----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/71945/ -----------------------------------------------------------
Review request for ranger, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, Sarath Subramanian, Sidharth Mishra, and Velmurugan Periasamy. Bugs: RANGER-2682 https://issues.apache.org/jira/browse/RANGER-2682 Repository: ranger Description ------- Adding new authorization privilege - "admin-purge" in Ranger-Atlas service defination for Atlas Service resource. Diffs ----- agents-common/src/main/resources/service-defs/ranger-servicedef-atlas.json 7a6f0b936 Diff: https://reviews.apache.org/r/71945/diff/1/ Testing ------- Updated atlas plugin service def using below curl call. "admin-purge" permission is seen in create policy UI for resource atlas-service. curl -i --header "Accept:application/json" -H "Content-Type: application/json" -u admin:admin123 -X PUT http://rangerhost:6080/service/plugins/definitions/{id} -d '{"id":15,"guid":"311a79b7-16f5-46f4-9829-a0224b9999c5","isEnabled":true,"createTime":1577434414072,"updateTime":1577434414072,"version":1,"name":"atlas","displayName":"atlas","implClass":"org.apache.ranger.services.atlas.RangerServiceAtlas","label":"Atlas Metadata Server","description":"Atlas Metadata Server","options":{"enableDenyAndExceptionsInPolicies":"true"},"configs":[{"itemId":1,"name":"username","type":"string","mandatory":true,"label":"Username"},{"itemId":2,"name":"password","type":"password","mandatory":true,"label":"Password"},{"itemId":3,"name":"atlas.rest.address","type":"string","mandatory":true,"defaultValue":"http://localhost:21000"},{"itemId":4,"name":"commonNameForCertificate","type":"string","mandatory":false,"label":"Common Name for Certificate"}],"resources":[{"itemId":1,"name":"type-category","type" :"string","level":10,"mandatory":true,"lookupSupported":true,"recursiveSupported":false,"excludesSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":{"wildCard":"true","ignoreCase":"true"},"label":"Type Catagory","description":"Type Catagory","accessTypeRestrictions":[],"isValidLeaf":false},{"itemId":3,"name":"entity-type","type":"string","level":10,"mandatory":true,"lookupSupported":true,"recursiveSupported":false,"excludesSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":{"wildCard":"true","ignoreCase":"true"},"label":"Entity Type","description":"Entity Type","accessTypeRestrictions":[],"isValidLeaf":false},{"itemId":6,"name":"atlas-service","type":"string","level":10,"mandatory":true,"lookupSupported":true,"recursiveSupported":false,"excludesSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions" :{"wildCard":"true","ignoreCase":"true"},"label":"Atlas Service","description":"Atlas Service","accessTypeRestrictions":["admin-import","admin-export","admin-purge"],"isValidLeaf":true},{"itemId":7,"name":"relationship-type","type":"string","level":10,"mandatory":true,"lookupSupported":true,"recursiveSupported":false,"excludesSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":{"wildCard":"true","ignoreCase":"true"},"label":"Relationship Type","description":"Relationship Type","accessTypeRestrictions":[],"isValidLeaf":false},{"itemId":8,"name":"end-one-entity-type","type":"string","level":20,"parent":"relationship-type","mandatory":true,"lookupSupported":true,"recursiveSupported":false,"excludesSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":{"wildCard":"true","ignoreCase":"true"},"label":"End1 Entity Type","description":"End1 Entity Type","accessTypeRest rictions":[],"isValidLeaf":false},{"itemId":4,"name":"entity-classification","type":"string","level":20,"parent":"entity-type","mandatory":true,"lookupSupported":true,"recursiveSupported":false,"excludesSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":{"wildCard":"true","ignoreCase":"true"},"label":"Entity Classification","description":"Entity Classification","accessTypeRestrictions":[],"isValidLeaf":false},{"itemId":2,"name":"type","type":"string","level":20,"parent":"type-category","mandatory":true,"lookupSupported":true,"recursiveSupported":false,"excludesSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":{"wildCard":"true","ignoreCase":"true"},"label":"Type Name","description":"Type Name","accessTypeRestrictions":["type-create","type-delete","type-update"],"isValidLeaf":true},{"itemId":9,"name":"end-one-entity-classification","type":"string","level":3 0,"parent":"end-one-entity-type","mandatory":true,"lookupSupported":true,"recursiveSupported":false,"excludesSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":{"wildCard":"true","ignoreCase":"true"},"label":"End1 Entity Classification","description":"End1 Entity Classification","accessTypeRestrictions":[],"isValidLeaf":false},{"itemId":5,"name":"entity","type":"string","level":30,"parent":"entity-classification","mandatory":true,"lookupSupported":true,"recursiveSupported":false,"excludesSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":{"wildCard":"true","ignoreCase":"true"},"label":"Entity ID","description":"Entity ID","accessTypeRestrictions":["entity-read","entity-create","entity-update","entity-delete","entity-remove-classification","entity-add-classification","entity-update-classification"],"isValidLeaf":true},{"itemId":10,"name":"end-one-entity","ty pe":"string","level":40,"parent":"end-one-entity-classification","mandatory":true,"lookupSupported":true,"recursiveSupported":false,"excludesSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":{"wildCard":"true","ignoreCase":"true"},"label":"End1 Entity ID","description":"End1 Entity ID","accessTypeRestrictions":[],"isValidLeaf":false},{"itemId":11,"name":"end-two-entity-type","type":"string","level":50,"parent":"end-one-entity","mandatory":true,"lookupSupported":true,"recursiveSupported":false,"excludesSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":{"wildCard":"true","ignoreCase":"true"},"label":"End2 Entity Type","description":"End2 Entity Type","accessTypeRestrictions":[],"isValidLeaf":false},{"itemId":12,"name":"end-two-entity-classification","type":"string","level":60,"parent":"end-two-entity-type","mandatory":true,"lookupSupported":true,"recursiveS upported":false,"excludesSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":{"wildCard":"true","ignoreCase":"true"},"label":"End2 Entity Classification","description":"End2 Entity Classification","accessTypeRestrictions":[],"isValidLeaf":false},{"itemId":13,"name":"end-two-entity","type":"string","level":70,"parent":"end-two-entity-classification","mandatory":true,"lookupSupported":true,"recursiveSupported":false,"excludesSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":{"wildCard":"true","ignoreCase":"true"},"label":"End2 Entity ID","description":"End2 Entity ID","accessTypeRestrictions":["remove-relationship","update-relationship","add-relationship"],"isValidLeaf":true}],"accessTypes":[{"itemId":1,"name":"type-create","label":"Create Type","impliedGrants":[]},{"itemId":2,"name":"type-update","label":"UpdateType","impliedGrants":[]},{"itemId":3,"name":"t ype-delete","label":"Delete Type","impliedGrants":[]},{"itemId":4,"name":"entity-read","label":"Read Entity","impliedGrants":[]},{"itemId":5,"name":"entity-create","label":"Create Entity","impliedGrants":[]},{"itemId":6,"name":"entity-update","label":"Update Entity","impliedGrants":[]},{"itemId":7,"name":"entity-delete","label":"Delete Entity","impliedGrants":[]},{"itemId":8,"name":"entity-add-classification","label":"Add Classification","impliedGrants":[]},{"itemId":9,"name":"entity-update-classification","label":"Update Classification","impliedGrants":[]},{"itemId":10,"name":"entity-remove-classification","label":"Remove Classification","impliedGrants":[]},{"itemId":11,"name":"admin-export","label":"Admin Export","impliedGrants":[]},{"itemId":12,"name":"admin-import","label":"Admin Import","impliedGrants":[]},{"itemId":13,"name":"add-relationship","label":"Add Relationship","impliedGrants":[]},{"itemId":14,"name":"update-relationship","label":"Update Relationship","impliedGrants": []},{"itemId":15,"name":"remove-relationship","label":"Remove Relationship","impliedGrants":[]},{"itemId":16,"name":"admin-purge","label":"Admin Purge","impliedGrants":[]}],"policyConditions":[],"contextEnrichers":[],"enums":[],"dataMaskDef":{"maskTypes":[],"accessTypes":[],"resources":[]},"rowFilterDef":{"accessTypes":[],"resources":[]}}' Thanks, Nixon Rodrigues