> On Jan. 7, 2019, 9:37 p.m., Hrishikesh Gadre wrote:
> >

Updated, including some revisions from zsgyulavari


> On Jan. 7, 2019, 9:37 p.m., Hrishikesh Gadre wrote:
> > sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/CachingUserAttributeSource.java
> > Lines 34 (patched)
> > <https://reviews.apache.org/r/69619/diff/1/?file=2115663#file2115663line34>
> >
> >     Can we use an integer constant instead?

I'll add a comment. This String should be of the format specified in 
https://google.github.io/guava/releases/14.0/api/docs/com/google/common/cache/CacheBuilderSpec.html.
 It's quite possible that someone would want to specify a more detailed cache. 
I'm not sure there's value in deconstructing the spec as a constant.


> On Jan. 7, 2019, 9:37 p.m., Hrishikesh Gadre wrote:
> > sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/UserAttributeSource.java
> > Lines 24 (patched)
> > <https://reviews.apache.org/r/69619/diff/1/?file=2115671#file2115671line24>
> >
> >     Please add java docs for the interface.

Will add to next version of patch


> On Jan. 7, 2019, 9:37 p.m., Hrishikesh Gadre wrote:
> > sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/UserAttributeSourceParams.java
> > Lines 21 (patched)
> > <https://reviews.apache.org/r/69619/diff/1/?file=2115672#file2115672line21>
> >
> >     Please add javadocs

Will add to next version of patch.


- Tristan


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/69619/#review211740
-----------------------------------------------------------


On Dec. 21, 2018, 3:54 p.m., Tristan Stevens wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/69619/
> -----------------------------------------------------------
> 
> (Updated Dec. 21, 2018, 3:54 p.m.)
> 
> 
> Review request for sentry.
> 
> 
> Repository: sentry
> 
> 
> Description
> -------
> 
> This is an improvement request to cover enhanced document level security for 
> the Solr document level controls, specifically to cover:
> 
> - Security controls against multiple fields
> - Filters based on user attributes as well as just Sentry roles
> - Different security predicates (AND, LessThan, GreaterThan - in addition to 
> the currently supported OR)
> - Pluggable user attribute source ahead of Sentry enhancements.
> - Sample LDAP user attribute source
> 
> The ambition is this will be a precursor to full complex predicate support 
> being served by Sentry ABAC roadmap.
> 
> 
> Diffs
> -----
> 
>   sentry-solr/solr-sentry-handlers/pom.xml 621d8325 
>   
> sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/CachingUserAttributeSource.java
>  PRE-CREATION 
>   
> sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/DocAuthorizationComponent.java
>  PRE-CREATION 
>   
> sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/FieldToAttributeMapping.java
>  PRE-CREATION 
>   
> sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/LdapUserAttributeSource.java
>  PRE-CREATION 
>   
> sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/LdapUserAttributeSourceParams.java
>  PRE-CREATION 
>   
> sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/QueryDocAuthorizationComponent.java
>  9da3d6e1 
>   
> sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/SolrAttrBasedFilter.java
>  PRE-CREATION 
>   
> sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/SubsetQueryPlugin.java
>  PRE-CREATION 
>   
> sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/UserAttributeSource.java
>  PRE-CREATION 
>   
> sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/UserAttributeSourceParams.java
>  PRE-CREATION 
>   
> sentry-solr/solr-sentry-handlers/src/test/java/org/apache/solr/handler/component/CachingUserAttributeSourceTest.java
>  PRE-CREATION 
>   
> sentry-solr/solr-sentry-handlers/src/test/java/org/apache/solr/handler/component/LdapRegexTest.java
>  PRE-CREATION 
>   
> sentry-solr/solr-sentry-handlers/src/test/java/org/apache/solr/handler/component/MockUserAttributeSource.java
>  PRE-CREATION 
>   
> sentry-solr/solr-sentry-handlers/src/test/java/org/apache/solr/handler/component/SubsetQueryTest.java
>  PRE-CREATION 
>   
> sentry-solr/solr-sentry-handlers/src/test/resources/solr/collection1/schema-docValuesSubsetMatch.xml
>  PRE-CREATION 
>   
> sentry-solr/solr-sentry-handlers/src/test/resources/solr/collection1/solrconfig-subsetmatchcomponent.xml
>  PRE-CREATION 
>   
> sentry-solr/solr-sentry-handlers/src/test/resources/solr/collection1/solrconfig-subsetquery.xml
>  PRE-CREATION 
>   
> sentry-solr/solr-sentry-handlers/src/test/resources/solr/collection1/solrconfig.snippet.randomindexconfig.xml
>  PRE-CREATION 
>   sentry-tests/sentry-tests-solr/pom.xml 7c28bda5 
>   
> sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/AbstractSolrSentryTestCase.java
>  3d4d555f 
>   
> sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/DocLevelGenerator.java
>  40cc153e 
>   
> sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/SolrSentryServiceTestBase.java
>  e1f789cb 
>   
> sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestAbacOperations.java
>  PRE-CREATION 
>   
> sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestDocLevelOperations.java
>  7834f339 
>   
> sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestSubsetQueryOperations.java
>  PRE-CREATION 
>   sentry-tests/sentry-tests-solr/src/test/resources/ldap/ldap.ldiff 
> PRE-CREATION 
>   sentry-tests/sentry-tests-solr/src/test/resources/ldap/ldap.schema 
> PRE-CREATION 
>   sentry-tests/sentry-tests-solr/src/test/resources/log4j.properties d9418167 
>   
> sentry-tests/sentry-tests-solr/src/test/resources/solr/configsets/cloud-minimal_abac/conf/enumsConfig.xml
>  PRE-CREATION 
>   
> sentry-tests/sentry-tests-solr/src/test/resources/solr/configsets/cloud-minimal_abac/conf/schema.xml
>  PRE-CREATION 
>   
> sentry-tests/sentry-tests-solr/src/test/resources/solr/configsets/cloud-minimal_abac/conf/solrconfig.xml
>  PRE-CREATION 
>   
> sentry-tests/sentry-tests-solr/src/test/resources/solr/configsets/cloud-minimal_subset_match/conf/schema.xml
>  PRE-CREATION 
>   
> sentry-tests/sentry-tests-solr/src/test/resources/solr/configsets/cloud-minimal_subset_match/conf/solrconfig.xml
>  PRE-CREATION 
>   
> sentry-tests/sentry-tests-solr/src/test/resources/solr/configsets/cloud-minimal_subset_match_missing_false/conf/schema.xml
>  PRE-CREATION 
>   
> sentry-tests/sentry-tests-solr/src/test/resources/solr/configsets/cloud-minimal_subset_match_missing_false/conf/solrconfig.xml
>  PRE-CREATION 
> 
> 
> Diff: https://reviews.apache.org/r/69619/diff/1/
> 
> 
> Testing
> -------
> 
> Unit tests created for CachingUserAttributeSource, for parts of the 
> LDAPAttributeSource and for the SubsetQueryPlugin.
> 
> End-to-end JUnit tests created which cover the revised 
> QueryDocAuthorizationComponent and also the full functionality of 
> SolAttrBasedFilter, the latter including an embedded LDAP server to test full 
> capability.
> 
> 
> Thanks,
> 
> Tristan Stevens
> 
>

Reply via email to