[ https://issues.apache.org/jira/browse/SENTRY-59?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
kalyan kumar kalvagadda updated SENTRY-59: ------------------------------------------ Fix Version/s: (was: 2.0.0) 2.1.0 Moving all unresolved jiras with fix version 2.0.0 to 2.1.0. Please change the fix version if you intend to make it into 2.0.0 release. > Doc that ResourceAuthorizationProvider checks actions as ORs, add support for > AND > --------------------------------------------------------------------------------- > > Key: SENTRY-59 > URL: https://issues.apache.org/jira/browse/SENTRY-59 > Project: Sentry > Issue Type: Improvement > Affects Versions: 1.3.0 > Reporter: Gregory Chanan > Fix For: 2.1.0 > > > Currently, it is not clear from the javadoc how multiple actions are handled > in the function: > {code} > /*** > * Returns validate subject privileges on given Authorizable object > * > * @param subject: UserID to validate privileges > * @param authorizableHierarchy : List of object accroding to namespace > hierarchy. > * eg. Server->Db->Table or Server->Function > * The privileges will be validated from the higher to lower scope > * @param actions : Privileges to validate > * @return > * True if the subject is authorized to perform requested action on > the given object > */ > public boolean hasAccess(Subject subject, List<? extends Authorizable> > authorizableHierarchy, Set<? extends Action> actions); > {code} > but at least in ResourceAuthorizationProvider, OR semantics are used. We > should document this and perhaps add an interface for AND semantics. -- This message was sent by Atlassian JIRA (v6.4.14#64029)