[
https://issues.apache.org/jira/browse/SENTRY-550?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Xiaomeng Huang updated SENTRY-550:
----------------------------------
Attachment: SENTRY-550.002.patch
> SentryStore support more actions for rename
> -------------------------------------------
>
> Key: SENTRY-550
> URL: https://issues.apache.org/jira/browse/SENTRY-550
> Project: Sentry
> Issue Type: Sub-task
> Reporter: Xiaomeng Huang
> Assignee: Xiaomeng Huang
> Attachments: SENTRY-550.001.patch, SENTRY-550.002.patch
>
>
> Currently if we rename table, SentryStore just rename ALL, INSERT and SELECT
> from this role. But now we support more actions, so we should support more
> actions for rename. If we don't rename privilege with all action, it actually
> is a bug in some cases, e.g.
> {code}
> >grant select, insert, alter, drop to table db1.tb1
> >grant create to database db1
> >rename tb1 to tb2
> >drop tb2 -->should be success
> >drop tb1 -->should be failed
> {code}
> Like the use case above, if we rename tb1, we should have drop permission on
> tb2, and no permission to drop tb1
> But before this patch, 'drop tb2' will failed, and 'drop tb1' will success
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
