Release Notes - Sentry - Version 2.1.0


** New Feature
    * [SENTRY-2106] - If Sentry is ahead do not trigger a full snapshot
    * [SENTRY-2151] - Automatically derive owner privileges from Hive Object Ownership
    * [SENTRY-2220] - Support all Hive SHOW GRANT commands


** Improvement
    * [SENTRY-853] - Handle show grant on <auth> failure correctly
    * [SENTRY-1572] - SentryMain() shouldn't dynamically load tool class
    * [SENTRY-1930] - Switch to hive-authz2 profile by default
    * [SENTRY-1951] - Old SentryStore.retrieveFullPathsImage() should be removed
    * [SENTRY-2076] - Some test artifacts are not defined at test scope
    * [SENTRY-2145] - Some misc code cleanups
    * [SENTRY-2147] - Fix Javadoc for SentryHiveAuthorizerFactory
    * [SENTRY-2150] - Update Apache parent pom version
    * [SENTRY-2165] - NotificationProcesser process notification methods have logs wrongly flagged as ERROR
    * [SENTRY-2183] - Increase default sentry-hdfs rpc timeout to 20 mins
    * [SENTRY-2198] - Update to Kafka 1.0.0
    * [SENTRY-2269] - Make SentryStore pluggable
    * [SENTRY-2284] - Add two client API to get all roles or users privileges mapping
    * [SENTRY-2285] - Add a profile '-Pdist' to package Sentry binaries
    * [SENTRY-2311] - Intellij is broken by shaded jars
    * [SENTRY-2335] - Allow multiple callbacks to be run when a Signal is received.
    * [SENTRY-2366] - Exclude jackson transitive dependencies 
    * [SENTRY-2376] - Bump Jackson libraries versions to 1.9.13 and 2.9.6
    * [SENTRY-2392] - Add metrics statistics to list_user_privileges and list_role_privileges API
    * [SENTRY-2398] - Support multiple target versions on single source versions during schema upgrades

** Sub-task
    * [SENTRY-641] - Add binding for lily hbase indexer
    * [SENTRY-2023] - Add sentry-shell support for hbase-indexer permissions
    * [SENTRY-2055] - Update the pom file on master with the 2.1.0-SNAPSHOT.
    * [SENTRY-2063] - Add timestamp in Thrift API for HDFS integration
    * [SENTRY-2064] - Sentry client at HDFS should send back the timestamp in last response
    * [SENTRY-2065] - Timestamp in MSentryPathChange and MSentryPermChange should be set by DB server
    * [SENTRY-2152] - Only Admin can set dbproperty 'owner.privileges'
    * [SENTRY-2153] - Get owner.privileges value from hive for a given DB
    * [SENTRY-2154] - Update schema to grant privileges to user
    * [SENTRY-2155] - Update JDO to grant privileges to user
    * [SENTRY-2156] - Update provider-db backend code to grant privileges to user
    * [SENTRY-2157] - Update audit log to grant/revoke owner privileges
    * [SENTRY-2159] - Add e2e tests for granting owner privileges
    * [SENTRY-2160] - Add owner in create table notification event
    * [SENTRY-2162] - Retrieve and list user privileges for authorization
    * [SENTRY-2169] - Make sure that the implicit privileges for a role are synced with HDFS
    * [SENTRY-2174] - Sentry authorization provider should now generate ACL for users
    * [SENTRY-2206] - Refactor out sentry api from sentry-provider-db to own module
    * [SENTRY-2207] - Refactor out Sentry CLI from sentry-provider-db into own module
    * [SENTRY-2208] - Refactor out Sentry service into own module from sentry-provider-db
    * [SENTRY-2224] - Support SHOW GRANT on HIVE_OBJECT
    * [SENTRY-2233] - Add e2e tests for testing HDFS sync for owner privileges.
    * [SENTRY-2241] - Extend the Sync Listener to pass owner information to sentry server.
    * [SENTRY-2246] - Construct owner privilege (TSentryPrivilege)
    * [SENTRY-2247] - Add e2e tests to verify owner privileges
    * [SENTRY-2251] - Update user privileges based on changes to authorizables
    * [SENTRY-2252] - Normalize the Sentry store API's to handle both user/role privileges
    * [SENTRY-2256] - Make thrift API changes to get user privileges from Sentry
    * [SENTRY-2260] - Update HDFS ACL's based on owner privileges.
    * [SENTRY-2264] - It is possible to elevate privileges from DROP using alter table rename
    * [SENTRY-2265] - Translate owner privilege in sentry binding for authorization
    * [SENTRY-2272] - Fix the sentry store logic for listing user privileges 
    * [SENTRY-2273] - Create the SHOW GRANT USER task for Hive
    * [SENTRY-2274] - Grant and revoke owner privileges based on HMS updates(server-side)
    * [SENTRY-2275] - Grant and revoke owner privileges based on HMS updates(client-side)
    * [SENTRY-2280] - The request received in SentryPolicyStoreProcessor.sentry_notify_hms_event is null 
    * [SENTRY-2281] - list_privileges_by_user() fails with a JDODetachedFieldAccessException
    * [SENTRY-2290] - Avoid storing the path information for partitions in default location
    * [SENTRY-2294] - Add requestorUsername to client.notifyHmsEvent() method
    * [SENTRY-2295] - Owner privileges should not be granted to sentry admin users
    * [SENTRY-2296] - Add PermissionsUpdate for adding owner privilege on owner transfer
    * [SENTRY-2307] - Avoid HMS event synchronization while sentry is fetching full snapshot. 
    * [SENTRY-2312] - Update owner privileges for table when owner is changed.
    * [SENTRY-2319] - ownership change should be done only by admin users
    * [SENTRY-2339] - Support transfer of ownership for database/table to roles
    * [SENTRY-2355] - Merge the DB owner privileges configurations into one enum configuration
    * [SENTRY-2358] - Close JIRA version for 2.0.1
    * [SENTRY-2363] - Update the wiki "How to release sentry"
    * [SENTRY-2364] - Make an announcement for 2.0.1 release
    * [SENTRY-2367] - Implement subsystem to allow for pluggable attribute providers and transports
    * [SENTRY-2374] - Add Lombok for easier development


** Bug
    * [SENTRY-379] - Db entities are not captured when firing failurehook for SentryAccessDeniedException
    * [SENTRY-1662] - Constants java uses mutable collection
    * [SENTRY-1688] - Apache fails to build Sentry package Sentry-jdk-1.7-v2 
    * [SENTRY-1819] - HMSFollower and friends do not belong in sentry.service.thrift
    * [SENTRY-2034] - Add e2e tests for testing HMS notification processing.
    * [SENTRY-2040] - When getting Snapshots from HMS we need more logging around cases when a snapshot is not being received
    * [SENTRY-2049] - Remove hive-authz2 profile from the sentry-dist module
    * [SENTRY-2078] - Have sentry server print an obvious INFO level log message when it becomes the writer
    * [SENTRY-2079] - Sentry HA leader monitor does not work due to a mix of curator versions in the classpath
    * [SENTRY-2082] - Exclude javax.servlet-3.0.0.v201112011016.jar from Sentry dist
    * [SENTRY-2084] - Exclude javax.jms:jms from sentry distribution
    * [SENTRY-2085] - Sentry error handling exposes SentryGroupNotFoundException externally
    * [SENTRY-2092] - Drop Role log message shows "Creating role"
    * [SENTRY-2115] -  Incorrect behavior of HMsFollower when HDFSSync feature is disabled.
    * [SENTRY-2120] - Escape input string for error response message in LogLevelServlet
    * [SENTRY-2123] - Specify code path of auth-generated thrift files for Javadoc and exclude them from Javadoc generation
    * [SENTRY-2124] - LeaderStatusMonitor.toString() throws IllegalFormatConversionException with AtomicLong
    * [SENTRY-2127] - Fix unstable unit test TestColumnEndToEnd.testCrossDbTableOperations
    * [SENTRY-2136] - Bump metrics dependency to new namespace and version used by the rest of Hadoop
    * [SENTRY-2164] - Convert uses of TransactionBlock to lambdas
    * [SENTRY-2167] - Change ignored logging messages to debug level in NotificationProcessor
    * [SENTRY-2178] - Sentry permissions for Solr are deleted as part of migration process
    * [SENTRY-2184] - Performance Issue: MPath is queried for each MAuthzPathsMapping in full snapshot
    * [SENTRY-2190] - Have verbose debug logs in CounterWait class
    * [SENTRY-2192] - supress date value in @Generated annotation generated by thrift
    * [SENTRY-2193] - Synchronize thrift definition with the generated sources
    * [SENTRY-2200] - Migrate 3.x Datanucleus unsupported configurations to 4.1 Datanucleus 
    * [SENTRY-2209] - Incorrect class in SentryHdfsMetricsUtil.java
    * [SENTRY-2212] - smart-apply-patch.sh isn't so smart, won't apply changes when files have been moved or renamed
    * [SENTRY-2214] - Sentry should not allow URI grants to EMPTY or NULL locations
    * [SENTRY-2226] - Support Hive operation ALTER TABLE EXCHANGE
    * [SENTRY-2231] - Fix URI check on List Privileges by Provider in SentryStore
    * [SENTRY-2236] - Add UNKNOWN to PrincipalType
    * [SENTRY-2238] - Explicitly set Database on SentryHivePrivilegeObjectDesc 
    * [SENTRY-2257] - Implement Sentry store API's to update owner privilege on a authorizable
    * [SENTRY-2262] - Sentry client is not compatible when connecting to Sentry 2.0
    * [SENTRY-2267] - Listing user privileges fails because roleName field is required on Thrift
    * [SENTRY-2270] - Illegal privileges on columns can be granted on Hive
    * [SENTRY-2271] - Wrong log messages/method names in SentrySchema related classes.
    * [SENTRY-2278] - SentryPolicyServiceClientDefaultImpl setupSentryAuthorizable methods always returns a single TSentryAuthorizable for a list of authorizable
    * [SENTRY-2282] - Remove hive-authzv2 binding and tests modules completely
    * [SENTRY-2283] - Multiple versions of metrics on the classpath causes Sentry to not startup
    * [SENTRY-2308] - Create privilege on table has no use case
    * [SENTRY-2310] - Sentry is not be able to fetch full update subsequently,  when there is HMS restart in the snapshot process.
    * [SENTRY-2315] - The grant all operation is not dropping the create/alter/drop/index/lock privileges.
    * [SENTRY-2330] - Change sentry-service-server to use ${project.version}
    * [SENTRY-2337] - [REVERT] SENTRY-2295: Owner privileges should not be granted to sentry admin users
    * [SENTRY-2352] - User roles with ALTER on a table can not show or describe the table on which they have ALTER
    * [SENTRY-2359] - Object owner is unable to grant privileges: SentryAccessDeniedException
    * [SENTRY-2369] - Remove the index for `USER_ID` and `DB_PRIVILEGE_ID` in `SENTRY_USER_DB_PRIVILEGE_MAP`
    * [SENTRY-2375] - Fix API typos on SentryPolicyServiceClient
    * [SENTRY-2394] - Typo in sentry-site.xml.service.template
    * [SENTRY-2395] - ALTER VIEW AS SELECT is asking for CREATE privileges instead of ALTER


** Task
    * [SENTRY-2056] - Display test-patch.py output on the standard console to see progress on Jenkins
    * [SENTRY-2096] - Fail unit tests at end during test-patch.py execution
    * [SENTRY-2118] - Document Configuration required to make Column authentication work
    * [SENTRY-2199] - Bump Hive version from 2.3.2 to 2.3.3
    * [SENTRY-2215] - Remove unused SentryGrantRevokeTask class
    * [SENTRY-2277] - Add to SentryStore testURI test case testing with multiple URI privileges

** Test
    * [SENTRY-2094] - Enable TestHDFSIntegrationWithHA tests
