[jira] [Updated] (SENTRY-2276) Sentry-Kafka integration does not support Kafka's Alter/DescribeConfigs and IdempotentWrite operations
[ https://issues.apache.org/jira/browse/SENTRY-2276?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2276: Resolution: Fixed Status: Resolved (was: Patch Available) > Sentry-Kafka integration does not support Kafka's Alter/DescribeConfigs and > IdempotentWrite operations > -- > > Key: SENTRY-2276 > URL: https://issues.apache.org/jira/browse/SENTRY-2276 > Project: Sentry > Issue Type: Bug > Components: kafka-integration > Environment: Cloudera's Kafka (CDK 3.1.0) and Sentry Distribution, as > included with CDH 5.13 >Reporter: Julian Eberius >Assignee: Gergo Wilder >Priority: Minor > Attachments: SENTRY-2276.002.patch, SENTRY-2276.003.patch > > > When sending AlterConfigs or DescribeConfigs requests using Kafka's > AdminClient class to a Sentry-enabled Kafka broker, I noticed that the > request would fail on the broker side with a NullPointerException in > ResourceAuthorizationProvider::buildPermissions, the action being null. > However, other requests, such as DescribeTopics, would work fine. I > discovered that these request type are not covered in Sentry's > [KafkaActionFactory|https://github.com/apache/sentry/blob/branch-2.0/sentry-core/sentry-core-model-kafka/src/main/java/org/apache/sentry/core/model/kafka/KafkaActionFactory.java] > which leads to null values being returned as Actions, e.g., from > getActionByName. > Sentry's Kafka binding does not support the following actions that are > defined by Kafka's authorization model: > * AlterConfigs > * DescribeConfigs > * IdempotentWrite > It does not support the TransactionalId authorizable resource either that is > required for using Kafka's transactional capabilities in combination with > Sentry authorizer. > -- This message was sent by Atlassian JIRA (v7.6.14#76016)
[jira] [Assigned] (SENTRY-2276) Sentry-Kafka integration does not support Kafka's Alter/DescribeConfigs operations
[ https://issues.apache.org/jira/browse/SENTRY-2276?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda reassigned SENTRY-2276: --- Assignee: Gergo Wilder > Sentry-Kafka integration does not support Kafka's Alter/DescribeConfigs > operations > -- > > Key: SENTRY-2276 > URL: https://issues.apache.org/jira/browse/SENTRY-2276 > Project: Sentry > Issue Type: Bug > Components: kafka-integration > Environment: Cloudera's Kafka (CDK 3.1.0) and Sentry Distribution, as > included with CDH 5.13 >Reporter: Julian Eberius >Assignee: Gergo Wilder >Priority: Minor > > When sending AlterConfigs or DescribeConfigs requests using Kafka's > AdminClient class to a Sentry-enabled Kafka broker, I noticed that the > request would fail on the broker side with a NullPointerException in > ResourceAuthorizationProvider::buildPermissions, the action being null. > However, other requests, such as DescribeTopics, would work fine. I > discovered that these request type are not covered in Sentry's > [KafkaActionFactory|https://github.com/apache/sentry/blob/branch-2.0/sentry-core/sentry-core-model-kafka/src/main/java/org/apache/sentry/core/model/kafka/KafkaActionFactory.java] > which leads to null values being returned as Actions, e.g., from > getActionByName. > Compare with Kafka's list of authenticable operations in > [Operation.scala|https://github.com/apache/kafka/blob/trunk/core/src/main/scala/kafka/security/auth/Operation.scala] > . > Though I don't know any details about it, the command "IdempotentWrite" also > seems unsupported on the Sentry side. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (SENTRY-2276) Sentry-Kafka integration does not support Kafka's Alter/DescribeConfigs operations
[ https://issues.apache.org/jira/browse/SENTRY-2276?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda reassigned SENTRY-2276: --- Assignee: (was: kalyan kumar kalvagadda) > Sentry-Kafka integration does not support Kafka's Alter/DescribeConfigs > operations > -- > > Key: SENTRY-2276 > URL: https://issues.apache.org/jira/browse/SENTRY-2276 > Project: Sentry > Issue Type: Bug > Components: kafka-integration > Environment: Cloudera's Kafka (CDK 3.1.0) and Sentry Distribution, as > included with CDH 5.13 >Reporter: Julian Eberius >Priority: Minor > > When sending AlterConfigs or DescribeConfigs requests using Kafka's > AdminClient class to a Sentry-enabled Kafka broker, I noticed that the > request would fail on the broker side with a NullPointerException in > ResourceAuthorizationProvider::buildPermissions, the action being null. > However, other requests, such as DescribeTopics, would work fine. I > discovered that these request type are not covered in Sentry's > [KafkaActionFactory|https://github.com/apache/sentry/blob/branch-2.0/sentry-core/sentry-core-model-kafka/src/main/java/org/apache/sentry/core/model/kafka/KafkaActionFactory.java] > which leads to null values being returned as Actions, e.g., from > getActionByName. > Compare with Kafka's list of authenticable operations in > [Operation.scala|https://github.com/apache/kafka/blob/trunk/core/src/main/scala/kafka/security/auth/Operation.scala] > . > Though I don't know any details about it, the command "IdempotentWrite" also > seems unsupported on the Sentry side. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2496) Support multi-field attribute based document level controls for Solr
[ https://issues.apache.org/jira/browse/SENTRY-2496?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2496: Resolution: Fixed Fix Version/s: 2.2.0 Status: Resolved (was: Patch Available) > Support multi-field attribute based document level controls for Solr > > > Key: SENTRY-2496 > URL: https://issues.apache.org/jira/browse/SENTRY-2496 > Project: Sentry > Issue Type: Sub-task >Reporter: Tristan Stevens >Assignee: Tristan Stevens >Priority: Major > Fix For: 2.2.0 > > Attachments: SENTRY-2496.patch.003 > > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2497) show grant role results in NPE when URI does not have scheme
[
https://issues.apache.org/jira/browse/SENTRY-2497?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
kalyan kumar kalvagadda updated SENTRY-2497:
Resolution: Fixed
Fix Version/s: 2.2.0
Status: Resolved (was: Patch Available)
> show grant role results in NPE when URI does not have scheme
>
>
> Key: SENTRY-2497
> URL: https://issues.apache.org/jira/browse/SENTRY-2497
> Project: Sentry
> Issue Type: Bug
>Affects Versions: 2.0.0
>Reporter: Haley Reeve
>Assignee: Haley Reeve
>Priority: Major
> Fix For: 2.2.0
>
> Attachments: sentry-2497.1.patch, sentry-2497.0001.patch,
> sentry-2497.001.patch, sentry-2497.01.patch, sentry-2497.1.patch
>
>
> Sentry throws a NullPointerException when trying to run "show grant role" on
> a URI with no scheme associated with it. You can see the stacktrace in the
> HS2 logs:
> {noformat}
> HS2 logs are showing the stacktrace:
> 2019-02-08 05:53:58,650 INFO org.apache.hadoop.hive.ql.Driver:
> [HiveServer2-Background-Pool: Thread-84]: Executing
> command(queryId=hive_20190208
> 055358_a283626f-c906-4bd1-be50-43e2e9a6949b): show grant role uritest
> 2019-02-08 05:53:58,651 INFO org.apache.hadoop.hive.ql.Driver:
> [HiveServer2-Background-Pool: Thread-84]: Starting task [Stage-0:DDL] in
> serial m
> ode
> 2019-02-08 05:53:58,661 ERROR hive.ql.exec.DDLTask:
> [HiveServer2-Background-Pool: Thread-84]: java.lang.NullPointerException
> at
> org.apache.sentry.binding.util.SentryAuthorizerUtil.isLocalUri(SentryAuthorizerUtil.java:283)
> at
> org.apache.sentry.binding.util.SentryAuthorizerUtil.convert2HivePrivilegeObject(SentryAuthorizerUtil.java:267)
> at
> org.apache.sentry.binding.util.SentryAuthorizerUtil.convert2HivePrivilegeInfo(SentryAuthorizerUtil.java:220)
> at
> org.apache.sentry.binding.hive.authz.DefaultSentryAccessController.showPrivilegesByPrincipal(DefaultSentryAccessController.java:279)
> at
> org.apache.sentry.binding.hive.authz.DefaultSentryAccessController.showPrivileges(DefaultSentryAccessController.java:213)
> at
> org.apache.sentry.binding.hive.authz.SentryHiveAuthorizerImpl.showPrivileges(SentryHiveAuthorizerImpl.java:146)
> at org.apache.hadoop.hive.ql.exec.DDLTask.showGrants(DDLTask.java:746)
> at org.apache.hadoop.hive.ql.exec.DDLTask.execute(DDLTask.java:527)
> at org.apache.hadoop.hive.ql.exec.Task.executeTask(Task.java:199)
> at
> org.apache.hadoop.hive.ql.exec.TaskRunner.runSequential(TaskRunner.java:97)
> at org.apache.hadoop.hive.ql.Driver.launchTask(Driver.java:2250)
> at org.apache.hadoop.hive.ql.Driver.execute(Driver.java:1893)
> at org.apache.hadoop.hive.ql.Driver.runInternal(Driver.java:1613)
> at org.apache.hadoop.hive.ql.Driver.run(Driver.java:1332)
> ...
> 2019-02-08 05:53:58,663 ERROR org.apache.hadoop.hive.ql.Driver:
> [HiveServer2-Background-Pool: Thread-84]: FAILED: Execution Error, return
> code 1
> from org.apache.hadoop.hive.ql.exec.DDLTask. null
> {noformat}
> This appears to be happening because the show grant role logic is trying to
> construct a HivePrivilegeObject, which it wasn't doing in 1.8.0, and assumes
> the URI will have a scheme. See:
> {noformat}
> public static boolean isLocalUri(String uriString) throws
> URISyntaxException {
> URI uri = new URI(uriString);
> if (uri.getScheme().equalsIgnoreCase("file")) {
> return true;
> }
> return false;
> }
> {noformat}
> Because uri.getScheme() can return null, the equalsIgnoreCase() can result in
> an NPE.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Updated] (SENTRY-2496) Support multi-field attribute based document level controls for Solr
[ https://issues.apache.org/jira/browse/SENTRY-2496?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2496: Attachment: SENTRY-2496.patch.003 > Support multi-field attribute based document level controls for Solr > > > Key: SENTRY-2496 > URL: https://issues.apache.org/jira/browse/SENTRY-2496 > Project: Sentry > Issue Type: Sub-task >Reporter: Tristan Stevens >Assignee: Tristan Stevens >Priority: Major > Attachments: SENTRY-2496.patch.003 > > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENTRY-2496) Support multi-field attribute based document level controls for Solr
[ https://issues.apache.org/jira/browse/SENTRY-2496?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16777156#comment-16777156 ] kalyan kumar kalvagadda commented on SENTRY-2496: - [~tmgstev], I will push the changes after the tests pass. > Support multi-field attribute based document level controls for Solr > > > Key: SENTRY-2496 > URL: https://issues.apache.org/jira/browse/SENTRY-2496 > Project: Sentry > Issue Type: Sub-task >Reporter: Tristan Stevens >Assignee: Tristan Stevens >Priority: Major > Attachments: SENTRY-2496.patch.003 > > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2502) Sentry NN plug-in stops fetching updates from sentry server
[ https://issues.apache.org/jira/browse/SENTRY-2502?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2502: Resolution: Fixed Status: Resolved (was: Patch Available) > Sentry NN plug-in stops fetching updates from sentry server > --- > > Key: SENTRY-2502 > URL: https://issues.apache.org/jira/browse/SENTRY-2502 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.2.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Fix For: 2.2.0 > > Attachments: SENTRY-2502.001.patch, SENTRY-2502.002.patch > > > Sentry plug-in in name node is stopping to fetch updates from sentry server > when below sequence of events occurs. > # Create a table > # Add a single partition to it. > # Rename the table created above. > # Drop the partition added above > # Add the partition again. > # Rename the table -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2502) Sentry NN plug-in stops fetching updates from sentry server
[ https://issues.apache.org/jira/browse/SENTRY-2502?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2502: Attachment: SENTRY-2502.002.patch > Sentry NN plug-in stops fetching updates from sentry server > --- > > Key: SENTRY-2502 > URL: https://issues.apache.org/jira/browse/SENTRY-2502 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.2.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Fix For: 2.2.0 > > Attachments: SENTRY-2502.001.patch, SENTRY-2502.002.patch > > > Sentry plug-in in name node is stopping to fetch updates from sentry server > when below sequence of events occurs. > # Create a table > # Add a single partition to it. > # Rename the table created above. > # Drop the partition added above > # Add the partition again. > # Rename the table -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2502) Sentry NN plug-in stops fetching updates from sentry server
[ https://issues.apache.org/jira/browse/SENTRY-2502?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2502: Attachment: SENTRY-2502.001.patch > Sentry NN plug-in stops fetching updates from sentry server > --- > > Key: SENTRY-2502 > URL: https://issues.apache.org/jira/browse/SENTRY-2502 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.2.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Fix For: 2.2.0 > > Attachments: SENTRY-2502.001.patch > > > Sentry plug-in in name node is stopping to fetch updates from sentry server > when below sequence of events occurs. > # Create a table > # Add a single partition to it. > # Rename the table created above. > # Drop the partition added above > # Add the partition again. > # Rename the table -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2502) Sentry NN plug-in stops fetching updates from sentry server
[ https://issues.apache.org/jira/browse/SENTRY-2502?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2502: Status: Patch Available (was: In Progress) > Sentry NN plug-in stops fetching updates from sentry server > --- > > Key: SENTRY-2502 > URL: https://issues.apache.org/jira/browse/SENTRY-2502 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.2.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Fix For: 2.2.0 > > > Sentry plug-in in name node is stopping to fetch updates from sentry server > when below sequence of events occurs. > # Create a table > # Add a single partition to it. > # Rename the table created above. > # Drop the partition added above > # Add the partition again. > # Rename the table -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2502) Sentry NN plug-in stops fetching updates from sentry server
[ https://issues.apache.org/jira/browse/SENTRY-2502?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2502: Attachment: (was: SENTRY-2502.001.patch) > Sentry NN plug-in stops fetching updates from sentry server > --- > > Key: SENTRY-2502 > URL: https://issues.apache.org/jira/browse/SENTRY-2502 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.2.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Fix For: 2.2.0 > > Attachments: SENTRY-2502.001.patch > > > Sentry plug-in in name node is stopping to fetch updates from sentry server > when below sequence of events occurs. > # Create a table > # Add a single partition to it. > # Rename the table created above. > # Drop the partition added above > # Add the partition again. > # Rename the table -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2502) Sentry NN plug-in stops fetching updates from sentry server
[ https://issues.apache.org/jira/browse/SENTRY-2502?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2502: Attachment: SENTRY-2502.001.patch > Sentry NN plug-in stops fetching updates from sentry server > --- > > Key: SENTRY-2502 > URL: https://issues.apache.org/jira/browse/SENTRY-2502 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.2.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Fix For: 2.2.0 > > Attachments: SENTRY-2502.001.patch > > > Sentry plug-in in name node is stopping to fetch updates from sentry server > when below sequence of events occurs. > # Create a table > # Add a single partition to it. > # Rename the table created above. > # Drop the partition added above > # Add the partition again. > # Rename the table -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENTRY-2502) Sentry NN plug-in stops fetching updates from sentry server
[ https://issues.apache.org/jira/browse/SENTRY-2502?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16775465#comment-16775465 ] kalyan kumar kalvagadda commented on SENTRY-2502: - There are a couple of issues observed # When the table is renamed the Entry object for the table that is renamed is wrongly update. Type of Entry is changed to "DIR". # When paths have removed the entries with empty paths are not removed from the collection of Entries for an object. These two issues can manifest in multiple problems. Issue reported in this Jira is one such problem. > Sentry NN plug-in stops fetching updates from sentry server > --- > > Key: SENTRY-2502 > URL: https://issues.apache.org/jira/browse/SENTRY-2502 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.2.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Fix For: 2.2.0 > > > Sentry plug-in in name node is stopping to fetch updates from sentry server > when below sequence of events occurs. > # Create a table > # Add a single partition to it. > # Rename the table created above. > # Drop the partition added above > # Add the partition again. > # Rename the table -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (SENTRY-2502) Sentry NN plug-in stops fetching updates from sentry server
kalyan kumar kalvagadda created SENTRY-2502: --- Summary: Sentry NN plug-in stops fetching updates from sentry server Key: SENTRY-2502 URL: https://issues.apache.org/jira/browse/SENTRY-2502 Project: Sentry Issue Type: Bug Components: Sentry Affects Versions: 2.2.0 Reporter: kalyan kumar kalvagadda Assignee: kalyan kumar kalvagadda Fix For: 2.2.0 Sentry plug-in in name node is stopping to fetch updates from sentry server when below sequence of events occurs. # Create a table # Add a single partition to it. # Rename the table created above. # Drop the partition added above # Add the partition again. # Rename the table -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2498) Exception while deleting paths that does't exist
[
https://issues.apache.org/jira/browse/SENTRY-2498?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
kalyan kumar kalvagadda updated SENTRY-2498:
Resolution: Fixed
Status: Resolved (was: Patch Available)
> Exception while deleting paths that does't exist
>
>
> Key: SENTRY-2498
> URL: https://issues.apache.org/jira/browse/SENTRY-2498
> Project: Sentry
> Issue Type: Bug
> Components: Sentry
>Affects Versions: 2.2.0
>Reporter: kalyan kumar kalvagadda
>Assignee: kalyan kumar kalvagadda
>Priority: Major
> Fix For: 2.2.0
>
> Attachments: SENTRY-2498.001.patch, SENTRY-2498.001.patch
>
>
> Currently, HMSPaths is throwing an exception while deleting the paths for an
> object that is not known. Here is the stack trace for the exception
> {noformat}
> 2019-02-13 10:19:16,351 WARN org.apache.sentry.hdfs.SentryAuthorizationInfo:
> Failed to update, will retry in [3]ms, error:
> java.lang.NullPointerException
> at
> org.apache.sentry.hdfs.HMSPaths.deletePathsFromAuthzObject(HMSPaths.java:801)
> at
> org.apache.sentry.hdfs.UpdateableAuthzPaths.applyPartialUpdate(UpdateableAuthzPaths.java:155)
> at
> org.apache.sentry.hdfs.UpdateableAuthzPaths.updatePartial(UpdateableAuthzPaths.java:89)
> at
> org.apache.sentry.hdfs.SentryAuthorizationInfo.processUpdates(SentryAuthorizationInfo.java:202)
> at
> org.apache.sentry.hdfs.SentryAuthorizationInfo.update(SentryAuthorizationInfo.java:135)
> at
> org.apache.sentry.hdfs.SentryAuthorizationInfo.run(SentryAuthorizationInfo.java:220)
> at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
> at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:308)
> at
> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:180)
> at
> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:294)
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
> at java.lang.Thread.run(Thread.java:748)
> 2019-02-13 10:19:17,670 INFO SecurityLogger.
> {noformat}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Updated] (SENTRY-2495) Support Conjunctive Matching in Solr QueryDocAuthorizationComponent
[ https://issues.apache.org/jira/browse/SENTRY-2495?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2495: Attachment: SENTRY_2495.patch.001 > Support Conjunctive Matching in Solr QueryDocAuthorizationComponent > --- > > Key: SENTRY-2495 > URL: https://issues.apache.org/jira/browse/SENTRY-2495 > Project: Sentry > Issue Type: Sub-task >Reporter: Tristan Stevens >Assignee: Tristan Stevens >Priority: Major > Attachments: SENTRY_2495.patch.001 > > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2495) Support Conjunctive Matching in Solr QueryDocAuthorizationComponent
[ https://issues.apache.org/jira/browse/SENTRY-2495?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2495: Attachment: SENTRY-2495.patch.001 > Support Conjunctive Matching in Solr QueryDocAuthorizationComponent > --- > > Key: SENTRY-2495 > URL: https://issues.apache.org/jira/browse/SENTRY-2495 > Project: Sentry > Issue Type: Sub-task >Reporter: Tristan Stevens >Assignee: Tristan Stevens >Priority: Major > Attachments: SENTRY-2495.patch.001 > > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2495) Support Conjunctive Matching in Solr QueryDocAuthorizationComponent
[ https://issues.apache.org/jira/browse/SENTRY-2495?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2495: Attachment: (was: SENTRY_2495.patch.001) > Support Conjunctive Matching in Solr QueryDocAuthorizationComponent > --- > > Key: SENTRY-2495 > URL: https://issues.apache.org/jira/browse/SENTRY-2495 > Project: Sentry > Issue Type: Sub-task >Reporter: Tristan Stevens >Assignee: Tristan Stevens >Priority: Major > Attachments: SENTRY-2495.patch.001 > > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2498) Exception while deleting paths that does't exist
[
https://issues.apache.org/jira/browse/SENTRY-2498?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
kalyan kumar kalvagadda updated SENTRY-2498:
Attachment: SENTRY-2498.001.patch
> Exception while deleting paths that does't exist
>
>
> Key: SENTRY-2498
> URL: https://issues.apache.org/jira/browse/SENTRY-2498
> Project: Sentry
> Issue Type: Bug
> Components: Sentry
>Affects Versions: 2.2.0
>Reporter: kalyan kumar kalvagadda
>Assignee: kalyan kumar kalvagadda
>Priority: Major
> Fix For: 2.2.0
>
> Attachments: SENTRY-2498.001.patch, SENTRY-2498.001.patch
>
>
> Currently, HMSPaths is throwing an exception while deleting the paths for an
> object that is not known. Here is the stack trace for the exception
> {noformat}
> 2019-02-13 10:19:16,351 WARN org.apache.sentry.hdfs.SentryAuthorizationInfo:
> Failed to update, will retry in [3]ms, error:
> java.lang.NullPointerException
> at
> org.apache.sentry.hdfs.HMSPaths.deletePathsFromAuthzObject(HMSPaths.java:801)
> at
> org.apache.sentry.hdfs.UpdateableAuthzPaths.applyPartialUpdate(UpdateableAuthzPaths.java:155)
> at
> org.apache.sentry.hdfs.UpdateableAuthzPaths.updatePartial(UpdateableAuthzPaths.java:89)
> at
> org.apache.sentry.hdfs.SentryAuthorizationInfo.processUpdates(SentryAuthorizationInfo.java:202)
> at
> org.apache.sentry.hdfs.SentryAuthorizationInfo.update(SentryAuthorizationInfo.java:135)
> at
> org.apache.sentry.hdfs.SentryAuthorizationInfo.run(SentryAuthorizationInfo.java:220)
> at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
> at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:308)
> at
> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:180)
> at
> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:294)
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
> at java.lang.Thread.run(Thread.java:748)
> 2019-02-13 10:19:17,670 INFO SecurityLogger.
> {noformat}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Issue Comment Deleted] (SENTRY-2498) Exception while deleting paths that does't exist
[
https://issues.apache.org/jira/browse/SENTRY-2498?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
kalyan kumar kalvagadda updated SENTRY-2498:
Comment: was deleted
(was: +1 to code change)
> Exception while deleting paths that does't exist
>
>
> Key: SENTRY-2498
> URL: https://issues.apache.org/jira/browse/SENTRY-2498
> Project: Sentry
> Issue Type: Bug
> Components: Sentry
>Affects Versions: 2.2.0
>Reporter: kalyan kumar kalvagadda
>Assignee: kalyan kumar kalvagadda
>Priority: Major
> Fix For: 2.2.0
>
> Attachments: SENTRY-2498.001.patch, SENTRY-2498.001.patch
>
>
> Currently, HMSPaths is throwing an exception while deleting the paths for an
> object that is not known. Here is the stack trace for the exception
> {noformat}
> 2019-02-13 10:19:16,351 WARN org.apache.sentry.hdfs.SentryAuthorizationInfo:
> Failed to update, will retry in [3]ms, error:
> java.lang.NullPointerException
> at
> org.apache.sentry.hdfs.HMSPaths.deletePathsFromAuthzObject(HMSPaths.java:801)
> at
> org.apache.sentry.hdfs.UpdateableAuthzPaths.applyPartialUpdate(UpdateableAuthzPaths.java:155)
> at
> org.apache.sentry.hdfs.UpdateableAuthzPaths.updatePartial(UpdateableAuthzPaths.java:89)
> at
> org.apache.sentry.hdfs.SentryAuthorizationInfo.processUpdates(SentryAuthorizationInfo.java:202)
> at
> org.apache.sentry.hdfs.SentryAuthorizationInfo.update(SentryAuthorizationInfo.java:135)
> at
> org.apache.sentry.hdfs.SentryAuthorizationInfo.run(SentryAuthorizationInfo.java:220)
> at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
> at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:308)
> at
> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:180)
> at
> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:294)
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
> at java.lang.Thread.run(Thread.java:748)
> 2019-02-13 10:19:17,670 INFO SecurityLogger.
> {noformat}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Updated] (SENTRY-2498) Exception while deleting paths that does't exist
[
https://issues.apache.org/jira/browse/SENTRY-2498?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
kalyan kumar kalvagadda updated SENTRY-2498:
Attachment: SENTRY-2498.001.patch
Status: Patch Available (was: In Progress)
> Exception while deleting paths that does't exist
>
>
> Key: SENTRY-2498
> URL: https://issues.apache.org/jira/browse/SENTRY-2498
> Project: Sentry
> Issue Type: Bug
> Components: Sentry
>Affects Versions: 2.2.0
>Reporter: kalyan kumar kalvagadda
>Assignee: kalyan kumar kalvagadda
>Priority: Major
> Fix For: 2.2.0
>
> Attachments: SENTRY-2498.001.patch
>
>
> Currently, HMSPaths is throwing an exception while deleting the paths for an
> object that is not known. Here is the stack trace for the exception
> {noformat}
> 2019-02-13 10:19:16,351 WARN org.apache.sentry.hdfs.SentryAuthorizationInfo:
> Failed to update, will retry in [3]ms, error:
> java.lang.NullPointerException
> at
> org.apache.sentry.hdfs.HMSPaths.deletePathsFromAuthzObject(HMSPaths.java:801)
> at
> org.apache.sentry.hdfs.UpdateableAuthzPaths.applyPartialUpdate(UpdateableAuthzPaths.java:155)
> at
> org.apache.sentry.hdfs.UpdateableAuthzPaths.updatePartial(UpdateableAuthzPaths.java:89)
> at
> org.apache.sentry.hdfs.SentryAuthorizationInfo.processUpdates(SentryAuthorizationInfo.java:202)
> at
> org.apache.sentry.hdfs.SentryAuthorizationInfo.update(SentryAuthorizationInfo.java:135)
> at
> org.apache.sentry.hdfs.SentryAuthorizationInfo.run(SentryAuthorizationInfo.java:220)
> at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
> at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:308)
> at
> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:180)
> at
> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:294)
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
> at java.lang.Thread.run(Thread.java:748)
> 2019-02-13 10:19:17,670 INFO SecurityLogger.
> {noformat}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Created] (SENTRY-2498) Exception while deleting paths that does't exist
kalyan kumar kalvagadda created SENTRY-2498:
---
Summary: Exception while deleting paths that does't exist
Key: SENTRY-2498
URL: https://issues.apache.org/jira/browse/SENTRY-2498
Project: Sentry
Issue Type: Bug
Components: Sentry
Affects Versions: 2.2.0
Reporter: kalyan kumar kalvagadda
Assignee: kalyan kumar kalvagadda
Fix For: 2.2.0
Currently, HMSPaths is throwing an exception while deleting the paths for an
object that is not known. Here is the stack trace for the exception
{noformat}
2019-02-13 10:19:16,351 WARN org.apache.sentry.hdfs.SentryAuthorizationInfo:
Failed to update, will retry in [3]ms, error:
java.lang.NullPointerException
at
org.apache.sentry.hdfs.HMSPaths.deletePathsFromAuthzObject(HMSPaths.java:801)
at
org.apache.sentry.hdfs.UpdateableAuthzPaths.applyPartialUpdate(UpdateableAuthzPaths.java:155)
at
org.apache.sentry.hdfs.UpdateableAuthzPaths.updatePartial(UpdateableAuthzPaths.java:89)
at
org.apache.sentry.hdfs.SentryAuthorizationInfo.processUpdates(SentryAuthorizationInfo.java:202)
at
org.apache.sentry.hdfs.SentryAuthorizationInfo.update(SentryAuthorizationInfo.java:135)
at
org.apache.sentry.hdfs.SentryAuthorizationInfo.run(SentryAuthorizationInfo.java:220)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:308)
at
java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:180)
at
java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:294)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
2019-02-13 10:19:17,670 INFO SecurityLogger.
{noformat}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (SENTRY-2492) Consecutive ALL grants get deleted when multiple roles have ALL grants on that object
[ https://issues.apache.org/jira/browse/SENTRY-2492?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16767658#comment-16767658 ] kalyan kumar kalvagadda commented on SENTRY-2492: - [~arjunmishra13] I have another patch. Have a look at it. This patch is fixing the actual problem without changing the current flow. > Consecutive ALL grants get deleted when multiple roles have ALL grants on > that object > - > > Key: SENTRY-2492 > URL: https://issues.apache.org/jira/browse/SENTRY-2492 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1.0 >Reporter: Arjun Mishra >Assignee: Arjun Mishra >Priority: Major > Attachments: SENTRY-2492.01.patch, SENTRY-2492.02.patch > > > Have multiple roles with ALL grant on the same object. Then repeat grant ALL > on object to a any role. That role will lose its grant -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2492) Consecutive ALL grants get deleted when multiple roles have ALL grants on that object
[ https://issues.apache.org/jira/browse/SENTRY-2492?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2492: Attachment: SENTRY-2492.02.patch > Consecutive ALL grants get deleted when multiple roles have ALL grants on > that object > - > > Key: SENTRY-2492 > URL: https://issues.apache.org/jira/browse/SENTRY-2492 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1.0 >Reporter: Arjun Mishra >Assignee: Arjun Mishra >Priority: Major > Attachments: SENTRY-2492.01.patch, SENTRY-2492.02.patch > > > Have multiple roles with ALL grant on the same object. Then repeat grant ALL > on object to a any role. That role will lose its grant -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Comment Edited] (SENTRY-2146) Add better error handling to ResourceAuthorizationProvider and improve logging in related classes
[
https://issues.apache.org/jira/browse/SENTRY-2146?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16763873#comment-16763873
]
kalyan kumar kalvagadda edited comment on SENTRY-2146 at 2/8/19 8:49 PM:
-
[~arjunmishra13] here are my comments.
LOG.debug("stmtAuthObject.getOperationScope() = " +
stmtAuthObject.getOperationScope()); // * have the comment simple. You can just
call it Operation Scope*
LOG.debug("preAnalyze: For Token Type={}; " + this, ast.getToken().getType());
// *You can change it to preAnalyze: For OperationL{}, on " + this,
ast.getToken().getType())*
throw new IllegalArgumentException("kvList=" + kvList + ", Key cannot be
empty");
} else if (value.isEmpty()) {
throw new IllegalArgumentException("kvList=" + kvList + ", Value cannot
be empty");
} // * Print the keyValue which unparsed.*
was (Author: kkalyan):
[~arjunmishra13] here are my comments.
LOG.debug("stmtAuthObject.getOperationScope() = " +
stmtAuthObject.getOperationScope()); //* have the comment simple. You can just
call it Operation Scope*
LOG.debug("preAnalyze: For Token Type={}; " + this, ast.getToken().getType());
// *You can change it to preAnalyze: For OperationL{}, on " + this,
ast.getToken().getType())*
throw new IllegalArgumentException("kvList=" + kvList + ", Key cannot be
empty");
} else if (value.isEmpty()) {
throw new IllegalArgumentException("kvList=" + kvList + ", Value cannot
be empty");
} //* Print the keyValue which unparsed.*
> Add better error handling to ResourceAuthorizationProvider and improve
> logging in related classes
> -
>
> Key: SENTRY-2146
> URL: https://issues.apache.org/jira/browse/SENTRY-2146
> Project: Sentry
> Issue Type: Bug
> Components: Sentry
>Affects Versions: 2.0.0
>Reporter: Arjun Mishra
>Assignee: Arjun Mishra
>Priority: Major
> Attachments: SENTRY-2146.002.patch, SENTRY-2146.01.patch,
> SENTRY-2146.02.patch, SENTRY-2146.03.patch, SENTRY-2146.04.patch
>
>
> There are a bunch of improvements that should be made to
> ResourceAuthorizationProvider. For example, exceptions thrown by
> privilegeFactory.createPrivilege are not gracefully handled. Makes debugging
> hard.
> We also need to add a lot more logging to related classes
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Comment Edited] (SENTRY-2146) Add better error handling to ResourceAuthorizationProvider and improve logging in related classes
[
https://issues.apache.org/jira/browse/SENTRY-2146?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16763873#comment-16763873
]
kalyan kumar kalvagadda edited comment on SENTRY-2146 at 2/8/19 8:50 PM:
-
[~arjunmishra13] here are my comments.
*have the comment simple. You can just call it Operation Scope*
LOG.debug("stmtAuthObject.getOperationScope() = " +
stmtAuthObject.getOperationScope());
LOG.debug("preAnalyze: For Token Type={}; " + this, ast.getToken().getType());
*You can change it to preAnalyze: For OperationL{}, on " + this,
ast.getToken().getType())*
throw new IllegalArgumentException("kvList=" + kvList + ", Key cannot be
empty");
} else if (value.isEmpty()) {
throw new IllegalArgumentException("kvList=" + kvList + ", Value cannot
be empty");
}
*Print the keyValue which unparsed.*
was (Author: kkalyan):
[~arjunmishra13] here are my comments.
LOG.debug("stmtAuthObject.getOperationScope() = " +
stmtAuthObject.getOperationScope()); // * have the comment simple. You can just
call it Operation Scope*
LOG.debug("preAnalyze: For Token Type={}; " + this, ast.getToken().getType());
// *You can change it to preAnalyze: For OperationL{}, on " + this,
ast.getToken().getType())*
throw new IllegalArgumentException("kvList=" + kvList + ", Key cannot be
empty");
} else if (value.isEmpty()) {
throw new IllegalArgumentException("kvList=" + kvList + ", Value cannot
be empty");
} // * Print the keyValue which unparsed.*
> Add better error handling to ResourceAuthorizationProvider and improve
> logging in related classes
> -
>
> Key: SENTRY-2146
> URL: https://issues.apache.org/jira/browse/SENTRY-2146
> Project: Sentry
> Issue Type: Bug
> Components: Sentry
>Affects Versions: 2.0.0
>Reporter: Arjun Mishra
>Assignee: Arjun Mishra
>Priority: Major
> Attachments: SENTRY-2146.002.patch, SENTRY-2146.01.patch,
> SENTRY-2146.02.patch, SENTRY-2146.03.patch, SENTRY-2146.04.patch
>
>
> There are a bunch of improvements that should be made to
> ResourceAuthorizationProvider. For example, exceptions thrown by
> privilegeFactory.createPrivilege are not gracefully handled. Makes debugging
> hard.
> We also need to add a lot more logging to related classes
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (SENTRY-2146) Add better error handling to ResourceAuthorizationProvider and improve logging in related classes
[
https://issues.apache.org/jira/browse/SENTRY-2146?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16763873#comment-16763873
]
kalyan kumar kalvagadda commented on SENTRY-2146:
-
[~arjunmishra13] here are my comments.
LOG.debug("stmtAuthObject.getOperationScope() = " +
stmtAuthObject.getOperationScope()); //* have the comment simple. You can just
call it Operation Scope*
LOG.debug("preAnalyze: For Token Type={}; " + this, ast.getToken().getType());
// *You can change it to preAnalyze: For OperationL{}, on " + this,
ast.getToken().getType())*
throw new IllegalArgumentException("kvList=" + kvList + ", Key cannot be
empty");
} else if (value.isEmpty()) {
throw new IllegalArgumentException("kvList=" + kvList + ", Value cannot
be empty");
} //* Print the keyValue which unparsed.*
> Add better error handling to ResourceAuthorizationProvider and improve
> logging in related classes
> -
>
> Key: SENTRY-2146
> URL: https://issues.apache.org/jira/browse/SENTRY-2146
> Project: Sentry
> Issue Type: Bug
> Components: Sentry
>Affects Versions: 2.0.0
>Reporter: Arjun Mishra
>Assignee: Arjun Mishra
>Priority: Major
> Attachments: SENTRY-2146.002.patch, SENTRY-2146.01.patch,
> SENTRY-2146.02.patch, SENTRY-2146.03.patch, SENTRY-2146.04.patch
>
>
> There are a bunch of improvements that should be made to
> ResourceAuthorizationProvider. For example, exceptions thrown by
> privilegeFactory.createPrivilege are not gracefully handled. Makes debugging
> hard.
> We also need to add a lot more logging to related classes
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (SENTRY-2440) Add a new thrift API for checking if a user is in admin group
[ https://issues.apache.org/jira/browse/SENTRY-2440?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16763855#comment-16763855 ] kalyan kumar kalvagadda commented on SENTRY-2440: - [~hahao] I will look into the patch early next week. > Add a new thrift API for checking if a user is in admin group > - > > Key: SENTRY-2440 > URL: https://issues.apache.org/jira/browse/SENTRY-2440 > Project: Sentry > Issue Type: Improvement >Reporter: Hao Hao >Assignee: Hao Hao >Priority: Major > Attachments: SENTRY-2440.001.patch > > > It can be helpful to Sentry client if there is a way to tell if the requestor > user is within admin group. In order to recognize failure earlier than > actually making a call to privileged API such as 'create_role', 'drop_role'. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENTRY-2146) Add better error handling to ResourceAuthorizationProvider and improve logging in related classes
[ https://issues.apache.org/jira/browse/SENTRY-2146?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16763849#comment-16763849 ] kalyan kumar kalvagadda commented on SENTRY-2146: - [~arjunmishra13]Can you explain the cases where this patch would improve the logging? > Add better error handling to ResourceAuthorizationProvider and improve > logging in related classes > - > > Key: SENTRY-2146 > URL: https://issues.apache.org/jira/browse/SENTRY-2146 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.0.0 >Reporter: Arjun Mishra >Assignee: Arjun Mishra >Priority: Major > Attachments: SENTRY-2146.002.patch, SENTRY-2146.01.patch, > SENTRY-2146.02.patch, SENTRY-2146.03.patch, SENTRY-2146.04.patch > > > There are a bunch of improvements that should be made to > ResourceAuthorizationProvider. For example, exceptions thrown by > privilegeFactory.createPrivilege are not gracefully handled. Makes debugging > hard. > We also need to add a lot more logging to related classes -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2493) Sentry store api's for path mapping should handle empty/null paths.
[ https://issues.apache.org/jira/browse/SENTRY-2493?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2493: Resolution: Fixed Status: Resolved (was: Patch Available) > Sentry store api's for path mapping should handle empty/null paths. > --- > > Key: SENTRY-2493 > URL: https://issues.apache.org/jira/browse/SENTRY-2493 > Project: Sentry > Issue Type: Bug >Affects Versions: 2.2.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Fix For: 2.2.0 > > Attachments: SENTRY-2493.001.patch, SENTRY-2493.002.patch > > > Current API's for adding and deleting path mapping throw exceptions when > paths provided are either empty/null. API's should handle it gracefully. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2493) Sentry store api's for path mapping should handle empty/null paths.
[ https://issues.apache.org/jira/browse/SENTRY-2493?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2493: Attachment: SENTRY-2493.002.patch > Sentry store api's for path mapping should handle empty/null paths. > --- > > Key: SENTRY-2493 > URL: https://issues.apache.org/jira/browse/SENTRY-2493 > Project: Sentry > Issue Type: Bug >Affects Versions: 2.2.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Fix For: 2.2.0 > > Attachments: SENTRY-2493.001.patch, SENTRY-2493.002.patch > > > Current API's for adding and deleting path mapping throw exceptions when > paths provided are either empty/null. API's should handle it gracefully. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENTRY-2493) Sentry store api's for path mapping should handle empty/null paths.
[ https://issues.apache.org/jira/browse/SENTRY-2493?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16762195#comment-16762195 ] kalyan kumar kalvagadda commented on SENTRY-2493: - I will address the comments 1,2,3. Regarding the last comment, changes in NotificationsProcess will make sure that sentry store is invoked when the paths are null/empty but the API's by itself should be able to handle null/empty paths. Currently, they throw exceptions. > Sentry store api's for path mapping should handle empty/null paths. > --- > > Key: SENTRY-2493 > URL: https://issues.apache.org/jira/browse/SENTRY-2493 > Project: Sentry > Issue Type: Bug >Affects Versions: 2.2.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Fix For: 2.2.0 > > Attachments: SENTRY-2493.001.patch > > > Current API's for adding and deleting path mapping throw exceptions when > paths provided are either empty/null. API's should handle it gracefully. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2205) Improve Sentry NN Logging
[ https://issues.apache.org/jira/browse/SENTRY-2205?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2205: Resolution: Fixed Fix Version/s: 2.2.0 Status: Resolved (was: Patch Available) > Improve Sentry NN Logging > - > > Key: SENTRY-2205 > URL: https://issues.apache.org/jira/browse/SENTRY-2205 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1.0 >Reporter: Arjun Mishra >Assignee: kalyan kumar kalvagadda >Priority: Major > Fix For: 2.2.0 > > Attachments: SENTRY-2205.001.patch, SENTRY-2205.002.patch, > SENTRY-2205.003.patch, SENTRY-2205.004.patch > > > Logging in SentryAuthorizationInfo, UpdateForwarder, and SentryStore classes > are weak and make debugging hard. Improve logging in these classes -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2493) Sentry store api's for path mapping should handle empty/null paths.
[ https://issues.apache.org/jira/browse/SENTRY-2493?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2493: Fix Version/s: 2.2.0 Attachment: SENTRY-2493.001.patch Status: Patch Available (was: In Progress) > Sentry store api's for path mapping should handle empty/null paths. > --- > > Key: SENTRY-2493 > URL: https://issues.apache.org/jira/browse/SENTRY-2493 > Project: Sentry > Issue Type: Bug >Affects Versions: 2.2.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Fix For: 2.2.0 > > Attachments: SENTRY-2493.001.patch > > > Current API's for adding and deleting path mapping throw exceptions when > paths provided are either empty/null. API's should handle it gracefully. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (SENTRY-2493) Sentry store api's for path mapping should handle empty/null paths.
kalyan kumar kalvagadda created SENTRY-2493: --- Summary: Sentry store api's for path mapping should handle empty/null paths. Key: SENTRY-2493 URL: https://issues.apache.org/jira/browse/SENTRY-2493 Project: Sentry Issue Type: Bug Affects Versions: 2.2.0 Reporter: kalyan kumar kalvagadda Assignee: kalyan kumar kalvagadda Current API's for adding and deleting path mapping throw exceptions when paths provided are either empty/null. API's should handle it gracefully. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2205) Improve Sentry NN Logging
[ https://issues.apache.org/jira/browse/SENTRY-2205?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2205: Attachment: SENTRY-2205.004.patch > Improve Sentry NN Logging > - > > Key: SENTRY-2205 > URL: https://issues.apache.org/jira/browse/SENTRY-2205 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1.0 >Reporter: Arjun Mishra >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2205.001.patch, SENTRY-2205.002.patch, > SENTRY-2205.003.patch, SENTRY-2205.004.patch > > > Logging in SentryAuthorizationInfo, UpdateForwarder, and SentryStore classes > are weak and make debugging hard. Improve logging in these classes -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2205) Improve Sentry NN Logging
[ https://issues.apache.org/jira/browse/SENTRY-2205?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2205: Attachment: SENTRY-2205.003.patch > Improve Sentry NN Logging > - > > Key: SENTRY-2205 > URL: https://issues.apache.org/jira/browse/SENTRY-2205 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1.0 >Reporter: Arjun Mishra >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2205.001.patch, SENTRY-2205.002.patch, > SENTRY-2205.003.patch > > > Logging in SentryAuthorizationInfo, UpdateForwarder, and SentryStore classes > are weak and make debugging hard. Improve logging in these classes -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2205) Improve Sentry NN Logging
[ https://issues.apache.org/jira/browse/SENTRY-2205?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2205: Attachment: (was: SENTRY-2205.003.patch) > Improve Sentry NN Logging > - > > Key: SENTRY-2205 > URL: https://issues.apache.org/jira/browse/SENTRY-2205 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1.0 >Reporter: Arjun Mishra >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2205.001.patch, SENTRY-2205.002.patch, > SENTRY-2205.003.patch > > > Logging in SentryAuthorizationInfo, UpdateForwarder, and SentryStore classes > are weak and make debugging hard. Improve logging in these classes -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2205) Improve Sentry NN Logging
[ https://issues.apache.org/jira/browse/SENTRY-2205?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2205: Attachment: SENTRY-2205.002.patch > Improve Sentry NN Logging > - > > Key: SENTRY-2205 > URL: https://issues.apache.org/jira/browse/SENTRY-2205 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1.0 >Reporter: Arjun Mishra >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2205.001.patch, SENTRY-2205.002.patch > > > Logging in SentryAuthorizationInfo, UpdateForwarder, and SentryStore classes > are weak and make debugging hard. Improve logging in these classes -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2205) Improve Sentry NN Logging
[ https://issues.apache.org/jira/browse/SENTRY-2205?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2205: Status: Patch Available (was: In Progress) > Improve Sentry NN Logging > - > > Key: SENTRY-2205 > URL: https://issues.apache.org/jira/browse/SENTRY-2205 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1.0 >Reporter: Arjun Mishra >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2205.001.patch > > > Logging in SentryAuthorizationInfo, UpdateForwarder, and SentryStore classes > are weak and make debugging hard. Improve logging in these classes -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2205) Improve Sentry NN Logging
[ https://issues.apache.org/jira/browse/SENTRY-2205?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2205: Attachment: SENTRY-2205.001.patch > Improve Sentry NN Logging > - > > Key: SENTRY-2205 > URL: https://issues.apache.org/jira/browse/SENTRY-2205 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1.0 >Reporter: Arjun Mishra >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2205.001.patch > > > Logging in SentryAuthorizationInfo, UpdateForwarder, and SentryStore classes > are weak and make debugging hard. Improve logging in these classes -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENTRY-2490) When building a full perm update for each object we only build 1 privilege per role
[ https://issues.apache.org/jira/browse/SENTRY-2490?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16755167#comment-16755167 ] kalyan kumar kalvagadda commented on SENTRY-2490: - [~arjunmishra13] +2 > When building a full perm update for each object we only build 1 privilege > per role > --- > > Key: SENTRY-2490 > URL: https://issues.apache.org/jira/browse/SENTRY-2490 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1.0 >Reporter: Arjun Mishra >Assignee: Arjun Mishra >Priority: Major > Attachments: SENTRY-2490.01.patch > > > When building a perm full update we only include one privilege a role has on > an object as opposed to the entire privilege set -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENTRY-2490) When building a full perm update for each object we only build 1 privilege per role
[ https://issues.apache.org/jira/browse/SENTRY-2490?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16754299#comment-16754299 ] kalyan kumar kalvagadda commented on SENTRY-2490: - code change looks good. > When building a full perm update for each object we only build 1 privilege > per role > --- > > Key: SENTRY-2490 > URL: https://issues.apache.org/jira/browse/SENTRY-2490 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1.0 >Reporter: Arjun Mishra >Assignee: Arjun Mishra >Priority: Major > Attachments: SENTRY-2490.01.patch > > > When building a perm full update we only include one privilege a role has on > an object as opposed to the entire privilege set -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (SENTRY-2205) Improve Sentry NN Logging
[ https://issues.apache.org/jira/browse/SENTRY-2205?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda reassigned SENTRY-2205: --- Assignee: kalyan kumar kalvagadda (was: Arjun Mishra) > Improve Sentry NN Logging > - > > Key: SENTRY-2205 > URL: https://issues.apache.org/jira/browse/SENTRY-2205 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1.0 >Reporter: Arjun Mishra >Assignee: kalyan kumar kalvagadda >Priority: Major > > Logging in SentryAuthorizationInfo, UpdateForwarder, and SentryStore classes > are weak and make debugging hard. Improve logging in these classes -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Comment Edited] (SENTRY-2490) NN is unfamiliar with REFRESH privileges and sets FSAction to NONE on the group when it sees it in a full update
[
https://issues.apache.org/jira/browse/SENTRY-2490?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16752545#comment-16752545
]
kalyan kumar kalvagadda edited comment on SENTRY-2490 at 1/25/19 6:25 PM:
--
[~arjunmishra13] If you look at the code below
{noformat}
private static FsAction getFAction(String sentryPriv) {
String[] strPrivs = sentryPriv.trim().split(",");
FsAction retVal = FsAction.NONE;
for (String strPriv : strPrivs) {
FsAction action = ACTION_MAPPING.get(strPriv.toUpperCase());
if (action == null) {
// Encountered a privilege that is not supported. Since we do not know
what
// to do with it we just drop all access.
LOG.warn("Unsupported privilege {}, disabling all access", strPriv);
action = FsAction.NONE;
}
retVal = retVal.or(action);
}
return retVal;
}
{noformat}
At this line *retVal = retVal.or(action)*, if the action is NONE, it may not
update the *retval*.
was (Author: kkalyan):
[~arjunmishra13] If you look at the code below
{noformat}
private static FsAction getFAction(String sentryPriv) {
String[] strPrivs = sentryPriv.trim().split(",");
FsAction retVal = FsAction.NONE;
for (String strPriv : strPrivs) {
FsAction action = ACTION_MAPPING.get(strPriv.toUpperCase());
if (action == null) {
// Encountered a privilege that is not supported. Since we do not know
what
// to do with it we just drop all access.
LOG.warn("Unsupported privilege {}, disabling all access", strPriv);
action = FsAction.NONE;
}
retVal = retVal.or(action);
}
return retVal;
}
{noformat}
At this libe *retVal = retVal.or(action)*, if the action is NONE, it may not
update the *retval*.
> NN is unfamiliar with REFRESH privileges and sets FSAction to NONE on the
> group when it sees it in a full update
>
>
> Key: SENTRY-2490
> URL: https://issues.apache.org/jira/browse/SENTRY-2490
> Project: Sentry
> Issue Type: Bug
> Components: Sentry
>Affects Versions: 2.1.0
>Reporter: Arjun Mishra
>Assignee: Arjun Mishra
>Priority: Major
>
> When NN tries to get the FS action on Sentry managed paths, it checks against
> the ACTION_MAPPING map values. Currently this dataset doesn't have REFRESH
> listed. When NN sees a REFRESH privilege it will flag it as unsupported and
> set the FS action as NONE on that path for that group. This seems to happen
> only with full update. It will also override any other privilege that group
> had on that path
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (SENTRY-2490) NN is unfamiliar with REFRESH privileges and sets FSAction to NONE on the group when it sees it in a full update
[
https://issues.apache.org/jira/browse/SENTRY-2490?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16752545#comment-16752545
]
kalyan kumar kalvagadda commented on SENTRY-2490:
-
[~arjunmishra13] If you look at the code below
{noformat}
private static FsAction getFAction(String sentryPriv) {
String[] strPrivs = sentryPriv.trim().split(",");
FsAction retVal = FsAction.NONE;
for (String strPriv : strPrivs) {
FsAction action = ACTION_MAPPING.get(strPriv.toUpperCase());
if (action == null) {
// Encountered a privilege that is not supported. Since we do not know
what
// to do with it we just drop all access.
LOG.warn("Unsupported privilege {}, disabling all access", strPriv);
action = FsAction.NONE;
}
retVal = retVal.or(action);
}
return retVal;
}
{noformat}
At this libe *retVal = retVal.or(action)*, if the action is NONE, it may not
update the *retval*.
> NN is unfamiliar with REFRESH privileges and sets FSAction to NONE on the
> group when it sees it in a full update
>
>
> Key: SENTRY-2490
> URL: https://issues.apache.org/jira/browse/SENTRY-2490
> Project: Sentry
> Issue Type: Bug
> Components: Sentry
>Affects Versions: 2.1.0
>Reporter: Arjun Mishra
>Assignee: Arjun Mishra
>Priority: Major
>
> When NN tries to get the FS action on Sentry managed paths, it checks against
> the ACTION_MAPPING map values. Currently this dataset doesn't have REFRESH
> listed. When NN sees a REFRESH privilege it will flag it as unsupported and
> set the FS action as NONE on that path for that group. This seems to happen
> only with full update. It will also override any other privilege that group
> had on that path
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Updated] (SENTRY-2489) Fix flaky test testRequestSyncUpdatesWhenPubSubNotifyReturnsFullPathsUpdate
[ https://issues.apache.org/jira/browse/SENTRY-2489?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2489: Attachment: SENTRY-2489.001.patch > Fix flaky test testRequestSyncUpdatesWhenPubSubNotifyReturnsFullPathsUpdate > --- > > Key: SENTRY-2489 > URL: https://issues.apache.org/jira/browse/SENTRY-2489 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2489.001.patch > > > testRequestSyncUpdatesWhenPubSubNotifyReturnsFullPathsUpdate is falky and it > fails pretty commonly. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Issue Comment Deleted] (SENTRY-2489) Fix flaky test testRequestSyncUpdatesWhenPubSubNotifyReturnsFullPathsUpdate
[
https://issues.apache.org/jira/browse/SENTRY-2489?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
kalyan kumar kalvagadda updated SENTRY-2489:
Comment: was deleted
(was: Here are the results of testing the latest attachment
https://issues.apache.org/jira/secure/attachment/12956355/SENTRY-2489.001.patch
against master.
{color:red}Overall:{color} -1 due to 2 errors
{color:red}ERROR:{color} mvn test exited 1
{color:red}ERROR:{color} Failed:
org.apache.sentry.provider.db.generic.service.persistent.TestPrivilegeOperatePersistence
Console output:
https://builds.apache.org/job/PreCommit-SENTRY-Build/4330/console
This message is automatically generated.)
> Fix flaky test testRequestSyncUpdatesWhenPubSubNotifyReturnsFullPathsUpdate
> ---
>
> Key: SENTRY-2489
> URL: https://issues.apache.org/jira/browse/SENTRY-2489
> Project: Sentry
> Issue Type: Bug
> Components: Sentry
>Affects Versions: 2.1
>Reporter: kalyan kumar kalvagadda
>Assignee: kalyan kumar kalvagadda
>Priority: Major
>
> testRequestSyncUpdatesWhenPubSubNotifyReturnsFullPathsUpdate is falky and it
> fails pretty commonly.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Updated] (SENTRY-2489) Fix flaky test testRequestSyncUpdatesWhenPubSubNotifyReturnsFullPathsUpdate
[ https://issues.apache.org/jira/browse/SENTRY-2489?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2489: Attachment: (was: SENTRY-2489.001.patch) > Fix flaky test testRequestSyncUpdatesWhenPubSubNotifyReturnsFullPathsUpdate > --- > > Key: SENTRY-2489 > URL: https://issues.apache.org/jira/browse/SENTRY-2489 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > > testRequestSyncUpdatesWhenPubSubNotifyReturnsFullPathsUpdate is falky and it > fails pretty commonly. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2287) Find a way to report that HDFS ACL synchronization is complete.
[ https://issues.apache.org/jira/browse/SENTRY-2287?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2287: Attachment: (was: SENTRY-2287.004.patch) > Find a way to report that HDFS ACL synchronization is complete. > --- > > Key: SENTRY-2287 > URL: https://issues.apache.org/jira/browse/SENTRY-2287 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2287.001.patch, SENTRY-2287.002.patch, > SENTRY-2287.003.patch, SENTRY-2287.004.patch > > > Currently there is no way to confirm that HDFS ACL synchronization is > complete when snapshot is initiated. We need to identify that and log in > console and log file as well. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2287) Find a way to report that HDFS ACL synchronization is complete.
[ https://issues.apache.org/jira/browse/SENTRY-2287?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2287: Attachment: SENTRY-2287.004.patch > Find a way to report that HDFS ACL synchronization is complete. > --- > > Key: SENTRY-2287 > URL: https://issues.apache.org/jira/browse/SENTRY-2287 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2287.001.patch, SENTRY-2287.002.patch, > SENTRY-2287.003.patch, SENTRY-2287.004.patch > > > Currently there is no way to confirm that HDFS ACL synchronization is > complete when snapshot is initiated. We need to identify that and log in > console and log file as well. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2489) Fix flaky test testRequestSyncUpdatesWhenPubSubNotifyReturnsFullPathsUpdate
[ https://issues.apache.org/jira/browse/SENTRY-2489?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2489: Attachment: (was: SENTRY-2489.001.patch) > Fix flaky test testRequestSyncUpdatesWhenPubSubNotifyReturnsFullPathsUpdate > --- > > Key: SENTRY-2489 > URL: https://issues.apache.org/jira/browse/SENTRY-2489 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2489.001.patch > > > testRequestSyncUpdatesWhenPubSubNotifyReturnsFullPathsUpdate is falky and it > fails pretty commonly. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-1904) TransactionManager should limit the max time spent by transaction retry
[ https://issues.apache.org/jira/browse/SENTRY-1904?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-1904: Attachment: (was: SENTRY-1904.009.patch) > TransactionManager should limit the max time spent by transaction retry > --- > > Key: SENTRY-1904 > URL: https://issues.apache.org/jira/browse/SENTRY-1904 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.0.0 >Reporter: Alexander Kolbasov >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-1904.001.patch, SENTRY-1904.002.patch, > SENTRY-1904.003.patch, SENTRY-1904.004.patch, SENTRY-1904.005.patch, > SENTRY-1904.006.patch, SENTRY-1904.007.patch, SENTRY-1904.008.patch, > SENTRY-1904.009.patch > > > The TransactionManager uses exponential backoff strategy for transaction > retries. This may cause some transactions to be delayed by a very long time. > We should also have a constraint on the max time for a transaction so that we > do not retry for too long. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-1904) TransactionManager should limit the max time spent by transaction retry
[ https://issues.apache.org/jira/browse/SENTRY-1904?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-1904: Attachment: SENTRY-1904.009.patch > TransactionManager should limit the max time spent by transaction retry > --- > > Key: SENTRY-1904 > URL: https://issues.apache.org/jira/browse/SENTRY-1904 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.0.0 >Reporter: Alexander Kolbasov >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-1904.001.patch, SENTRY-1904.002.patch, > SENTRY-1904.003.patch, SENTRY-1904.004.patch, SENTRY-1904.005.patch, > SENTRY-1904.006.patch, SENTRY-1904.007.patch, SENTRY-1904.008.patch, > SENTRY-1904.009.patch > > > The TransactionManager uses exponential backoff strategy for transaction > retries. This may cause some transactions to be delayed by a very long time. > We should also have a constraint on the max time for a transaction so that we > do not retry for too long. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2489) Fix flaky test testRequestSyncUpdatesWhenPubSubNotifyReturnsFullPathsUpdate
[ https://issues.apache.org/jira/browse/SENTRY-2489?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2489: Attachment: SENTRY-2489.001.patch > Fix flaky test testRequestSyncUpdatesWhenPubSubNotifyReturnsFullPathsUpdate > --- > > Key: SENTRY-2489 > URL: https://issues.apache.org/jira/browse/SENTRY-2489 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2489.001.patch > > > testRequestSyncUpdatesWhenPubSubNotifyReturnsFullPathsUpdate is falky and it > fails pretty commonly. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2489) Fix flaky test testRequestSyncUpdatesWhenPubSubNotifyReturnsFullPathsUpdate
[ https://issues.apache.org/jira/browse/SENTRY-2489?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2489: Attachment: SENTRY-2489.001.patch Status: Patch Available (was: Open) > Fix flaky test testRequestSyncUpdatesWhenPubSubNotifyReturnsFullPathsUpdate > --- > > Key: SENTRY-2489 > URL: https://issues.apache.org/jira/browse/SENTRY-2489 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2489.001.patch > > > testRequestSyncUpdatesWhenPubSubNotifyReturnsFullPathsUpdate is falky and it > fails pretty commonly. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (SENTRY-2489) Fix flaky test testRequestSyncUpdatesWhenPubSubNotifyReturnsFullPathsUpdate
[ https://issues.apache.org/jira/browse/SENTRY-2489?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda reassigned SENTRY-2489: --- Assignee: kalyan kumar kalvagadda > Fix flaky test testRequestSyncUpdatesWhenPubSubNotifyReturnsFullPathsUpdate > --- > > Key: SENTRY-2489 > URL: https://issues.apache.org/jira/browse/SENTRY-2489 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > > testRequestSyncUpdatesWhenPubSubNotifyReturnsFullPathsUpdate is falky and it > fails pretty commonly. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2489) Fix flaky test testRequestSyncUpdatesWhenPubSubNotifyReturnsFullPathsUpdate
[ https://issues.apache.org/jira/browse/SENTRY-2489?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2489: Affects Version/s: 2.1 > Fix flaky test testRequestSyncUpdatesWhenPubSubNotifyReturnsFullPathsUpdate > --- > > Key: SENTRY-2489 > URL: https://issues.apache.org/jira/browse/SENTRY-2489 > Project: Sentry > Issue Type: Bug >Affects Versions: 2.1 >Reporter: kalyan kumar kalvagadda >Priority: Major > > testRequestSyncUpdatesWhenPubSubNotifyReturnsFullPathsUpdate is falky and it > fails pretty commonly. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2489) Fix flaky test testRequestSyncUpdatesWhenPubSubNotifyReturnsFullPathsUpdate
[ https://issues.apache.org/jira/browse/SENTRY-2489?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2489: Component/s: Sentry > Fix flaky test testRequestSyncUpdatesWhenPubSubNotifyReturnsFullPathsUpdate > --- > > Key: SENTRY-2489 > URL: https://issues.apache.org/jira/browse/SENTRY-2489 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.1 >Reporter: kalyan kumar kalvagadda >Priority: Major > > testRequestSyncUpdatesWhenPubSubNotifyReturnsFullPathsUpdate is falky and it > fails pretty commonly. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (SENTRY-2489) Fix flaky test testRequestSyncUpdatesWhenPubSubNotifyReturnsFullPathsUpdate
kalyan kumar kalvagadda created SENTRY-2489: --- Summary: Fix flaky test testRequestSyncUpdatesWhenPubSubNotifyReturnsFullPathsUpdate Key: SENTRY-2489 URL: https://issues.apache.org/jira/browse/SENTRY-2489 Project: Sentry Issue Type: Bug Reporter: kalyan kumar kalvagadda testRequestSyncUpdatesWhenPubSubNotifyReturnsFullPathsUpdate is falky and it fails pretty commonly. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2287) Find a way to report that HDFS ACL synchronization is complete.
[ https://issues.apache.org/jira/browse/SENTRY-2287?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2287: Attachment: SENTRY-2287.004.patch > Find a way to report that HDFS ACL synchronization is complete. > --- > > Key: SENTRY-2287 > URL: https://issues.apache.org/jira/browse/SENTRY-2287 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2287.001.patch, SENTRY-2287.002.patch, > SENTRY-2287.003.patch, SENTRY-2287.004.patch > > > Currently there is no way to confirm that HDFS ACL synchronization is > complete when snapshot is initiated. We need to identify that and log in > console and log file as well. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-1904) TransactionManager should limit the max time spent by transaction retry
[ https://issues.apache.org/jira/browse/SENTRY-1904?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-1904: Attachment: SENTRY-1904.009.patch > TransactionManager should limit the max time spent by transaction retry > --- > > Key: SENTRY-1904 > URL: https://issues.apache.org/jira/browse/SENTRY-1904 > Project: Sentry > Issue Type: Bug > Components: Sentry >Affects Versions: 2.0.0 >Reporter: Alexander Kolbasov >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-1904.001.patch, SENTRY-1904.002.patch, > SENTRY-1904.003.patch, SENTRY-1904.004.patch, SENTRY-1904.005.patch, > SENTRY-1904.006.patch, SENTRY-1904.007.patch, SENTRY-1904.008.patch, > SENTRY-1904.009.patch > > > The TransactionManager uses exponential backoff strategy for transaction > retries. This may cause some transactions to be delayed by a very long time. > We should also have a constraint on the max time for a transaction so that we > do not retry for too long. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2287) Find a way to report that HDFS ACL synchronization is complete.
[ https://issues.apache.org/jira/browse/SENTRY-2287?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2287: Attachment: SENTRY-2287.004.patch > Find a way to report that HDFS ACL synchronization is complete. > --- > > Key: SENTRY-2287 > URL: https://issues.apache.org/jira/browse/SENTRY-2287 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2287.001.patch, SENTRY-2287.002.patch, > SENTRY-2287.003.patch, SENTRY-2287.004.patch > > > Currently there is no way to confirm that HDFS ACL synchronization is > complete when snapshot is initiated. We need to identify that and log in > console and log file as well. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Comment Edited] (SENTRY-2485) Invoke logging the content dump of authz paths and permissions using a SIGUSR2 signal
[ https://issues.apache.org/jira/browse/SENTRY-2485?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16750336#comment-16750336 ] kalyan kumar kalvagadda edited comment on SENTRY-2485 at 1/23/19 7:04 PM: -- [~arjunmishra13] If you haven't started can I start on it? was (Author: kkalyan): [~arjunmishra13] Can can start on this? > Invoke logging the content dump of authz paths and permissions using a > SIGUSR2 signal > - > > Key: SENTRY-2485 > URL: https://issues.apache.org/jira/browse/SENTRY-2485 > Project: Sentry > Issue Type: Improvement > Components: Sentry >Reporter: Arjun Mishra >Assignee: Arjun Mishra >Priority: Critical > > The dump of all contents for authz paths and authz permissions are right now > only logged at TRACE level and in the update method which is invoked every > 0.5 sec. The dump of content is very useful in debugging and if we can > determine a way to use a signal to log this dump without restarting service, > it will be very helpful -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENTRY-2485) Invoke logging the content dump of authz paths and permissions using a SIGUSR2 signal
[ https://issues.apache.org/jira/browse/SENTRY-2485?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16750336#comment-16750336 ] kalyan kumar kalvagadda commented on SENTRY-2485: - [~arjunmishra13] Can can start on this? > Invoke logging the content dump of authz paths and permissions using a > SIGUSR2 signal > - > > Key: SENTRY-2485 > URL: https://issues.apache.org/jira/browse/SENTRY-2485 > Project: Sentry > Issue Type: Improvement > Components: Sentry >Reporter: Arjun Mishra >Assignee: Arjun Mishra >Priority: Critical > > The dump of all contents for authz paths and authz permissions are right now > only logged at TRACE level and in the update method which is invoked every > 0.5 sec. The dump of content is very useful in debugging and if we can > determine a way to use a signal to log this dump without restarting service, > it will be very helpful -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2454) Add new sentry store api to gather the privileges for a list of authorizables.
[ https://issues.apache.org/jira/browse/SENTRY-2454?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2454: Resolution: Fixed Fix Version/s: 2.2.0 Status: Resolved (was: Patch Available) > Add new sentry store api to gather the privileges for a list of authorizables. > -- > > Key: SENTRY-2454 > URL: https://issues.apache.org/jira/browse/SENTRY-2454 > Project: Sentry > Issue Type: Improvement > Components: Sentry >Affects Versions: 2.2.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Fix For: 2.2.0 > > Attachments: SENTRY-2454.001.patch, SENTRY-2454.002.patch, > SENTRY-2454.003.patch, SENTRY-2454.004.patch > > > New sentry API should be implemented to fetch the privileges granted to > authorizables and it's children. authorizables include database, tables, > columns and URI's. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENTRY-2454) Add new sentry store api to gather the privileges for a list of authorizables.
[ https://issues.apache.org/jira/browse/SENTRY-2454?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16746661#comment-16746661 ] kalyan kumar kalvagadda commented on SENTRY-2454: - [~LinaAtAustin] Thanks for the review. > Add new sentry store api to gather the privileges for a list of authorizables. > -- > > Key: SENTRY-2454 > URL: https://issues.apache.org/jira/browse/SENTRY-2454 > Project: Sentry > Issue Type: Improvement > Components: Sentry >Affects Versions: 2.2.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2454.001.patch, SENTRY-2454.002.patch, > SENTRY-2454.003.patch, SENTRY-2454.004.patch > > > New sentry API should be implemented to fetch the privileges granted to > authorizables and it's children. authorizables include database, tables, > columns and URI's. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (SENTRY-2287) Find a way to report that HDFS ACL synchronization is complete.
[ https://issues.apache.org/jira/browse/SENTRY-2287?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda reassigned SENTRY-2287: --- Assignee: kalyan kumar kalvagadda (was: Arjun Mishra) > Find a way to report that HDFS ACL synchronization is complete. > --- > > Key: SENTRY-2287 > URL: https://issues.apache.org/jira/browse/SENTRY-2287 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2287.001.patch, SENTRY-2287.002.patch, > SENTRY-2287.003.patch > > > Currently there is no way to confirm that HDFS ACL synchronization is > complete when snapshot is initiated. We need to identify that and log in > console and log file as well. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (SENTRY-2287) Find a way to report that HDFS ACL synchronization is complete.
[ https://issues.apache.org/jira/browse/SENTRY-2287?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda reassigned SENTRY-2287: --- Assignee: Arjun Mishra (was: kalyan kumar kalvagadda) > Find a way to report that HDFS ACL synchronization is complete. > --- > > Key: SENTRY-2287 > URL: https://issues.apache.org/jira/browse/SENTRY-2287 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: kalyan kumar kalvagadda >Assignee: Arjun Mishra >Priority: Major > Attachments: SENTRY-2287.001.patch, SENTRY-2287.002.patch, > SENTRY-2287.003.patch > > > Currently there is no way to confirm that HDFS ACL synchronization is > complete when snapshot is initiated. We need to identify that and log in > console and log file as well. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (SENTRY-2279) Make debugging easy for HDFS-sync.
[ https://issues.apache.org/jira/browse/SENTRY-2279?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda reassigned SENTRY-2279: --- Assignee: kalyan kumar kalvagadda (was: Arjun Mishra) > Make debugging easy for HDFS-sync. > -- > > Key: SENTRY-2279 > URL: https://issues.apache.org/jira/browse/SENTRY-2279 > Project: Sentry > Issue Type: Improvement > Components: Sentry >Affects Versions: 2.1.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > > # Add logs to console and also audit logs for below events > ## Why HMS snapshot is taken. > ## HMS full snapshot is fetched. > ## HMS Full snapshot is persisted. > ## Fetching full Update from sentry for Namenode. > ## Full update is sent to Namenode. > ## HDFS ACL are synchronization is complete. > # Show thread information in logs. This makes debugging easy. > # Add a mechanism to track where sentry is in process of fetching Full > Snapshot. > ## Adding metrics which capture the current state > ## Adding logs with intermediate states is also an option. > # Make logs related to HDFS-ACL synchronization more verbose. > ## This includes adding more logging. > ## Elevate the logs level from “DEBUG” to “INFO” for some of the log > messages. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (SENTRY-2287) Find a way to report that HDFS ACL synchronization is complete.
[ https://issues.apache.org/jira/browse/SENTRY-2287?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda reassigned SENTRY-2287: --- Assignee: kalyan kumar kalvagadda (was: Arjun Mishra) > Find a way to report that HDFS ACL synchronization is complete. > --- > > Key: SENTRY-2287 > URL: https://issues.apache.org/jira/browse/SENTRY-2287 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2287.001.patch, SENTRY-2287.002.patch, > SENTRY-2287.003.patch > > > Currently there is no way to confirm that HDFS ACL synchronization is > complete when snapshot is initiated. We need to identify that and log in > console and log file as well. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (SENTRY-2279) Make debugging easy for HDFS-sync.
[ https://issues.apache.org/jira/browse/SENTRY-2279?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda reassigned SENTRY-2279: --- Assignee: Arjun Mishra (was: kalyan kumar kalvagadda) > Make debugging easy for HDFS-sync. > -- > > Key: SENTRY-2279 > URL: https://issues.apache.org/jira/browse/SENTRY-2279 > Project: Sentry > Issue Type: Improvement > Components: Sentry >Affects Versions: 2.1.0 >Reporter: kalyan kumar kalvagadda >Assignee: Arjun Mishra >Priority: Major > > # Add logs to console and also audit logs for below events > ## Why HMS snapshot is taken. > ## HMS full snapshot is fetched. > ## HMS Full snapshot is persisted. > ## Fetching full Update from sentry for Namenode. > ## Full update is sent to Namenode. > ## HDFS ACL are synchronization is complete. > # Show thread information in logs. This makes debugging easy. > # Add a mechanism to track where sentry is in process of fetching Full > Snapshot. > ## Adding metrics which capture the current state > ## Adding logs with intermediate states is also an option. > # Make logs related to HDFS-ACL synchronization more verbose. > ## This includes adding more logging. > ## Elevate the logs level from “DEBUG” to “INFO” for some of the log > messages. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2438) Persist HMS paths in batches.
[ https://issues.apache.org/jira/browse/SENTRY-2438?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2438: Resolution: Fixed Status: Resolved (was: Patch Available) This is a duplicate of [SENTRY-2249|https://github.com/apache/sentry/commit/d7fe398693ac5bfc9e450c27e9afdc9d9de3dd62] which is resolved. > Persist HMS paths in batches. > - > > Key: SENTRY-2438 > URL: https://issues.apache.org/jira/browse/SENTRY-2438 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2438.001.patch > > > With the current JDO definition for AUTHZ_PATH table, inserts into this > tables are not batched. This significantly effects the time taken to persist > the Full snapshot. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Resolved] (SENTRY-2302) Optimize HDFS ACL Synchronization.
[ https://issues.apache.org/jira/browse/SENTRY-2302?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda resolved SENTRY-2302. - Resolution: Fixed Fix Version/s: 2.1 This is a duplicate of [SENTRY-2249|https://github.com/apache/sentry/commit/d7fe398693ac5bfc9e450c27e9afdc9d9de3dd62] which is resolved. > Optimize HDFS ACL Synchronization. > -- > > Key: SENTRY-2302 > URL: https://issues.apache.org/jira/browse/SENTRY-2302 > Project: Sentry > Issue Type: Task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Fix For: 2.1 > > > Optimize the time taken for HDFS-SYNC full snapshot. > # Decrease total time taken for HDFS ACL synchronization. > # Reduce/Avoid the duration HMS threads are blocked by synchronizing the > notifications with sentry. > Here are the time intensive operations in the hdfs-acl synchronization > ordered by time taken. > # Fetching full snapshot from HMS. > # Persisting the snapshot in the database. > # Retrieving full snapshot from database. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Reopened] (SENTRY-2302) Optimize HDFS ACL Synchronization.
[ https://issues.apache.org/jira/browse/SENTRY-2302?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda reopened SENTRY-2302: - > Optimize HDFS ACL Synchronization. > -- > > Key: SENTRY-2302 > URL: https://issues.apache.org/jira/browse/SENTRY-2302 > Project: Sentry > Issue Type: Task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Fix For: 2.1 > > > Optimize the time taken for HDFS-SYNC full snapshot. > # Decrease total time taken for HDFS ACL synchronization. > # Reduce/Avoid the duration HMS threads are blocked by synchronizing the > notifications with sentry. > Here are the time intensive operations in the hdfs-acl synchronization > ordered by time taken. > # Fetching full snapshot from HMS. > # Persisting the snapshot in the database. > # Retrieving full snapshot from database. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Issue Comment Deleted] (SENTRY-2302) Optimize HDFS ACL Synchronization.
[ https://issues.apache.org/jira/browse/SENTRY-2302?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2302: Comment: was deleted (was: This is a duplicate of [SENTRY-2249|https://github.com/apache/sentry/commit/d7fe398693ac5bfc9e450c27e9afdc9d9de3dd62] which is resolved.) > Optimize HDFS ACL Synchronization. > -- > > Key: SENTRY-2302 > URL: https://issues.apache.org/jira/browse/SENTRY-2302 > Project: Sentry > Issue Type: Task > Components: Sentry >Affects Versions: 2.1.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Fix For: 2.1 > > > Optimize the time taken for HDFS-SYNC full snapshot. > # Decrease total time taken for HDFS ACL synchronization. > # Reduce/Avoid the duration HMS threads are blocked by synchronizing the > notifications with sentry. > Here are the time intensive operations in the hdfs-acl synchronization > ordered by time taken. > # Fetching full snapshot from HMS. > # Persisting the snapshot in the database. > # Retrieving full snapshot from database. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2454) Add new sentry store api to gather the privileges for a list of authorizables.
[ https://issues.apache.org/jira/browse/SENTRY-2454?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2454: Attachment: SENTRY-2454.004.patch > Add new sentry store api to gather the privileges for a list of authorizables. > -- > > Key: SENTRY-2454 > URL: https://issues.apache.org/jira/browse/SENTRY-2454 > Project: Sentry > Issue Type: Improvement > Components: Sentry >Affects Versions: 2.2.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2454.001.patch, SENTRY-2454.002.patch, > SENTRY-2454.003.patch, SENTRY-2454.004.patch > > > New sentry API should be implemented to fetch the privileges granted to > authorizables and it's children. authorizables include database, tables, > columns and URI's. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Resolved] (SENTRY-2453) Sentry client should perform translation before sending export/import requests.
[ https://issues.apache.org/jira/browse/SENTRY-2453?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda resolved SENTRY-2453. - Resolution: Fixed Resolving this Jira as the required functionality is added as part of SENTRY-2452 > Sentry client should perform translation before sending export/import > requests. > --- > > Key: SENTRY-2453 > URL: https://issues.apache.org/jira/browse/SENTRY-2453 > Project: Sentry > Issue Type: Improvement > Components: Sentry >Affects Versions: 2.2.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > > Sentry client should parse and translate the provides databases, tables and > URI into authorizable before sending the export/import request to sentry > server. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2249) Enable batch insert of HMS paths in Full Snapshot.
[ https://issues.apache.org/jira/browse/SENTRY-2249?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2249: Attachment: SENTRY-2249.009.patch > Enable batch insert of HMS paths in Full Snapshot. > --- > > Key: SENTRY-2249 > URL: https://issues.apache.org/jira/browse/SENTRY-2249 > Project: Sentry > Issue Type: Improvement > Components: Sentry >Affects Versions: 2.1.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2249.001.patch, SENTRY-2249.002.patch, > SENTRY-2249.003.patch, SENTRY-2249.004.patch, SENTRY-2249.005.patch, > SENTRY-2249.006.patch, SENTRY-2249.008.patch, SENTRY-2249.009.patch > > > Currently each entry in full snapshot of HMS is persisted one entry at a > time. Instead it could be optimized by persisting the path entries in > batches. DB operations are expensive, reducing the number of database > operations and around trip time will help. This would decrease the time to > persist the snapshot in to database significantly. > Size of the batch could be configurable. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2454) Add new sentry store api to gather the privileges for a list of authorizables.
[ https://issues.apache.org/jira/browse/SENTRY-2454?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2454: Attachment: SENTRY-2454.003.patch > Add new sentry store api to gather the privileges for a list of authorizables. > -- > > Key: SENTRY-2454 > URL: https://issues.apache.org/jira/browse/SENTRY-2454 > Project: Sentry > Issue Type: Improvement > Components: Sentry >Affects Versions: 2.2.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2454.001.patch, SENTRY-2454.002.patch, > SENTRY-2454.003.patch > > > New sentry API should be implemented to fetch the privileges granted to > authorizables and it's children. authorizables include database, tables, > columns and URI's. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2452) Change the thrift interface to send the list of authorizable to sentry server
[ https://issues.apache.org/jira/browse/SENTRY-2452?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2452: Resolution: Fixed Fix Version/s: 2.2.0 Status: Resolved (was: Patch Available) > Change the thrift interface to send the list of authorizable to sentry server > - > > Key: SENTRY-2452 > URL: https://issues.apache.org/jira/browse/SENTRY-2452 > Project: Sentry > Issue Type: Improvement >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Fix For: 2.2.0 > > Attachments: SENTRY-2452.001.patch, SENTRY-2452.003.patch, > SENTRY-2452.004.patch > > > TSentryExportMappingDataRequest and TSentryImportMappingDataRequest which are > used to send export and import requests to sentry server should be changed to > be able to send a list authorizables for which permission information has to > be exported/imported. > These requests should accommodate source and target cluster information as > well. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENTRY-2452) Change the thrift interface to send the list of authorizable to sentry server
[ https://issues.apache.org/jira/browse/SENTRY-2452?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16715799#comment-16715799 ] kalyan kumar kalvagadda commented on SENTRY-2452: - Failures are un-related. > Change the thrift interface to send the list of authorizable to sentry server > - > > Key: SENTRY-2452 > URL: https://issues.apache.org/jira/browse/SENTRY-2452 > Project: Sentry > Issue Type: Improvement >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2452.001.patch, SENTRY-2452.003.patch, > SENTRY-2452.004.patch > > > TSentryExportMappingDataRequest and TSentryImportMappingDataRequest which are > used to send export and import requests to sentry server should be changed to > be able to send a list authorizables for which permission information has to > be exported/imported. > These requests should accommodate source and target cluster information as > well. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2452) Change the thrift interface to send the list of authorizable to sentry server
[ https://issues.apache.org/jira/browse/SENTRY-2452?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2452: Attachment: SENTRY-2452.004.patch > Change the thrift interface to send the list of authorizable to sentry server > - > > Key: SENTRY-2452 > URL: https://issues.apache.org/jira/browse/SENTRY-2452 > Project: Sentry > Issue Type: Improvement >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2452.001.patch, SENTRY-2452.003.patch, > SENTRY-2452.004.patch > > > TSentryExportMappingDataRequest and TSentryImportMappingDataRequest which are > used to send export and import requests to sentry server should be changed to > be able to send a list authorizables for which permission information has to > be exported/imported. > These requests should accommodate source and target cluster information as > well. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Resolved] (SENTRY-2468) Replicate owner privileges.
[ https://issues.apache.org/jira/browse/SENTRY-2468?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda resolved SENTRY-2468. - Resolution: Duplicate > Replicate owner privileges. > --- > > Key: SENTRY-2468 > URL: https://issues.apache.org/jira/browse/SENTRY-2468 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.2.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > > In general exporting owner privileges is an unnecessary overhead for couple > of reasons > # Owner privileges are updated automatically in the target cluster when Hive > replication is performed on the target cluster. > # Number of owner privileges could be huge and the magnitude of that would > increase with increase in the number of databases and tables. > > There are still some use cases where there is a need to replicate owner > privilege as well. Here are some of them > # When sentry is not configured in the target cluster when owner privileges > feature is enabled in source cluster. > # When owner privileges feature is enabled in source cluster and not in > target cluster. > In both the above case, target cluster will not have owner privileges for the > hive objects that are replicated. > > In summary, replicating owner privilege should be configurable.It is better > to have it as an input from the administrator performing the export/import > operations. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENTRY-2468) Replicate owner privileges.
[ https://issues.apache.org/jira/browse/SENTRY-2468?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16713000#comment-16713000 ] kalyan kumar kalvagadda commented on SENTRY-2468: - [~spena], I agree. I will resolve this Jira as i have created # SENTRY-2479 # SENTRY-2478 > Replicate owner privileges. > --- > > Key: SENTRY-2468 > URL: https://issues.apache.org/jira/browse/SENTRY-2468 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.2.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > > In general exporting owner privileges is an unnecessary overhead for couple > of reasons > # Owner privileges are updated automatically in the target cluster when Hive > replication is performed on the target cluster. > # Number of owner privileges could be huge and the magnitude of that would > increase with increase in the number of databases and tables. > > There are still some use cases where there is a need to replicate owner > privilege as well. Here are some of them > # When sentry is not configured in the target cluster when owner privileges > feature is enabled in source cluster. > # When owner privileges feature is enabled in source cluster and not in > target cluster. > In both the above case, target cluster will not have owner privileges for the > hive objects that are replicated. > > In summary, replicating owner privilege should be configurable.It is better > to have it as an input from the administrator performing the export/import > operations. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (SENTRY-2479) Avoid exporting/importing privileges that are were asked to be excluded
kalyan kumar kalvagadda created SENTRY-2479: --- Summary: Avoid exporting/importing privileges that are were asked to be excluded Key: SENTRY-2479 URL: https://issues.apache.org/jira/browse/SENTRY-2479 Project: Sentry Issue Type: Improvement Components: Sentry Affects Versions: 2.2.0 Reporter: kalyan kumar kalvagadda When sentry is exporting, privileges with excluded actions should not be exported. When sentry is importing, privileges with excluded actions should not be should be not cleaned up before importing the permissions in the target cluster. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2448) Ability read/write import/export file(s) from HDFS.
[ https://issues.apache.org/jira/browse/SENTRY-2448?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2448: Affects Version/s: (was: 2.1.0) 2.2.0 > Ability read/write import/export file(s) from HDFS. > --- > > Key: SENTRY-2448 > URL: https://issues.apache.org/jira/browse/SENTRY-2448 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.2.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Fix For: 2.2.0 > > > Currently sentry doesn't have capability to export the backup file into HDFS. > This has to be implemented. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2448) Ability read/write import/export file(s) from HDFS.
[ https://issues.apache.org/jira/browse/SENTRY-2448?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2448: Component/s: Sentry > Ability read/write import/export file(s) from HDFS. > --- > > Key: SENTRY-2448 > URL: https://issues.apache.org/jira/browse/SENTRY-2448 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.2.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Fix For: 2.2.0 > > > Currently sentry doesn't have capability to export the backup file into HDFS. > This has to be implemented. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2448) Ability read/write import/export file(s) from HDFS.
[ https://issues.apache.org/jira/browse/SENTRY-2448?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2448: Fix Version/s: 2.2.0 > Ability read/write import/export file(s) from HDFS. > --- > > Key: SENTRY-2448 > URL: https://issues.apache.org/jira/browse/SENTRY-2448 > Project: Sentry > Issue Type: Sub-task > Components: Sentry >Affects Versions: 2.2.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Fix For: 2.2.0 > > > Currently sentry doesn't have capability to export the backup file into HDFS. > This has to be implemented. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Resolved] (SENTRY-2448) Ability read/write import/export file(s) from HDFS.
[ https://issues.apache.org/jira/browse/SENTRY-2448?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda resolved SENTRY-2448. - Resolution: Fixed Resolving the subtask as the work items in it are resolved. > Ability read/write import/export file(s) from HDFS. > --- > > Key: SENTRY-2448 > URL: https://issues.apache.org/jira/browse/SENTRY-2448 > Project: Sentry > Issue Type: Sub-task >Affects Versions: 2.1.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > > Currently sentry doesn't have capability to export the backup file into HDFS. > This has to be implemented. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENTRY-2453) Sentry client should perform translation before sending export/import requests.
[ https://issues.apache.org/jira/browse/SENTRY-2453?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16712977#comment-16712977 ] kalyan kumar kalvagadda commented on SENTRY-2453: - This will be addressed with the code changes performed by SENTRY-2452 > Sentry client should perform translation before sending export/import > requests. > --- > > Key: SENTRY-2453 > URL: https://issues.apache.org/jira/browse/SENTRY-2453 > Project: Sentry > Issue Type: Improvement > Components: Sentry >Affects Versions: 2.2.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > > Sentry client should parse and translate the provides databases, tables and > URI into authorizable before sending the export/import request to sentry > server. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (SENTRY-2451) Extend the export-import tool to provide list of authorizables
[ https://issues.apache.org/jira/browse/SENTRY-2451?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda reassigned SENTRY-2451: --- Assignee: Sergio Peña (was: kalyan kumar kalvagadda) > Extend the export-import tool to provide list of authorizables > -- > > Key: SENTRY-2451 > URL: https://issues.apache.org/jira/browse/SENTRY-2451 > Project: Sentry > Issue Type: Improvement > Components: Sentry >Affects Versions: 2.2.0 >Reporter: kalyan kumar kalvagadda >Assignee: Sergio Peña >Priority: Major > > CLI client should be extended to accept list of authorizable (databases and > tables) for which the permission information has to be exported or imported. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (SENTRY-2478) Extend the export-import tool to exclude permissions with specific actions
kalyan kumar kalvagadda created SENTRY-2478: --- Summary: Extend the export-import tool to exclude permissions with specific actions Key: SENTRY-2478 URL: https://issues.apache.org/jira/browse/SENTRY-2478 Project: Sentry Issue Type: Improvement Components: Sentry Affects Versions: 2.2.0 Reporter: kalyan kumar kalvagadda Assignee: Sergio Peña CLI client should be extended to be able to list of actions for which the permission information should not be exported/imported. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2454) Add new sentry store api to gather the privileges for a list of authorizables.
[ https://issues.apache.org/jira/browse/SENTRY-2454?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2454: Attachment: SENTRY-2454.002.patch > Add new sentry store api to gather the privileges for a list of authorizables. > -- > > Key: SENTRY-2454 > URL: https://issues.apache.org/jira/browse/SENTRY-2454 > Project: Sentry > Issue Type: Improvement > Components: Sentry >Affects Versions: 2.2.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2454.001.patch, SENTRY-2454.002.patch > > > New sentry API should be implemented to fetch the privileges granted to > authorizables and it's children. authorizables include database, tables, > columns and URI's. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2460) Export sentry permission information to HDFS location
[ https://issues.apache.org/jira/browse/SENTRY-2460?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2460: Resolution: Fixed Status: Resolved (was: Patch Available) [~spena] Thanks for the review. > Export sentry permission information to HDFS location > - > > Key: SENTRY-2460 > URL: https://issues.apache.org/jira/browse/SENTRY-2460 > Project: Sentry > Issue Type: Improvement > Components: Sentry >Affects Versions: 2.2.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Fix For: 2.2.0 > > Attachments: SENTRY-2460.001.patch, SENTRY-2460.002.patch, > SENTRY-2460.003.patch > > > Sentry should be able to export permission information to a HDFS location. > This can be done using hadoop-common library. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Comment Edited] (SENTRY-2454) Add new sentry store api to gather the privileges for a list of authorizables.
[ https://issues.apache.org/jira/browse/SENTRY-2454?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16712961#comment-16712961 ] kalyan kumar kalvagadda edited comment on SENTRY-2454 at 12/7/18 3:15 PM: -- Looks to be a un-related failure. As the sentry code doesn't use the new API added. Will re-submit the patch. was (Author: kkalyan): Looks to be a un-related failure. As the sentry code doesn't use the new API added. > Add new sentry store api to gather the privileges for a list of authorizables. > -- > > Key: SENTRY-2454 > URL: https://issues.apache.org/jira/browse/SENTRY-2454 > Project: Sentry > Issue Type: Improvement > Components: Sentry >Affects Versions: 2.2.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2454.001.patch, SENTRY-2454.002.patch > > > New sentry API should be implemented to fetch the privileges granted to > authorizables and it's children. authorizables include database, tables, > columns and URI's. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENTRY-2454) Add new sentry store api to gather the privileges for a list of authorizables.
[ https://issues.apache.org/jira/browse/SENTRY-2454?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16712961#comment-16712961 ] kalyan kumar kalvagadda commented on SENTRY-2454: - Looks to be a un-related failure. As the sentry code doesn't use the new API added. > Add new sentry store api to gather the privileges for a list of authorizables. > -- > > Key: SENTRY-2454 > URL: https://issues.apache.org/jira/browse/SENTRY-2454 > Project: Sentry > Issue Type: Improvement > Components: Sentry >Affects Versions: 2.2.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2454.001.patch, SENTRY-2454.002.patch > > > New sentry API should be implemented to fetch the privileges granted to > authorizables and it's children. authorizables include database, tables, > columns and URI's. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2454) Add new sentry store api to gather the privileges for a list of authorizables.
[ https://issues.apache.org/jira/browse/SENTRY-2454?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2454: Attachment: (was: SENTRY-2454.002.patch) > Add new sentry store api to gather the privileges for a list of authorizables. > -- > > Key: SENTRY-2454 > URL: https://issues.apache.org/jira/browse/SENTRY-2454 > Project: Sentry > Issue Type: Improvement > Components: Sentry >Affects Versions: 2.2.0 >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2454.001.patch, SENTRY-2454.002.patch > > > New sentry API should be implemented to fetch the privileges granted to > authorizables and it's children. authorizables include database, tables, > columns and URI's. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENTRY-2452) Change the thrift interface to send the list of authorizable to sentry server
[ https://issues.apache.org/jira/browse/SENTRY-2452?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] kalyan kumar kalvagadda updated SENTRY-2452: Attachment: SENTRY-2452.003.patch > Change the thrift interface to send the list of authorizable to sentry server > - > > Key: SENTRY-2452 > URL: https://issues.apache.org/jira/browse/SENTRY-2452 > Project: Sentry > Issue Type: Improvement >Reporter: kalyan kumar kalvagadda >Assignee: kalyan kumar kalvagadda >Priority: Major > Attachments: SENTRY-2452.001.patch, SENTRY-2452.003.patch > > > TSentryExportMappingDataRequest and TSentryImportMappingDataRequest which are > used to send export and import requests to sentry server should be changed to > be able to send a list authorizables for which permission information has to > be exported/imported. > These requests should accommodate source and target cluster information as > well. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
