----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74697/#review225929 -----------------------------------------------------------
security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java Lines 1228 (patched) <https://reviews.apache.org/r/74697/#comment314334> getUnscrubbedDatasets() already returns paginated list. Filtering in the following for loop might exclude some datasets, resulting in reduced page size. Please review and update. security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java Lines 1417 (patched) <https://reviews.apache.org/r/74697/#comment314333> Instead of processing policyItems here, consider moving this to validator. validator.isAccessibleByDatasetPolicy(policy, user); Above method should also check if the policy is enabled. security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java Lines 590 (patched) <https://reviews.apache.org/r/74697/#comment314332> to avoid retrieving groups and roles for each policyItem (i.e., each call to this method), consider sending these as parameter. - Madhan Neethiraj On Oct. 25, 2023, 12:07 p.m., Prashant Satam wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/74697/ > ----------------------------------------------------------- > > (Updated Oct. 25, 2023, 12:07 p.m.) > > > Review request for ranger, Anand Nadar, Ankita Sinha, Madhan Neethiraj, > Monika Kachhadiya, and Subhrat Chaudhary. > > > Bugs: RANGER-4494 > https://issues.apache.org/jira/browse/RANGER-4494 > > > Repository: ranger > > > Description > ------- > > We need a new API URI--->(/dataset/summary/sharedwithme) to extend the > /dataset/summary API added in > https://issues.apache.org/jira/browse/RANGER-4446, to get the DatasetSummary > for datasets which are shared with the logged in user, based on policy. > > Use of The API > > This API will return dataset summary objects which are accessible for the > logged in user by the dataset policy > > > Diffs > ----- > > security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java > 4249b1121 > security-admin/src/main/java/org/apache/ranger/rest/GdsREST.java b1dc9d37d > > security-admin/src/main/java/org/apache/ranger/security/context/RangerAPIList.java > f21d445c4 > > security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java > 6c55fd029 > > > Diff: https://reviews.apache.org/r/74697/diff/1/ > > > Testing > ------- > > 1)Create dataset attach dataShare and shared-resource to it > 2)create policy for the dataset and add the current logged in user in the > dataset-policy (can add user directly/via role/via group) > 3)use GET-API ----------> (/service/gds/dataset/summary/sharedwithme) you > will only get dataset summary objects for whom the current user have access > by the dataset-policy > > Request-------------> GET-API /service/gds/dataset/summary/sharedwithme > Response -----------> > { > "startIndex": 0, > "pageSize": 200, > "totalCount": 1, > "resultSize": 1, > "sortType": "datasetId", > "sortBy": "asc", > "queryTimeMS": 1698235573851, > "list": [ > { > "id": 1, > "guid": "d82106ea-191e-4f50-a3ac-45ba824bd293", > "isEnabled": true, > "createdBy": "Admin", > "updatedBy": "Admin", > "createTime": 1698220723000, > "updateTime": 1698232342000, > "version": 6, > "name": "Test_GDS_Dataset19", > "description": "This is GDS description", > "permissionForCaller": "AUDIT", > "principalsCount": { > "ROLE": 0, > "USER": 0, > "GROUP": 0 > }, > "projectsCount": 0, > "totalResourceCount": 2, > "dataShares": [ > { > "id": 1, > "guid": "f635adcb-e77c-4a1d-a894-c8ceb9f8b577", > "isEnabled": true, > "createdBy": "Admin", > "updatedBy": "Admin", > "createTime": 1698220777000, > "updateTime": 1698220777000, > "version": 1, > "dataShareId": 1, > "dataShareName": "RangerDataShare1", > "serviceId": 1, > "serviceName": "Ranger_hive", > "zoneId": 2, > "zoneName": "Ranger_hive", > "resourceCount": 1, > "shareStatus": "NONE" > }, > { > "id": 2, > "guid": "055f5f6f-6969-4226-825b-2c7607aeea7b", > "isEnabled": true, > "createdBy": "Admin", > "updatedBy": "Admin", > "createTime": 1698220783000, > "updateTime": 1698220783000, > "version": 1, > "dataShareId": 2, > "dataShareName": "RangerDataShare2", > "serviceId": 1, > "serviceName": "Ranger_hive", > "zoneId": 2, > "zoneName": "Ranger_hive", > "resourceCount": 1, > "shareStatus": "NONE" > } > ] > } > ], > "listSize": 1 > } > > > Thanks, > > Prashant Satam > >