| Release Notes - Sentry - Version 2.2.0 |
| |
| ** Sub-task |
| * [SENTRY-2290] - Avoid storing the path information for partitions in default location |
| * [SENTRY-2423] - Increase the allocation size for auto-increment of id's for Snapshot tables. |
| * [SENTRY-2448] - Ability read/write import/export file(s) from HDFS. |
| * [SENTRY-2495] - Support Conjunctive Matching in Solr QueryDocAuthorizationComponent |
| * [SENTRY-2496] - Support multi-field attribute based document level controls for Solr |
| |
| |
| ** Bug |
| * [SENTRY-2205] - Improve Sentry NN Logging |
| * [SENTRY-2403] - Incorrect naming in RollingFileWithoutDeleteAppender |
| * [SENTRY-2409] - ALTER TABLE SET OWNER does not allow to change the table if using only the table name |
| * [SENTRY-2417] - LocalGroupMappingService class docs do not accurately reflect required INI format |
| * [SENTRY-2425] - Add metric to track the time taken to update the owner privilege |
| * [SENTRY-2428] - Skip null partitions or partitions with null sds entries |
| * [SENTRY-2429] - Transfer database owner drops table owner |
| * [SENTRY-2432] - The case of a username is ignored when determining object ownership |
| * [SENTRY-2441] - When MAuthzPathsMapping is deleted all associated MPaths should be deleted automatically. |
| * [SENTRY-2471] - Table rename should sync Sentry privilege even without location information |
| * [SENTRY-2493] - Sentry store api's for path mapping should handle empty/null paths. |
| * [SENTRY-2497] - show grant role results in NPE when URI does not have scheme |
| * [SENTRY-2498] - Exception while deleting paths that does't exist |
| * [SENTRY-2500] - CREATE on server does not provide HMS server side read authorization for get_all_tables(database_name) |
| * [SENTRY-2501] - Add cache for HMS server filtering hook |
| * [SENTRY-2502] - Sentry NN plug-in stops fetching updates from sentry server |
| * [SENTRY-2538] - consecutiveUpdateFailuresCount is not reset |
| |
| |
| |
| ** New Feature |
| * [SENTRY-2445] - Implement backup and restore mechanism for sentry permissions. |
| * [SENTRY-2481] - Filter HMS server-side objects based on HMS user authorization |
| * [SENTRY-2533] - The UDF in_file should be blacked default |
| |
| ** Improvement |
| * [SENTRY-2249] - Enable batch insert of HMS paths in Full Snapshot. |
| * [SENTRY-2329] - Integrate sentry with Hadoop 3.1.1 |
| * [SENTRY-2371] - Add a new thrift API for getting all privileges a user has |
| * [SENTRY-2372] - SentryStore should not implement grantOptionCheck |
| * [SENTRY-2411] - SHOW GRANT ON authorozable does no display any user privileges on a authorizable |
| * [SENTRY-2413] - Provide a configuration option to permit specific DB privileges to be granted explicitly |
| * [SENTRY-2431] - Update Solr permission mapping to include Metric history reading permission |
| * [SENTRY-2440] - Add a new thrift API for checking if a user is in admin group |
| * [SENTRY-2444] - SigUtils signal handler needs a way to unregister functions. |
| * [SENTRY-2452] - Change the thrift interface to send the list of authorizable to sentry server |
| * [SENTRY-2454] - Add new sentry store api to gather the privileges for a list of authorizables. |
| * [SENTRY-2458] - Separate Web UI and service from service-server to prevent circular dependencies |
| * [SENTRY-2460] - Export sentry permission information to HDFS location |
| * [SENTRY-2462] - Seperate Metrics into sub module in order to remove circular dependencies |
| * [SENTRY-2465] - Move SentryStore instatiation from SentryService to a utility and possibly own module |
| * [SENTRY-2482] - Sentry Solr to support multi-attribute document level security |
| * [SENTRY-2522] - Add a new thrift API for getting all privileges a user has for a given set of authorizable |
| |
| ** Test |
| * [SENTRY-2457] - Reuse connection objects on TestConcurrentClients#testConcurrentHS2Client |
| |
| |
| ** Task |
| * [SENTRY-2436] - Add annotations for classes that are used in binding as public |