You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@kyuubi.apache.org by "bowenliang123 (via GitHub)" <gi...@apache.org> on 2023/04/06 03:51:25 UTC
[GitHub] [kyuubi] bowenliang123 opened a new pull request, #4585: Authz policy file gen
bowenliang123 opened a new pull request, #4585:
URL: https://github.com/apache/kyuubi/pull/4585
<!--
Thanks for sending a pull request!
Here are some tips for you:
1. If this is your first time, please read our contributor guidelines: https://kyuubi.readthedocs.io/en/latest/community/CONTRIBUTING.html
2. If the PR is related to an issue in https://github.com/apache/kyuubi/issues, add '[KYUUBI #XXXX]' in your PR title, e.g., '[KYUUBI #XXXX] Your PR title ...'.
3. If the PR is unfinished, add '[WIP]' in your PR title, e.g., '[WIP][KYUUBI #XXXX] Your PR title ...'.
-->
### _Why are the changes needed?_
<!--
Please clarify why the changes are needed. For instance,
1. If you add a feature, you can talk about the use case of it.
2. If you fix a bug, you can clarify why it is a bug.
-->
- generate Authz policy file for testing to focus on manage all the policies in the generator
- auto-increased `id` and related `guid` for each policy
- list and reused users, resources, for evaluation impacts when policy changes
- add `policies_base.json` as base template file of authz template including decoration details and service def
### _How was this patch tested?_
- [ ] Add some test cases that check the changes thoroughly including negative and positive cases if possible
- [ ] Add screenshots for manual tests if appropriate
- [x] [Run test](https://kyuubi.readthedocs.io/en/master/develop_tools/testing.html#running-tests) locally before make a pull request
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org
[GitHub] [kyuubi] bowenliang123 commented on a diff in pull request #4585: Authz policy file gen
Posted by "bowenliang123 (via GitHub)" <gi...@apache.org>.
bowenliang123 commented on code in PR #4585:
URL: https://github.com/apache/kyuubi/pull/4585#discussion_r1160475075
##########
extensions/spark/kyuubi-spark-authz/pom.xml:
##########
@@ -331,4 +331,38 @@
<testOutputDirectory>target/scala-${scala.binary.version}/test-classes</testOutputDirectory>
</build>
+ <profiles>
+ <profile>
+ <id>genpolicy</id>
+ <activation>
+ <property>
+ <name>ranger.version</name>
+ <value>2.3.0</value>
+ </property>
+ </activation>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>build-helper-maven-plugin</artifactId>
Review Comment:
The profile `genpolicy` is used for including `PolicyJsonFileGenerator` as additional test source via `build-helper-maven-plugin` plugin.
And here used the `<activation>/<property>/<ranger.version>` to auto activated the `genpolicy` profile to ensure same ranger version used as required in `genpolicy` itself.
For the ENV suggestion, it's not that helpful as runtime switch to control whether generated the policy file as the generator is not runned in tests. Will introduce this switch if we do check the policy file as the same as generator outputs.
Therefore, the command here in method comments is updated as `build/mvn scala:run -pl :kyuubi-spark-authz_2.12 -DmainClass=org.apache.kyuubi.plugin.spark.authz.gen.PolicyJsonFileGenerator`.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org
[GitHub] [kyuubi] bowenliang123 closed pull request #4585: Authz policy file generation
Posted by "bowenliang123 (via GitHub)" <gi...@apache.org>.
bowenliang123 closed pull request #4585: Authz policy file generation
URL: https://github.com/apache/kyuubi/pull/4585
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org
[GitHub] [kyuubi] bowenliang123 commented on pull request #4585: Authz policy file gen
Posted by "bowenliang123 (via GitHub)" <gi...@apache.org>.
bowenliang123 commented on PR #4585:
URL: https://github.com/apache/kyuubi/pull/4585#issuecomment-1495711876
Hi, when I tried to use Ranger classes on the other branch in my repo (https://github.com/bowenliang123/kyuubi/commits/authz-policy-gen-k), it fails data maskingrelated tests.
```
Tests: succeeded 399, failed 90, canceled 39, ignored 0, pending 0
```
Possible differences in generated masking rule is :
<img width="388" alt="image" src="https://user-images.githubusercontent.com/1935105/229761740-ff473973-3225-4ac7-b534-c2f457658017.png">
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org
[GitHub] [kyuubi] bowenliang123 commented on pull request #4585: Authz policy file gen
Posted by "bowenliang123 (via GitHub)" <gi...@apache.org>.
bowenliang123 commented on PR #4585:
URL: https://github.com/apache/kyuubi/pull/4585#issuecomment-1499243801
Reopening this PR as the generator moved away from the default test source and no more compilation errors.
The Command for regenerating policy files with `genpolicy` policy enabled to add `PolicyJsonFileGenerator` as test sources:
```
mvn scala:run -Pgenpolicy \
-DmainClass=org.apache.kyuubi.plugin.spark.authz.gen.PolicyJsonFileGenerator \
-pl :kyuubi-spark-authz_2.12
```
Testing results with all other different Ranger versions:
- 0.7.0/1.1.0/1.2.0/2.0.0/2.1.0/2.2.0/2.3.0: passed ✅
- 0.6.0 : 6 tests failed (tests of `show functions` and `Support {OWNER} variable for queries` , but they are regression failures from master master, and will be reported to issue later)
cc @yaooqinn @Yikf
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org
[GitHub] [kyuubi] yaooqinn commented on pull request #4585: Authz policy file gen
Posted by "yaooqinn (via GitHub)" <gi...@apache.org>.
yaooqinn commented on PR #4585:
URL: https://github.com/apache/kyuubi/pull/4585#issuecomment-1499886285
> add policies_base.json as base template file of authz template including decoration details and service def
this file contains 1600+ lines, why can not be generated?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org
[GitHub] [kyuubi] bowenliang123 closed pull request #4585: Authz policy file gen
Posted by "bowenliang123 (via GitHub)" <gi...@apache.org>.
bowenliang123 closed pull request #4585: Authz policy file gen
URL: https://github.com/apache/kyuubi/pull/4585
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org
[GitHub] [kyuubi] bowenliang123 commented on a diff in pull request #4585: Authz policy file gen
Posted by "bowenliang123 (via GitHub)" <gi...@apache.org>.
bowenliang123 commented on code in PR #4585:
URL: https://github.com/apache/kyuubi/pull/4585#discussion_r1160403194
##########
extensions/spark/kyuubi-spark-authz/pom.xml:
##########
@@ -331,4 +331,38 @@
<testOutputDirectory>target/scala-${scala.binary.version}/test-classes</testOutputDirectory>
</build>
+ <profiles>
+ <profile>
+ <id>genpolicy</id>
+ <activation>
+ <property>
+ <name>ranger.version</name>
+ <value>2.3.0</value>
+ </property>
+ </activation>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>build-helper-maven-plugin</artifactId>
Review Comment:
The generator class is put in `src/test/gen/scala` rather than in default test source path `src/test/gen/scala` , in order to prevent build and test failed on older Ranger versions.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org
[GitHub] [kyuubi] bowenliang123 commented on pull request #4585: Authz policy file gen
Posted by "bowenliang123 (via GitHub)" <gi...@apache.org>.
bowenliang123 commented on PR #4585:
URL: https://github.com/apache/kyuubi/pull/4585#issuecomment-1480871988
The tests are still running on the JSON file, not the classes introduced here. The customed classes are decoupled with testing and not the context for it. And the default value and template method greatly reduced the redundant code and help us to focus in key details of policies, like resource, access, users.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org
[GitHub] [kyuubi] Yikf commented on pull request #4585: Authz policy file gen
Posted by "Yikf (via GitHub)" <gi...@apache.org>.
Yikf commented on PR #4585:
URL: https://github.com/apache/kyuubi/pull/4585#issuecomment-1484391940
I also prefer ranger classes, Since these classes are only used by gen policies for tests, Should we use `ranger.version ` classes defined in pom.xml?
And can verify whether policies generated using classes of the default ranger version will cause instability in the test of [other ranger versions supported by kyuubi](https://kyuubi.readthedocs.io/en/master/security/authorization/spark/build.html#build-against-different-apache-spark-versions).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org
[GitHub] [kyuubi] Yikf commented on a diff in pull request #4585: Authz policy file gen
Posted by "Yikf (via GitHub)" <gi...@apache.org>.
Yikf commented on code in PR #4585:
URL: https://github.com/apache/kyuubi/pull/4585#discussion_r1160396448
##########
extensions/spark/kyuubi-spark-authz/pom.xml:
##########
@@ -331,4 +331,38 @@
<testOutputDirectory>target/scala-${scala.binary.version}/test-classes</testOutputDirectory>
</build>
+ <profiles>
+ <profile>
+ <id>genpolicy</id>
+ <activation>
+ <property>
+ <name>ranger.version</name>
+ <value>2.3.0</value>
+ </property>
+ </activation>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>build-helper-maven-plugin</artifactId>
Review Comment:
Just out of curiosity, Why do we need this plugin?
`src/test/gen/scala` should place the golden file instead of the source.
##########
extensions/spark/kyuubi-spark-authz/pom.xml:
##########
@@ -331,4 +331,38 @@
<testOutputDirectory>target/scala-${scala.binary.version}/test-classes</testOutputDirectory>
</build>
+ <profiles>
+ <profile>
+ <id>genpolicy</id>
+ <activation>
+ <property>
+ <name>ranger.version</name>
Review Comment:
Why do we need this property?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org
[GitHub] [kyuubi] bowenliang123 commented on pull request #4585: Authz policy file gen
Posted by "bowenliang123 (via GitHub)" <gi...@apache.org>.
bowenliang123 commented on PR #4585:
URL: https://github.com/apache/kyuubi/pull/4585#issuecomment-1499888561
> > add policies_base.json as base template file of authz template including decoration details and service def
>
> this file contains 1600+ lines, why can not be generated?
Sure can be done in followups, as it requires more handwork to do so.
This PR mainly focuses in policy generation.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org
[GitHub] [kyuubi] yaooqinn commented on pull request #4585: Authz policy file gen
Posted by "yaooqinn (via GitHub)" <gi...@apache.org>.
yaooqinn commented on PR #4585:
URL: https://github.com/apache/kyuubi/pull/4585#issuecomment-1487977080
we can divide them to non test source paths, and add them via `add-test-source` in the runtime
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org
[GitHub] [kyuubi] bowenliang123 closed pull request #4585: Authz policy file gen
Posted by "bowenliang123 (via GitHub)" <gi...@apache.org>.
bowenliang123 closed pull request #4585: Authz policy file gen
URL: https://github.com/apache/kyuubi/pull/4585
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org
[GitHub] [kyuubi] bowenliang123 commented on a diff in pull request #4585: Authz policy file gen
Posted by "bowenliang123 (via GitHub)" <gi...@apache.org>.
bowenliang123 commented on code in PR #4585:
URL: https://github.com/apache/kyuubi/pull/4585#discussion_r1160402639
##########
extensions/spark/kyuubi-spark-authz/pom.xml:
##########
@@ -331,4 +331,38 @@
<testOutputDirectory>target/scala-${scala.binary.version}/test-classes</testOutputDirectory>
</build>
+ <profiles>
+ <profile>
+ <id>genpolicy</id>
+ <activation>
+ <property>
+ <name>ranger.version</name>
Review Comment:
Here adds no property, it acts as the trigger condition for the profile to include generator class while ensuring policy file generating is aligned with the targeted ranger version.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org
[GitHub] [kyuubi] yaooqinn commented on a diff in pull request #4585: Authz policy file gen
Posted by "yaooqinn (via GitHub)" <gi...@apache.org>.
yaooqinn commented on code in PR #4585:
URL: https://github.com/apache/kyuubi/pull/4585#discussion_r1160412700
##########
extensions/spark/kyuubi-spark-authz/src/test/gen/scala/org/apache/kyuubi/plugin/spark/authz/gen/RangerGenWrapper.scala:
##########
@@ -0,0 +1,204 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.kyuubi.plugin.spark.authz.gen
+
+import scala.collection.convert.ImplicitConversions._
+import scala.language.implicitConversions
+
+import org.apache.ranger.plugin.model.RangerPolicy
+import org.apache.ranger.plugin.model.RangerPolicy._
+
+case class KRangerPolicy(
+ service: String = "hive_jenkins",
+ name: String,
+ policyType: Int = 0,
+ description: String = "",
+ isAuditEnabled: Boolean = true,
+ resources: Map[String, RangerPolicyResource] = Map.empty,
+ conditions: List[RangerPolicyItemCondition] = List.empty,
+ policyItems: List[RangerPolicyItem] = List.empty,
+ denyPolicyItems: List[RangerPolicyItem] = List.empty,
+ allowExceptions: List[RangerPolicyItem] = List.empty,
+ denyExceptions: List[RangerPolicyItem] = List.empty,
+ dataMaskPolicyItems: List[RangerDataMaskPolicyItem] = List.empty,
+ rowFilterPolicyItems: List[RangerRowFilterPolicyItem] = List.empty,
+ id: Int = 0,
+ guid: String = "",
+ isEnabled: Boolean = true,
+ version: Int = 1) {
+ def get: RangerPolicy = {
Review Comment:
If this is a formatter issue, it's easy to bypass
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org
[GitHub] [kyuubi] bowenliang123 commented on a diff in pull request #4585: Authz policy file gen
Posted by "bowenliang123 (via GitHub)" <gi...@apache.org>.
bowenliang123 commented on code in PR #4585:
URL: https://github.com/apache/kyuubi/pull/4585#discussion_r1160402639
##########
extensions/spark/kyuubi-spark-authz/pom.xml:
##########
@@ -331,4 +331,38 @@
<testOutputDirectory>target/scala-${scala.binary.version}/test-classes</testOutputDirectory>
</build>
+ <profiles>
+ <profile>
+ <id>genpolicy</id>
+ <activation>
+ <property>
+ <name>ranger.version</name>
Review Comment:
Here adds no property, it acts as the trigger condition to ensure generating policy file is aligned with the targeted ranger version.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org
[GitHub] [kyuubi] yaooqinn commented on pull request #4585: Authz policy file gen
Posted by "yaooqinn (via GitHub)" <gi...@apache.org>.
yaooqinn commented on PR #4585:
URL: https://github.com/apache/kyuubi/pull/4585#issuecomment-1480865083
It's a not suggested 'upstream first' way
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org
[GitHub] [kyuubi] bowenliang123 commented on pull request #4585: Authz policy file generation
Posted by "bowenliang123 (via GitHub)" <gi...@apache.org>.
bowenliang123 commented on PR #4585:
URL: https://github.com/apache/kyuubi/pull/4585#issuecomment-1500060574
Thanks for the detailed review. Merged to master / 1.7.1 .
Merging to 1.7 is for the possible fix and testing related to policy file.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org
[GitHub] [kyuubi] bowenliang123 commented on a diff in pull request #4585: Authz policy file gen
Posted by "bowenliang123 (via GitHub)" <gi...@apache.org>.
bowenliang123 commented on code in PR #4585:
URL: https://github.com/apache/kyuubi/pull/4585#discussion_r1160404766
##########
extensions/spark/kyuubi-spark-authz/src/test/gen/scala/org/apache/kyuubi/plugin/spark/authz/gen/PolicyJsonFileGenerator.scala:
##########
@@ -0,0 +1,358 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.kyuubi.plugin.spark.authz.gen
+
+import java.nio.file.Paths
+import java.util.UUID
+import java.util.concurrent.atomic.AtomicLong
+
+import scala.language.implicitConversions
+
+import com.fasterxml.jackson.annotation.JsonInclude.Include
+import com.fasterxml.jackson.databind.{JsonNode, ObjectMapper}
+import com.fasterxml.jackson.databind.json.JsonMapper
+import com.fasterxml.jackson.databind.node.ObjectNode
+import com.fasterxml.jackson.module.scala.DefaultScalaModule
+import org.apache.ranger.plugin.model.RangerPolicy
+
+import org.apache.kyuubi.plugin.spark.authz.gen.KRangerPolicyItemAccess.allowTypes
+import org.apache.kyuubi.plugin.spark.authz.gen.PolicyJsonFileGenerator.RangerAccessType.{all, alter, create, drop, index, lock, read, select, update, use, write, RangerAccessType}
+import org.apache.kyuubi.plugin.spark.authz.gen.RangerClassConversions._
+
+/**
+ * Generates the policy file to test/main/resources dir.
+ *
+ * Usage:
+ * mvn scala:run -Pgenpolicy
Review Comment:
Which part it is suggested, the comment description or the command?
##########
extensions/spark/kyuubi-spark-authz/src/test/gen/scala/org/apache/kyuubi/plugin/spark/authz/gen/PolicyJsonFileGenerator.scala:
##########
@@ -0,0 +1,358 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.kyuubi.plugin.spark.authz.gen
+
+import java.nio.file.Paths
+import java.util.UUID
+import java.util.concurrent.atomic.AtomicLong
+
+import scala.language.implicitConversions
+
+import com.fasterxml.jackson.annotation.JsonInclude.Include
+import com.fasterxml.jackson.databind.{JsonNode, ObjectMapper}
+import com.fasterxml.jackson.databind.json.JsonMapper
+import com.fasterxml.jackson.databind.node.ObjectNode
+import com.fasterxml.jackson.module.scala.DefaultScalaModule
+import org.apache.ranger.plugin.model.RangerPolicy
+
+import org.apache.kyuubi.plugin.spark.authz.gen.KRangerPolicyItemAccess.allowTypes
+import org.apache.kyuubi.plugin.spark.authz.gen.PolicyJsonFileGenerator.RangerAccessType.{all, alter, create, drop, index, lock, read, select, update, use, write, RangerAccessType}
+import org.apache.kyuubi.plugin.spark.authz.gen.RangerClassConversions._
+
+/**
+ * Generates the policy file to test/main/resources dir.
+ *
+ * Usage:
+ * mvn scala:run -Pgenpolicy
Review Comment:
Which part is this suggested, the comment description or the command?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org
[GitHub] [kyuubi] bowenliang123 commented on a diff in pull request #4585: Authz policy file gen
Posted by "bowenliang123 (via GitHub)" <gi...@apache.org>.
bowenliang123 commented on code in PR #4585:
URL: https://github.com/apache/kyuubi/pull/4585#discussion_r1160406095
##########
extensions/spark/kyuubi-spark-authz/src/test/gen/scala/org/apache/kyuubi/plugin/spark/authz/gen/RangerGenWrapper.scala:
##########
@@ -0,0 +1,204 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.kyuubi.plugin.spark.authz.gen
+
+import scala.collection.convert.ImplicitConversions._
+import scala.language.implicitConversions
+
+import org.apache.ranger.plugin.model.RangerPolicy
+import org.apache.ranger.plugin.model.RangerPolicy._
+
+case class KRangerPolicy(
+ service: String = "hive_jenkins",
+ name: String,
+ policyType: Int = 0,
+ description: String = "",
+ isAuditEnabled: Boolean = true,
+ resources: Map[String, RangerPolicyResource] = Map.empty,
+ conditions: List[RangerPolicyItemCondition] = List.empty,
+ policyItems: List[RangerPolicyItem] = List.empty,
+ denyPolicyItems: List[RangerPolicyItem] = List.empty,
+ allowExceptions: List[RangerPolicyItem] = List.empty,
+ denyExceptions: List[RangerPolicyItem] = List.empty,
+ dataMaskPolicyItems: List[RangerDataMaskPolicyItem] = List.empty,
+ rowFilterPolicyItems: List[RangerRowFilterPolicyItem] = List.empty,
+ id: Int = 0,
+ guid: String = "",
+ isEnabled: Boolean = true,
+ version: Int = 1) {
+ def get: RangerPolicy = {
Review Comment:
Negative, the maximum number of parameters in Scala / Scala fmt is 10.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org
[GitHub] [kyuubi] Yikf commented on a diff in pull request #4585: Authz policy file gen
Posted by "Yikf (via GitHub)" <gi...@apache.org>.
Yikf commented on code in PR #4585:
URL: https://github.com/apache/kyuubi/pull/4585#discussion_r1160407688
##########
extensions/spark/kyuubi-spark-authz/pom.xml:
##########
@@ -331,4 +331,38 @@
<testOutputDirectory>target/scala-${scala.binary.version}/test-classes</testOutputDirectory>
</build>
+ <profiles>
+ <profile>
+ <id>genpolicy</id>
+ <activation>
+ <property>
+ <name>ranger.version</name>
+ <value>2.3.0</value>
+ </property>
+ </activation>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>build-helper-maven-plugin</artifactId>
Review Comment:
> in order to prevent build and test failed on older Ranger versions.
Golden files should be generated manually by the developer, so the profile should be useless, we can have a ENV, like:
``` shell
KYUUBI_AUTHZ_GENERATE_POLICY_GOLDEN_FILES=1 ./build/mvn scala:run -Pgenpolicy -pl :kyuubi-spark-authz_2.12 -DmainClass=org.apache.kyuubi.plugin.spark.authz.gen.PolicyJsonFileGenerator -Dranger.version=2.3.0
```
1. KYUUBI_AUTHZ_GENERATE_POLICY_GOLDEN_FILES is used to prevent golden files from being generated for each test, so a can be removed plugin `build-helper-maven-plugin`;
2. -Dranger.version=2.3.0 activates the ranger version;
BTW: Does this generator have to depend on Apache Ranger 2.3.0? So, do we need \<activation\>\/\<property\>\/\<ranger.version\> to enable the version condition?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org
[GitHub] [kyuubi] codecov-commenter commented on pull request #4585: Authz policy file gen
Posted by "codecov-commenter (via GitHub)" <gi...@apache.org>.
codecov-commenter commented on PR #4585:
URL: https://github.com/apache/kyuubi/pull/4585#issuecomment-1480928353
## [Codecov](https://codecov.io/gh/apache/kyuubi/pull/4585?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report
> Merging [#4585](https://codecov.io/gh/apache/kyuubi/pull/4585?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (f94f6e6) into [master](https://codecov.io/gh/apache/kyuubi/commit/acdfa6ce1d9cb4ced28ccfffd2179e5f197e0885?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (acdfa6c) will **decrease** coverage by `0.06%`.
> The diff coverage is `n/a`.
```diff
@@ Coverage Diff @@
## master #4585 +/- ##
============================================
- Coverage 53.34% 53.28% -0.06%
Complexity 13 13
============================================
Files 577 577
Lines 31546 31555 +9
Branches 4244 4244
============================================
- Hits 16827 16815 -12
- Misses 13135 13154 +19
- Partials 1584 1586 +2
```
[see 12 files with indirect coverage changes](https://codecov.io/gh/apache/kyuubi/pull/4585/indirect-changes?src=pr&el=tree-more&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation)
:mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org
[GitHub] [kyuubi] bowenliang123 commented on pull request #4585: Authz policy file gen
Posted by "bowenliang123 (via GitHub)" <gi...@apache.org>.
bowenliang123 commented on PR #4585:
URL: https://github.com/apache/kyuubi/pull/4585#issuecomment-1484395642
My concern is that to make policy file conform to this generator, we will introduce tests in builds to validate the output from generator an the file content.
But if we do use the Ranger policies class, it fails when it's crossing Ranger versions. (It does happen.)
And also some temporary fields are irrelevant to JSON serialization, we will be hard to control the serialization details to Ranger class itself or exclude them.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org
[GitHub] [kyuubi] Yikf commented on a diff in pull request #4585: Authz policy file gen
Posted by "Yikf (via GitHub)" <gi...@apache.org>.
Yikf commented on code in PR #4585:
URL: https://github.com/apache/kyuubi/pull/4585#discussion_r1160397264
##########
extensions/spark/kyuubi-spark-authz/src/test/gen/scala/org/apache/kyuubi/plugin/spark/authz/gen/PolicyJsonFileGenerator.scala:
##########
@@ -0,0 +1,358 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.kyuubi.plugin.spark.authz.gen
+
+import java.nio.file.Paths
+import java.util.UUID
+import java.util.concurrent.atomic.AtomicLong
+
+import scala.language.implicitConversions
+
+import com.fasterxml.jackson.annotation.JsonInclude.Include
+import com.fasterxml.jackson.databind.{JsonNode, ObjectMapper}
+import com.fasterxml.jackson.databind.json.JsonMapper
+import com.fasterxml.jackson.databind.node.ObjectNode
+import com.fasterxml.jackson.module.scala.DefaultScalaModule
+import org.apache.ranger.plugin.model.RangerPolicy
+
+import org.apache.kyuubi.plugin.spark.authz.gen.KRangerPolicyItemAccess.allowTypes
+import org.apache.kyuubi.plugin.spark.authz.gen.PolicyJsonFileGenerator.RangerAccessType.{all, alter, create, drop, index, lock, read, select, update, use, write, RangerAccessType}
+import org.apache.kyuubi.plugin.spark.authz.gen.RangerClassConversions._
+
+/**
+ * Generates the policy file to test/main/resources dir.
+ *
+ * Usage:
+ * mvn scala:run -Pgenpolicy
Review Comment:
To re-generate policy golden files, run:
{{{
mvn scala:run -Pgenpolicy -pl :kyuubi-spark-authz_2.12 -DmainClass=org.apache.kyuubi.plugin.spark.authz.gen.PolicyJsonFileGenerator
}}}
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org
[GitHub] [kyuubi] Yikf commented on a diff in pull request #4585: Authz policy file gen
Posted by "Yikf (via GitHub)" <gi...@apache.org>.
Yikf commented on code in PR #4585:
URL: https://github.com/apache/kyuubi/pull/4585#discussion_r1160408280
##########
extensions/spark/kyuubi-spark-authz/src/test/gen/scala/org/apache/kyuubi/plugin/spark/authz/gen/PolicyJsonFileGenerator.scala:
##########
@@ -0,0 +1,358 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.kyuubi.plugin.spark.authz.gen
+
+import java.nio.file.Paths
+import java.util.UUID
+import java.util.concurrent.atomic.AtomicLong
+
+import scala.language.implicitConversions
+
+import com.fasterxml.jackson.annotation.JsonInclude.Include
+import com.fasterxml.jackson.databind.{JsonNode, ObjectMapper}
+import com.fasterxml.jackson.databind.json.JsonMapper
+import com.fasterxml.jackson.databind.node.ObjectNode
+import com.fasterxml.jackson.module.scala.DefaultScalaModule
+import org.apache.ranger.plugin.model.RangerPolicy
+
+import org.apache.kyuubi.plugin.spark.authz.gen.KRangerPolicyItemAccess.allowTypes
+import org.apache.kyuubi.plugin.spark.authz.gen.PolicyJsonFileGenerator.RangerAccessType.{all, alter, create, drop, index, lock, read, select, update, use, write, RangerAccessType}
+import org.apache.kyuubi.plugin.spark.authz.gen.RangerClassConversions._
+
+/**
+ * Generates the policy file to test/main/resources dir.
+ *
+ * Usage:
+ * mvn scala:run -Pgenpolicy
Review Comment:
DOC
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org
[GitHub] [kyuubi] yaooqinn commented on pull request #4585: Authz policy file gen
Posted by "yaooqinn (via GitHub)" <gi...@apache.org>.
yaooqinn commented on PR #4585:
URL: https://github.com/apache/kyuubi/pull/4585#issuecomment-1480841388
Can we use ranger classes?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org
[GitHub] [kyuubi] bowenliang123 commented on pull request #4585: Authz policy file gen
Posted by "bowenliang123 (via GitHub)" <gi...@apache.org>.
bowenliang123 commented on PR #4585:
URL: https://github.com/apache/kyuubi/pull/4585#issuecomment-1480847081
> Can we use ranger classes?
I suggest not doing so. Classes and their attributes of Ragner differ in different versions.
By using customed classes in the generator, we could guarantee the stable output of policy files.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org
[GitHub] [kyuubi] bowenliang123 commented on pull request #4585: Authz policy file gen
Posted by "bowenliang123 (via GitHub)" <gi...@apache.org>.
bowenliang123 commented on PR #4585:
URL: https://github.com/apache/kyuubi/pull/4585#issuecomment-1498431326
Changed to use Ranger classes for policy generation. @yaooqinn @Yikf
Policy generation with different Ranger versions:
- 0.6.0/0.7.0: 8 errors in compilation
- 1.1.0/1.2.0: 1 errors in compilation
- 2.0.0/2.1.0/2.2.0/2.3.0: passed ✅
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org
[GitHub] [kyuubi] yaooqinn commented on a diff in pull request #4585: Authz policy file gen
Posted by "yaooqinn (via GitHub)" <gi...@apache.org>.
yaooqinn commented on code in PR #4585:
URL: https://github.com/apache/kyuubi/pull/4585#discussion_r1160405745
##########
extensions/spark/kyuubi-spark-authz/src/test/gen/scala/org/apache/kyuubi/plugin/spark/authz/gen/RangerGenWrapper.scala:
##########
@@ -0,0 +1,204 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.kyuubi.plugin.spark.authz.gen
+
+import scala.collection.convert.ImplicitConversions._
+import scala.language.implicitConversions
+
+import org.apache.ranger.plugin.model.RangerPolicy
+import org.apache.ranger.plugin.model.RangerPolicy._
+
+case class KRangerPolicy(
+ service: String = "hive_jenkins",
+ name: String,
+ policyType: Int = 0,
+ description: String = "",
+ isAuditEnabled: Boolean = true,
+ resources: Map[String, RangerPolicyResource] = Map.empty,
+ conditions: List[RangerPolicyItemCondition] = List.empty,
+ policyItems: List[RangerPolicyItem] = List.empty,
+ denyPolicyItems: List[RangerPolicyItem] = List.empty,
+ allowExceptions: List[RangerPolicyItem] = List.empty,
+ denyExceptions: List[RangerPolicyItem] = List.empty,
+ dataMaskPolicyItems: List[RangerDataMaskPolicyItem] = List.empty,
+ rowFilterPolicyItems: List[RangerRowFilterPolicyItem] = List.empty,
+ id: Int = 0,
+ guid: String = "",
+ isEnabled: Boolean = true,
+ version: Int = 1) {
+ def get: RangerPolicy = {
Review Comment:
instead of defining a case class and a get method, we can simply define a method with parameters
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org
[GitHub] [kyuubi] bowenliang123 commented on pull request #4585: Authz policy file gen
Posted by "bowenliang123 (via GitHub)" <gi...@apache.org>.
bowenliang123 commented on PR #4585:
URL: https://github.com/apache/kyuubi/pull/4585#issuecomment-1498450397
Closing this PR as no concrete agreement in variation of Ranger version for generation and testing.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@kyuubi.apache.org
For additional commands, e-mail: notifications-help@kyuubi.apache.org