ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Madhan Neethiraj (Jira)" <j...@apache.org>
Subject [jira] [Commented] (RANGER-2774) Enhance RangerBasePlugin to be able to retrieve all policies for a user, and list of groups.
Date Mon, 13 Apr 2020 02:17:00 GMT

    [ https://issues.apache.org/jira/browse/RANGER-2774?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17081982#comment-17081982
] 

Madhan Neethiraj commented on RANGER-2774:
------------------------------------------

bq. to pull all policies that a user and list of groups may have access to
[~mert_hoc] - does "all policies" refer to policies where a given user (or a group to which
the user belongs to) is given any access? Or the policies in which user has delegated-admin
permission? Note that Ranger policies can be sophisticated like deny/exceptions/dynamic-conditions/tag-based
policies/zone-aware; so it is critical to be clear on what the desired result is.

It will help to state a number of use cases, with a set of policies having above characteristics,
 and the expected policy list to be returned for each case.

> Enhance RangerBasePlugin to be able to retrieve all policies for a user, and list of
groups.
> --------------------------------------------------------------------------------------------
>
>                 Key: RANGER-2774
>                 URL: https://issues.apache.org/jira/browse/RANGER-2774
>             Project: Ranger
>          Issue Type: New Feature
>          Components: Ranger
>            Reporter: Mert Hocanin
>            Assignee: Mert Hocanin
>            Priority: Minor
>
> Currently, the RangerBasePlugin has API's that given a RangerAccessRequest, it will return
a RangerAccessResult which returns basically whether the access is grantable or not. However,
there are certain use cases where a developer may want to pull all policies that a user and
list of groups may have access to. One use case that we had in mind was to translate a policy
from a calling user to another policy management system. 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Mime
View raw message