Release Notes - Sentry - Version v1.2.0 ** Bug * [SENTRY-15] - log4j.properties file under sentry-tests references the old access package * [SENTRY-1] - use default on HiveServer2 fails with invalid privileges exception * [SENTRY-2] - Code cleanup in various poms * [ACCESS-8] - Log warning if authorization is not used with strong authentication * [ACCESS-49] - Modify test cases to restrict LOAD from specific locations * [ACCESS-140] - malformatted policy is permitted conditionally * [ACCESS-164] - policy file doesn't check non-exist entity mapping * [ACCESS-174] - access only throw first error message in HiveServer2 log, and ignore the rest * [ACCESS-180] - per DB policy file usability issues * [ACCESS-197] - Child authorizeable objects are not inheriting permissions from parent * [ACCESS-201] - Bad error message in HiveAuthzBinding * [ACCESS-203] - Update trunk version to 1.1 and update dependencies * [ACCESS-230] - CREATE TABLE AS works even if user does not have DB-level access * [ACCESS-231] - ALTER TABLE SET TBLPROPERTIES allows updates to tables even when the user doesn't have the right privileges * [ACCESS-232] - The per-db policy fies can't be accessed if they are not in the same file system as the global policy file. * [ACCESS-233] - The URI permission checks should append path separator before checking the parent path * [ACCESS-235] - Format unqualified URI as DFS uri by default ** Improvement * [SENTRY-5] - Normalize the usernames used in the end to end tests * [ACCESS-100] - ResourceAuthzProvider should ensure the subject name is non-null before doing the group lookup * [ACCESS-157] - Access hard codes hive authentication method none * [ACCESS-211] - Add maven profile for compiling access with upstream Apache hadoop/hive * [ACCESS-221] - Restrict the URI access granted from a per-database policy file ** Task * [ACCESS-16] - Implement the test cases in the test plan * [ACCESS-34] - Analyze Path Security * [ACCESS-115] - Format all files using a consistent code style formatter for the project * [ACCESS-122] - Remove context.close() mid-test * [ACCESS-123] - Fix confusing communication mechanism to request if ANY access is exists * [ACCESS-125] - TestUserManagement major issues * [ACCESS-127] - TestSandboxOps Major issues * [ACCESS-130] - TestMovingToProduction major issues * [ACCESS-136] - TestCrossDbOps major issues * [ACCESS-145] - TestMetadataObjectRetrieval major issues * [ACCESS-147] - TestPrivilegeAtTransform major issues * [ACCESS-149] - TestPrivilegesAtDatabaseScope major issues * [ACCESS-152] - TestPrivilegesAtTableScope minor issues * [ACCESS-166] - Policy Engine should do expanded validation of policy file * [ACCESS-194] - Explore options for metastore access restriction * [ACCESS-195] - Support username mapping at access level ** Sub-task * [ACCESS-101] - Implement more test cases regarding subquery * [ACCESS-209] - be able to run e2e test in cluster mode * [ACCESS-225] - Update master branch version to 1.2.0-SNAPSHOT