You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ma...@apache.org on 2023/03/15 06:54:08 UTC
[ranger] 02/02: RANGER-4083: Tag-based policy UI to not show permissions in deny/exception for services that don't support deny/exception
This is an automated email from the ASF dual-hosted git repository.
madhan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
commit 32f8ce52a1f7ebfa45dce7c50e718250a0adce53
Author: Dhaval Rajpara <dh...@gmail.com>
AuthorDate: Tue Mar 14 18:51:15 2023 +0530
RANGER-4083: Tag-based policy UI to not show permissions in deny/exception for services that don't support deny/exception
Signed-off-by: Madhan Neethiraj <ma...@apache.org>
---
.../scripts/views/policies/RangerPolicyCreate.js | 10 ++++++----
.../webapp/scripts/views/policies/RangerPolicyForm.js | 19 ++++++++++++++-----
2 files changed, 20 insertions(+), 9 deletions(-)
diff --git a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyCreate.js b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyCreate.js
index b1e7a11a0..e6c262235 100644
--- a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyCreate.js
+++ b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyCreate.js
@@ -35,6 +35,7 @@ define(function(require){
var RangerPolicycreateTmpl = require('hbs!tmpl/policies/RangerPolicyCreate_tmpl');
var RangerPolicyForm = require('views/policies/RangerPolicyForm');
var RangerServiceDef = require('models/RangerServiceDef');
+ var RangerServiceDefList = require('collections/RangerServiceDefList');
var Vent = require('modules/Vent');
var RangerPolicyCreate = Backbone.Marionette.Layout.extend(
@@ -130,6 +131,7 @@ define(function(require){
model : this.model,
rangerServiceDefModel : this.rangerServiceDefModel,
rangerService : this.rangerService,
+ rangerServiceDefList: this.RangerServiceDefList
});
this.editPolicy = this.model.has('id') ? true : false;
@@ -137,13 +139,13 @@ define(function(require){
this.params = {};
},
initializeServiceDef : function(){
-
- this.rangerServiceDefModel = new RangerServiceDef();
- this.rangerServiceDefModel.url = XAUtil.getRangerServiceDef(this.rangerService.get('type'));
- this.rangerServiceDefModel.fetch({
+ var that = this
+ this.RangerServiceDefList = new RangerServiceDefList();
+ this.RangerServiceDefList.fetch({
cache : false,
async : false
});
+ this.rangerServiceDefModel = this.RangerServiceDefList.findWhere({'name' : that.rangerService.get('type')})
},
/** all events binding here */
diff --git a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js
index 002621119..118dfe215 100644
--- a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js
+++ b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js
@@ -72,7 +72,7 @@ define(function(require){
},
initialize: function(options) {
console.log("initialized a RangerPolicyForm Form View");
- _.extend(this, _.pick(options, 'rangerServiceDefModel', 'rangerService'));
+ _.extend(this, _.pick(options, 'rangerServiceDefModel', 'rangerService', 'rangerServiceDefList'));
Backbone.Form.prototype.initialize.call(this, options);
this.initializeCollection();
@@ -363,7 +363,16 @@ define(function(require){
if(enableDenyAndExceptionsInPolicies && this.$el.find(this.ui.isDenyAllElse).find('.toggle-slide').hasClass('active')){
this.$el.find(this.ui.denyConditionItems).hide();
}
-
+ var enableDenyAndExceptions = accessType.filter(function(m){
+ if(!_.contains((that.rangerServiceDefList.map(function(m){
+ if(m.get('options').enableDenyAndExceptionsInPolicies == "false"){
+ return m.get("name")
+ }
+ })).filter(Boolean), m.name.substr(0,m.name.indexOf(":")))){
+ return m
+ }
+ })
+
that.$('[data-customfields="groupPerms"]').html(new PermissionList({
collection : that.formInputList,
model : that.model,
@@ -377,7 +386,7 @@ define(function(require){
that.$('[data-customfields="groupPermsAllowExclude"]').html(new PermissionList({
collection : that.formInputAllowExceptionList,
model : that.model,
- accessTypes: accessType,
+ accessTypes: that.rangerServiceDefModel.get('name') != XAEnums.ServiceType.SERVICE_TAG.label ? accessType : enableDenyAndExceptions,
headerTitle: "",
rangerServiceDefModel : that.rangerServiceDefModel,
rangerPolicyType : that.model.get('policyType')
@@ -386,7 +395,7 @@ define(function(require){
that.$('[data-customfields="groupPermsDeny"]').html(new PermissionList({
collection : that.formInputDenyList,
model : that.model,
- accessTypes: accessType,
+ accessTypes: that.rangerServiceDefModel.get('name') != XAEnums.ServiceType.SERVICE_TAG.label ? accessType : enableDenyAndExceptions,
headerTitle: "Deny",
rangerServiceDefModel : that.rangerServiceDefModel,
rangerPolicyType : that.model.get('policyType')
@@ -394,7 +403,7 @@ define(function(require){
that.$('[data-customfields="groupPermsDenyExclude"]').html(new PermissionList({
collection : that.formInputDenyExceptionList,
model : that.model,
- accessTypes: accessType,
+ accessTypes: that.rangerServiceDefModel.get('name') != XAEnums.ServiceType.SERVICE_TAG.label ? accessType : enableDenyAndExceptions,
headerTitle: "Deny",
rangerServiceDefModel : that.rangerServiceDefModel,
rangerPolicyType : that.model.get('policyType')