Alexey Serbin has posted comments on this change. ( http://gerrit.cloudera.org:8080/13552 )
Change subject: sentry: allow caching of COLUMN/TABLE privileges when checking higher scopes ...................................................................... Patch Set 2: (2 comments) http://gerrit.cloudera.org:8080/#/c/13552/2/src/kudu/master/sentry_authz_provider.h File src/kudu/master/sentry_authz_provider.h: http://gerrit.cloudera.org:8080/#/c/13552/2/src/kudu/master/sentry_authz_provider.h@125 PS2, Line 125: bool require_grant_option = false, : bool cache_table_column_privileges = true); > Consider enum-ifying these. Two bools is rough, and although annotations he +1 http://gerrit.cloudera.org:8080/#/c/13552/2/src/kudu/master/sentry_authz_provider.cc File src/kudu/master/sentry_authz_provider.cc: http://gerrit.cloudera.org:8080/#/c/13552/2/src/kudu/master/sentry_authz_provider.cc@192 PS2, Line 192: tables > columns? I think this affects only table-level privileges. In our Kudu+Sentry model the column-level privileges are not checked when a new column is being added. -- To view, visit http://gerrit.cloudera.org:8080/13552 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: Icec75ae9e5626c887af37568a6f64a8361d888b7 Gerrit-Change-Number: 13552 Gerrit-PatchSet: 2 Gerrit-Owner: Andrew Wong <aw...@cloudera.com> Gerrit-Reviewer: Adar Dembo <a...@cloudera.com> Gerrit-Reviewer: Alexey Serbin <aser...@cloudera.com> Gerrit-Reviewer: Andrew Wong <aw...@cloudera.com> Gerrit-Reviewer: Hao Hao <hao....@cloudera.com> Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241) Gerrit-Comment-Date: Sat, 08 Jun 2019 00:37:19 +0000 Gerrit-HasComments: Yes
