ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mehul Parikh <mehul.par...@freestoneinfotech.com>
Subject Review Request 45026: RANGER-876 : Policy UI updates to make deny & exception policy items optional
Date Fri, 18 Mar 2016 11:35:53 GMT

This is an automatically generated e-mail. To reply, visit:

Review request for ranger, Alok Lal, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, Madhan
Neethiraj, Ramesh Mani, and Selvamohan Neethiraj.

Bugs: RANGER-876

Repository: ranger


**Problem Statement**
Ranger Admin UI changes to show deny and exceptions in policy UI only for the following cases:
service-def option enableDenyAndExceptionsInPolicies is set to true
service-def of Tag Based Services.

For other service-defs, only allow policy-items should be displayed. This is corresponding
to the policy-engine changes in RANGER-874.


  security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js f32ffbc 
  security-admin/src/main/webapp/templates/policies/RangerPolicyForm_tmpl.html 9b56bca 

Diff: https://reviews.apache.org/r/45026/diff/


**Steps Performed**
1) If value for the property *enableDenyAndExceptionsInPolicies*  is not defined  then for
all components it does not show the Deny Condition section except Tag Based policy.

2) If value for enableDenyAndExceptionsInPolicies = ture it will show the Deny Condition section
in Create / Edit policy form.

3) Considering upgrade scenario: 
> Initial state
>>if initially enableDenyAndExceptionsInPolicies=true and policy object contains deny

> Later on, if service-def is updated to set enableDenyAndExceptionsInPolicies=false
>> After that even as we will not show the deny conditions object in UI, update policy
retains the value of original state of deny condition.


Mehul Parikh

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message