----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/75024/#review226550 -----------------------------------------------------------
Ship it! Ship It! - Madhan Neethiraj On June 14, 2024, 7:46 a.m., Rakesh Gupta wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/75024/ > ----------------------------------------------------------- > > (Updated June 14, 2024, 7:46 a.m.) > > > Review request for ranger, Dineshkumar Yadav, Kishor Gollapalliwar, Abhay > Kulkarni, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, > sanket shelar, Sailaja Polavarapu, and Velmurugan Periasamy. > > > Bugs: RANGER-4805 > https://issues.apache.org/jira/browse/RANGER-4805 > > > Repository: ranger > > > Description > ------- > > Steps to reproduce: > > Created a tag policy for a `test` classification > Added deny permission for user `tuser` > Access entity tagged with `test` classification through `tuser` through Atlas > UI > > > Diffs > ----- > > > agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java > 18ee3adc3 > > agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractServiceStore.java > 5c06cd602 > > agents-common/src/main/java/org/apache/ranger/plugin/util/ServiceDefUtil.java > f9816546a > agents-common/src/main/resources/service-defs/ranger-servicedef-atlas.json > c98da315d > security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql > e1e2274b6 > security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql > ec0a5ba3a > security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql > bbe5975e8 > > security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql > 2e0a000a3 > security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql > 7a7b3a5c8 > > security-admin/src/main/java/org/apache/ranger/patch/PatchForUpdatingAtlasSvcDefAndTagPolicies_J10062.java > PRE-CREATION > > security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefService.java > 7d363c4c7 > > > Diff: https://reviews.apache.org/r/75024/diff/3/ > > > Testing > ------- > > 1)Verified that while creating or updating a Tag-based policy, the accessType > for the Atlas service is not allowed. > 2)Confirmed that the accessType for the Atlas service is not included in the > default Tag-based policy. > 3)Tested upgrade scenarios, any existing Tag-based policies have the > accessType for the Atlas service removed and verified the serviceDef are > updated with RangerServiceDef.options. > > > Thanks, > > Rakesh Gupta > >
