Re: Review Request 68268: SENTRY-2157: Update audit log to grant/revoke owner privileges

Na Li via Review Board Wed, 08 Aug 2018 12:25:58 -0700

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/68268/#review206991
-----------------------------------------------------------





sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryPolicyStoreProcessor.java
Line 1396 (original), 1336 (patched)
<https://reviews.apache.org/r/68268/#comment290151>

    do we generate audit message when owner privilege is removed in 
notification processor?



sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryPolicyStoreProcessor.java
Lines 1577 (patched)
<https://reviews.apache.org/r/68268/#comment290152>

    should this be audit.onUpdateOwnerPrivilege()?



sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryPolicyStoreProcessor.java
Lines 1582 (patched)
<https://reviews.apache.org/r/68268/#comment290153>

    should this be audit.onUpdateOwnerPrivilege()?


- Na Li


On Aug. 8, 2018, 2:29 p.m., Sergio Pena wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/68268/
> -----------------------------------------------------------
> 
> (Updated Aug. 8, 2018, 2:29 p.m.)
> 
> 
> Review request for sentry, Arjun Mishra, kalyan kumar kalvagadda, and Na Li.
> 
> 
> Bugs: sentry-2157
>     https://issues.apache.org/jira/browse/sentry-2157
> 
> 
> Repository: sentry
> 
> 
> Description
> -------
> 
> This patch logs owner privileges grants and revokes.
> 
> 
> Diffs
> -----
> 
>   
> sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryPolicyStoreProcessor.java
>  61f9168b1970144dbf0b7a7378f2d25e70f1761d 
>   
> sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/audit/SentryAuditLogger.java
>  PRE-CREATION 
>   
> sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntityFactory.java
>  61becceac881443b02182e6ab1012add4c046499 
>   
> sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/log/util/CommandUtil.java
>  6479a6055e8c7087f0e484080ec9d46a9c146212 
>   
> sentry-service/sentry-service-server/src/test/java/org/apache/sentry/provider/db/log/entity/TestJsonLogEntityFactory.java
>  307f38eadb65bf12dc6225cfe43a5d590657d055 
> 
> 
> Diff: https://reviews.apache.org/r/68268/diff/1/
> 
> 
> Testing
> -------
> 
> I run the patch in a cluster and the audit logs is displaying the correct 
> messages.
> 
> {"serviceName":"Sentry-Service","userName":"ubuntu","impersonator":"","ipAddress":"/127.0.0.1","operation":"GRANT_PRIVILEGE","eventTime":"1533738512795","operationText":"OWNER
>  privilege granted to USER: 
> sergio","allowed":"true","databaseName":"default","tableName":"t2","column":null,"resourcePath":null,"objectType":"PRINCIPAL"}
> 
> 
> Thanks,
> 
> Sergio Pena
> 
>

Re: Review Request 68268: SENTRY-2157: Update audit log to grant/revoke owner privileges

Reply via email to