[jira] [Commented] (SENTRY-750) Use the Sqoop Server principal as the requester when removing the Sqoop resource

guoquan (JIRA) Tue, 02 Jun 2015 17:46:01 -0700

    [ 
https://issues.apache.org/jira/browse/SENTRY-750?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14570066#comment-14570066
 ]


guoquan commented on SENTRY-750:
--------------------------------

Thanks [~colinma], The patch has been committed to master: 
4d0e2e7c347f5e247b553aff3ddec8524ba221f1

> Use the Sqoop Server principal as the requester when removing the Sqoop 
> resource
> --------------------------------------------------------------------------------
>
>                 Key: SENTRY-750
>                 URL: https://issues.apache.org/jira/browse/SENTRY-750
>             Project: Sentry
>          Issue Type: Bug
>    Affects Versions: 1.6.0
>            Reporter: guoquan
>            Assignee: guoquan
>         Attachments: SENTRY-750.001.patch
>
>
> When the user1 is the owner of job1, the user1 can delete job1. The Sqoop 
> Server receives the user1's request for deleting job1. It will check the 
> job1's owner, if the owner equals user1, the Sqoop server will not do the 
> authorizaiton check. When the repository delete the job1, the Sqoop server 
> will send a request to Sentry service for removing the privileges related the 
> job1. The Sqoop Server should send the server principal as the requestor to 
> Sentry Service not the user1. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (SENTRY-750) Use the Sqoop Server principal as the requester when removing the Sqoop resource

Reply via email to