You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by Madhan Neethiraj <ma...@apache.org> on 2016/04/01 00:08:24 UTC
Re: Review Request 45517: RANGER-873: Ranger policy model update to
support data-mask policies
> On March 31, 2016, 9:33 p.m., Abhay Kulkarni wrote:
> > agents-common/src/main/java/org/apache/ranger/plugin/policyresourcematcher/RangerDefaultPolicyResourceMatcher.java, line 65
> > <https://reviews.apache.org/r/45517/diff/1/?file=1320233#file1320233line65>
> >
> > If this is only called from with setPolicy(), consider making this private and remove it from the Interface RangerPolicyResourceMatcher
setPolicyResources() is called from couple of other places - like RangerTagEnricher, RangerHiveResourcesAccessedTogetherCondition. This method should continue to exist as public.
> On March 31, 2016, 9:33 p.m., Abhay Kulkarni wrote:
> > agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyRepository.java, line 207
> > <https://reviews.apache.org/r/45517/diff/1/?file=1320230#file1320230line207>
> >
> > Is this necessary? normalizeAndPrunePolicies() is called only for tag-policies.
This was added so that dataMaskPolicyItems collection will be handled just like other policyItem collections. Since this collection will be empty for tag-based policies (for now), this will be no-op.
- Madhan
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/45517/#review126396
-----------------------------------------------------------
On March 31, 2016, 1:40 a.m., Madhan Neethiraj wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/45517/
> -----------------------------------------------------------
>
> (Updated March 31, 2016, 1:40 a.m.)
>
>
> Review request for ranger, Alok Lal, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, Ramesh Mani, Selvamohan Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-873
> https://issues.apache.org/jira/browse/RANGER-873
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Updated Ranger policy model to support data-mask policies
>
>
> Diffs
> -----
>
> agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java 522d130
> agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java 8b919d0
> agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java cab7006
> agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerServiceDefHelper.java 53df193
> agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerServiceDefValidator.java 0507fc4
> agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerValidator.java 075a374
> agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyRepository.java 4a394d4
> agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java c48fb72
> agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerOptimizedPolicyEvaluator.java 710d0c5
> agents-common/src/main/java/org/apache/ranger/plugin/policyresourcematcher/RangerDefaultPolicyResourceMatcher.java 4742850
> agents-common/src/main/java/org/apache/ranger/plugin/policyresourcematcher/RangerPolicyResourceMatcher.java f743d55
> agents-common/src/main/java/org/apache/ranger/plugin/resourcematcher/RangerAbstractResourceMatcher.java 5063eea
> agents-common/src/main/java/org/apache/ranger/plugin/service/RangerBasePlugin.java 1ec88d5
> agents-common/src/main/java/org/apache/ranger/plugin/util/ServiceDefUtil.java 90242da
> agents-common/src/main/resources/service-defs/ranger-servicedef-hive.json b966be9
> agents-common/src/test/java/org/apache/ranger/plugin/model/TestRangerPolicyResourceSignature.java 7cc2831
> agents-common/src/test/java/org/apache/ranger/plugin/model/validation/TestRangerServiceDefHelper.java d9e50e4
> agents-common/src/test/resources/policyengine/test_policyengine_hive_masking.json 92b21aa
> security-admin/db/mysql/patches/020-datamask-policy.sql 43d9395
> security-admin/db/postgres/patches/020-datamask-policy.sql PRE-CREATION
> security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 77203dc
> security-admin/src/main/java/org/apache/ranger/common/JSONUtil.java 38a1659
> security-admin/src/main/java/org/apache/ranger/entity/XXAccessTypeDef.java 62b11ce
> security-admin/src/main/java/org/apache/ranger/entity/XXResourceDef.java 8a2b6e0
> security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefServiceBase.java 7a172d4
>
> Diff: https://reviews.apache.org/r/45517/diff/
>
>
> Testing
> -------
>
> added unit tests to verify the new functionality
>
>
> Thanks,
>
> Madhan Neethiraj
>
>