[
https://issues.apache.org/jira/browse/SENTRY-2112?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Hrishikesh Gadre reassigned SENTRY-2112:
----------------------------------------
Assignee: (was: Hrishikesh Gadre)
> Collection/core admin operation audit logs do not record accurate operation
> name
> --------------------------------------------------------------------------------
>
> Key: SENTRY-2112
> URL: https://issues.apache.org/jira/browse/SENTRY-2112
> Project: Sentry
> Issue Type: Bug
> Components: Solr Plugin
> Affects Versions: 2.0.0
> Reporter: Hrishikesh Gadre
> Priority: Major
>
> As part of SENTRY-1475, we reimplemented the Sentry/Solr integration which
> also includes audit logs. In case of collection/core admin operations, Sentry
> plugin asserts two checks
> * Does user has global admin privileges?
> * Does user has collection level admin privileges?
> e.g. let's say user want to create alias named A for collection B. Then
> Sentry checks following permissions,
> * Does user has collection admin privileges (i.e. admin=collections) ?
> * Does user has collection privileges (i.e. collection=A)?
> Solr plugin also emits audit log for each of these steps. Currently the audit
> log for second step records operationName = update/query (instead of actual
> operation name e.g. CREATEALIAS).
> This jira is to rectify this bug (introduced as part of SENTRY-1475).
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
