You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ma...@apache.org on 2022/06/29 18:07:17 UTC

[ranger] branch master updated: RANGER-3796: plugin capabilities entry added for multiple resource sets in a policy - #2

This is an automated email from the ASF dual-hosted git repository.

madhan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git


The following commit(s) were added to refs/heads/master by this push:
     new 710e7c763 RANGER-3796: plugin capabilities entry added for multiple resource sets in a policy - #2
710e7c763 is described below

commit 710e7c763e8deebc24b7d8109fe8ef17618f0651
Author: Madhan Neethiraj <ma...@apache.org>
AuthorDate: Tue Jun 28 10:31:02 2022 -0700

    RANGER-3796: plugin capabilities entry added for multiple resource sets in a policy - #2
---
 .../java/org/apache/ranger/plugin/util/RangerPluginCapability.java   | 5 ++++-
 .../test/resources/policyengine/plugin/test_plugin_capability.json   | 4 ++--
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerPluginCapability.java b/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerPluginCapability.java
index bac6e266a..a73778a59 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerPluginCapability.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerPluginCapability.java
@@ -47,6 +47,8 @@ public class RangerPluginCapability {
 	- Super-user permission
 	- UserStore download
 	- Audit-policies
+	- User/group/tag attributes in policy
+	- additional resources in policy
      */
     private final long pluginCapabilities;
     private static final String baseRangerCapabilities = computeBaseCapabilities();
@@ -70,7 +72,8 @@ public class RangerPluginCapability {
         RANGER_PLUGIN_CAPABILITY_SUPERUSER_PERMISSIONS("Super-user Permissions"),
         RANGER_PLUGIN_CAPABILITY_USERSTORE_DOWNLOAD("UserStore Download"),
         RANGER_PLUGIN_CAPABILITY_AUDIT_POLICY("Audit Policy"),
-        RANGER_PLUGIN_CAPABILITY_UGT_ATTRIBUTES_IN_POLICY("User/group/tag attributes in policy");
+        RANGER_PLUGIN_CAPABILITY_UGT_ATTRIBUTES_IN_POLICY("User/group/tag attributes in policy"),
+        RANGER_PLUGIN_CAPABILITY_ADDITIONAL_RESOURCES_IN_POLICY("additional resources in policy");
 
         private final String name;
         RangerPluginFeature(String name) {
diff --git a/agents-common/src/test/resources/policyengine/plugin/test_plugin_capability.json b/agents-common/src/test/resources/policyengine/plugin/test_plugin_capability.json
index f503c2350..31515a1f4 100644
--- a/agents-common/src/test/resources/policyengine/plugin/test_plugin_capability.json
+++ b/agents-common/src/test/resources/policyengine/plugin/test_plugin_capability.json
@@ -21,14 +21,14 @@
     {
       "name": "Using all existing capabilities",
       "myCapabilities": [],
-      "otherCapabilities": ["RANGER_PLUGIN_CAPABILITY_TAG_POLICIES","RANGER_PLUGIN_CAPABILITY_MASKING_AND_ROW_FILTERING", "RANGER_PLUGIN_CAPABILITY_MACROS", "RANGER_PLUGIN_CAPABILITY_AUDIT_MODE", "RANGER_PLUGIN_CAPABILITY_RESOURCE_IS_VALID_LEAF", "RANGER_PLUGIN_CAPABILITY_VALIDITY_PERIOD", "RANGER_PLUGIN_CAPABILITY_POLICY_PRIORITY","RANGER_PLUGIN_CAPABILITY_SECURITY_ZONE","RANGER_PLUGIN_CAPABILITY_POLICY_LEVEL_CONDITION", "RANGER_PLUGIN_CAPABILITY_DENY_ALL_ELSE_POLICY","RANGER_PLUGIN_CAP [...]
+      "otherCapabilities": ["RANGER_PLUGIN_CAPABILITY_TAG_POLICIES","RANGER_PLUGIN_CAPABILITY_MASKING_AND_ROW_FILTERING", "RANGER_PLUGIN_CAPABILITY_MACROS", "RANGER_PLUGIN_CAPABILITY_AUDIT_MODE", "RANGER_PLUGIN_CAPABILITY_RESOURCE_IS_VALID_LEAF", "RANGER_PLUGIN_CAPABILITY_VALIDITY_PERIOD", "RANGER_PLUGIN_CAPABILITY_POLICY_PRIORITY","RANGER_PLUGIN_CAPABILITY_SECURITY_ZONE","RANGER_PLUGIN_CAPABILITY_POLICY_LEVEL_CONDITION", "RANGER_PLUGIN_CAPABILITY_DENY_ALL_ELSE_POLICY","RANGER_PLUGIN_CAP [...]
       "difference": []
     },
     {
       "name": "Using all existing capabilities, other has fewer",
       "myCapabilities": [],
       "otherCapabilities": ["RANGER_PLUGIN_CAPABILITY_ROLE_DOWNLOAD_TIMER","RANGER_PLUGIN_CAPABILITY_MASKING_AND_ROW_FILTERING", "RANGER_PLUGIN_CAPABILITY_MACROS", "RANGER_PLUGIN_CAPABILITY_AUDIT_MODE", "RANGER_PLUGIN_CAPABILITY_RESOURCE_IS_VALID_LEAF", "RANGER_PLUGIN_CAPABILITY_VALIDITY_PERIOD", "RANGER_PLUGIN_CAPABILITY_POLICY_PRIORITY","RANGER_PLUGIN_CAPABILITY_SECURITY_ZONE","RANGER_PLUGIN_CAPABILITY_POLICY_LEVEL_CONDITION", "RANGER_PLUGIN_CAPABILITY_DENY_ALL_ELSE_POLICY","RANGER_PLU [...]
-      "difference": ["RANGER_PLUGIN_CAPABILITY_TAG_POLICIES", "RANGER_PLUGIN_CAPABILITY_AUDIT_EXCLUDED_USERS", "RANGER_PLUGIN_CAPABILITY_CHAINED_PLUGINS", "RANGER_PLUGIN_CAPABILITY_SUPERUSER_PERMISSIONS", "RANGER_PLUGIN_CAPABILITY_USERSTORE_DOWNLOAD", "RANGER_PLUGIN_CAPABILITY_AUDIT_POLICY", "RANGER_PLUGIN_CAPABILITY_UGT_ATTRIBUTES_IN_POLICY"]
+      "difference": ["RANGER_PLUGIN_CAPABILITY_TAG_POLICIES", "RANGER_PLUGIN_CAPABILITY_AUDIT_EXCLUDED_USERS", "RANGER_PLUGIN_CAPABILITY_CHAINED_PLUGINS", "RANGER_PLUGIN_CAPABILITY_SUPERUSER_PERMISSIONS", "RANGER_PLUGIN_CAPABILITY_USERSTORE_DOWNLOAD", "RANGER_PLUGIN_CAPABILITY_AUDIT_POLICY", "RANGER_PLUGIN_CAPABILITY_UGT_ATTRIBUTES_IN_POLICY", "RANGER_PLUGIN_CAPABILITY_ADDITIONAL_RESOURCES_IN_POLICY"]
     }
   ]
 }
\ No newline at end of file