sentry-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colin Ma (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (SENTRY-1004) Create CommonPrivilege for external component
Date Mon, 01 Feb 2016 02:19:39 GMT

    [ https://issues.apache.org/jira/browse/SENTRY-1004?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15125639#comment-15125639
] 

Colin Ma commented on SENTRY-1004:
----------------------------------

[~anneyu], thanks for the review.
To make integration with Sentry easily, this is one of patch for the common model and common
privilege. The other part should be the common policy.
Like the test case in this patch, the external component only need to implement the Model,
Resource and binding. Another improvement is the action compare is more flexibility.
Look into SENTRY-912 about Kafka integration, the sub tasks SENTRY-1012 and SENTRY-1013 have
a lot of changes. The refactor will remove these unnecessary implementation and  make the
integration easily.

> Create CommonPrivilege for external component
> ---------------------------------------------
>
>                 Key: SENTRY-1004
>                 URL: https://issues.apache.org/jira/browse/SENTRY-1004
>             Project: Sentry
>          Issue Type: Sub-task
>            Reporter: Colin Ma
>            Assignee: Colin Ma
>             Fix For: 1.7.0
>
>         Attachments: SENTRY-1004.001.patch, SENTRY-1004.002.patch, SENTRY-1004.003.patch
>
>
> Create CommonPrivilege for every component.
> The main change is for the interface Privilege, implies(Privilege p)  --->  implies(Privilege
privilege, Map<String, String> implyMethodMap, Map<String, Integer> actionMap)
> The actionMap is stored the mapping between action name and action value, eg:
>      for Hive:   select   --->   1   (binary: 0000001)
>                       insert  --->    3   (binary: 0000011)
>                      create --->     4   (binary: 0000100)
>                         all    --->     7   (binary: 0000111)
> when compare the action, use the action value with the & operator
>  The implyMethodMap is stored the mapping between resource type and imply method, eg:
>      for Hive:    db   --->   string  (imply as string value)
>                       url  --->   url     (imply as url value)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message