You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by Abhay Kulkarni <ak...@hortonworks.com> on 2019/01/30 21:27:45 UTC
Review Request 69865: RANGER-2330: Ensure that policy/resource based
searches are security-zone aware
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/69865/
-----------------------------------------------------------
Review request for ranger, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, and Velmurugan Periasamy.
Bugs: RANGER-2330
https://issues.apache.org/jira/browse/RANGER-2330
Repository: ranger
Description
-------
Ranger Admin supports many APIs to browse and filter policies based on the resource value or policy. The implementation of these APIs must return results for only for the relevant security zone which contains specified resource or policy.
Diffs
-----
agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngine.java 02f0d2449
agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java 04286ebfb
agents-common/src/main/java/org/apache/ranger/plugin/service/RangerAuthContext.java 265d7a64d
security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 6dc6962cf
Diff: https://reviews.apache.org/r/69865/diff/1/
Testing
-------
Tested with local VM
Thanks,
Abhay Kulkarni
Re: Review Request 69865: RANGER-2330: Ensure that policy/resource
based searches are security-zone aware
Posted by Ramesh Mani <rm...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/69865/#review212533
-----------------------------------------------------------
Ship it!
Ship It!
- Ramesh Mani
On Jan. 31, 2019, 1:42 a.m., Abhay Kulkarni wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/69865/
> -----------------------------------------------------------
>
> (Updated Jan. 31, 2019, 1:42 a.m.)
>
>
> Review request for ranger, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-2330
> https://issues.apache.org/jira/browse/RANGER-2330
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Ranger Admin supports many APIs to browse and filter policies based on the resource value or policy. The implementation of these APIs must return results for only for the relevant security zone which contains specified resource or policy. If the specified resource value does not correspond to a unique security zone, then APIs must return result for all security zones (including default security zone).
>
>
> Diffs
> -----
>
> agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngine.java 02f0d2449
> agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java 04286ebfb
> agents-common/src/main/java/org/apache/ranger/plugin/service/RangerAuthContext.java 265d7a64d
> security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 6dc6962cf
>
>
> Diff: https://reviews.apache.org/r/69865/diff/2/
>
>
> Testing
> -------
>
> Passed all unit tests.
>
>
> Thanks,
>
> Abhay Kulkarni
>
>
Re: Review Request 69865: RANGER-2330: Ensure that policy/resource
based searches are security-zone aware
Posted by Velmurugan Periasamy <vp...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/69865/#review212798
-----------------------------------------------------------
Ship it!
Ship It!
- Velmurugan Periasamy
On Jan. 31, 2019, 1:42 a.m., Abhay Kulkarni wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/69865/
> -----------------------------------------------------------
>
> (Updated Jan. 31, 2019, 1:42 a.m.)
>
>
> Review request for ranger, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-2330
> https://issues.apache.org/jira/browse/RANGER-2330
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Ranger Admin supports many APIs to browse and filter policies based on the resource value or policy. The implementation of these APIs must return results for only for the relevant security zone which contains specified resource or policy. If the specified resource value does not correspond to a unique security zone, then APIs must return result for all security zones (including default security zone).
>
>
> Diffs
> -----
>
> agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngine.java 02f0d2449
> agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java 04286ebfb
> agents-common/src/main/java/org/apache/ranger/plugin/service/RangerAuthContext.java 265d7a64d
> security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 6dc6962cf
>
>
> Diff: https://reviews.apache.org/r/69865/diff/2/
>
>
> Testing
> -------
>
> Passed all unit tests.
>
>
> Thanks,
>
> Abhay Kulkarni
>
>
Re: Review Request 69865: RANGER-2330: Ensure that policy/resource
based searches are security-zone aware
Posted by Abhay Kulkarni <ak...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/69865/
-----------------------------------------------------------
(Updated Jan. 31, 2019, 1:42 a.m.)
Review request for ranger, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, and Velmurugan Periasamy.
Changes
-------
Updated implementation for the case where resource does not map to a single security zone
Bugs: RANGER-2330
https://issues.apache.org/jira/browse/RANGER-2330
Repository: ranger
Description (updated)
-------
Ranger Admin supports many APIs to browse and filter policies based on the resource value or policy. The implementation of these APIs must return results for only for the relevant security zone which contains specified resource or policy. If the specified resource value does not correspond to a unique security zone, then APIs must return result for all security zones (including default security zone).
Diffs (updated)
-----
agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngine.java 02f0d2449
agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java 04286ebfb
agents-common/src/main/java/org/apache/ranger/plugin/service/RangerAuthContext.java 265d7a64d
security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 6dc6962cf
Diff: https://reviews.apache.org/r/69865/diff/2/
Changes: https://reviews.apache.org/r/69865/diff/1-2/
Testing (updated)
-------
Passed all unit tests.
Thanks,
Abhay Kulkarni