You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by me...@apache.org on 2018/07/27 11:22:03 UTC

ranger git commit: RANGER-2164 : Ranger to add default altlas policy for rangertagsync user

Repository: ranger
Updated Branches:
  refs/heads/master 8702a98e4 -> c219420e7


RANGER-2164 : Ranger to add default altlas policy for rangertagsync user

Signed-off-by: Mehul Parikh <me...@apache.org>


Project: http://git-wip-us.apache.org/repos/asf/ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/c219420e
Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/c219420e
Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/c219420e

Branch: refs/heads/master
Commit: c219420e7058ee6081408f82992f6ff1e847d5b1
Parents: 8702a98
Author: Nikhil P <ni...@gmail.com>
Authored: Thu Jul 26 16:06:09 2018 +0530
Committer: Mehul Parikh <me...@apache.org>
Committed: Fri Jul 27 16:51:28 2018 +0530

----------------------------------------------------------------------
 .../services/atlas/RangerServiceAtlas.java      | 26 +++++++++++++++++++-
 1 file changed, 25 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ranger/blob/c219420e/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java
----------------------------------------------------------------------
diff --git a/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java b/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java
index d4c196e..0ee2627 100644
--- a/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java
+++ b/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java
@@ -20,6 +20,7 @@ package org.apache.ranger.services.atlas;
 
 import java.security.PrivilegedAction;
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -39,6 +40,8 @@ import org.apache.commons.logging.LogFactory;
 import org.apache.ranger.plugin.client.BaseClient;
 import org.apache.ranger.plugin.client.HadoopException;
 import org.apache.ranger.plugin.model.RangerPolicy;
+import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem;
+import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess;
 import org.apache.ranger.plugin.model.RangerService;
 import org.apache.ranger.plugin.model.RangerServiceDef;
 import org.apache.ranger.plugin.service.RangerBaseService;
@@ -125,9 +128,10 @@ public class RangerServiceAtlas extends RangerBaseService {
         }
 
         List<RangerPolicy> ret = super.getDefaultRangerPolicies();
-
+        RangerPolicyItemAccess readAccessTagsync = new RangerPolicyItemAccess();
         for (RangerPolicy defaultPolicy : ret) {
             for (RangerPolicy.RangerPolicyItem defaultPolicyItem : defaultPolicy.getPolicyItems()) {
+                List<RangerPolicyItemAccess> rPolItemAccessList=defaultPolicyItem.getAccesses();
                 List<String> users     = defaultPolicyItem.getUsers();
                 String       adminUser = service.getConfigs().get("atlas.admin.user");
 
@@ -137,6 +141,26 @@ public class RangerServiceAtlas extends RangerBaseService {
 
                 users.add(adminUser);
                 defaultPolicyItem.setUsers(users);
+                if(defaultPolicy.getName().contains(RangerServiceAtlas.RESOURCE_ENTITY_TYPE)){
+	                for(RangerPolicyItemAccess rPolItemAccess: rPolItemAccessList){
+		                if(rPolItemAccess.getType().contains("read")){
+			                readAccessTagsync = rPolItemAccess;
+			                }
+	                }
+                }
+            }
+            if(defaultPolicy.getName().contains(RangerServiceAtlas.RESOURCE_ENTITY_TYPE)){
+	            if(defaultPolicy.getResources().containsKey(RangerServiceAtlas.RESOURCE_ENTITY_TYPE)){
+		            RangerPolicyItem rPItemTagsync = new RangerPolicyItem();
+		            List<RangerPolicyItem> tagSyncpolicyItems = new ArrayList<RangerPolicyItem>();
+		            rPItemTagsync.setUsers(new ArrayList<>(Arrays.asList("rangertagsync")));
+		            List<RangerPolicyItemAccess> tagsyncAccessList = new ArrayList<RangerPolicyItemAccess>();
+		            tagsyncAccessList.add(readAccessTagsync);
+		            rPItemTagsync.setAccesses(tagsyncAccessList);
+		            tagSyncpolicyItems = defaultPolicy.getPolicyItems();
+		            tagSyncpolicyItems.add(rPItemTagsync);
+		            defaultPolicy.setPolicyItems(tagSyncpolicyItems);
+	            }
             }
         }