| Release Notes - Sentry - Version v1.2.0 |
| |
| ** Bug |
| * [SENTRY-15] - log4j.properties file under sentry-tests references the old access package |
| * [SENTRY-1] - use default on HiveServer2 fails with invalid privileges exception |
| * [SENTRY-2] - Code cleanup in various poms |
| * [ACCESS-8] - Log warning if authorization is not used with strong authentication |
| * [ACCESS-49] - Modify test cases to restrict LOAD from specific locations |
| * [ACCESS-140] - malformatted policy is permitted conditionally |
| * [ACCESS-164] - policy file doesn't check non-exist entity mapping |
| * [ACCESS-174] - access only throw first error message in HiveServer2 log, and ignore the rest |
| * [ACCESS-180] - per DB policy file usability issues |
| * [ACCESS-197] - Child authorizeable objects are not inheriting permissions from parent |
| * [ACCESS-201] - Bad error message in HiveAuthzBinding |
| * [ACCESS-203] - Update trunk version to 1.1 and update dependencies |
| * [ACCESS-230] - CREATE TABLE AS works even if user does not have DB-level access |
| * [ACCESS-231] - ALTER TABLE SET TBLPROPERTIES allows updates to tables even when the user doesn't have the right privileges |
| * [ACCESS-232] - The per-db policy fies can't be accessed if they are not in the same file system as the global policy file. |
| * [ACCESS-233] - The URI permission checks should append path separator before checking the parent path |
| * [ACCESS-235] - Format unqualified URI as DFS uri by default |
| |
| |
| ** Improvement |
| * [SENTRY-5] - Normalize the usernames used in the end to end tests |
| * [ACCESS-100] - ResourceAuthzProvider should ensure the subject name is non-null before doing the group lookup |
| * [ACCESS-157] - Access hard codes hive authentication method none |
| * [ACCESS-211] - Add maven profile for compiling access with upstream Apache hadoop/hive |
| * [ACCESS-221] - Restrict the URI access granted from a per-database policy file |
| |
| |
| |
| ** Task |
| * [ACCESS-16] - Implement the test cases in the test plan |
| * [ACCESS-34] - Analyze Path Security |
| * [ACCESS-115] - Format all files using a consistent code style formatter for the project |
| * [ACCESS-122] - Remove context.close() mid-test |
| * [ACCESS-123] - Fix confusing communication mechanism to request if ANY access is exists |
| * [ACCESS-125] - TestUserManagement major issues |
| * [ACCESS-127] - TestSandboxOps Major issues |
| * [ACCESS-130] - TestMovingToProduction major issues |
| * [ACCESS-136] - TestCrossDbOps major issues |
| * [ACCESS-145] - TestMetadataObjectRetrieval major issues |
| * [ACCESS-147] - TestPrivilegeAtTransform major issues |
| * [ACCESS-149] - TestPrivilegesAtDatabaseScope major issues |
| * [ACCESS-152] - TestPrivilegesAtTableScope minor issues |
| * [ACCESS-166] - Policy Engine should do expanded validation of policy file |
| * [ACCESS-194] - Explore options for metastore access restriction |
| * [ACCESS-195] - Support username mapping at access level |
| |
| ** Sub-task |
| * [ACCESS-101] - Implement more test cases regarding subquery |
| * [ACCESS-209] - be able to run e2e test in cluster mode |
| * [ACCESS-225] - Update master branch version to 1.2.0-SNAPSHOT |