Re: Review Request 67770: RANGER-2143: updated Atlas authorizer with addtion of scrubSearchResults() method

2018-06-28 Thread Ramesh Mani 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/67770/#review205526
---




plugin-atlas/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasAuthorizer.java
Lines 295 (patched)


If I have a classification on a entity,and have policy for that 
classification, then ranger allowed to access which is fine. But other entities 
which don't have classifications has to have "_Not_Classified" policy in ranger 
in order to access, which make it that we need to have "
_NOT_Classified" for all the resources which need access or we need to have 
"*" policy for the classification.
Is this the intended way?  I thought that entities without classification 
will be always allowed.



ranger-atlas-plugin-shim/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasAuthorizer.java
Lines 185 (patched)


ret is never used. Please remove this.


- Ramesh Mani


On June 28, 2018, 9:27 a.m., Madhan Neethiraj wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/67770/
> ---
> 
> (Updated June 28, 2018, 9:27 a.m.)
> 
> 
> Review request for ranger, Abhay Kulkarni, Nixon Rodrigues, Ramesh Mani, and 
> Sarath Subramanian.
> 
> 
> Bugs: RANGER-2143
> https://issues.apache.org/jira/browse/RANGER-2143
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> - updated Atlas authorizer with addtion of scrubSearchResults() method
> - updated entity-access authorization to enable authorization of entity that 
> don't have any classification
> 
> 
> Diffs
> -
> 
>   
> plugin-atlas/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasAuthorizer.java
>  8d56f14f9 
>   
> plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java
>  aba4b8c2e 
>   pom.xml 07952102e 
>   
> ranger-atlas-plugin-shim/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasAuthorizer.java
>  9302bdd09 
> 
> 
> Diff: https://reviews.apache.org/r/67770/diff/1/
> 
> 
> Testing
> ---
> 
> - verified that entity-attributes and classifications in the search-result 
> are cleared for entities the user doesn't have read access to
> - verified that authorization policy with 
> entity-classification=_NOT_CLASSIFIED applies for entities that don't have 
> any classification associated
> 
> 
> Thanks,
> 
> Madhan Neethiraj
> 
>

Re: Ranger 1.1 release

2018-06-28 Thread Madhan Neethiraj 
+1 for the release.




On 6/26/18, 10:45 PM, "Mehul Parikh"  wrote:

+1

On Wed, Jun 27, 2018 at 9:46 AM, PradeeP AgrawaL <
pradeepagrawal8...@gmail.com> wrote:

> +1
>
>
> Regards,
> PradeeP
>
> On 25 June 2018 at 15:04, Colm O hEigeartaigh  wrote:
>
> > +1.
> >
> > Colm.
> >
> > On Sun, Jun 24, 2018 at 9:18 PM, Zsombor Gegesy 
> > wrote:
> >
> > > +1 - I believe in the "release early release often" mantra :)
> > >
> > >
> > > Regards,
> > >  Zsombor
> > >
> > > On Sun, Jun 24, 2018 at 5:56 PM, Srikanth Venkat <
> > sven...@hortonworks.com>
> > > wrote:
> > >
> > > > +1, it would be nice to have a Ranger release baseline that aligns
> with
> > > > Atlas 1.0.
> > > > Thanks Vel for taking the initiative!
> > > >
> > > > Thx
> > > > Srikanth Venkat
> > > > sven...@hortonworks.com
> > > >
> > > > On 6/22/18, 10:24 PM, "Balaji Ganesan" 
> > > > wrote:
> > > >
> > > > +1. Vel, thanks for taking the initiative.
> > > >
> > > > On Fri, Jun 22, 2018 at 7:51 PM Jianhua Peng <
> > pengjian...@apache.org
> > > >
> > > > wrote:
> > > >
> > > > > +1
> > > > >
> > > > > Thank you,
> > > > > Jianhua Peng.
> > > > >
> > > > > On 2018/06/22 16:25:45, Velmurugan Periasamy 
> > > wrote:
> > > > > > Rangers:
> > > > > >
> > > > > > Now that support for Atlas 1.0 is added (
> > > > > https://issues.apache.org/jira/browse/RANGER-2136 <
> > > > > https://issues.apache.org/jira/browse/RANGER-2136>), I propose
> > to
> > > > release
> > > > > Ranger 1.1 (tentative first week of July).
> > > > > >
> > > > > > I request the community to resolve open JIRA’s marked for 
1.1
> > in
> > > > the
> > > > > next couple of weeks or move them to next release. My proposal
> is
> > > to
> > > > call
> > > > > next release 2.0 and update master to 2.0.0-SNAPSHOT.
> > > > > >
> > > > > > Thank you,
> > > > > > Vel
> > > > >
> > > >
> > > >
> > > >
> > >
> >
> >
> >
> > --
> > Colm O hEigeartaigh
> >
> > Talend Community Coder
> > http://coders.talend.com
> >
>



-- 

Thanks and regards,
Mehul Parikh

M: +91 98191 54446
E: xsme...@gmail.com

[jira] [Updated] (RANGER-2143) Update Ranger authorizer for Atlas for new method added in authorization interface (ATLAS-2765)

2018-06-28 Thread Madhan Neethiraj (JIRA) 


 [ 
https://issues.apache.org/jira/browse/RANGER-2143?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Madhan Neethiraj updated RANGER-2143:
-
Attachment: RANGER-2143.patch

> Update Ranger authorizer for Atlas for new method added in authorization 
> interface (ATLAS-2765)
> ---
>
> Key: RANGER-2143
> URL: https://issues.apache.org/jira/browse/RANGER-2143
> Project: Ranger
>  Issue Type: Improvement
>  Components: plugins
>Affects Versions: 1.0.0
>Reporter: Madhan Neethiraj
>Assignee: Madhan Neethiraj
>Priority: Major
> Attachments: RANGER-2143.patch
>
>
> Atlas authorizer interface was updated in ATLAS-2765 with addition of method 
> scrubSearchResults(). Ranger authorizer for Atlas should be updated to 
> implement this new method.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Review Request 67770: RANGER-2143: updated Atlas authorizer with addtion of scrubSearchResults() method

2018-06-28 Thread Madhan Neethiraj 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/67770/
---

Review request for ranger, Abhay Kulkarni, Nixon Rodrigues, Ramesh Mani, and 
Sarath Subramanian.


Bugs: RANGER-2143
https://issues.apache.org/jira/browse/RANGER-2143


Repository: ranger


Description
---

- updated Atlas authorizer with addtion of scrubSearchResults() method
- updated entity-access authorization to enable authorization of entity that 
don't have any classification


Diffs
-

  
plugin-atlas/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasAuthorizer.java
 8d56f14f9 
  
plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java
 aba4b8c2e 
  pom.xml 07952102e 
  
ranger-atlas-plugin-shim/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasAuthorizer.java
 9302bdd09 


Diff: https://reviews.apache.org/r/67770/diff/1/


Testing
---

- verified that entity-attributes and classifications in the search-result are 
cleared for entities the user doesn't have read access to
- verified that authorization policy with entity-classification=_NOT_CLASSIFIED 
applies for entities that don't have any classification associated


Thanks,

Madhan Neethiraj

[jira] [Created] (RANGER-2143) Update Ranger authorizer for Atlas for new method added in authorization interface (ATLAS-2765)

2018-06-28 Thread Madhan Neethiraj (JIRA) 
Madhan Neethiraj created RANGER-2143:


 Summary: Update Ranger authorizer for Atlas for new method added 
in authorization interface (ATLAS-2765)
 Key: RANGER-2143
 URL: https://issues.apache.org/jira/browse/RANGER-2143
 Project: Ranger
  Issue Type: Improvement
  Components: plugins
Affects Versions: 1.0.0
Reporter: Madhan Neethiraj
Assignee: Madhan Neethiraj


Atlas authorizer interface was updated in ATLAS-2765 with addition of method 
scrubSearchResults(). Ranger authorizer for Atlas should be updated to 
implement this new method.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)