You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ranger.apache.org by bhavik patel <bh...@gmail.com> on 2022/03/02 12:35:58 UTC

Re: Review Request 73853: RANGER-3628 : Support fine grain authorization for different solr objects

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73853/#review224112
-----------------------------------------------------------




plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java
Lines 651 (patched)
<https://reviews.apache.org/r/73853/#comment313060>

    Is this intentional?



plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/SolrAuthzUtil.java
Lines 66 (patched)
<https://reviews.apache.org/r/73853/#comment313061>

    Remove the condition and use the placeholder in debug logger.


- bhavik patel


On Feb. 25, 2022, 7:09 a.m., Mateen Mansoori wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73853/
> -----------------------------------------------------------
> 
> (Updated Feb. 25, 2022, 7:09 a.m.)
> 
> 
> Review request for ranger, Mehul Parikh, Sailaja Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-3628
>     https://issues.apache.org/jira/browse/RANGER-3628
> 
> 
> Repository: ranger
> 
> 
> Description
> -------
> 
> Modifying ranger solr plugin to allow granting the following privileges:
>   
>    - QUERY - read only privilege on an object
>    - UPDATE - write only privilege on an object
>    - All - read and write access
> 
> Privileges can be defined on the following objects:
> 
> - admin
>     - collections
>     - cores
>     - metrics
>     - autoscaling
>     - security
> - collection
> - config
> - schema
> 
> 
> Diffs
> -----
> 
>   agents-common/src/main/resources/service-defs/ranger-servicedef-solr.json dfaa2f701 
>   plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuditHandler.java 359211cb2 
>   plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java d4dd7b0ec 
>   plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/SolrAuthzUtil.java PRE-CREATION 
>   plugin-solr/src/main/java/org/apache/ranger/services/solr/RangerServiceSolr.java 97909ae54 
>   plugin-solr/src/main/java/org/apache/ranger/services/solr/RangerSolrConstants.java PRE-CREATION 
>   plugin-solr/src/main/java/org/apache/ranger/services/solr/client/ServiceSolrClient.java 5f7b9b924 
>   ranger-solr-plugin-shim/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java 3a10bc2af 
> 
> 
> Diff: https://reviews.apache.org/r/73853/diff/2/
> 
> 
> Testing
> -------
> 
> Tested on cluster with by covering test cases as per new implementation.
> 
> 
> Thanks,
> 
> Mateen Mansoori
> 
>

Re: Review Request 73853: RANGER-3628 : Support fine grain authorization for different solr objects

Posted by Mateen Mansoori <ma...@gmail.com>.


> On March 2, 2022, 12:35 p.m., bhavik patel wrote:
> > plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java
> > Lines 651 (patched)
> > <https://reviews.apache.org/r/73853/diff/2/?file=2266553#file2266553line713>
> >
> >     Is this intentional?

yes - Ref - public enum ACCESS_TYPE {
        QUERY, UPDATE;

        @Override
        public String toString() {
            return name().toLowerCase();
        }
    }


- Mateen


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73853/#review224112
-----------------------------------------------------------


On March 10, 2022, 6:16 a.m., Mateen Mansoori wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73853/
> -----------------------------------------------------------
> 
> (Updated March 10, 2022, 6:16 a.m.)
> 
> 
> Review request for ranger, Mehul Parikh, Sailaja Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-3628
>     https://issues.apache.org/jira/browse/RANGER-3628
> 
> 
> Repository: ranger
> 
> 
> Description
> -------
> 
> Modifying ranger solr plugin to allow granting the following privileges:
>   
>    - QUERY - read only privilege on an object
>    - UPDATE - write only privilege on an object
>    - All - read and write access
> 
> Privileges can be defined on the following objects:
> 
> - admin
>     - collections
>     - cores
>     - metrics
>     - autoscaling
>     - security
> - collection
> - config
> - schema
> 
> 
> Diffs
> -----
> 
>   agents-common/src/main/resources/service-defs/ranger-servicedef-solr.json dfaa2f701 
>   plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuditHandler.java 359211cb2 
>   plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java d4dd7b0ec 
>   plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/SolrAuthzUtil.java PRE-CREATION 
>   plugin-solr/src/main/java/org/apache/ranger/services/solr/RangerServiceSolr.java 97909ae54 
>   plugin-solr/src/main/java/org/apache/ranger/services/solr/RangerSolrConstants.java PRE-CREATION 
>   plugin-solr/src/main/java/org/apache/ranger/services/solr/client/ServiceSolrClient.java 5f7b9b924 
>   ranger-solr-plugin-shim/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java 3a10bc2af 
> 
> 
> Diff: https://reviews.apache.org/r/73853/diff/3/
> 
> 
> Testing
> -------
> 
> Tested on cluster with by covering test cases as per new implementation.
> 
> 
> Thanks,
> 
> Mateen Mansoori
> 
>