Re: Review Request 62490: Updated masking policy for hive to support for deny/allowException/denyExceptions
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/62490/#review186290 --- Ship it! Ship It! - Alejandro Fernandez On Sept. 26, 2017, 7:31 a.m., pengjianhua wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/62490/ > --- > > (Updated Sept. 26, 2017, 7:31 a.m.) > > > Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O > hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan > Neethiraj, Velmurugan Periasamy, and Qiang Zhang. > > > Bugs: RANGER-1796 > https://issues.apache.org/jira/browse/RANGER-1796 > > > Repository: ranger > > > Description > --- > > Masking policy for hive should support for deny/allowException/denyExceptions > to meet further business needs. Such as masking policy for hive should > support as following scene and so on: > USER1, USER2 and USER3 belong to the user group GROUPA. Select GROUPA group > when created masking policy. The USER1 does not use masking and USER2, USER3 > need masking. > > We rigorously tested this issue. The test result shows that the feature is ok. > > > Diffs > - > > > agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java > 60daed9 > > agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java > 0b5fc0e > > agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyRepository.java > 067ca04 > > agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java > f5d7ad3 > > agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerOptimizedPolicyEvaluator.java > 47b4921 > > agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerPolicyItemEvaluator.java > edbde29 > > security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java > 1b6f440 > security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java > da65074 > > security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java > f55a103 > security-admin/src/main/webapp/scripts/utils/XAUtils.js ecf43ad > security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js > 9a8d82d > > > Diff: https://reviews.apache.org/r/62490/diff/2/ > > > Testing > --- > > tested it > > > Thanks, > > pengjianhua > >
Re: Review Request 62490: Updated masking policy for hive to support for deny/allowException/denyExceptions
> On 九月 25, 2017, 11:56 a.m., Qiang Zhang wrote:
> > The following codes should be modified:
> > 1. `if(this.dataMaskPolicyAllowItemExceptions ==
> > dataMaskPolicyAllowItemExceptions) {` in
> > `setDataMaskPolicyAllowItemExceptions(` for RangerPolicy.java
> > 2. `if(this.dataMaskPolicyDenyItems == dataMaskPolicyDenyItems) {` in
> > `public void setDataMaskPolicyDenyItems(` for RangerPolicy.java
> > 3. `if(this.dataMaskPolicyDenyItemExceptions ==
> > dataMaskPolicyDenyItemExceptions) {` in `public void
> > setDataMaskPolicyDenyItemExceptions(` for RangerPolicy.java
> >
> > Please fix them.
Thanks for you review I had update the patch ,Please review again.
- pengjianhua
---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62490/#review186105
---
On 九月 26, 2017, 7:31 a.m., pengjianhua wrote:
>
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62490/
> ---
>
> (Updated 九月 26, 2017, 7:31 a.m.)
>
>
> Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O
> hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan
> Neethiraj, Velmurugan Periasamy, and Qiang Zhang.
>
>
> Bugs: RANGER-1796
> https://issues.apache.org/jira/browse/RANGER-1796
>
>
> Repository: ranger
>
>
> Description
> ---
>
> Masking policy for hive should support for deny/allowException/denyExceptions
> to meet further business needs. Such as masking policy for hive should
> support as following scene and so on:
> USER1, USER2 and USER3 belong to the user group GROUPA. Select GROUPA group
> when created masking policy. The USER1 does not use masking and USER2, USER3
> need masking.
>
> We rigorously tested this issue. The test result shows that the feature is ok.
>
>
> Diffs
> -
>
>
> agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java
> 60daed9
>
> agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java
> 0b5fc0e
>
> agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyRepository.java
> 067ca04
>
> agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java
> f5d7ad3
>
> agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerOptimizedPolicyEvaluator.java
> 47b4921
>
> agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerPolicyItemEvaluator.java
> edbde29
>
> security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java
> 1b6f440
> security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
> da65074
>
> security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java
> f55a103
> security-admin/src/main/webapp/scripts/utils/XAUtils.js ecf43ad
> security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js
> 9a8d82d
>
>
> Diff: https://reviews.apache.org/r/62490/diff/2/
>
>
> Testing
> ---
>
> tested it
>
>
> Thanks,
>
> pengjianhua
>
>
Re: Review Request 62490: Updated masking policy for hive to support for deny/allowException/denyExceptions
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/62490/ --- (Updated 九月 26, 2017, 7:31 a.m.) Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan Neethiraj, Velmurugan Periasamy, and Qiang Zhang. Bugs: RANGER-1796 https://issues.apache.org/jira/browse/RANGER-1796 Repository: ranger Description --- Masking policy for hive should support for deny/allowException/denyExceptions to meet further business needs. Such as masking policy for hive should support as following scene and so on: USER1, USER2 and USER3 belong to the user group GROUPA. Select GROUPA group when created masking policy. The USER1 does not use masking and USER2, USER3 need masking. We rigorously tested this issue. The test result shows that the feature is ok. Diffs (updated) - agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java 60daed9 agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java 0b5fc0e agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyRepository.java 067ca04 agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java f5d7ad3 agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerOptimizedPolicyEvaluator.java 47b4921 agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerPolicyItemEvaluator.java edbde29 security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java 1b6f440 security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java da65074 security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java f55a103 security-admin/src/main/webapp/scripts/utils/XAUtils.js ecf43ad security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js 9a8d82d Diff: https://reviews.apache.org/r/62490/diff/2/ Changes: https://reviews.apache.org/r/62490/diff/1-2/ Testing --- tested it Thanks, pengjianhua
Re: Review Request 62490: Updated masking policy for hive to support for deny/allowException/denyExceptions
---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62490/#review186105
---
The following codes should be modified:
1. `if(this.dataMaskPolicyAllowItemExceptions ==
dataMaskPolicyAllowItemExceptions) {` in
`setDataMaskPolicyAllowItemExceptions(` for RangerPolicy.java
2. `if(this.dataMaskPolicyDenyItems == dataMaskPolicyDenyItems) {` in `public
void setDataMaskPolicyDenyItems(` for RangerPolicy.java
3. `if(this.dataMaskPolicyDenyItemExceptions ==
dataMaskPolicyDenyItemExceptions) {` in `public void
setDataMaskPolicyDenyItemExceptions(` for RangerPolicy.java
Please fix them.
- Qiang Zhang
On 九月 25, 2017, 3:30 a.m., pengjianhua wrote:
>
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62490/
> ---
>
> (Updated 九月 25, 2017, 3:30 a.m.)
>
>
> Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O
> hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan
> Neethiraj, Velmurugan Periasamy, and Qiang Zhang.
>
>
> Bugs: RANGER-1796
> https://issues.apache.org/jira/browse/RANGER-1796
>
>
> Repository: ranger
>
>
> Description
> ---
>
> Masking policy for hive should support for deny/allowException/denyExceptions
> to meet further business needs. Such as masking policy for hive should
> support as following scene and so on:
> USER1, USER2 and USER3 belong to the user group GROUPA. Select GROUPA group
> when created masking policy. The USER1 does not use masking and USER2, USER3
> need masking.
>
> We rigorously tested this issue. The test result shows that the feature is ok.
>
>
> Diffs
> -
>
>
> agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java
> 60daed9
>
> agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java
> 0b5fc0e
>
> agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyRepository.java
> 067ca04
>
> agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java
> f5d7ad3
>
> agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerOptimizedPolicyEvaluator.java
> 47b4921
>
> agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerPolicyItemEvaluator.java
> edbde29
>
> security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java
> 1b6f440
> security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
> da65074
>
> security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java
> f55a103
> security-admin/src/main/webapp/scripts/utils/XAUtils.js ecf43ad
> security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js
> 9a8d82d
>
>
> Diff: https://reviews.apache.org/r/62490/diff/1/
>
>
> Testing
> ---
>
> tested it
>
>
> Thanks,
>
> pengjianhua
>
>
Re: Review Request 62490: Updated masking policy for hive to support for deny/allowException/denyExceptions
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/62490/ --- (Updated 九月 25, 2017, 3:30 a.m.) Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan Neethiraj, Velmurugan Periasamy, and Qiang Zhang. Bugs: RANGER-1796 https://issues.apache.org/jira/browse/RANGER-1796 Repository: ranger Description (updated) --- Masking policy for hive should support for deny/allowException/denyExceptions to meet further business needs. Such as masking policy for hive should support as following scene and so on: USER1, USER2 and USER3 belong to the user group GROUPA. Select GROUPA group when created masking policy. The USER1 does not use masking and USER2, USER3 need masking. We rigorously tested this issue. The test result shows that the feature is ok. Diffs - agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java 60daed9 agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java 0b5fc0e agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyRepository.java 067ca04 agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java f5d7ad3 agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerOptimizedPolicyEvaluator.java 47b4921 agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerPolicyItemEvaluator.java edbde29 security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java 1b6f440 security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java da65074 security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java f55a103 security-admin/src/main/webapp/scripts/utils/XAUtils.js ecf43ad security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js 9a8d82d Diff: https://reviews.apache.org/r/62490/diff/1/ Testing --- tested it Thanks, pengjianhua
Review Request 62490: Updated masking policy for hive to support for deny/allowException/denyExceptions
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/62490/ --- Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan Neethiraj, Velmurugan Periasamy, and Qiang Zhang. Bugs: RANGER-1796 https://issues.apache.org/jira/browse/RANGER-1796 Repository: ranger Description --- Masking policy for hive should support for deny/allowException/denyExceptions to meet further business needs. Such as masking policy for hive should support as following scene and so on: USER1, USER2 and USER3 belong to the user group GROUPA. Select GROUPA group when created masking policy. The USER1 does not use masking and USER2, USER3 need masking. Diffs - agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java 60daed9 agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java 0b5fc0e agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyRepository.java 067ca04 agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java f5d7ad3 agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerOptimizedPolicyEvaluator.java 47b4921 agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerPolicyItemEvaluator.java edbde29 security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java 1b6f440 security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java da65074 security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java f55a103 security-admin/src/main/webapp/scripts/utils/XAUtils.js ecf43ad security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js 9a8d82d Diff: https://reviews.apache.org/r/62490/diff/1/ Testing --- tested it Thanks, pengjianhua
