kalyan kumar kalvagadda created SENTRY-2297: -----------------------------------------------
Summary: Optimize the logic to update/drop privileges. Key: SENTRY-2297 URL: https://issues.apache.org/jira/browse/SENTRY-2297 Project: Sentry Issue Type: Bug Components: Sentry Affects Versions: 2.1.0 Reporter: kalyan kumar kalvagadda Assignee: kalyan kumar kalvagadda Current logic to rename and drop the privileges based on changes to authorizable is not efficient. There are a lot un-necessary db operations also done. This has to be cleaned up. For Example(when table/database is dropped: {noformat} dropOrRenamePrivilegeForAllEntities(...) { Collection<PrivilegeEntity> entitySet = new HashSet<>(); List<MSentryPrivilege> mPrivileges = getMSentryPrivileges(tPrivilege, pm); for (MSentryPrivilege mPrivilege : mPrivileges) { entitySet.addAll(ImmutableSet.copyOf(mPrivilege.getRoles())); entitySet.addAll(ImmutableSet.copyOf(mPrivilege.getUsers())); } // Dropping the privilege if (newTPrivilege == null) { for (PrivilegeEntity entity : entitySet) { alterSentryRevokePrivilegeCore(pm, entity.getType(), entity.getEntityName(), tPrivilege); } return; } } {noformat} This logic gathers all the entities associated with the privileges and performs drop for each entity. Moreover, dropOrRenamePrivilegeForAllEntities is called for each operation that is supported by sentry. -- This message was sent by Atlassian JIRA (v7.6.3#76005)