subject:"Re\: Review Request 73696\: RANGER\-3508\: enhanced script condition expression for easier access to user\/group\/tag\/resource attributes"

Re: Review Request 73696: RANGER-3508: enhanced script condition expression for easier access to user/group/tag/resource attributes

2021-11-15 Thread Madhan Neethiraj


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73696/
---

(Updated Nov. 16, 2021, 5:04 a.m.)


Review request for ranger, Abhishek  Kumar, Ankita Sinha, Kishor Gollapalliwar, 
Abhay Kulkarni, Mehul Parikh, Ramesh Mani, Sailaja Polavarapu, and Velmurugan 
Periasamy.


Changes
---

refactoried to move ScriptEngine instantiation to ScriptEngineUtil


Bugs: RANGER-3508
https://issues.apache.org/jira/browse/RANGER-3508


Repository: ranger


Description
---

Updated script evaluator to enable access to user/group/tag/resource attributes 
with following expressions:

- USER.state == 'CA'
- UGROUP['test'].dept == 'MKTG'
- REQ.accessType == 'SELECT'
- RES.database == 'hr'
- RES.table == 'employee'
- TAG._type == 'PII'
- TAG.attr1 == 'value1'
- TAGS.length == 2
- TNAMES.indexOf('PCI') != -1


Diffs (updated)
-

  
agents-common/src/main/java/org/apache/ranger/plugin/conditionevaluator/RangerAnyOfExpectedTagsPresentConditionEvaluator.java
 3221f79d5 
  
agents-common/src/main/java/org/apache/ranger/plugin/conditionevaluator/RangerNoneOfExpectedTagsPresentConditionEvaluator.java
 d04f4b388 
  
agents-common/src/main/java/org/apache/ranger/plugin/conditionevaluator/RangerScriptConditionEvaluator.java
 e57f599d7 
  
agents-common/src/main/java/org/apache/ranger/plugin/conditionevaluator/RangerScriptExecutionContext.java
 3563fd8e2 
  
agents-common/src/main/java/org/apache/ranger/plugin/conditionevaluator/RangerTagsAllPresentConditionEvaluator.java
 8616c6660 
  
agents-common/src/main/java/org/apache/ranger/plugin/service/RangerBasePlugin.java
 57a4b4bd5 
  
agents-common/src/main/java/org/apache/ranger/plugin/util/RangerCommonConstants.java
 75132d800 
  
agents-common/src/main/java/org/apache/ranger/plugin/util/ScriptEngineUtil.java 
PRE-CREATION 
  
agents-common/src/test/java/org/apache/ranger/plugin/conditionevaluator/RangerCustomConditionMatcherTest.java
 9f3fb23df 
  
agents-common/src/test/java/org/apache/ranger/plugin/conditionevaluator/RangerRequestScriptEvaluatorTest.java
 PRE-CREATION 


Diff: https://reviews.apache.org/r/73696/diff/4/

Changes: https://reviews.apache.org/r/73696/diff/3-4/


Testing
---

- added unit tests to validate new expressions
- verified that existing unit tests pass successfully


Thanks,

Madhan Neethiraj

Re: Review Request 73696: RANGER-3508: enhanced script condition expression for easier access to user/group/tag/resource attributes

2021-11-15 Thread Abhay Kulkarni


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73696/#review223734
---


Ship it!




Ship It!

- Abhay Kulkarni


On Nov. 10, 2021, 11:02 p.m., Madhan Neethiraj wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73696/
> ---
> 
> (Updated Nov. 10, 2021, 11:02 p.m.)
> 
> 
> Review request for ranger, Abhishek  Kumar, Ankita Sinha, Kishor 
> Gollapalliwar, Abhay Kulkarni, Mehul Parikh, Ramesh Mani, Sailaja Polavarapu, 
> and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-3508
> https://issues.apache.org/jira/browse/RANGER-3508
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Updated script evaluator to enable access to user/group/tag/resource 
> attributes with following expressions:
> 
> - USER.state == 'CA'
> - UGROUP['test'].dept == 'MKTG'
> - REQ.accessType == 'SELECT'
> - RES.database == 'hr'
> - RES.table == 'employee'
> - TAG._type == 'PII'
> - TAG.attr1 == 'value1'
> - TAGS.length == 2
> - TNAMES.indexOf('PCI') != -1
> 
> 
> Diffs
> -
> 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/conditionevaluator/RangerAnyOfExpectedTagsPresentConditionEvaluator.java
>  3221f79d5 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/conditionevaluator/RangerNoneOfExpectedTagsPresentConditionEvaluator.java
>  d04f4b388 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/conditionevaluator/RangerScriptConditionEvaluator.java
>  e57f599d7 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/conditionevaluator/RangerScriptExecutionContext.java
>  3563fd8e2 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/conditionevaluator/RangerTagsAllPresentConditionEvaluator.java
>  8616c6660 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/service/RangerBasePlugin.java
>  57a4b4bd5 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/util/RangerCommonConstants.java
>  75132d800 
>   
> agents-common/src/test/java/org/apache/ranger/plugin/conditionevaluator/RangerCustomConditionMatcherTest.java
>  9f3fb23df 
>   
> agents-common/src/test/java/org/apache/ranger/plugin/conditionevaluator/RangerRequestScriptEvaluatorTest.java
>  PRE-CREATION 
> 
> 
> Diff: https://reviews.apache.org/r/73696/diff/3/
> 
> 
> Testing
> ---
> 
> - added unit tests to validate new expressions
> - verified that existing unit tests pass successfully
> 
> 
> Thanks,
> 
> Madhan Neethiraj
> 
>

Re: Review Request 73696: RANGER-3508: enhanced script condition expression for easier access to user/group/tag/resource attributes

2021-11-10 Thread Madhan Neethiraj


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73696/
---

(Updated Nov. 10, 2021, 11:02 p.m.)


Review request for ranger, Abhishek  Kumar, Ankita Sinha, Kishor Gollapalliwar, 
Abhay Kulkarni, Mehul Parikh, Ramesh Mani, Sailaja Polavarapu, and Velmurugan 
Periasamy.


Bugs: RANGER-3508
https://issues.apache.org/jira/browse/RANGER-3508


Repository: ranger


Description
---

Updated script evaluator to enable access to user/group/tag/resource attributes 
with following expressions:

- USER.state == 'CA'
- UGROUP['test'].dept == 'MKTG'
- REQ.accessType == 'SELECT'
- RES.database == 'hr'
- RES.table == 'employee'
- TAG._type == 'PII'
- TAG.attr1 == 'value1'
- TAGS.length == 2
- TNAMES.indexOf('PCI') != -1


Diffs (updated)
-

  
agents-common/src/main/java/org/apache/ranger/plugin/conditionevaluator/RangerAnyOfExpectedTagsPresentConditionEvaluator.java
 3221f79d5 
  
agents-common/src/main/java/org/apache/ranger/plugin/conditionevaluator/RangerNoneOfExpectedTagsPresentConditionEvaluator.java
 d04f4b388 
  
agents-common/src/main/java/org/apache/ranger/plugin/conditionevaluator/RangerScriptConditionEvaluator.java
 e57f599d7 
  
agents-common/src/main/java/org/apache/ranger/plugin/conditionevaluator/RangerScriptExecutionContext.java
 3563fd8e2 
  
agents-common/src/main/java/org/apache/ranger/plugin/conditionevaluator/RangerTagsAllPresentConditionEvaluator.java
 8616c6660 
  
agents-common/src/main/java/org/apache/ranger/plugin/service/RangerBasePlugin.java
 57a4b4bd5 
  
agents-common/src/main/java/org/apache/ranger/plugin/util/RangerCommonConstants.java
 75132d800 
  
agents-common/src/test/java/org/apache/ranger/plugin/conditionevaluator/RangerCustomConditionMatcherTest.java
 9f3fb23df 
  
agents-common/src/test/java/org/apache/ranger/plugin/conditionevaluator/RangerRequestScriptEvaluatorTest.java
 PRE-CREATION 


Diff: https://reviews.apache.org/r/73696/diff/3/

Changes: https://reviews.apache.org/r/73696/diff/2-3/


Testing
---

- added unit tests to validate new expressions
- verified that existing unit tests pass successfully


Thanks,

Madhan Neethiraj

Re: Review Request 73696: RANGER-3508: enhanced script condition expression for easier access to user/group/tag/resource attributes

2021-11-09 Thread Madhan Neethiraj


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73696/
---

(Updated Nov. 10, 2021, 3 a.m.)


Review request for ranger, Abhishek  Kumar, Ankita Sinha, Kishor Gollapalliwar, 
Abhay Kulkarni, Mehul Parikh, Ramesh Mani, Sailaja Polavarapu, and Velmurugan 
Periasamy.


Changes
---

updated to support accessing attributes from all user-groups using UGA.value, 
UGA.values


Bugs: RANGER-3508
https://issues.apache.org/jira/browse/RANGER-3508


Repository: ranger


Description
---

Updated script evaluator to enable access to user/group/tag/resource attributes 
with following expressions:

- USER.state == 'CA'
- UGROUP['test'].dept == 'MKTG'
- REQ.accessType == 'SELECT'
- RES.database == 'hr'
- RES.table == 'employee'
- TAG._type == 'PII'
- TAG.attr1 == 'value1'
- TAGS.length == 2
- TNAMES.indexOf('PCI') != -1


Diffs (updated)
-

  
agents-common/src/main/java/org/apache/ranger/plugin/conditionevaluator/RangerAnyOfExpectedTagsPresentConditionEvaluator.java
 3221f79d5 
  
agents-common/src/main/java/org/apache/ranger/plugin/conditionevaluator/RangerNoneOfExpectedTagsPresentConditionEvaluator.java
 d04f4b388 
  
agents-common/src/main/java/org/apache/ranger/plugin/conditionevaluator/RangerScriptConditionEvaluator.java
 e57f599d7 
  
agents-common/src/main/java/org/apache/ranger/plugin/conditionevaluator/RangerScriptExecutionContext.java
 3563fd8e2 
  
agents-common/src/main/java/org/apache/ranger/plugin/conditionevaluator/RangerTagsAllPresentConditionEvaluator.java
 8616c6660 
  
agents-common/src/main/java/org/apache/ranger/plugin/service/RangerBasePlugin.java
 57a4b4bd5 
  
agents-common/src/main/java/org/apache/ranger/plugin/util/RangerCommonConstants.java
 75132d800 
  
agents-common/src/test/java/org/apache/ranger/plugin/conditionevaluator/RangerCustomConditionMatcherTest.java
 9f3fb23df 
  
agents-common/src/test/java/org/apache/ranger/plugin/conditionevaluator/RangerRequestScriptEvaluatorTest.java
 PRE-CREATION 


Diff: https://reviews.apache.org/r/73696/diff/2/

Changes: https://reviews.apache.org/r/73696/diff/1-2/


Testing
---

- added unit tests to validate new expressions
- verified that existing unit tests pass successfully


Thanks,

Madhan Neethiraj

Re: Review Request 73696: RANGER-3508: enhanced script condition expression for easier access to user/group/tag/resource attributes

Re: Review Request 73696: RANGER-3508: enhanced script condition expression for easier access to user/group/tag/resource attributes

Re: Review Request 73696: RANGER-3508: enhanced script condition expression for easier access to user/group/tag/resource attributes

Re: Review Request 73696: RANGER-3508: enhanced script condition expression for easier access to user/group/tag/resource attributes

4 matches

Site Navigation

Mail list logo

Footer information