You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by me...@apache.org on 2022/06/08 11:41:18 UTC
[ranger] 01/02: RANGER-3767 : Add text message in HDFS and YARN policy pages to highlight the fallback ACL option.
This is an automated email from the ASF dual-hosted git repository.
mehul pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
commit e182e5b6ca9bf625101f787b4d31e07387ba6a4f
Author: Dhaval.Rajpara <dh...@gmail.com>
AuthorDate: Wed May 18 18:52:16 2022 +0530
RANGER-3767 : Add text message in HDFS and YARN policy pages to highlight the fallback ACL option.
Signed-off-by: Mehul Parikh <me...@apache.org>
---
security-admin/src/main/webapp/scripts/utils/XAEnums.js | 14 +++++++++-----
security-admin/src/main/webapp/scripts/utils/XAUtils.js | 4 ++++
.../scripts/views/policies/NRangerPolicyTableLayout.js | 10 +++++++++-
.../scripts/views/policies/RangerPolicyTableLayout.js | 9 +++++++++
.../templates/policies/RangerPolicyTableLayout_tmpl.html | 4 ++++
5 files changed, 35 insertions(+), 6 deletions(-)
diff --git a/security-admin/src/main/webapp/scripts/utils/XAEnums.js b/security-admin/src/main/webapp/scripts/utils/XAEnums.js
index 6407b68f3..9041908c6 100644
--- a/security-admin/src/main/webapp/scripts/utils/XAEnums.js
+++ b/security-admin/src/main/webapp/scripts/utils/XAEnums.js
@@ -133,8 +133,9 @@ define(function(require) {
Service_KNOX:{value:4, label:'knox', rbkey:'xa.enum.AssetType.ASSET_KNOX', tt: 'lbl.AssetType_ASSET_KNOX'},
Service_STORM:{value:5, label:'storm', rbkey:'xa.enum.AssetType.ASSET_STORM', tt: 'lbl.AssetType_ASSET_STORM'},
Service_SOLR:{value:6, label:'solr', rbkey:'xa.enum.AssetType.ASSET_SOLR', tt: 'lbl.AssetType_ASSET_SOLR'},
- SERVICE_TAG:{value:7, label:'tag', rbkey:'xa.enum.ServiceType.SERVICE_TAG', tt: 'lbl.ServiceType_SERVICE_TAG'},
- Service_KMS:{value:8, label:'kms', rbkey:'xa.enum.ServiceType.SERVICE_KMS', tt: 'lbl.ServiceType_SERVICE_KMS'}
+ SERVICE_TAG:{value:7, label:'tag', rbkey:'xa.enum.ServiceType.SERVICE_TAG', tt: 'lbl.ServiceType_SERVICE_TAG'},
+ Service_KMS:{value:8, label:'kms', rbkey:'xa.enum.ServiceType.SERVICE_KMS', tt: 'lbl.ServiceType_SERVICE_KMS'},
+ Service_YARN:{value:8, label:'yarn', rbkey:'xa.enum.ServiceType.SERVICE_YARN', tt: 'lbl.ServiceType_SERVICE_YARN'}
});
XAEnums.AuthStatus = mergeParams(XAEnums.AuthStatus, {
@@ -371,10 +372,13 @@ define(function(require) {
XA_PERM_TYPE_GET_USER_TOPOLOGY:{value:29, label:'Get User Topology', rbkey:'xa.enum.XAPermType.XA_PERM_TYPE_ALLOW', tt: 'lbl.XAPermType_XA_PERM_TYPE_ALLOW'},
XA_PERM_TYPE_GET_TOPOLOGY_INFO:{value:30, label:'Get Topology Info', rbkey:'xa.enum.XAPermType.XA_PERM_TYPE_ALLOW', tt: 'lbl.XAPermType_XA_PERM_TYPE_ALLOW'},
XA_PERM_TYPE_UPLOAD_NEW_CREDENTIAL:{value:31, label:'Upload New Credential', rbkey:'xa.enum.XAPermType.XA_PERM_TYPE_ALLOW', tt: 'lbl.XAPermType_XA_PERM_TYPE_ALLOW'},
-
-
});
-
+
+ XAEnums.PluginConfig = mergeParams(XAEnums.PluginConfig, {
+ HDFS : {configName:"xasecure.add-hadoop-authorization"},
+ YARN : {configName:"ranger.add-yarn-authorization"}
+ })
+
XAEnums.MenuPermissions = mergeParams(XAEnums.MenuPermissions, {
XA_RESOURCE_BASED_POLICIES:{value:1, label:'Resource Based Policies', rbkey:'xa.enum.MenuPermissions.XA_RESOURCE_BASED_POLICIES', tt: 'lbl.XAPermForType_XA_RESOURCE_BASED_POLICIES'},
XA_USER_GROUPS:{value:2, label:'Users/Groups', rbkey:'xa.enum.MenuPermissions.XA_USER_GROUP', tt: 'lbl.XAPermForType_XA_USER_GROUPS'},
diff --git a/security-admin/src/main/webapp/scripts/utils/XAUtils.js b/security-admin/src/main/webapp/scripts/utils/XAUtils.js
index 37b35d2dd..b49387817 100644
--- a/security-admin/src/main/webapp/scripts/utils/XAUtils.js
+++ b/security-admin/src/main/webapp/scripts/utils/XAUtils.js
@@ -2020,5 +2020,9 @@ define(function(require) {
}
};
+ XAUtils.pluginConfigInfo = function (serviceName) {
+ return 'By default, fallback to '+ serviceName +' ACLs are enabled. If access cannot be determined by Ranger policies, authorization will fall back to '+ serviceName +' ACLs. If this behavior needs to be changed, modify '+serviceName+' plugin config - <i>'+XAEnums.PluginConfig[serviceName].configName+'</i>.'
+ };
+
return XAUtils;
});
\ No newline at end of file
diff --git a/security-admin/src/main/webapp/scripts/views/policies/NRangerPolicyTableLayout.js b/security-admin/src/main/webapp/scripts/views/policies/NRangerPolicyTableLayout.js
index d7ff26da1..64f975a99 100644
--- a/security-admin/src/main/webapp/scripts/views/policies/NRangerPolicyTableLayout.js
+++ b/security-admin/src/main/webapp/scripts/views/policies/NRangerPolicyTableLayout.js
@@ -51,6 +51,13 @@ define(function(require) {
template: RangerPolicyTableLayoutTmpl,
templateHelpers: function() {
+ var infoMsg ="", displayClass = "d-none";
+ if(this.rangerService && this.rangerService.get('type')){
+ if(this.rangerService.get('type') == XAEnums.ServiceType.Service_HDFS.label || this.rangerService.get('type') == XAEnums.ServiceType.Service_YARN.label) {
+ infoMsg = XAUtil.pluginConfigInfo(this.rangerService.get('type').toUpperCase())
+ displayClass = "show"
+ }
+ }
return {
rangerService: this.rangerService,
rangerServiceDef: this.rangerServiceDefModel,
@@ -61,7 +68,8 @@ define(function(require) {
setNewUi : localStorage.getItem('setOldUI') == "true" ? false : true,
isNotAuditorOrKMSAuditor : !XAUtil.isAuditorOrKMSAuditor(SessionMgr),
isNotUser : ! SessionMgr.isUser(),
-
+ displayClass : displayClass,
+ infoMsg : infoMsg,
};
},
diff --git a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js
index af7c70a80..1facb3737 100644
--- a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js
+++ b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js
@@ -49,6 +49,13 @@ define(function(require){
template: RangerPolicyTableLayoutTmpl,
templateHelpers : function(){
+ var infoMsg ="", displayClass = "d-none";
+ if(this.rangerService && this.rangerService.get('type')){
+ if(this.rangerService.get('type') == XAEnums.ServiceType.Service_HDFS.label || this.rangerService.get('type') == XAEnums.ServiceType.Service_YARN.label) {
+ infoMsg = XAUtil.pluginConfigInfo(this.rangerService.get('type').toUpperCase())
+ displayClass = "show"
+ }
+ }
return {
rangerService : this.rangerService,
rangerServiceDef : this.rangerServiceDefModel,
@@ -57,6 +64,8 @@ define(function(require){
: XAUtil.isRenderRowFilter(this.rangerServiceDefModel.get('rowFilterDef')) ? true : false,
isAddNewPolicyButtonShow : !(XAUtil.isAuditorOrKMSAuditor(SessionMgr)) && this.rangerService.get('isEnabled'),
setNewUi : localStorage.getItem('setOldUI') == "true" ? false : true,
+ displayClass : displayClass,
+ infoMsg : infoMsg,
};
},
diff --git a/security-admin/src/main/webapp/templates/policies/RangerPolicyTableLayout_tmpl.html b/security-admin/src/main/webapp/templates/policies/RangerPolicyTableLayout_tmpl.html
index d1ca2a94c..4518f17d2 100644
--- a/security-admin/src/main/webapp/templates/policies/RangerPolicyTableLayout_tmpl.html
+++ b/security-admin/src/main/webapp/templates/policies/RangerPolicyTableLayout_tmpl.html
@@ -46,6 +46,10 @@
{{/if}}
<h3 class="wrap-header bold"> {{tt 'lbl.listOfPolicies'}} : {{rangerService.attributes.displayName}} </h3>
<div class="wrap non-collapsible m-height ">
+ <div class="alert alert-warning {{displayClass}}" data-id="policyInfoAlert">
+ <button type="button" class="close" data-dismiss="alert">×</button>
+ <i class="fa-fw fa fa-info-circle searchInfoUserAccess padding-right-10"></i>{{{infoMsg}}}
+ </div>
<div>
<div class="row margin-bottom-11">
<div class="col-md-9">