CHANGELOG.txt - incubator-sentry - Git at Google

 Release Notes - Sentry - Version 1.4.0

 ** Sub-task
     * [SENTRY-97] - Create service configuration properties
     * [SENTRY-129] - Implement Hive Sentry Authz DDL Task Factory
     * [SENTRY-134] - Use BoneCP, add unique constraint to GROUP_NAME, and expose jdo/datanucleus properties
     * [SENTRY-137] - Validate privilege scope in sentry service
     * [SENTRY-138] - Use server timestamp for createTime for role, privilege and group
     * [SENTRY-142] - Create database backed ProviderBackend
     * [SENTRY-143] - Merge db_policy_store branch into master
     * [SENTRY-153] - Add Hive e2e test with grant/revoke statements
     * [SENTRY-156] - Support local privilege validation APIs
     * [SENTRY-160] - Class to table mapping in package.jdo is incorrect
     * [SENTRY-364] - Bump up hive and hadoop versions from SNAPSHOT to released bits
     * [SENTRY-365] - Create release branch for 1.4.0
     * [SENTRY-369] - Update changelog.txt, notice.txt, etc... for 1.4.0 release


 ** Bug
     * [SENTRY-118] - cast udf should be added to sentry udf whitelist for hive
     * [SENTRY-131] - bin/sentry script doesn't find config-tool.sh under some circumstances
     * [SENTRY-133] - Alter table create partition if not exists - results in error
     * [SENTRY-161] - Sentry master branch is trying to download Hadoop tarball from nonexisting URL
     * [SENTRY-162] - Cleanup DB store privilege metadata on Hive DDL statements
     * [SENTRY-166] - Sentry does not accept URIs with an equals sign (=) in path. Fails with llegalArgumentException: Invalid key value
     * [SENTRY-169] - JAAS login options not compatible with IBM JDK
     * [SENTRY-172] - config-tool.sh is missing from master branch
     * [SENTRY-174] - Sentry should not package hadoop, hive and other jars
     * [SENTRY-175] - sentry script throws error for the dbstore service invocation
     * [SENTRY-176] - Not able to read policy files on HDFS (Regression)
     * [SENTRY-177] - Sentry Policy Service does not treat role names as case insensitive
     * [SENTRY-178] - Poor performance for Sentry Policy Service as #of privileges is scaled up
     * [SENTRY-181] - Add a test case for duplicate privileges
     * [SENTRY-182] - Granting ALL privileges to table does not seem to do the right thing when using the SimpleDbPolicyProvider
     * [SENTRY-183] - Sentry Policy Service goes into an unusable state when granting privileges. Subsequent access fail with a DataNucleusException: "Iteration request failed: SELECT ..."
     * [SENTRY-186] - e2e tests for solr document-level security
     * [SENTRY-187] - Use invariants rather than default for specification of update index level authorization
     * [SENTRY-188] - Reduce the logging level during per-db policy loading
     * [SENTRY-190] - Support for getting set of roles from ProviderBackend
     * [SENTRY-191] - Sentry Policy Service should not require passing the RPC requestor's user/group information
     * [SENTRY-192] - Convert solr doc-level e2e test to be based on roles rather than groups
     * [SENTRY-194] - Sentry script should note use Hive script by default for service and tool execution
     * [SENTRY-195] - Sentry schema tool can't process comments inside statement
     * [SENTRY-200] - Remove sentry-provider dependencies on hive
     * [SENTRY-201] - TestDatabaseProvider tests fail after Sentry schema tool was added.
     * [SENTRY-202] - Sentry end to end tests which use ClusterDFS will need to explicitly add the policy file to HDFS
     * [SENTRY-203] - Column name mismatch causes DataNucleus to throw exceptions
     * [SENTRY-204] - Test cases extending SentryServiceIntegrationBase are failing
     * [SENTRY-205] - Sentry throws Exception when trying to revoke Table level privileges
     * [SENTRY-206] - Sentry distribution should include a template config file for the service
     * [SENTRY-207] - Sentry script should return non-zero exist status in error conditions
     * [SENTRY-209] - Empty list returned when calling listPrivilegesByRoleName
     * [SENTRY-210] - Exception Thrown When Trying to grantRoleToGroup
     * [SENTRY-212] - Restrict access to hive config property hive.sentry.active.role.set which is set by Sentry Hive binding
     * [SENTRY-213] - Sentry schema tool doesn't handle sentry.javax.jdo.* properties
     * [SENTRY-214] - Sentry Service does not allow the same Privilege to be associated to multiple Roles
     * [SENTRY-217] - Add Insert and URI tests for Sentry DB provider
     * [SENTRY-218] - Use defaults for user, password and driver in SchemaTool
     * [SENTRY-219] - Sentry Cache Backend Provider initialization does not work as expected
     * [SENTRY-220] - Trivial fix to SentrySchemaTool to set default driver
     * [SENTRY-221] - Privilege scope is case sensitive
     * [SENTRY-222] - Privileges are sometimes granted to the wrong roles
     * [SENTRY-224] - Provider resource should not be required for DB provider backend
     * [SENTRY-229] - SentrySchemaTool initSchema does not work with postgres 8.1and oracle
     * [SENTRY-231] - Fix JDK 6 build
     * [SENTRY-235] - Change tests in TestSentryServerWithoutKerberos to use new Sentry service APIs
     * [SENTRY-236] - Sentry PolicyFile provider incorrectly logs error messages when reading policy file
     * [SENTRY-237] - Support log4j configuration for Sentry service
     * [SENTRY-238] - Denied Show roles and show role grant throw thrift exception
     * [SENTRY-239] - Setup in TestDatabaseProvider is flaky
     * [SENTRY-241] - Sentry GrantRevokeTask should fire the sentry failure look
     * [SENTRY-243] - The operation type needs to be set in the grant/revoke task context for the failure hook
     * [SENTRY-244] - Sentry deprecated properties do not work
     * [SENTRY-245] - Fix failing db provider tests
     * [SENTRY-246] - Load command does not seem to work with filter push down
     * [SENTRY-247] - Go back to using filter push down once the bugs are fixed
     * [SENTRY-248] - The sentry-provider-cache dependency is not correctly set
     * [SENTRY-249] - "Use default" should be allowed for all the users even when using filter push down
     * [SENTRY-250] - Create external table fails with filter push down
     * [SENTRY-251] - PolicyProviderForTest.addPrivilege breaks in some cases
     * [SENTRY-252] - Per db policy files based tests should be updated for dbprovider usage
     * [SENTRY-253] - Creating external table seems to be failing when using provider db.
     * [SENTRY-254] - Privilege name in provider db has a limit of length 128 which might be very low for long uris.
     * [SENTRY-255] - Revoke on Server privilege fails
     * [SENTRY-256] - Fix TestDbEndToEnd.testEndToEnd1
     * [SENTRY-257] - Upgrade master to use version 1.4.0-incubating-SNAPSHOT
     * [SENTRY-259] - Implement Hive metastore plugin
     * [SENTRY-260] - Add support to use DB2  as database for sentry metastore
     * [SENTRY-262] - Updating patch for SENTRY-178
     * [SENTRY-263] - Remove usage of getHostString() from AbstractTestWithStaticConfiguration
     * [SENTRY-266] - Implement _HOST substitution in principal
     * [SENTRY-268] - Allow only granted roles to be set in "SET ROLE <roleName>"
     * [SENTRY-269] - Add a test case for Denied Alter table, should fire SentryOnFailureHook
     * [SENTRY-271] - Test TestSentryServiceIntegration is flaky
     * [SENTRY-272] - Test TestSentryStoreToAuthorizable.testUri is failing on comparing URI string
     * [SENTRY-273] - org.apache.sentry.tests.e2e.dbprovider.TestDbUriPermissions is failing
     * [SENTRY-274] - MySQL init scripts contains invalid comments
     * [SENTRY-275] - Fix compilation error in SentryService
     * [SENTRY-276] - SentryService tests are currently timing out
     * [SENTRY-277] - Add Pig+HCat test for Metastore auth plugin
     * [SENTRY-278] -  TestSearchModelAuthorizables.testTooManyKV and  TestDBModelAuthorizables.testTooManyKV fail
     * [SENTRY-279] - Revert back using lowercase for uri label
     * [SENTRY-280] - Sentry-202 missing changes
     * [SENTRY-281] - Revoking a parent privilege should revoke all child privileges
     * [SENTRY-282] - Select on DB should give privileges to query tables within it.
     * [SENTRY-283] - Secure connection from HS2 to Sentry service fails
     * [SENTRY-284] - Create test for creating external partition
     * [SENTRY-285] - privilege->action=all is not same as privilege
     * [SENTRY-288] - Dissable MetastoreBinding for test cases that do not require it
     * [SENTRY-289] - Kerberos based connection from HS2 and Metastore to Sentry service fails
     * [SENTRY-290] - Handle null pointer in SentryPolicyProcessor
     * [SENTRY-294] - The Sentry service client should execute UGI privilege action by default
     * [SENTRY-297] - Increase privilege_name to 4000 in mysql to be consistent with other dbs
     * [SENTRY-299] - Partial Revoke Fails under certain conditions
     * [SENTRY-300] - HiveAuthzBinding checks for Hive server2 config which is not available when using Sentry with Hive meta store server
     * [SENTRY-301] - Sentry plugin fails access service from secure Hive Metastore
     * [SENTRY-302] - Partial revoke on Table fails if both ALL and a SELECT/INSERT grant exists
     * [SENTRY-304] - Limit on index key in MYSQL (innoDB ) is 767 bytes
     * [SENTRY-305] - SHOW CURRENT ROLES shouldn't require admin privileges
     * [SENTRY-306] - Fix grant all on table in db based provider
     * [SENTRY-307] - Unqualified URIs should be reconstructed in a standard way
     * [SENTRY-309] - Metastore binding should use fully qualified URI for validating alter table operations
     * [SENTRY-310] - Make Hive operation to required privileges more granular
     * [SENTRY-311] - Metastore plugin needs to be changed to updated privilege model
     * [SENTRY-312] - Add 'decimal' and 'date' to default UDF whitelist
     * [SENTRY-313] - Fix some uri failing tests
     * [SENTRY-314] - Metastore plugin should verify the storage descriptor before referencing
     * [SENTRY-315] - SHOW CURRENT ROLE fails if the one of the groups doesn't have any roles granted
     * [SENTRY-317] - Fix TestDbOperations.testLoad test
     * [SENTRY-319] - group names should be case sensitive.
     * [SENTRY-321] - SentryMetastorePostEventListener should use sentry config to create SentryClient
     * [SENTRY-332] - A role may got empty privilege, although the role have some privileges
     * [SENTRY-336] - Fix test failures on real cluster
     * [SENTRY-337] - When the parameter sentry.metastore.service.users isn't set or set empty, starting metastore will throw java.lang.NullPointerException
     * [SENTRY-363] - CTAS from view is requiring select on underlying table


 ** Improvement
     * [SENTRY-106] - Make solr testing work against apache 4.7 version
     * [SENTRY-193] - Add schematool for creating Sentry store schema from the SQL scripts
     * [SENTRY-211] - Do the user: group lookup in the Sentry db policy server
     * [SENTRY-258] - Increase field PRIVILEGE_NAME to 4000 characters to enable long URIs
     * [SENTRY-293] - Create a new mvn cluster test profile for provider db tests
     * [SENTRY-303] - Allow users to grant/revoke SELECT/INSERT to ALL tables in a Database
     * [SENTRY-333] - Add conf directory to sentry distribution
     * [SENTRY-361] - Sentry server should use sentry-site.xml in conf directory by default

 ** New Feature
     * [SENTRY-3] - Create a diagnostics tool for configuration validation
     * [SENTRY-37] - Implement a DB backed policy store
     * [SENTRY-115] - Give bindings the ability to access the group mappings
     * [SENTRY-157] - Support filter pushdown in DB Store client to reduce data transfer from DB Store service
     * [SENTRY-158] - Hive bindings should enable MR level ACLs for session user
     * [SENTRY-165] - Implement createShowRolesTask() in SentryHiveAuthorizationTaskFactoryImpl
     * [SENTRY-184] - Add Sentry service APIs to query roles and privileges
     * [SENTRY-199] - Create tool that will convert policy file into into DB store
     * [SENTRY-215] - SHOW GRANT ROLE xxx ON [SERVER, DATABASE, TABLE, URI] xxx
     * [SENTRY-216] - Support SHOW CURRENT ROLES


 ** Task
     * [SENTRY-159] - Convert AbstractSolrSentryTestBase to use MiniSolrCloudCluster rather than Lucene test hierarchy
     * [SENTRY-164] - Missing implementation for  HiveAuthorizationTaskFactory: createShowRolesTask()
     * [SENTRY-230] - e2e test for doc level security to cover failure scenarios around Index level auth
     * [SENTRY-356] - Apache Sentry 1.4.0 Release


 ** Test
     * [SENTRY-223] - Add a test for updates with doc-level security
     * [SENTRY-233] - Disable hdfs blockcache during solr e2e tests
     * [SENTRY-261] - Improve test coverage for grant/revoke statements in Hive e2e tests
     * [SENTRY-287] - Add test case for giving select privieleges on a table in a non default database
     * [SENTRY-291] - Remove duplicate testSameGrantTwice
	Release Notes - Sentry - Version 1.4.0

	** Sub-task
	* [SENTRY-97] - Create service configuration properties
	* [SENTRY-129] - Implement Hive Sentry Authz DDL Task Factory
	* [SENTRY-134] - Use BoneCP, add unique constraint to GROUP_NAME, and expose jdo/datanucleus properties
	* [SENTRY-137] - Validate privilege scope in sentry service
	* [SENTRY-138] - Use server timestamp for createTime for role, privilege and group
	* [SENTRY-142] - Create database backed ProviderBackend
	* [SENTRY-143] - Merge db_policy_store branch into master
	* [SENTRY-153] - Add Hive e2e test with grant/revoke statements
	* [SENTRY-156] - Support local privilege validation APIs
	* [SENTRY-160] - Class to table mapping in package.jdo is incorrect
	* [SENTRY-364] - Bump up hive and hadoop versions from SNAPSHOT to released bits
	* [SENTRY-365] - Create release branch for 1.4.0
	* [SENTRY-369] - Update changelog.txt, notice.txt, etc... for 1.4.0 release



	** Bug
	* [SENTRY-118] - cast udf should be added to sentry udf whitelist for hive
	* [SENTRY-131] - bin/sentry script doesn't find config-tool.sh under some circumstances
	* [SENTRY-133] - Alter table create partition if not exists - results in error
	* [SENTRY-161] - Sentry master branch is trying to download Hadoop tarball from nonexisting URL
	* [SENTRY-162] - Cleanup DB store privilege metadata on Hive DDL statements
	* [SENTRY-166] - Sentry does not accept URIs with an equals sign (=) in path. Fails with llegalArgumentException: Invalid key value
	* [SENTRY-169] - JAAS login options not compatible with IBM JDK
	* [SENTRY-172] - config-tool.sh is missing from master branch
	* [SENTRY-174] - Sentry should not package hadoop, hive and other jars
	* [SENTRY-175] - sentry script throws error for the dbstore service invocation
	* [SENTRY-176] - Not able to read policy files on HDFS (Regression)
	* [SENTRY-177] - Sentry Policy Service does not treat role names as case insensitive
	* [SENTRY-178] - Poor performance for Sentry Policy Service as #of privileges is scaled up
	* [SENTRY-181] - Add a test case for duplicate privileges
	* [SENTRY-182] - Granting ALL privileges to table does not seem to do the right thing when using the SimpleDbPolicyProvider
	* [SENTRY-183] - Sentry Policy Service goes into an unusable state when granting privileges. Subsequent access fail with a DataNucleusException: "Iteration request failed: SELECT ..."
	* [SENTRY-186] - e2e tests for solr document-level security
	* [SENTRY-187] - Use invariants rather than default for specification of update index level authorization
	* [SENTRY-188] - Reduce the logging level during per-db policy loading
	* [SENTRY-190] - Support for getting set of roles from ProviderBackend
	* [SENTRY-191] - Sentry Policy Service should not require passing the RPC requestor's user/group information
	* [SENTRY-192] - Convert solr doc-level e2e test to be based on roles rather than groups
	* [SENTRY-194] - Sentry script should note use Hive script by default for service and tool execution
	* [SENTRY-195] - Sentry schema tool can't process comments inside statement
	* [SENTRY-200] - Remove sentry-provider dependencies on hive
	* [SENTRY-201] - TestDatabaseProvider tests fail after Sentry schema tool was added.
	* [SENTRY-202] - Sentry end to end tests which use ClusterDFS will need to explicitly add the policy file to HDFS
	* [SENTRY-203] - Column name mismatch causes DataNucleus to throw exceptions
	* [SENTRY-204] - Test cases extending SentryServiceIntegrationBase are failing
	* [SENTRY-205] - Sentry throws Exception when trying to revoke Table level privileges
	* [SENTRY-206] - Sentry distribution should include a template config file for the service
	* [SENTRY-207] - Sentry script should return non-zero exist status in error conditions
	* [SENTRY-209] - Empty list returned when calling listPrivilegesByRoleName
	* [SENTRY-210] - Exception Thrown When Trying to grantRoleToGroup
	* [SENTRY-212] - Restrict access to hive config property hive.sentry.active.role.set which is set by Sentry Hive binding
	* [SENTRY-213] - Sentry schema tool doesn't handle sentry.javax.jdo.* properties
	* [SENTRY-214] - Sentry Service does not allow the same Privilege to be associated to multiple Roles
	* [SENTRY-217] - Add Insert and URI tests for Sentry DB provider
	* [SENTRY-218] - Use defaults for user, password and driver in SchemaTool
	* [SENTRY-219] - Sentry Cache Backend Provider initialization does not work as expected
	* [SENTRY-220] - Trivial fix to SentrySchemaTool to set default driver
	* [SENTRY-221] - Privilege scope is case sensitive
	* [SENTRY-222] - Privileges are sometimes granted to the wrong roles
	* [SENTRY-224] - Provider resource should not be required for DB provider backend
	* [SENTRY-229] - SentrySchemaTool initSchema does not work with postgres 8.1and oracle
	* [SENTRY-231] - Fix JDK 6 build
	* [SENTRY-235] - Change tests in TestSentryServerWithoutKerberos to use new Sentry service APIs
	* [SENTRY-236] - Sentry PolicyFile provider incorrectly logs error messages when reading policy file
	* [SENTRY-237] - Support log4j configuration for Sentry service
	* [SENTRY-238] - Denied Show roles and show role grant throw thrift exception
	* [SENTRY-239] - Setup in TestDatabaseProvider is flaky
	* [SENTRY-241] - Sentry GrantRevokeTask should fire the sentry failure look
	* [SENTRY-243] - The operation type needs to be set in the grant/revoke task context for the failure hook
	* [SENTRY-244] - Sentry deprecated properties do not work
	* [SENTRY-245] - Fix failing db provider tests
	* [SENTRY-246] - Load command does not seem to work with filter push down
	* [SENTRY-247] - Go back to using filter push down once the bugs are fixed
	* [SENTRY-248] - The sentry-provider-cache dependency is not correctly set
	* [SENTRY-249] - "Use default" should be allowed for all the users even when using filter push down
	* [SENTRY-250] - Create external table fails with filter push down
	* [SENTRY-251] - PolicyProviderForTest.addPrivilege breaks in some cases
	* [SENTRY-252] - Per db policy files based tests should be updated for dbprovider usage
	* [SENTRY-253] - Creating external table seems to be failing when using provider db.
	* [SENTRY-254] - Privilege name in provider db has a limit of length 128 which might be very low for long uris.
	* [SENTRY-255] - Revoke on Server privilege fails
	* [SENTRY-256] - Fix TestDbEndToEnd.testEndToEnd1
	* [SENTRY-257] - Upgrade master to use version 1.4.0-incubating-SNAPSHOT
	* [SENTRY-259] - Implement Hive metastore plugin
	* [SENTRY-260] - Add support to use DB2 as database for sentry metastore
	* [SENTRY-262] - Updating patch for SENTRY-178
	* [SENTRY-263] - Remove usage of getHostString() from AbstractTestWithStaticConfiguration
	* [SENTRY-266] - Implement _HOST substitution in principal
	* [SENTRY-268] - Allow only granted roles to be set in "SET ROLE <roleName>"
	* [SENTRY-269] - Add a test case for Denied Alter table, should fire SentryOnFailureHook
	* [SENTRY-271] - Test TestSentryServiceIntegration is flaky
	* [SENTRY-272] - Test TestSentryStoreToAuthorizable.testUri is failing on comparing URI string
	* [SENTRY-273] - org.apache.sentry.tests.e2e.dbprovider.TestDbUriPermissions is failing
	* [SENTRY-274] - MySQL init scripts contains invalid comments
	* [SENTRY-275] - Fix compilation error in SentryService
	* [SENTRY-276] - SentryService tests are currently timing out
	* [SENTRY-277] - Add Pig+HCat test for Metastore auth plugin
	* [SENTRY-278] - TestSearchModelAuthorizables.testTooManyKV and TestDBModelAuthorizables.testTooManyKV fail
	* [SENTRY-279] - Revert back using lowercase for uri label
	* [SENTRY-280] - Sentry-202 missing changes
	* [SENTRY-281] - Revoking a parent privilege should revoke all child privileges
	* [SENTRY-282] - Select on DB should give privileges to query tables within it.
	* [SENTRY-283] - Secure connection from HS2 to Sentry service fails
	* [SENTRY-284] - Create test for creating external partition
	* [SENTRY-285] - privilege->action=all is not same as privilege
	* [SENTRY-288] - Dissable MetastoreBinding for test cases that do not require it
	* [SENTRY-289] - Kerberos based connection from HS2 and Metastore to Sentry service fails
	* [SENTRY-290] - Handle null pointer in SentryPolicyProcessor
	* [SENTRY-294] - The Sentry service client should execute UGI privilege action by default
	* [SENTRY-297] - Increase privilege_name to 4000 in mysql to be consistent with other dbs
	* [SENTRY-299] - Partial Revoke Fails under certain conditions
	* [SENTRY-300] - HiveAuthzBinding checks for Hive server2 config which is not available when using Sentry with Hive meta store server
	* [SENTRY-301] - Sentry plugin fails access service from secure Hive Metastore
	* [SENTRY-302] - Partial revoke on Table fails if both ALL and a SELECT/INSERT grant exists
	* [SENTRY-304] - Limit on index key in MYSQL (innoDB ) is 767 bytes
	* [SENTRY-305] - SHOW CURRENT ROLES shouldn't require admin privileges
	* [SENTRY-306] - Fix grant all on table in db based provider
	* [SENTRY-307] - Unqualified URIs should be reconstructed in a standard way
	* [SENTRY-309] - Metastore binding should use fully qualified URI for validating alter table operations
	* [SENTRY-310] - Make Hive operation to required privileges more granular
	* [SENTRY-311] - Metastore plugin needs to be changed to updated privilege model
	* [SENTRY-312] - Add 'decimal' and 'date' to default UDF whitelist
	* [SENTRY-313] - Fix some uri failing tests
	* [SENTRY-314] - Metastore plugin should verify the storage descriptor before referencing
	* [SENTRY-315] - SHOW CURRENT ROLE fails if the one of the groups doesn't have any roles granted
	* [SENTRY-317] - Fix TestDbOperations.testLoad test
	* [SENTRY-319] - group names should be case sensitive.
	* [SENTRY-321] - SentryMetastorePostEventListener should use sentry config to create SentryClient
	* [SENTRY-332] - A role may got empty privilege, although the role have some privileges
	* [SENTRY-336] - Fix test failures on real cluster
	* [SENTRY-337] - When the parameter sentry.metastore.service.users isn't set or set empty, starting metastore will throw java.lang.NullPointerException
	* [SENTRY-363] - CTAS from view is requiring select on underlying table




	** Improvement
	* [SENTRY-106] - Make solr testing work against apache 4.7 version
	* [SENTRY-193] - Add schematool for creating Sentry store schema from the SQL scripts
	* [SENTRY-211] - Do the user: group lookup in the Sentry db policy server
	* [SENTRY-258] - Increase field PRIVILEGE_NAME to 4000 characters to enable long URIs
	* [SENTRY-293] - Create a new mvn cluster test profile for provider db tests
	* [SENTRY-303] - Allow users to grant/revoke SELECT/INSERT to ALL tables in a Database
	* [SENTRY-333] - Add conf directory to sentry distribution
	* [SENTRY-361] - Sentry server should use sentry-site.xml in conf directory by default

	** New Feature
	* [SENTRY-3] - Create a diagnostics tool for configuration validation
	* [SENTRY-37] - Implement a DB backed policy store
	* [SENTRY-115] - Give bindings the ability to access the group mappings
	* [SENTRY-157] - Support filter pushdown in DB Store client to reduce data transfer from DB Store service
	* [SENTRY-158] - Hive bindings should enable MR level ACLs for session user
	* [SENTRY-165] - Implement createShowRolesTask() in SentryHiveAuthorizationTaskFactoryImpl
	* [SENTRY-184] - Add Sentry service APIs to query roles and privileges
	* [SENTRY-199] - Create tool that will convert policy file into into DB store
	* [SENTRY-215] - SHOW GRANT ROLE xxx ON [SERVER, DATABASE, TABLE, URI] xxx
	* [SENTRY-216] - Support SHOW CURRENT ROLES




	** Task
	* [SENTRY-159] - Convert AbstractSolrSentryTestBase to use MiniSolrCloudCluster rather than Lucene test hierarchy
	* [SENTRY-164] - Missing implementation for HiveAuthorizationTaskFactory: createShowRolesTask()
	* [SENTRY-230] - e2e test for doc level security to cover failure scenarios around Index level auth
	* [SENTRY-356] - Apache Sentry 1.4.0 Release


	** Test
	* [SENTRY-223] - Add a test for updates with doc-level security
	* [SENTRY-233] - Disable hdfs blockcache during solr e2e tests
	* [SENTRY-261] - Improve test coverage for grant/revoke statements in Hive e2e tests
	* [SENTRY-287] - Add test case for giving select privieleges on a table in a non default database
	* [SENTRY-291] - Remove duplicate testSameGrantTwice