You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@atlas.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2020/09/30 05:07:00 UTC
[jira] [Commented] (ATLAS-3950) Read Type Auth : Classification,
Business metadata , Entity types are able to have attributes of type which
are not permissible to read
[ https://issues.apache.org/jira/browse/ATLAS-3950?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17204465#comment-17204465 ]
ASF subversion and git services commented on ATLAS-3950:
--------------------------------------------------------
Commit d4a50aadfc2e7076d8e5281f9be60fad4c5c232d in atlas's branch refs/heads/master from chaitali borole
[ https://gitbox.apache.org/repos/asf?p=atlas.git;h=d4a50aa ]
ATLAS-3950 : Authorize for Read Type for Classification, Business metadata , Entity typesdef attributes.
Signed-off-by: nixonrodrigues <ni...@apache.org>
> Read Type Auth : Classification, Business metadata , Entity types are able to have attributes of type which are not permissible to read
> ---------------------------------------------------------------------------------------------------------------------------------------
>
> Key: ATLAS-3950
> URL: https://issues.apache.org/jira/browse/ATLAS-3950
> Project: Atlas
> Issue Type: Improvement
> Affects Versions: 3.0.0
> Reporter: chaitali borole
> Assignee: chaitali borole
> Priority: Major
> Fix For: 3.0.0
>
>
> Steps to reproduce :-
> hrt_qa has :
> CRUD permissions on hive_table type
> CRUD permissions on all business_metadata type.
> hrt_qa creates a business metadata bm1
> hrt_qa is able to create an attribute for bm1 - say attrib1 which allows Applicable types to be anything. UI displays only hive_table but through REST , hrt_qa is able to add any type as Applicable type.
>
> Same for classifications :
> hrt_qa has CRUD permissions on all classification types but read only for hive_table entity type.
> Through REST , hrt_qa is able to add all types as entityTypes.
> Example REST call where allowed entity types are hive_table and hdfs_path :
>
> {code:java}
> /api/atlas/v2/types/typedefs?type=classification
> { "classificationDefs":[
> { "name":"PII", "description":"PII", "superTypes":[ ], "attributeDefs":[ ], "entityTypes":[ "hdfs_path", "hive_table" ], "category":"CLASSIFICATION", "guid":"123456789" }
> ], "entityDefs":[
> ], "enumDefs":[
> ], "structDefs":[
> ]
> }
>
> {code}
>
> Call succeeds with 200 Ok.
>
> For Entity type:
> Updating hive_table entity typedef with a new attribute of type hdfs_path is allowed.
>
> Expected is , in all 3 cases of business metadata , classification and entity, response to be authorization denied because hdfs_path type provided.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)