ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Madhan Neethiraj <mad...@apache.org>
Subject Re: Review Request 71484: RANGER-2393: Document level authorization support for solr
Date Sun, 29 Sep 2019 19:37:12 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71484/#review217796
-----------------------------------------------------------




plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java
Lines 341 (patched)
<https://reviews.apache.org/r/71484/#comment305398>

    if 'allRolesToken' is specified, shouldn't documents having this value be returned for
all users - even if no roles are assigned to the user?



plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java
Lines 531 (patched)
<https://reviews.apache.org/r/71484/#comment305397>

    roles will not be null/empty here, due to pre-checks before the call at #326. I suggest
to remove this 'if' ; also the caller doesn't handle null return from here - #541. It  will
be cleaner if this method doesn't return null.


- Madhan Neethiraj


On Sept. 17, 2019, 9:02 p.m., Sailaja Polavarapu wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/71484/
> -----------------------------------------------------------
> 
> (Updated Sept. 17, 2019, 9:02 p.m.)
> 
> 
> Review request for ranger, Abhay Kulkarni, Ramesh Mani, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2393
>     https://issues.apache.org/jira/browse/RANGER-2393
> 
> 
> Repository: ranger
> 
> 
> Description
> -------
> 
> Implemented Document level authorization support for Solr based on user roles.
> 
> 
> Diffs
> -----
> 
>   plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java
48d4fb74c 
>   ranger-solr-plugin-shim/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java
4cfa7e188 
>   security-admin/src/main/java/org/apache/ranger/biz/RoleDBStore.java 28b2c1108 
>   security-admin/src/main/java/org/apache/ranger/db/XXServiceDefDao.java 835e5fea1 
>   security-admin/src/main/resources/META-INF/jpa_named_queries.xml 3c3d1dec1 
> 
> 
> Diff: https://reviews.apache.org/r/71484/diff/3/
> 
> 
> Testing
> -------
> 
> 1. Patched cluster with the changes and verified basic functionality is working fine.
> 2. Also verified few negative cases on authorization to solr.
> 
> 
> Thanks,
> 
> Sailaja Polavarapu
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message