mneethiraj commented on code in PR #863:
URL: https://github.com/apache/ranger/pull/863#discussion_r2866838337
##########
agents-common/src/main/resources/service-defs/ranger-servicedef-polaris.json:
##########
@@ -6,194 +6,558 @@
"guid": "ca1b484b-e397-4ab4-b6e3-36a154662d7d",
"resources": [
{
- "itemId": 1,
- "name": "root",
- "label": "Root",
- "description": "Root",
- "parent": "",
- "level": 10,
- "isValidLeaf": true,
- "accessTypeRestrictions": [ "service-access-manage", "catalog-create",
"catalog-list", "principal-create", "principal-list", "principal-role-create",
"principal-role-list" ]
+ "itemId": 1,
+ "name": "root",
+ "label": "Root",
+ "description": "Root",
+ "parent": "",
+ "level": 10,
+ "isValidLeaf": true,
+ "accessTypeRestrictions": [
+ "service-access-manage",
+ "catalog-create",
+ "catalog-list",
+ "principal-create",
+ "principal-list",
+ "principal-role-create",
+ "principal-role-list"
+ ]
},
{
- "itemId": 2,
- "name": "catalog",
- "label": "Catalog",
- "description": "Catalog",
- "parent": "root",
- "level": 20,
- "isValidLeaf": true,
- "accessTypeRestrictions": [ "catalog-access-manage", "catalog-drop",
"catalog-properties-read", "catalog-properties-write", "catalog-metadata-full",
"catalog-metadata-manage", "catalog-content-manage", "catalog-grants-list",
"catalog-grants-manage", "catalog-role-create", "catalog-role-list",
"catalog-policy-attach", "catalog-policy-detach" ]
+ "itemId": 2,
+ "name": "catalog",
+ "label": "Catalog",
+ "description": "Catalog",
+ "parent": "root",
+ "level": 20,
+ "isValidLeaf": true,
+ "accessTypeRestrictions": [
+ "catalog-drop",
+ "catalog-properties-read",
+ "catalog-properties-write",
+ "catalog-metadata-full",
+ "catalog-metadata-manage",
+ "catalog-content-manage",
+ "catalog-access-manage",
+ "catalog-grants-list",
+ "catalog-grants-manage",
+ "catalog-role-create",
+ "catalog-role-list",
+ "catalog-policy-attach",
+ "catalog-policy-detach"
+ ]
},
{
- "itemId": 3,
- "name": "principal",
- "label": "Principal",
- "description": "Principal",
- "parent": "root",
- "level": 20,
- "isValidLeaf": true,
- "accessTypeRestrictions": [ "principal-grants-manage",
"principal-grants-for-grantee-manage", "principal-grants-list",
"principal-role-grants-list", "catalog-role-grants-list", "principal-drop",
"principal-properties-read", "principal-properties-write",
"principal-metadata-full", "principal-credentials-rotate",
"principal-credentials-reset" ]
+ "itemId": 3,
+ "name": "principal",
+ "label": "Principal",
+ "description": "Principal",
+ "parent": "root",
+ "level": 20,
+ "isValidLeaf": true,
+ "accessTypeRestrictions": [
+ "principal-drop",
+ "principal-properties-read",
+ "principal-properties-write",
+ "principal-metadata-full",
+ "principal-grants-list",
+ "principal-grants-manage",
+ "principal-grants-for-grantee-manage",
+ "principal-credentials-rotate",
+ "principal-credentials-reset",
+ "principal-role-grants-list",
+ "catalog-role-grants-list"
+ ]
},
{
- "itemId": 4,
- "name": "principal-role",
- "label": "Principal Role",
- "description": "Principal Role",
- "parent": "root",
- "level": 20,
- "isValidLeaf": true,
- "accessTypeRestrictions": [ "principal-role-usage",
"principal-role-drop", "principal-role-properties-read",
"principal-role-properties-write", "principal-role-metadata-full",
"principal-role-grants-manage", "principal-role-grants-for-grantee-manage" ]
+ "itemId": 4,
+ "name": "principal-role",
+ "label": "Principal Role",
+ "description": "Principal Role",
+ "parent": "root",
+ "level": 20,
+ "isValidLeaf": true,
+ "accessTypeRestrictions": [
+ "principal-role-drop",
+ "principal-role-properties-read",
+ "principal-role-properties-write",
+ "principal-role-metadata-full",
+ "principal-role-grants-manage",
+ "principal-role-grants-for-grantee-manage",
+ "principal-role-usage"
+ ]
},
{
- "itemId": 5,
- "name": "namespace",
- "label": "Namespace",
- "description": "Namespace",
- "parent": "catalog",
- "level": 30,
- "isValidLeaf": true,
- "accessTypeRestrictions": [ "namespace-create", "table-create",
"view-create", "namespace-drop", "namespace-list", "table-list", "view-list",
"namespace-properties-read", "namespace-properties-write",
"namespace-metadata-full", "namespace-grants-list", "namespace-grants-manage",
"policy-create", "policy-list", "namespace-policy-attach",
"namespace-policy-detach" ]
+ "itemId": 5,
+ "name": "namespace",
+ "label": "Namespace",
+ "description": "Namespace",
+ "parent": "catalog",
+ "level": 30,
+ "isValidLeaf": true,
+ "accessTypeRestrictions": [
+ "namespace-create",
+ "namespace-drop",
+ "namespace-list",
+ "namespace-properties-read",
+ "namespace-properties-write",
+ "namespace-metadata-full",
+ "namespace-grants-list",
+ "namespace-grants-manage",
+ "namespace-policy-attach",
+ "namespace-policy-detach",
+ "table-create",
+ "table-list",
+ "view-create",
+ "view-list",
+ "policy-create",
+ "policy-list"
+ ]
},
{
- "itemId": 6,
- "name": "catalog-role",
- "label": "Catalog Role",
- "description": "Catalog Role",
- "parent": "catalog",
- "level": 30,
- "isValidLeaf": true,
- "accessTypeRestrictions": [ "catalog-role-usage", "catalog-role-drop",
"catalog-role-properties-read", "catalog-role-properties-write",
"catalog-role-metadata-full", "catalog-role-grants-manage",
"catalog-role-grants-for-grantee-manage" ]
+ "itemId": 6,
+ "name": "catalog-role",
+ "label": "Catalog Role",
+ "description": "Catalog Role",
+ "parent": "catalog",
+ "level": 30,
+ "isValidLeaf": true,
+ "accessTypeRestrictions": [
+ "catalog-role-drop",
+ "catalog-role-properties-read",
+ "catalog-role-properties-write",
+ "catalog-role-metadata-full",
+ "catalog-role-grants-manage",
+ "catalog-role-grants-for-grantee-manage",
+ "catalog-role-usage"
+ ]
},
{
- "itemId": 7,
- "name": "table",
- "label": "Table",
- "description": "Table",
- "parent": "namespace",
- "level": 40,
- "isValidLeaf": true,
- "accessTypeRestrictions": [ "table-drop", "view-drop",
"table-properties-read", "table-properties-write", "view-properties-read",
"view-properties-write", "table-data-read", "table-data-write",
"table-metadata-full", "view-metadata-full", "table-grants-list",
"view-grants-list", "table-grants-manage", "view-grants-manage",
"table-policy-attach", "table-policy-detach" ]
+ "itemId": 7,
+ "name": "table",
+ "label": "Table",
+ "description": "Table",
+ "parent": "namespace",
+ "level": 40,
+ "isValidLeaf": true,
+ "accessTypeRestrictions": [
+ "table-drop",
+ "table-data-read",
+ "table-data-write",
+ "table-properties-read",
+ "table-properties-write",
+ "table-properties-set",
+ "table-properties-remove",
+ "table-metadata-full",
+ "table-grants-list",
+ "table-grants-manage",
+ "table-policy-attach",
+ "table-policy-detach",
+ "table-uuid-assign",
+ "table-format-version-upgrade",
+ "table-schema-add",
+ "table-schema-set-current",
+ "table-partition-spec-add",
+ "table-partition-specs-remove",
+ "table-sort-order-add",
+ "table-sort-order-set-default",
+ "table-snapshot-add",
+ "table-snapshots-remove",
+ "table-snapshot-ref-set",
+ "table-snapshot-ref-remove",
+ "table-location-set",
+ "table-statistics-set",
+ "table-statistics-remove",
+ "table-structure-manage",
+ "view-drop",
+ "view-properties-read",
+ "view-properties-write",
+ "view-metadata-full",
+ "view-grants-list",
+ "view-grants-manage"
+ ]
},
{
- "itemId": 8,
- "name": "policy",
- "label": "Policy",
- "description": "Policy",
- "parent": "namespace",
- "level": 40,
- "isValidLeaf": true,
- "accessTypeRestrictions": [ "policy-read", "policy-drop",
"policy-write", "policy-metadata-full", "policy-attach", "policy-detach",
"policy-grants-manage" ]
+ "itemId": 8,
+ "name": "policy",
+ "label": "Policy",
+ "description": "Policy",
+ "parent": "namespace",
+ "level": 40,
+ "isValidLeaf": true,
+ "accessTypeRestrictions": [
+ "policy-read",
+ "policy-drop",
+ "policy-write",
+ "policy-metadata-full",
+ "policy-attach",
+ "policy-detach",
+ "policy-grants-manage"
+ ]
}
],
"accessTypes": [
- { "itemId": 1, "name": "service-access-manage", "label": "Service Manage
Access", "category": "MANAGE" },
+ { "itemId": 1, "name": "service-access-manage", "label": "Service Manage
Access", "category": "MANAGE",
+ "impliedGrants": [
+ "catalog-create",
+ "catalog-drop",
+ "catalog-list",
+ "catalog-properties-read",
+ "catalog-properties-write",
+ "catalog-metadata-full",
+ "principal-create",
+ "principal-drop",
+ "principal-list",
+ "principal-properties-read",
+ "principal-properties-write",
+ "principal-metadata-full",
+ "principal-grants-list",
+ "principal-grants-manage",
+ "principal-grants-for-grantee-manage",
+ "principal-credentials-reset",
+ "principal-role-create",
+ "principal-role-drop",
+ "principal-role-list",
+ "principal-role-grants-list",
+ "principal-role-grants-manage",
+ "principal-role-properties-read",
+ "principal-role-properties-write",
+ "principal-role-metadata-full",
+ "principal-role-grants-for-grantee-manage"
+ ]
+ },
+ { "itemId": 2, "name": "catalog-create", "label": "Catalog Create",
"category": "CREATE", "impliedGrants": [ "catalog-list" ] },
+ { "itemId": 3, "name": "catalog-drop", "label": "Catalog Drop",
"category": "DELETE" },
+ { "itemId": 4, "name": "catalog-list", "label": "Catalog List",
"category": "READ" },
+ { "itemId": 5, "name": "catalog-access-manage", "label": "Catalog Manage
Access", "category": "MANAGE",
+ "impliedGrants": [
+ "catalog-grants-list",
+ "catalog-grants-manage",
+ "catalog-role-create",
+ "catalog-role-drop",
+ "catalog-role-list",
+ "catalog-role-properties-read",
+ "catalog-role-properties-write",
+ "catalog-role-metadata-full",
+ "catalog-role-grants-list",
+ "catalog-role-grants-manage",
+ "catalog-role-grants-for-grantee-manage",
+ "namespace-grants-list",
+ "namespace-grants-manage",
+ "table-grants-list",
+ "table-grants-manage",
+ "view-grants-list",
+ "view-grants-manage",
+ "policy-grants-manage"
+ ]
+ },
+ { "itemId": 6, "name": "catalog-content-manage", "label": "Catalog Manage
Content", "category": "MANAGE",
+ "impliedGrants": [
+ "catalog-list",
+ "catalog-metadata-manage",
+ "catalog-properties-read",
+ "catalog-properties-write",
+ "catalog-policy-attach",
+ "catalog-policy-detach",
+ "namespace-create",
+ "namespace-drop",
+ "namespace-list",
+ "namespace-metadata-full",
+ "namespace-properties-read",
+ "namespace-properties-write",
+ "namespace-policy-attach",
+ "namespace-policy-detach",
+ "policy-create",
+ "policy-drop",
+ "policy-list",
+ "policy-read",
+ "policy-write",
+ "policy-attach",
+ "policy-detach",
+ "table-create",
+ "table-drop",
+ "table-list",
+ "table-data-read",
+ "table-data-write",
+ "table-metadata-full",
+ "table-properties-read",
+ "table-properties-write",
+ "table-properties-set",
+ "table-properties-remove",
+ "table-uuid-assign",
+ "table-format-version-upgrade",
+ "table-schema-add",
+ "table-schema-set-current",
+ "table-partition-spec-add",
+ "table-partition-specs-remove",
+ "table-policy-attach",
+ "table-policy-detach",
+ "table-sort-order-add",
+ "table-sort-order-set-default",
+ "table-snapshot-add",
+ "table-snapshots-remove",
+ "table-snapshot-ref-set",
+ "table-snapshot-ref-remove",
+ "table-location-set",
+ "table-statistics-set",
+ "table-statistics-remove",
+ "table-structure-manage",
+ "view-create",
+ "view-drop",
+ "view-list",
+ "view-metadata-full",
+ "view-properties-read",
+ "view-properties-write"
+ ]
+ },
+ { "itemId": 7, "name": "catalog-grants-list", "label": "Catalog
Grants List", "category": "READ" },
+ { "itemId": 8, "name": "catalog-grants-manage", "label": "Catalog
Grants Manage", "category": "MANAGE", "impliedGrants": [
"catalog-grants-list" ] },
+ { "itemId": 9, "name": "catalog-metadata-full", "label": "Catalog
Metadata Full", "category": "MANAGE", "impliedGrants": [ "catalog-create",
"catalog-drop", "catalog-list", "catalog-properties-read",
"catalog-properties-write" ] },
+ { "itemId": 10, "name": "catalog-metadata-manage", "label": "Catalog
Metadata Manage", "category": "MANAGE",
+ "impliedGrants": [
+ "catalog-list",
+ "catalog-properties-read",
+ "catalog-properties-write",
+ "catalog-policy-attach",
+ "catalog-policy-detach",
+ "namespace-create",
+ "namespace-drop",
+ "namespace-list",
+ "namespace-properties-read",
+ "namespace-properties-write",
+ "namespace-metadata-full",
+ "namespace-policy-attach",
+ "namespace-policy-detach",
+ "policy-create",
+ "policy-drop",
+ "policy-list",
+ "policy-read",
+ "policy-write",
+ "policy-attach",
+ "policy-detach",
+ "table-create",
+ "table-drop",
+ "table-list",
+ "table-properties-read",
+ "table-properties-write",
+ "table-properties-set",
+ "table-properties-remove",
+ "table-metadata-full",
+ "table-uuid-assign",
+ "table-format-version-upgrade",
+ "table-schema-add",
+ "table-schema-set-current",
+ "table-partition-spec-add",
+ "table-partition-specs-remove",
+ "table-policy-attach",
+ "table-policy-detach",
+ "table-sort-order-add",
+ "table-sort-order-set-default",
+ "table-snapshot-add",
+ "table-snapshots-remove",
+ "table-snapshot-ref-set",
+ "table-snapshot-ref-remove",
+ "table-location-set",
+ "table-statistics-set",
+ "table-statistics-remove",
+ "table-structure-manage",
+ "view-create",
+ "view-drop",
+ "view-list",
+ "view-properties-read",
+ "view-properties-write",
+ "view-metadata-full"
+ ]
+ },
+ { "itemId": 11, "name": "catalog-policy-attach", "label": "Catalog
Policy Attach", "category": "MANAGE" },
+ { "itemId": 12, "name": "catalog-policy-detach", "label": "Catalog
Policy Detach", "category": "MANAGE" },
+ { "itemId": 13, "name": "catalog-properties-read", "label": "Catalog
Properties Read", "category": "READ", "impliedGrants": [ "catalog-list" ] },
+ { "itemId": 14, "name": "catalog-properties-write", "label": "Catalog
Properties Write", "category": "UPDATE", "impliedGrants": [ "catalog-list",
"catalog-properties-read" ] },
- { "itemId": 2, "name": "catalog-create", "label":
"Catalog Create", "category": "CREATE" },
- { "itemId": 3, "name": "catalog-drop", "label":
"Catalog Drop", "category": "DELETE" },
- { "itemId": 4, "name": "catalog-list", "label":
"Catalog List", "category": "READ" },
- { "itemId": 5, "name": "catalog-access-manage", "label":
"Catalog Manage Access", "category": "MANAGE" },
- { "itemId": 6, "name": "catalog-content-manage", "label":
"Catalog Manage Content", "category": "MANAGE" },
- { "itemId": 7, "name": "catalog-grants-list", "label":
"Catalog Grants List", "category": "READ" },
- { "itemId": 8, "name": "catalog-grants-manage", "label":
"Catalog Grants Manage", "category": "MANAGE" },
- { "itemId": 9, "name": "catalog-metadata-full", "label":
"Catalog Metadata Full", "category": "MANAGE" },
- { "itemId": 10, "name": "catalog-metadata-manage", "label":
"Catalog Metadata Manage", "category": "MANAGE" },
- { "itemId": 11, "name": "catalog-policy-attach", "label":
"Catalog Policy Attach", "category": "MANAGE" },
- { "itemId": 12, "name": "catalog-policy-detach", "label":
"Catalog Policy Detach", "category": "MANAGE" },
- { "itemId": 13, "name": "catalog-properties-read", "label":
"Catalog Properties Read", "category": "READ" },
- { "itemId": 14, "name": "catalog-properties-write", "label":
"Catalog Properties Write", "category": "UPDATE" },
- { "itemId": 15, "name": "catalog-role-create", "label":
"Catalog Role Create", "category": "CREATE" },
+ { "itemId": 15, "name": "catalog-role-create", "label":
"Catalog Role Create", "category": "CREATE",
"impliedGrants": [ "catalog-role-list" ] },
{ "itemId": 16, "name": "catalog-role-drop", "label":
"Catalog Role Drop", "category": "DELETE" },
{ "itemId": 17, "name": "catalog-role-list", "label":
"Catalog Role List", "category": "READ" },
{ "itemId": 18, "name": "catalog-role-usage", "label":
"Catalog Role Usage", "category": "MANAGE" },
- { "itemId": 19, "name": "catalog-role-grants-for-grantee-manage", "label":
"Catalog Role Grants-for-Grantee Manage", "category": "MANAGE" },
+ { "itemId": 19, "name": "catalog-role-grants-for-grantee-manage", "label":
"Catalog Role Grants-for-Grantee Manage", "category": "MANAGE",
"impliedGrants": [ "catalog-role-grants-list" ] },
{ "itemId": 20, "name": "catalog-role-grants-list", "label":
"Catalog Role Grants List", "category": "READ" },
- { "itemId": 21, "name": "catalog-role-grants-manage", "label":
"Catalog Role Grants Manage", "category": "MANAGE" },
- { "itemId": 22, "name": "catalog-role-metadata-full", "label":
"Catalog Role Metadata Full", "category": "MANAGE" },
- { "itemId": 23, "name": "catalog-role-properties-read", "label":
"Catalog Role Properties Read", "category": "READ" },
- { "itemId": 24, "name": "catalog-role-properties-write", "label":
"Catalog Role Properties Write", "category": "UPDATE" },
+ { "itemId": 21, "name": "catalog-role-grants-manage", "label":
"Catalog Role Grants Manage", "category": "MANAGE",
"impliedGrants": [ "catalog-role-grants-list" ] },
+ { "itemId": 22, "name": "catalog-role-metadata-full", "label":
"Catalog Role Metadata Full", "category": "MANAGE",
"impliedGrants": [ "catalog-role-create", "catalog-role-drop",
"catalog-role-list", "catalog-role-properties-read",
"catalog-role-properties-write" ] },
+ { "itemId": 23, "name": "catalog-role-properties-read", "label":
"Catalog Role Properties Read", "category": "READ",
"impliedGrants": [ "catalog-role-list" ] },
+ { "itemId": 24, "name": "catalog-role-properties-write", "label":
"Catalog Role Properties Write", "category": "UPDATE",
"impliedGrants": [ "catalog-role-list", "catalog-role-properties-read" ] },
- { "itemId": 25, "name": "namespace-create", "label": "Namespace
Create", "category": "CREATE" },
+ { "itemId": 25, "name": "namespace-create", "label": "Namespace
Create", "category": "CREATE", "impliedGrants": [ "namespace-list" ]
},
{ "itemId": 26, "name": "namespace-drop", "label": "Namespace
Drop", "category": "DELETE" },
{ "itemId": 27, "name": "namespace-list", "label": "Namespace
List", "category": "READ" },
{ "itemId": 28, "name": "namespace-grants-list", "label": "Namespace
Grants List", "category": "READ" },
- { "itemId": 29, "name": "namespace-grants-manage", "label": "Namespace
Grants Manage", "category": "MANAGE" },
- { "itemId": 30, "name": "namespace-metadata-full", "label": "Namespace
Metadata Full", "category": "MANAGE" },
+ { "itemId": 29, "name": "namespace-grants-manage", "label": "Namespace
Grants Manage", "category": "MANAGE", "impliedGrants": [
"namespace-grants-list" ] },
+ { "itemId": 30, "name": "namespace-metadata-full", "label": "Namespace
Metadata Full", "category": "MANAGE", "impliedGrants": [ "namespace-create",
"namespace-drop", "namespace-list", "namespace-properties-read",
"namespace-properties-write" ] },
{ "itemId": 31, "name": "namespace-policy-attach", "label": "Namespace
Policy Attach", "category": "MANAGE" },
{ "itemId": 32, "name": "namespace-policy-detach", "label": "Namespace
Policy Detach", "category": "MANAGE" },
- { "itemId": 33, "name": "namespace-properties-read", "label": "Namespace
Properties Read", "category": "READ" },
- { "itemId": 34, "name": "namespace-properties-write", "label": "Namespace
Properties Write", "category": "UPDATE" },
+ { "itemId": 33, "name": "namespace-properties-read", "label": "Namespace
Properties Read", "category": "READ", "impliedGrants": [ "namespace-list" ] },
+ { "itemId": 34, "name": "namespace-properties-write", "label": "Namespace
Properties Write", "category": "UPDATE", "impliedGrants": [ "namespace-list",
"namespace-properties-read" ] },
- { "itemId": 35, "name": "policy-create", "label": "Policy Create",
"category": "CREATE" },
+ { "itemId": 35, "name": "policy-create", "label": "Policy Create",
"category": "CREATE", "impliedGrants": [ "policy-list" ] },
{ "itemId": 36, "name": "policy-drop", "label": "Policy Drop",
"category": "DELETE" },
{ "itemId": 37, "name": "policy-list", "label": "Policy List",
"category": "READ" },
- { "itemId": 38, "name": "policy-read", "label": "Policy Read",
"category": "READ" },
- { "itemId": 39, "name": "policy-write", "label": "Policy Write",
"category": "UPDATE" },
+ { "itemId": 38, "name": "policy-read", "label": "Policy Read",
"category": "READ", "impliedGrants": [ "policy-list" ] },
+ { "itemId": 39, "name": "policy-write", "label": "Policy Write",
"category": "UPDATE", "impliedGrants": [ "policy-list", "policy-read" ] },
{ "itemId": 40, "name": "policy-attach", "label": "Policy Attach",
"category": "MANAGE" },
{ "itemId": 41, "name": "policy-detach", "label": "Policy Detach",
"category": "MANAGE" },
{ "itemId": 42, "name": "policy-grants-manage", "label": "Policy Grants
Manage", "category": "MANAGE" },
- { "itemId": 43, "name": "policy-metadata-full", "label": "Policy Metadata
Full", "category": "MANAGE" },
+ { "itemId": 43, "name": "policy-metadata-full", "label": "Policy Metadata
Full", "category": "MANAGE", "impliedGrants": [ "policy-create", "policy-drop",
"policy-list", "policy-read", "policy-write" ] },
- { "itemId": 44, "name": "principal-create", "label":
"Principal Create", "category": "CREATE" },
+ { "itemId": 44, "name": "principal-create", "label":
"Principal Create", "category": "CREATE", "impliedGrants": [
"principal-list" ] },
{ "itemId": 45, "name": "principal-drop", "label":
"Principal Drop", "category": "DELETE" },
{ "itemId": 46, "name": "principal-list", "label":
"Principal List", "category": "READ" },
{ "itemId": 47, "name": "principal-credentials-reset", "label":
"Principal Credentials Reset", "category": "MANAGE" },
{ "itemId": 48, "name": "principal-credentials-rotate", "label":
"Principal Credentials Rotate", "category": "MANAGE" },
{ "itemId": 49, "name": "principal-grants-list", "label":
"Principal Grants List", "category": "READ" },
- { "itemId": 50, "name": "principal-grants-manage", "label":
"Principal Grants Manage", "category": "MANAGE" },
- { "itemId": 51, "name": "principal-grants-for-grantee-manage", "label":
"Principal Grants-for-Grantee Manage", "category": "MANAGE" },
- { "itemId": 52, "name": "principal-metadata-full", "label":
"Principal Metadata Full", "category": "MANAGE" },
- { "itemId": 53, "name": "principal-properties-read", "label":
"Principal Properties Read", "category": "READ" },
- { "itemId": 54, "name": "principal-properties-write", "label":
"Principal Properties Write", "category": "UPDATE" },
- { "itemId": 55, "name": "principal-role-create",
"label": "Principal Role Create", "category": "CREATE" },
+ { "itemId": 50, "name": "principal-grants-manage", "label":
"Principal Grants Manage", "category": "MANAGE", "impliedGrants": [
"principal-grants-list" ] },
+ { "itemId": 51, "name": "principal-grants-for-grantee-manage", "label":
"Principal Grants-for-Grantee Manage", "category": "MANAGE", "impliedGrants": [
"principal-grants-list" ] },
+ { "itemId": 52, "name": "principal-metadata-full", "label":
"Principal Metadata Full", "category": "MANAGE", "impliedGrants": [
"principal-create", "principal-drop", "principal-list",
"principal-properties-read", "principal-properties-write" ] },
+ { "itemId": 53, "name": "principal-properties-read", "label":
"Principal Properties Read", "category": "READ", "impliedGrants": [
"principal-list" ] },
+ { "itemId": 54, "name": "principal-properties-write", "label":
"Principal Properties Write", "category": "UPDATE", "impliedGrants": [
"principal-list", "principal-properties-read" ] },
+
+ { "itemId": 55, "name": "principal-role-create",
"label": "Principal Role Create", "category": "CREATE",
"impliedGrants": [ "principal-role-list" ] },
{ "itemId": 56, "name": "principal-role-drop",
"label": "Principal Role Drop", "category": "DELETE" },
{ "itemId": 57, "name": "principal-role-list",
"label": "Principal Role List", "category": "READ" },
{ "itemId": 58, "name": "principal-role-usage",
"label": "Principal Role Usage", "category": "MANAGE" },
{ "itemId": 59, "name": "principal-role-grants-list",
"label": "Principal Role Grants List", "category": "READ" },
- { "itemId": 60, "name": "principal-role-grants-manage",
"label": "Principal Role Grants Manage", "category": "MANAGE" },
- { "itemId": 61, "name": "principal-role-grants-for-grantee-manage",
"label": "Principal Role Grants-for-Grantee Manage", "category": "MANAGE" },
+ { "itemId": 60, "name": "principal-role-grants-manage",
"label": "Principal Role Grants Manage", "category": "MANAGE",
"impliedGrants": [ "principal-role-grants-list" ] },
+ { "itemId": 61, "name": "principal-role-grants-for-grantee-manage",
"label": "Principal Role Grants-for-Grantee Manage", "category": "MANAGE",
"impliedGrants": [ "principal-role-grants-list" ] },
{ "itemId": 62, "name": "principal-role-metadata-full",
"label": "Principal Role Metadata Full", "category": "MANAGE" },
{ "itemId": 63, "name": "principal-role-properties-read",
"label": "Principal Role Properties Read", "category": "READ" },
{ "itemId": 64, "name": "principal-role-properties-write",
"label": "Principal Role Properties Write", "category": "UPDATE" },
- { "itemId": 65, "name": "table-create", "label": "Table
Create", "category": "CREATE" },
- { "itemId": 66, "name": "table-drop", "label": "Table
Drop", "category": "DELETE" },
- { "itemId": 67, "name": "table-list", "label": "Table
List", "category": "READ" },
- { "itemId": 68, "name": "table-data-read", "label": "Table
Data Read", "category": "READ" },
- { "itemId": 69, "name": "table-data-write", "label": "Table
Data Write", "category": "UPDATE" },
- { "itemId": 70, "name": "table-grants-list", "label": "Table
Grants List", "category": "READ" },
- { "itemId": 71, "name": "table-grants-manage", "label": "Table
Grants Manage", "category": "MANAGE" },
- { "itemId": 72, "name": "table-metadata-full", "label": "Table
Metadata Full", "category": "MANAGE" },
- { "itemId": 73, "name": "table-policy-attach", "label": "Table
Policy Attach", "category": "MANAGE" },
- { "itemId": 74, "name": "table-policy-detach", "label": "Table
Policy Detach", "category": "MANAGE" },
- { "itemId": 75, "name": "table-properties-read", "label": "Table
Properties Read", "category": "READ" },
- { "itemId": 76, "name": "table-properties-write", "label": "Table
Properties Write", "category": "UPDATE" },
- { "itemId": 77, "name": "table-properties-set", "label": "Table
Properties Set", "category": "MANAGE" },
- { "itemId": 78, "name": "table-properties-remove", "label": "Table
Properties Remove", "category": "MANAGE" },
- { "itemId": 79, "name": "table-uuid-assign", "label": "Table
UUID Assign", "category": "MANAGE" },
- { "itemId": 80, "name": "table-format-version-upgrade", "label": "Table
Format Version Upgrade", "category": "MANAGE" },
- { "itemId": 81, "name": "table-schema-add", "label": "Table
Schema Add", "category": "MANAGE" },
- { "itemId": 82, "name": "table-schema-set-current", "label": "Table
Schema Set Current", "category": "MANAGE" },
- { "itemId": 83, "name": "table-partition-spec-add", "label": "Table
Partition Spec Add", "category": "MANAGE" },
- { "itemId": 84, "name": "table-partition-specs-remove", "label": "Table
Partition Specs Remove", "category": "MANAGE" },
- { "itemId": 85, "name": "table-sort-order-add", "label": "Table
Sort Order Add", "category": "MANAGE" },
- { "itemId": 86, "name": "table-sort-order-set-default", "label": "Table
Sort Order Set Default", "category": "MANAGE" },
- { "itemId": 87, "name": "table-snapshot-add", "label": "Table
Snapshot Add", "category": "MANAGE" },
- { "itemId": 88, "name": "table-snapshots-remove", "label": "Table
Snapshots Remove", "category": "MANAGE" },
- { "itemId": 89, "name": "table-snapshot-ref-set", "label": "Table
Snapshot-ref Set", "category": "MANAGE" },
- { "itemId": 90, "name": "table-snapshot-ref-remove", "label": "Table
Snapshot-ref Remove", "category": "MANAGE" },
- { "itemId": 91, "name": "table-location-set", "label": "Table
Location Set", "category": "MANAGE" },
- { "itemId": 92, "name": "table-statistics-set", "label": "Table
Statistics Set", "category": "MANAGE" },
- { "itemId": 93, "name": "table-statistics-remove", "label": "Table
Statistics Remove", "category": "MANAGE" },
- { "itemId": 94, "name": "table-structure-manage", "label": "Table
Structure Manage", "category": "MANAGE" },
+ { "itemId": 65, "name": "table-create", "label": "Table Create",
"category": "CREATE", "impliedGrants": [ "table-list" ] },
+ { "itemId": 66, "name": "table-drop", "label": "Table Drop",
"category": "DELETE" },
+ { "itemId": 67, "name": "table-list", "label": "Table List",
"category": "READ" },
+ { "itemId": 68, "name": "table-data-read", "label": "Table Data Read",
"category": "READ", "impliedGrants": [ "table-list", "table-properties-read"
] },
+ { "itemId": 69, "name": "table-data-write", "label": "Table Data Write",
"category": "UPDATE",
+ "impliedGrants": [
+ "table-list",
+ "table-data-read",
+ "table-properties-read",
+ "table-properties-set",
+ "table-properties-remove",
+ "table-uuid-assign",
+ "table-format-version-upgrade",
+ "table-schema-add",
+ "table-schema-set-current",
+ "table-sort-order-add",
+ "table-sort-order-set-default",
+ "table-snapshot-add",
+ "table-snapshots-remove",
+ "table-snapshot-ref-set",
+ "table-snapshot-ref-remove",
+ "table-location-set",
+ "table-statistics-set",
+ "table-statistics-remove",
+ "table-partition-spec-add",
+ "table-partition-specs-remove",
+ "table-structure-manage"
Review Comment:
I had the same concerns. Polaris privileges model does have above privileges
as implied for `TABLE_WRITE_DATA` privilege (which is equivalent to
`table-data-write`), hence mimicking the same here.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
