----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/68268/#review206980 -----------------------------------------------------------
sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryPolicyStoreProcessor.java Lines 1503 (patched) <https://reviews.apache.org/r/68268/#comment290142> Can we maintain the same consistency with other audit methods?Maybe just pass in the request object? Also, Can you explain why onGrantOwnerPrivileges needs the Status parameter to be passed in? sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryPolicyStoreProcessor.java Line 1619 (original), 1571 (patched) <https://reviews.apache.org/r/68268/#comment290141> Why don't we have an audit log for revoking owner privileges? sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/log/util/CommandUtil.java Lines 215 (patched) <https://reviews.apache.org/r/68268/#comment290143> I like this. Was curious since this should return the command that the user ran. Is there some way to display that? - Arjun Mishra On Aug. 8, 2018, 2:29 p.m., Sergio Pena wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/68268/ > ----------------------------------------------------------- > > (Updated Aug. 8, 2018, 2:29 p.m.) > > > Review request for sentry, Arjun Mishra, kalyan kumar kalvagadda, and Na Li. > > > Bugs: sentry-2157 > https://issues.apache.org/jira/browse/sentry-2157 > > > Repository: sentry > > > Description > ------- > > This patch logs owner privileges grants and revokes. > > > Diffs > ----- > > > sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryPolicyStoreProcessor.java > 61f9168b1970144dbf0b7a7378f2d25e70f1761d > > sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/audit/SentryAuditLogger.java > PRE-CREATION > > sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntityFactory.java > 61becceac881443b02182e6ab1012add4c046499 > > sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/log/util/CommandUtil.java > 6479a6055e8c7087f0e484080ec9d46a9c146212 > > sentry-service/sentry-service-server/src/test/java/org/apache/sentry/provider/db/log/entity/TestJsonLogEntityFactory.java > 307f38eadb65bf12dc6225cfe43a5d590657d055 > > > Diff: https://reviews.apache.org/r/68268/diff/1/ > > > Testing > ------- > > I run the patch in a cluster and the audit logs is displaying the correct > messages. > > {"serviceName":"Sentry-Service","userName":"ubuntu","impersonator":"","ipAddress":"/127.0.0.1","operation":"GRANT_PRIVILEGE","eventTime":"1533738512795","operationText":"OWNER > privilege granted to USER: > sergio","allowed":"true","databaseName":"default","tableName":"t2","column":null,"resourcePath":null,"objectType":"PRINCIPAL"} > > > Thanks, > > Sergio Pena > >
