You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ranger.apache.org by "Madhan Neethiraj (JIRA)" <ji...@apache.org> on 2014/08/22 05:18:11 UTC

[jira] [Comment Edited] (ARGUS-17) Grant/revoke to update policies in Argus

    [ https://issues.apache.org/jira/browse/ARGUS-17?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14106399#comment-14106399 ] 

Madhan Neethiraj edited comment on ARGUS-17 at 8/22/14 3:17 AM:
----------------------------------------------------------------

ARGUS-17.1.patch
- added configuration
 'xasecure.hive.authorizer.update.xapolicies.on.grant.revoke' to
 enable/disable updating XAPolicies for GRANT/REVOKE. Enabled by default.
- updated to have access-check for GRANT/REVOKE done at security admin (instead of at the agent), as the logic to determine the access could be involved and can change (for example to restrict permissions that can be granted by the user)
- updates for change in REST interface (a single list permMapList,
 instead of two lists - userPermMap, groupPermMap)
- authz APIs that are not implemented in XAHiveAuthroizer will now raise exception with message containing string "not implemented in Argus HiveAuthorizer"


was (Author: madhan.neethiraj):
- added configuration
 'xasecure.hive.authorizer.update.xapolicies.on.grant.revoke' to
 enable/disable updating XAPolicies for GRANT/REVOKE. Enabled by default.
- updated to have access-check for GRANT/REVOKE done at security admin (instead of at the agent), as the logic to determine the access could be involved and can change (for example to restrict permissions that can be granted by the user)
- updates for change in REST interface (a single list permMapList,
 instead of two lists - userPermMap, groupPermMap)
- authz APIs that are not implemented in XAHiveAuthroizer will now raise exception with message containing string "not implemented in Argus HiveAuthorizer"

> Grant/revoke to update policies in Argus
> ----------------------------------------
>
>                 Key: ARGUS-17
>                 URL: https://issues.apache.org/jira/browse/ARGUS-17
>             Project: Argus
>          Issue Type: Bug
>            Reporter: Madhan Neethiraj
>            Assignee: Madhan Neethiraj
>         Attachments: ARGUS-17.1.patch, ARGUS-17.patch
>
>
> Update Argus policies for the changes in permissions done using Hive grant/revoke statements.



--
This message was sent by Atlassian JIRA
(v6.2#6252)