ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mehul Parikh <mehul.par...@freestoneinfotech.com>
Subject Re: Review Request 45026: RANGER-876 : Policy UI updates to make deny & exception policy items optional
Date Mon, 21 Mar 2016 12:10:21 GMT

This is an automatically generated e-mail. To reply, visit:

(Updated March 21, 2016, 12:10 p.m.)

Review request for ranger, Alok Lal, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, Madhan
Neethiraj, Ramesh Mani, and Selvamohan Neethiraj.


Handling show / hide for allowExceptions as well based on value given for enableDenyAndExceptionsInPolicies
in Create / Edit Policy form.

Bugs: RANGER-876

Repository: ranger


**Problem Statement**
Ranger Admin UI changes to show deny and exceptions in policy UI only for the following cases:
service-def option enableDenyAndExceptionsInPolicies is set to true
service-def of Tag Based Services.

For other service-defs, only allow policy-items should be displayed. This is corresponding
to the policy-engine changes in RANGER-874.

Diffs (updated)

  security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js f32ffbc 
  security-admin/src/main/webapp/templates/policies/RangerPolicyForm_tmpl.html 9b56bca 

Diff: https://reviews.apache.org/r/45026/diff/


**Steps Performed**
1) If value for the property *enableDenyAndExceptionsInPolicies*  is not defined  then for
all components it does not show the Deny Condition section except Tag Based policy.

2) If value for enableDenyAndExceptionsInPolicies = ture it will show the Deny Condition section
in Create / Edit policy form.

3) Considering upgrade scenario: 
> Initial state
>>if initially enableDenyAndExceptionsInPolicies=true and policy object contains deny

> Later on, if service-def is updated to set enableDenyAndExceptionsInPolicies=false
>> After that even as we will not show the deny conditions object in UI, update policy
retains the value of original state of deny condition.


Mehul Parikh

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message