You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by "Madhan Neethiraj (JIRA)" <ji...@apache.org> on 2015/06/11 01:00:04 UTC
[jira] [Updated] (RANGER-546) Custom condition evaluation issues
[ https://issues.apache.org/jira/browse/RANGER-546?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Madhan Neethiraj updated RANGER-546:
------------------------------------
Description:
Current implementation of custom condition evaluation supports only one condition of a specific name across all policy-items. This limits creation of policies that grant different accesses based on different condition-values for the same condition name. This needs to be fixed so that policies as details below can be created:
{quote}
{noformat}
resource: database=default; table=testTable
policyItem-1: user=user1; condition={time-range=9am-5pm}; access=read
policyItem-2: user=user2; condition={time-range=11pm-7am}; access=read,write
{noformat}
{quote}
was:
Current implementation of custom condition evaluation supports only one condition of a specific name across all policy-items. This limits creation of policies that grant different accesses based on different condition-values for the same condition name. This needs to be fixed so that policies as details below can be created:
resource: database=default; table=testTable
policyItem-1: user=user1; condition={time-range=9am-5pm}; access=read
policyItem-2: user=user2; condition={time-range=11pm-7am}; access=read,write
> Custom condition evaluation issues
> ----------------------------------
>
> Key: RANGER-546
> URL: https://issues.apache.org/jira/browse/RANGER-546
> Project: Ranger
> Issue Type: Bug
> Components: plugins
> Affects Versions: 0.5.0
> Reporter: Madhan Neethiraj
> Assignee: Madhan Neethiraj
> Fix For: 0.5.0
>
>
> Current implementation of custom condition evaluation supports only one condition of a specific name across all policy-items. This limits creation of policies that grant different accesses based on different condition-values for the same condition name. This needs to be fixed so that policies as details below can be created:
> {quote}
> {noformat}
> resource: database=default; table=testTable
> policyItem-1: user=user1; condition={time-range=9am-5pm}; access=read
> policyItem-2: user=user2; condition={time-range=11pm-7am}; access=read,write
> {noformat}
> {quote}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)