ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Abhay Kulkarni <akulka...@hortonworks.com>
Subject Review Request 60402: provide a way to get list of policies associated with given resource
Date Fri, 23 Jun 2017 22:19:46 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/60402/
-----------------------------------------------------------

Review request for ranger and Madhan Neethiraj.


Bugs: RANGER-1665
    https://issues.apache.org/jira/browse/RANGER-1665


Repository: ranger


Description
-------

It is useful to support a way (REST API) to fetch all applicable ranger policies for a given
resource. This is helpful in ensuring that Ranger security policies exist to control access
to the resource in question, and to support/implement security audit controls.

REST API is implemented to provide list of policies for a given resource. Sample cURL commands:


curl -u admin:admin -H "Accept: application/json" -H "Content-Type: application/json" -X GET
'http://<host-name>:6080/service/public/v2/api/policies/hive/for-resource?resource:database=finance

curl -u admin:admin -H "Accept: application/json" -H "Content-Type: application/json" -X GET
'http://<host-name>:6080/service/public/v2/api/policies/hdfs/for-resource?resource:path=/demo1/demo2

curl -u admin:admin -H "Accept: application/json" -H "Content-Type: application/json" -X GET
'http://<host-name>:6080/service/public/v2/api/policies/hive/for-resource?serviceName=cl1_hive&resource:table=abc&resource:database=finance


Diffs
-----

  agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerTagEnricher.java
ad7f2a7 
  agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngine.java
b758d69 
  agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineCache.java
56dfcdf 
  agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineCacheForEngineOptions.java
PRE-CREATION 
  agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java
a4114eb 
  agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineOptions.java
7ca4bd6 
  agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyRepository.java
ded15fa 
  agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractTagStore.java 90c1da6

  agents-common/src/main/java/org/apache/ranger/plugin/store/TagStore.java 3c5a43b 
  security-admin/src/main/java/org/apache/ranger/biz/TagDBStore.java 853724b 
  security-admin/src/main/java/org/apache/ranger/common/RangerAdminTagEnricher.java PRE-CREATION

  security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java dbb34bd 
  security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 6fffe39 


Diff: https://reviews.apache.org/r/60402/diff/1/


Testing
-------

Tested with local VM


Thanks,

Abhay Kulkarni


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message