kalyan kumar kalvagadda created SENTRY-2297:
-----------------------------------------------
Summary: Optimize the logic to update/drop privileges.
Key: SENTRY-2297
URL: https://issues.apache.org/jira/browse/SENTRY-2297
Project: Sentry
Issue Type: Bug
Components: Sentry
Affects Versions: 2.1.0
Reporter: kalyan kumar kalvagadda
Assignee: kalyan kumar kalvagadda
Current logic to rename and drop the privileges based on changes to
authorizable is not efficient. There are a lot un-necessary db operations also
done. This has to be cleaned up.
For Example(when table/database is dropped:
{noformat}
dropOrRenamePrivilegeForAllEntities(...)
{
Collection<PrivilegeEntity> entitySet = new HashSet<>();
List<MSentryPrivilege> mPrivileges = getMSentryPrivileges(tPrivilege, pm);
for (MSentryPrivilege mPrivilege : mPrivileges) {
entitySet.addAll(ImmutableSet.copyOf(mPrivilege.getRoles()));
entitySet.addAll(ImmutableSet.copyOf(mPrivilege.getUsers()));
}
// Dropping the privilege
if (newTPrivilege == null) {
for (PrivilegeEntity entity : entitySet) {
alterSentryRevokePrivilegeCore(pm, entity.getType(), entity.getEntityName(),
tPrivilege);
}
return;
}
}
{noformat}
This logic gathers all the entities associated with the privileges and performs
drop for each entity. Moreover, dropOrRenamePrivilegeForAllEntities is called
for each operation that is supported by sentry.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
