> On July 12, 2018, 2:49 p.m., Arjun Mishra wrote: > > Sergio, I think this method "checkAllowedGrantPrivileges()" can be > > incorporated in method "analyzePrivilegeListDef()" where we are currently > > checking for similar imperssible grants like only select on column and so > > on.
I need the object in order to check the privilege. The analyzePrivilegeListDef() does not give me the object. I honestly don't know why the check is done there, so I removed it and moved the column check to the checkAllowedGrantPrivileges() instead. Same thing for the revoke. - Sergio ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/67888/#review206009 ----------------------------------------------------------- On July 11, 2018, 8:33 p.m., Sergio Pena wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/67888/ > ----------------------------------------------------------- > > (Updated July 11, 2018, 8:33 p.m.) > > > Review request for sentry and Arjun Mishra. > > > Bugs: sentry-2308 > https://issues.apache.org/jira/browse/sentry-2308 > > > Repository: sentry > > > Description > ------- > > Do not allow CREATE privileges on a table. There is no use case for it. > > > Diffs > ----- > > > sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java > 2c662e55382adc36abd18b6b6b82aa7a0b2f210b > > sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/DefaultSentryAccessController.java > beca2f8f3fd03953d5652337dee7e69313f098a3 > > > Diff: https://reviews.apache.org/r/67888/diff/1/ > > > Testing > ------- > > > Thanks, > > Sergio Pena > >