: SENTRY-777.001.patch, SENTRY-777.002.patch, SENTRY-777.003.patch
>
>
> {noformat}
>   @After
>   public void after() throws Exception {
>         if (client != null) {
>           Set<TSentryRole> tRoles = client.listRoles(ADMIN_USER);
>           if (tRoles != null) {
>             for (TSentryRole tRole : tRoles) {
>               client.dropRole(ADMIN_USER, tRole.getRoleName());
>             }
>           }
>           client.close();
>         }
>         policyFilePath.delete();
>   }
> {noformat}
> * client in {{after()}} isn't run under client subject, if client need client subject,
such as in Kerberos mode, it may throw an exception.
> * {{policyFilePath.delete();}} may not execute if the client throws an exception when
it does operations like clean db or close, there should be a try-catch-finally statement.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message