You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ma...@apache.org on 2022/06/28 17:20:07 UTC

[ranger] branch master updated: RANGER-3812: Python client updated to support multiple resource sets in a policy

This is an automated email from the ASF dual-hosted git repository.

madhan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git


The following commit(s) were added to refs/heads/master by this push:
     new 711a266d2 RANGER-3812: Python client updated to support multiple resource sets in a policy
711a266d2 is described below

commit 711a266d2d176920c857b97308f46df2df563f20
Author: Madhan Neethiraj <ma...@apache.org>
AuthorDate: Tue Jun 28 07:37:09 2022 -0700

    RANGER-3812: Python client updated to support multiple resource sets in a policy
---
 .../python/apache_ranger/model/ranger_policy.py     | 21 +++++++++++++++++++++
 .../sample-client/src/main/python/sample_client.py  | 12 ++++++++++--
 2 files changed, 31 insertions(+), 2 deletions(-)

diff --git a/intg/src/main/python/apache_ranger/model/ranger_policy.py b/intg/src/main/python/apache_ranger/model/ranger_policy.py
index c33f6e4f1..3cd916a31 100644
--- a/intg/src/main/python/apache_ranger/model/ranger_policy.py
+++ b/intg/src/main/python/apache_ranger/model/ranger_policy.py
@@ -40,6 +40,7 @@ class RangerPolicy(RangerBaseModelObject):
         self.resourceSignature    = attrs.get('resourceSignature')
         self.isAuditEnabled       = attrs.get('isAuditEnabled')
         self.resources            = attrs.get('resources')
+        self.additionalResources  = attrs.get('additionalResources')
         self.policyItems          = attrs.get('policyItems')
         self.denyPolicyItems      = attrs.get('denyPolicyItems')
         self.allowExceptions      = attrs.get('allowExceptions')
@@ -58,6 +59,7 @@ class RangerPolicy(RangerBaseModelObject):
         super(RangerPolicy, self).type_coerce_attrs()
 
         self.resources            = type_coerce_dict(self.resources, RangerPolicyResource)
+        self.additionalResources  = type_coerce_list(self.additionalResources, dict)
         self.policyItems          = type_coerce_list(self.policyItems, RangerPolicyItem)
         self.denyPolicyItems      = type_coerce_list(self.denyPolicyItems, RangerPolicyItem)
         self.allowExceptions      = type_coerce_list(self.allowExceptions, RangerPolicyItem)
@@ -66,6 +68,25 @@ class RangerPolicy(RangerBaseModelObject):
         self.rowFilterPolicyItems = type_coerce_list(self.rowFilterPolicyItems, RangerRowFilterPolicyItem)
         self.validitySchedules    = type_coerce_list(self.validitySchedules, RangerValiditySchedule)
 
+        if isinstance(self.additionalResources, list):
+            additionalResources = []
+
+            for entry in self.additionalResources:
+                additionalResources.append(type_coerce_dict(entry, RangerPolicyResource))
+
+            self.additionalResources = additionalResources
+        else:
+            self.additionalResources = None
+
+    def add_resource(self, resource):
+        if resource is not None:
+            if self.resources is None:
+                self.resources = resource
+            else:
+                if self.additionalResources is None:
+                    self.additionalResources = []
+
+                self.additionalResources.append(resource)
 
 class RangerPolicyResource(RangerBase):
     def __init__(self, attrs=None):
diff --git a/ranger-examples/sample-client/src/main/python/sample_client.py b/ranger-examples/sample-client/src/main/python/sample_client.py
index e558b6e1e..1f4ed353a 100644
--- a/ranger-examples/sample-client/src/main/python/sample_client.py
+++ b/ranger-examples/sample-client/src/main/python/sample_client.py
@@ -156,7 +156,15 @@ policy.name        = policy_name
 policy.description = 'test description'
 policy.resources   = { 'database': RangerPolicyResource({ 'values': ['test_db'] }),
                        'table':    RangerPolicyResource({ 'values': ['test_tbl'] }),
-					   'column':   RangerPolicyResource({ 'values': ['*'] }) }
+                       'column':   RangerPolicyResource({ 'values': ['*'] }) }
+policy.add_resource({ 'database': RangerPolicyResource({ 'values': ['test_db1'] }),
+                      'table':    RangerPolicyResource({ 'values': ['test_tbl1'] }),
+                      'column':   RangerPolicyResource({ 'values': ['*'] }) })
+policy.add_resource({ 'database': RangerPolicyResource({ 'values': ['test_db2'] }),
+                      'table':    RangerPolicyResource({ 'values': ['test_tbl2'] }),
+                      'column':   RangerPolicyResource({ 'values': ['*'] }) })
+
+
 
 allowItem1          = RangerPolicyItem()
 allowItem1.users    = [ 'admin' ]
@@ -189,7 +197,7 @@ data_mask_policy.name        = data_mask_policy_name
 data_mask_policy.description = 'test description'
 data_mask_policy.resources   = { 'database': RangerPolicyResource({ 'values': ['test_db'] }),
                                  'table':    RangerPolicyResource({ 'values': ['test_tbl'] }),
-					             'column':   RangerPolicyResource({ 'values': ['test_col'] }) }
+                                 'column':   RangerPolicyResource({ 'values': ['test_col'] }) }
 
 policyItem1              = RangerDataMaskPolicyItem()
 policyItem1.users        = [ 'admin' ]