prashantpogde commented on code in PR #218:
URL: https://github.com/apache/ranger/pull/218#discussion_r1116120121
##
plugin-ozone/src/main/java/org/apache/ranger/authorization/ozone/authorizer/RangerOzoneAuthorizer.java:
##
@@ -59,25 +59,34 @@ public class RangerOzoneAuthorizer implements
IAccessAuthorizer {
private static volatile RangerBasePlugin rangerPlugin = null;
RangerDefaultAuditHandler auditHandler = null;
- public RangerOzoneAuthorizer() {
- rangerPlugin = new RangerBasePlugin("ozone", "ozone");
+ public RangerOzoneAuthorizer(String serviceName) {
+ rangerPlugin = new RangerBasePlugin("ozone", serviceName,
"ozone");
rangerPlugin.init(); // this will initialize policy engine and
policy refresher
auditHandler = new RangerDefaultAuditHandler();
rangerPlugin.setResultProcessor(auditHandler);
}
+ public RangerOzoneAuthorizer() {
+ this(null);
+ }
+
@Override
public boolean checkAccess(IOzoneObj ozoneObject, RequestContext
context) {
boolean returnValue = false;
if (ozoneObject == null) {
LOG.error("Ozone object is null!!");
return returnValue;
}
+ if (context == null) {
+ LOG.error("Context object is null!!");
+ return returnValue;
+ }
OzoneObj ozoneObj = (OzoneObj) ozoneObject;
UserGroupInformation ugi = context.getClientUgi();
ACLType operation = context.getAclRights();
String resource = ozoneObj.getPath();
+ String snapShotName = context.getSnapshotName();
Review Comment:
We need one more field to specify snapshot scope e.g. whether it is volume
or a bucket.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@ranger.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
