You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by "Madhan Neethiraj (JIRA)" <ji...@apache.org> on 2015/06/11 01:00:04 UTC

[jira] [Updated] (RANGER-546) Custom condition evaluation issues

     [ https://issues.apache.org/jira/browse/RANGER-546?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Madhan Neethiraj updated RANGER-546:
------------------------------------
    Description: 
Current implementation of custom condition evaluation supports only one condition of a specific name across all policy-items. This limits creation of policies that grant different accesses based on different condition-values for the same condition name. This needs to be fixed so that policies as details below can be created:
{quote}
{noformat}
resource: database=default; table=testTable
policyItem-1: user=user1; condition={time-range=9am-5pm}; access=read
policyItem-2: user=user2; condition={time-range=11pm-7am}; access=read,write
{noformat}
{quote}


  was:
Current implementation of custom condition evaluation supports only one condition of a specific name across all policy-items. This limits creation of policies that grant different accesses based on different condition-values for the same condition name. This needs to be fixed so that policies as details below can be created:
resource: database=default; table=testTable
policyItem-1: user=user1; condition={time-range=9am-5pm}; access=read
policyItem-2: user=user2; condition={time-range=11pm-7am}; access=read,write


> Custom condition evaluation issues
> ----------------------------------
>
>                 Key: RANGER-546
>                 URL: https://issues.apache.org/jira/browse/RANGER-546
>             Project: Ranger
>          Issue Type: Bug
>          Components: plugins
>    Affects Versions: 0.5.0
>            Reporter: Madhan Neethiraj
>            Assignee: Madhan Neethiraj
>             Fix For: 0.5.0
>
>
> Current implementation of custom condition evaluation supports only one condition of a specific name across all policy-items. This limits creation of policies that grant different accesses based on different condition-values for the same condition name. This needs to be fixed so that policies as details below can be created:
> {quote}
> {noformat}
> resource: database=default; table=testTable
> policyItem-1: user=user1; condition={time-range=9am-5pm}; access=read
> policyItem-2: user=user2; condition={time-range=11pm-7am}; access=read,write
> {noformat}
> {quote}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)