----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/72513/#review220783 -----------------------------------------------------------
agents-common/src/main/resources/service-defs/ranger-servicedef-presto.json Lines 164 (patched) <https://reviews.apache.org/r/72513/#comment309491> Changes in service-def (like addition of resources/access-types, changes in access-types/data-mask/row-filter) will not be applied to existing service-def in Ranger. Updating existing service-def would require a Java patch. Please file a JIRA to track Java patch to handle this. agents-common/src/main/resources/service-defs/ranger-servicedef-presto.json Lines 266 (patched) <https://reviews.apache.org/r/72513/#comment309487> I suggest to not change itemId of existing entries; and assign itemId=13 for the new entry 'execute'. plugin-presto/src/main/java/org/apache/ranger/authorization/presto/authorizer/RangerSystemAccessControl.java Lines 328 (patched) <https://reviews.apache.org/r/72513/#comment309488> Consider removing "==> " from this debug log, as prefix is used at function-entry; and this log is not about function-entry. Please review and update other such log messages intrdocued in this patch. plugin-presto/src/test/resources/presto-policies.json Line 1013 (original), 1187 (patched) <https://reviews.apache.org/r/72513/#comment309490> Row-filter expressions are likely to refer to columns in the table for which the filter is applied. When wildcard is allowed in row-filter policies, it might be challenging to make sure that the row-filter expression is valid for all the tables covered by the wildcard. When the row-filter is invalid for a table, the query will fail. Hence wildCard was disabled for row-filters. Please review to make sure that this is clearly understood. - Madhan Neethiraj On May 14, 2020, 8:25 p.m., Bolke de Bruin wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/72513/ > ----------------------------------------------------------- > > (Updated May 14, 2020, 8:25 p.m.) > > > Review request for ranger, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, > and Ramesh Mani. > > > Bugs: https://jira.apache.org/jira/browse/RANGER-2826 > > https://issues.apache.org/jira/browse/https://jira.apache.org/jira/browse/RANGER-2826 > > > Repository: ranger > > > Description > ------- > > Presto 332/333 are backwards incompatible. > > > Diffs > ----- > > agents-common/src/main/resources/service-defs/ranger-servicedef-presto.json > 4d5b79582 > > plugin-presto/src/main/java/org/apache/ranger/authorization/presto/authorizer/RangerSystemAccessControl.java > d4521a392 > > plugin-presto/src/test/java/org/apache/ranger/authorization/presto/authorizer/RangerSystemAccessControlTest.java > c00d51986 > plugin-presto/src/test/resources/presto-policies.json 28eabf2d6 > pom.xml ebce7c9f0 > > ranger-presto-plugin-shim/src/main/java/org/apache/ranger/authorization/presto/authorizer/RangerSystemAccessControl.java > bfb3a5961 > > > Diff: https://reviews.apache.org/r/72513/diff/1/ > > > Testing > ------- > > Unit tests updated. Production. > > > Thanks, > > Bolke de Bruin > >
