trafodion-codereview mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From robertamarton <...@git.apache.org>
Subject [GitHub] trafodion pull request #1568: TRAFODION-1573: Additional GET commands for pr...
Date Fri, 18 May 2018 16:47:52 GMT
GitHub user robertamarton opened a pull request:

    https://github.com/apache/trafodion/pull/1568

    TRAFODION-1573: Additional GET commands for privileges

    TRAFODION-3074: Failed to register/unregister user when security disabled
    
    TRAFODION-1573 changes:
    
    - Added support for the following commands:
    
      get privileges on <object>
      <object>: [LIBRARY | PROCEDURE | FUNCTION | TABLE_MAPPING FUNCTION | SEQUENCE]
    
    - Added support for the FOR CLAUSE on all supported objects
      Removed the need to specify keyword 'USER" before username. If USER is
      included, then it is ignored.
    
      get privileges on <object> FOR [USER] <user or role name>
      <objects>: [TABLES, VIEWS, LIBRARIES, PROCEDURES, FUNCTIONS,
                  TABLE_MAPPING FUNCTIONS, SEQUENCES]
    
    - The following get command can only be run by DB__ROOT or a user that has been
      granted the DB__ROOTROLE or DB__HIVEROLE role
    
      get <objects> in schema hive.xx.xx;
      <objects>: [TABLES, OBJECTS, VIEWS]
    
    - The following get command can only be run by DB__ROOT or a user that has been
      granted the DB__ROOTROLE or DB__HBASEROLE role
    
      get external hbase objects;
    
    - The following get commands retrieve privilege details from Trafodion metadata;
      users can only see objects where they have been granted at least one privilege
    
      get hive registered tables in catalog trafodion;
      get hbase registered tables in catalog trafodion;
    
    - get privileges commands now return owner's privileges in output
    - Cleaned up code in the parser.
    
    TRAFODION-3074 changes
    
    - register user - fixed query to find next available authID
    - unregister user - added checks to not read privilege metadata if authorization
      is not enabled

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/robertamarton/incubator-trafodion get-stmts

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/trafodion/pull/1568.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #1568
    
----
commit 88e2a742b019dd8d22c22c79d1b64048395cfdb1
Author: Roberta Marton <roberta.marton@...>
Date:   2018-05-18T16:45:06Z

    TRAFODION-1573: Additional GET commands for privileges
    TRAFODION-3074: Failed to register/unregister user when security disabled
    
    TRAFODION-1573 changes:
    
    - Added support for the following commands:
    
      get privileges on <object>
      <object>: [LIBRARY | PROCEDURE | FUNCTION | TABLE_MAPPING FUNCTION | SEQUENCE]
    
    - Added support for the FOR CLAUSE on all supported objects
      Removed the need to specify keyword 'USER" before username. If USER is
      included, then it is ignored.
    
      get privileges on <object> FOR [USER] <user or role name>
      <objects>: [TABLES, VIEWS, LIBRARIES, PROCEDURES, FUNCTIONS,
                  TABLE_MAPPING FUNCTIONS, SEQUENCES]
    
    - The following get command can only be run by DB__ROOT or a user that has been
      granted the DB__ROOTROLE or DB__HIVEROLE role
    
      get <objects> in schema hive.xx.xx;
      <objects>: [TABLES, OBJECTS, VIEWS]
    
    - The following get command can only be run by DB__ROOT or a user that has been
      granted the DB__ROOTROLE or DB__HBASEROLE role
    
      get external hbase objects;
    
    - The following get commands retrieve privilege details from Trafodion metadata;
      users can only see objects where they have been granted at least one privilege
    
      get hive registered tables in catalog trafodion;
      get hbase registered tables in catalog trafodion;
    
    - get privileges commands now return owner's privileges in output
    - Cleaned up code in the parser.
    
    TRAFODION-3074 changes
    
    - register user - fixed query to find next available authID
    - unregister user - added checks to not read privilege metadata if authorization
      is not enabled

----


---

Mime
View raw message