----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73212/#review222831 -----------------------------------------------------------
Ship it! Ship It! - Madhan Neethiraj On April 15, 2021, 1:27 p.m., Nixon Rodrigues wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/73212/ > ----------------------------------------------------------- > > (Updated April 15, 2021, 1:27 p.m.) > > > Review request for ranger, Jayendra Parab, Madhan Neethiraj, Ramesh Mani, > Sarath Subramanian, and Velmurugan Periasamy. > > > Bugs: RANGER-3195 > https://issues.apache.org/jira/browse/RANGER-3195 > > > Repository: ranger > > > Description > ------- > > Requirement :- The new requirement is to provide a way to authorize who can > Add/Remove/Update Classification for an entity even if the entities on which > classification have to be applied do not have classifications already tagged > to it. > > Solution:- > > > This will require changes on Ranger Atlas service defination to introduce a > new resource "*classifications*" in entity authz model called classifications > at level 40 [4th level], with the new classifications resource ranger > authorizer will check the classification exist in policy for that > add/update/remove classification request to authorize. > > > Diffs > ----- > > agents-common/src/main/resources/service-defs/ranger-servicedef-atlas.json > 4ce7ec991 > > plugin-atlas/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasAuthorizer.java > 79ef60465 > > plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java > c13633ad2 > security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql > 7179dc998 > security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql > 40917cdf4 > security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql > ba9eb0157 > > security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql > 371846f1e > security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql > 90004ec77 > > security-admin/src/main/java/org/apache/ranger/patch/PatchAtlasForClassificationResource_J10047.java > PRE-CREATION > > > Diff: https://reviews.apache.org/r/73212/diff/7/ > > > Testing > ------- > > Tested Atlas with Ranger authorization with entities for add, update , > add-classification, remove-classification, update-classification events. > > > Thanks, > > Nixon Rodrigues > >
