[jira] [Resolved] (SENTRY-2278) SentryPolicyServiceClientDefaultImpl setupSentryAuthorizable methods always returns a single TSentryAuthorizable for a list of authorizable

Thu, 21 Jun 2018 17:40:22 -0700 


     [ 
https://issues.apache.org/jira/browse/SENTRY-2278?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Arjun Mishra resolved SENTRY-2278.
----------------------------------
    Resolution: Not A Problem

 Authorizable object is type + name like DB + db1,
 where DB is type and db1 is name
 A list of Authorizable represents a single privilege entry
 So for e.g. for 
Server=server1->Db=default->Table=web_logs->Column=_version_->action=select;
 we split this up into a List of 4 authorizable objects
 for Server, Db, Table and Column

> SentryPolicyServiceClientDefaultImpl setupSentryAuthorizable methods always 
> returns a single TSentryAuthorizable for a list of authorizable
> -------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: SENTRY-2278
>                 URL: https://issues.apache.org/jira/browse/SENTRY-2278
>             Project: Sentry
>          Issue Type: Bug
>          Components: Sentry
>    Affects Versions: 2.1.0
>            Reporter: Arjun Mishra
>            Assignee: Arjun Mishra
>            Priority: Major
>             Fix For: 2.1.0
>
>
> Looking at the current implementation of 
> SentryPolicyServiceClientDefaultImpl#setupSentryAuthorizable we get a list of 
> authorizables but only have a single instance of TSentryAuthorizable which 
> wrongly overwrites values in the for loop
> {noformat}
> public static TSentryAuthorizable setupSentryAuthorizable(
>     List<? extends Authorizable> authorizable) {
>     TSentryAuthorizable tSentryAuthorizable = new TSentryAuthorizable();
>     for (Authorizable authzble : authorizable) {
>       if (authzble.getTypeName().equalsIgnoreCase(
>         DBModelAuthorizable.AuthorizableType.Server.toString())) {
>         tSentryAuthorizable.setServer(authzble.getName());
>       } else if (authzble.getTypeName().equalsIgnoreCase(
>         DBModelAuthorizable.AuthorizableType.URI.toString())) {
>         tSentryAuthorizable.setUri(authzble.getName());
>       } else if (authzble.getTypeName().equalsIgnoreCase(
>         DBModelAuthorizable.AuthorizableType.Db.toString())) {
>         tSentryAuthorizable.setDb(authzble.getName());
>       } else if (authzble.getTypeName().equalsIgnoreCase(
>         DBModelAuthorizable.AuthorizableType.Table.toString())) {
>         tSentryAuthorizable.setTable(authzble.getName());
>       } else if (authzble.getTypeName().equalsIgnoreCase(
>         DBModelAuthorizable.AuthorizableType.Column.toString())) {
>         tSentryAuthorizable.setColumn(authzble.getName());
>       }
>     }
>     return tSentryAuthorizable;
>   }
> {noformat}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to