-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/38108/
-----------------------------------------------------------
Review request for ranger and Abhay Kulkarni.
Bugs: RANGER-606
https://issues.apache.org/jira/browse/RANGER-606
Repository: ranger
Description
-------
updated policy model to support 'exceptions' policy items, which enables the
policy authors to specify conditions (like users, groups, ...) for which this
policy is not applicable. This can be used for example to create a policy that
allows/denies access to a wider group (for example: public/employees/..) and
exclude specific users/groups/.. (like manager/admin/..).
Diffs
-----
agents-common/src/main/java/org/apache/ranger/plugin/conditionevaluator/RangerContextAttributeValueNotInCondition.java
PRE-CREATION
agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java
e0aee6b
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerAbstractPolicyItemEvaluator.java
9696e03
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java
57d1be9
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerOptimizedPolicyEvaluator.java
7bd1208
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerPolicyItemEvaluator.java
96312fe
agents-common/src/main/resources/service-defs/ranger-servicedef-tag.json
0b827e4
agents-common/src/test/resources/policyengine/test_policyengine_hive_mutex_conditions.json
b9bcad4
agents-common/src/test/resources/policyengine/test_policyengine_tag_hdfs.json
16dcf6f
agents-common/src/test/resources/policyengine/test_policyengine_tag_hive.json
6507809
security-admin/db/mysql/patches/016-updated-schema-for-tag-based-policy.sql
79699ce
security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
e9454f9
security-admin/src/main/java/org/apache/ranger/entity/XXPolicyItem.java
0c70e73
security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java
1f73504
security-admin/src/main/webapp/scripts/modules/globalize/message/en.js
a5474c9
security-admin/src/main/webapp/scripts/utils/XAEnums.js 183d201
security-admin/src/main/webapp/scripts/utils/XAUtils.js d3530e7
security-admin/src/main/webapp/scripts/views/policies/PermissionList.js
6be0329
security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js
b0c910f
security-admin/src/main/webapp/scripts/views/policies/RangerPolicyRO.js
a9ee1b5
security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js
f3f233d
security-admin/src/main/webapp/scripts/views/reports/PlugableServiceDiffDetail.js
40db4cb
security-admin/src/main/webapp/scripts/views/reports/UserAccessLayout.js
5c5309d
security-admin/src/main/webapp/templates/policies/PermissionItem.html 99c20fa
security-admin/src/main/webapp/templates/policies/RangerPolicyRO_tmpl.html
77f7605
security-admin/src/main/webapp/templates/reports/PlugableServicePolicyDeleteDiff_tmpl.html
0d632a4
security-admin/src/main/webapp/templates/reports/PlugableServicePolicyDiff_tmpl.html
353baa9
security-admin/src/main/webapp/templates/reports/PlugableServicePolicyUpdateDiff_tmpl.html
f61e91f
Diff: https://reviews.apache.org/r/38108/diff/
Testing
-------
- Redefined exclusive_allow policies in existing unit tests with corresponding
allow/deny policies which exceptions.
Thanks,
Madhan Neethiraj
