You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by Madhan Neethiraj <ma...@apache.org> on 2015/09/09 00:59:04 UTC
Review Request 38192: RANGER-606: RangerPolicy enhanced to support new
policy-items for deny/allowExceptions/denyExceptions
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/38192/
-----------------------------------------------------------
Review request for ranger, Alok Lal, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, Ramesh Mani, and Velmurugan Periasamy.
Bugs: RANGER-606
https://issues.apache.org/jira/browse/RANGER-606
Repository: ranger
Description
-------
Updated Ranger policy model to support policy-items of type deny/allowExceptions/denyExceptions. This will allow creation of policies that explicitly deny access to users/groups based on specified conditions. Allow-exceptions and deny-exceptions enable excluding certain users/groups from allow/deny which could have been specified for a wider group.
Diffs
-----
agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java 19c2b50
agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java da817c6
agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessResult.java 9bc43c7
agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java c7d2a28
agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyRepository.java 96fddde
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerAbstractPolicyEvaluator.java 1308e63
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerAbstractPolicyItemEvaluator.java 45fce94
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java 9c63089
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyItemEvaluator.java 6f8faff
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerOptimizedPolicyEvaluator.java 9fa20cd
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerPolicyEvaluator.java 624ff1c
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerPolicyItemEvaluator.java e91d5d1
agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractPredicateUtil.java 772c2d7
agents-common/src/test/resources/policyengine/test_policyengine_hbase.json de9c130
agents-common/src/test/resources/policyengine/test_policyengine_hive_mutex_conditions.json 9c29cfd
agents-common/src/test/resources/policyengine/test_policyengine_tag_hdfs.json 454cf51
agents-common/src/test/resources/policyengine/test_policyengine_tag_hive.json f071cdc
security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java cccea3e
security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java fd9fc3d
security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java 224f0cd
security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java b76a0ed
security-admin/src/main/java/org/apache/ranger/service/RangerPolicyWithAssignedIdService.java 35e9f98
security-admin/src/main/webapp/scripts/models/RangerPolicy.js 3546549
security-admin/src/main/webapp/scripts/modules/globalize/message/en.js ba986f9
security-admin/src/main/webapp/scripts/utils/XAUtils.js d0d62a2
security-admin/src/main/webapp/scripts/views/policies/PermissionList.js efc5377
security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js d969c37
security-admin/src/main/webapp/scripts/views/policies/RangerPolicyRO.js 6d7f3d7
security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js eaaf273
security-admin/src/main/webapp/scripts/views/reports/PlugableServiceDiffDetail.js 3979ea2
security-admin/src/main/webapp/scripts/views/reports/UserAccessLayout.js 9c4fb3f
security-admin/src/main/webapp/templates/policies/PermissionItem.html 63375c9
security-admin/src/main/webapp/templates/policies/PermissionList.html 070b908
security-admin/src/main/webapp/templates/policies/RangerPolicyForm_tmpl.html 4a6533b
security-admin/src/main/webapp/templates/policies/RangerPolicyRO_tmpl.html 1185980
security-admin/src/main/webapp/templates/reports/PlugableServicePolicyDeleteDiff_tmpl.html ad7a07d
security-admin/src/main/webapp/templates/reports/PlugableServicePolicyDiff_tmpl.html fc697db
security-admin/src/main/webapp/templates/reports/PlugableServicePolicyUpdateDiff_tmpl.html 1a43c98
security-admin/src/test/java/org/apache/ranger/service/TestRangerPolicyService.java bac5261
Diff: https://reviews.apache.org/r/38192/diff/
Testing
-------
- Verified that existing unit tests pass successfully.
Thanks,
Madhan Neethiraj