Repository: incubator-ranger Updated Branches: refs/heads/master f7b1a9d16 -> 0b258f8fb
RANGER-710 : Add a permission for 'Tag Based Policies' Signed-off-by: Gautam Borad <[email protected]> Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/0b258f8f Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/0b258f8f Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/0b258f8f Branch: refs/heads/master Commit: 0b258f8fb9be603ce819e1ce85af7f07efdd8319 Parents: f7b1a9d Author: Pradeep Agrawal <[email protected]> Authored: Sun Apr 17 10:35:03 2016 +0530 Committer: Gautam Borad <[email protected]> Committed: Mon Apr 18 10:50:51 2016 +0530 ---------------------------------------------------------------------- .../db/mysql/patches/016-updated-schema-for-tag-based-policy.sql | 1 + security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java | 1 + .../src/main/java/org/apache/ranger/common/RangerConstants.java | 1 + security-admin/src/main/webapp/scripts/utils/XAGlobals.js | 2 +- security-admin/src/main/webapp/scripts/utils/XAUtils.js | 2 +- security-admin/src/main/webapp/templates/helpers/XAHelpers.js | 2 +- 6 files changed, 6 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/0b258f8f/security-admin/db/mysql/patches/016-updated-schema-for-tag-based-policy.sql ---------------------------------------------------------------------- diff --git a/security-admin/db/mysql/patches/016-updated-schema-for-tag-based-policy.sql b/security-admin/db/mysql/patches/016-updated-schema-for-tag-based-policy.sql index ff7fb3f..b86ae10 100644 --- a/security-admin/db/mysql/patches/016-updated-schema-for-tag-based-policy.sql +++ b/security-admin/db/mysql/patches/016-updated-schema-for-tag-based-policy.sql @@ -190,6 +190,7 @@ CONSTRAINT `x_srvc_res_el_val_FK_res_el_id` FOREIGN KEY (`res_element_id`) REFER CONSTRAINT `x_srvc_res_el_val_FK_add_by_id` FOREIGN KEY (`added_by_id`) REFERENCES `x_portal_user` (`id`), CONSTRAINT `x_srvc_res_el_val_FK_upd_by_id` FOREIGN KEY (`upd_by_id`) REFERENCES `x_portal_user` (`id`) ); +INSERT INTO `x_modules_master` VALUES (6,now(),now(),1,1,'Tag Based Policies',''); -- --------------------------------------- -- add column in x_service_def.def_options -- --------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/0b258f8f/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java index ae81b22..5226f49 100644 --- a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java @@ -253,6 +253,7 @@ public class XUserMgr extends XUserMgrBase { createOrUpdateUserPermisson(vXPortalUser, moduleNameId.get(RangerConstants.MODULE_RESOURCE_BASED_POLICIES), isCreate); createOrUpdateUserPermisson(vXPortalUser, moduleNameId.get(RangerConstants.MODULE_AUDIT), isCreate); createOrUpdateUserPermisson(vXPortalUser, moduleNameId.get(RangerConstants.MODULE_USER_GROUPS), isCreate); + createOrUpdateUserPermisson(vXPortalUser, moduleNameId.get(RangerConstants.MODULE_TAG_BASED_POLICIES), isCreate); } else if (role.equals(RangerConstants.ROLE_KEY_ADMIN)) { createOrUpdateUserPermisson(vXPortalUser, moduleNameId.get(RangerConstants.MODULE_KEY_MANAGER), isCreate); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/0b258f8f/security-admin/src/main/java/org/apache/ranger/common/RangerConstants.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/common/RangerConstants.java b/security-admin/src/main/java/org/apache/ranger/common/RangerConstants.java index c65981b..666c8b1 100644 --- a/security-admin/src/main/java/org/apache/ranger/common/RangerConstants.java +++ b/security-admin/src/main/java/org/apache/ranger/common/RangerConstants.java @@ -72,6 +72,7 @@ public class RangerConstants extends RangerCommonEnums { public static final String MODULE_AUDIT="Audit"; public static final String MODULE_PERMISSION="Permissions"; public static final String MODULE_KEY_MANAGER="Key Manager"; + public static final String MODULE_TAG_BASED_POLICIES="Tag Based Policies"; // User create validation errors public enum ValidationUserProfile { http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/0b258f8f/security-admin/src/main/webapp/scripts/utils/XAGlobals.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/utils/XAGlobals.js b/security-admin/src/main/webapp/scripts/utils/XAGlobals.js index 31f7fa3..092dee2 100644 --- a/security-admin/src/main/webapp/scripts/utils/XAGlobals.js +++ b/security-admin/src/main/webapp/scripts/utils/XAGlobals.js @@ -65,7 +65,7 @@ define(function(require){ XAGlobals.ListOfModuleActions = { 'Access Manager' : { 'Resource Based Policies' : ['serviceManagerAction','serviceCreateAction','serviceEditAction', 'policyManageAction','RangerPolicyCreateAction','RangerPolicyEditAction'], 'Reports' : ['userAccessReportAction'], - 'Tag Based Policies' : ['serviceManagerAction','serviceCreateAction','serviceEditAction', 'policyManageAction','RangerPolicyCreateAction','RangerPolicyEditAction']}, + 'Tag Based Policies' : ['serviceCreateAction','serviceEditAction', 'policyManageAction','RangerPolicyCreateAction','RangerPolicyEditAction']}, 'Audit' : ['auditReportAction','loginSessionDetail'], 'Encryption' : {'Key Manager' : ['kmsManagerAction','kmsKeyCreateAction'] }, 'Settings' : {'Users/Groups' : ['userManagerAction','userCreateAction','userEditAction','groupCreateAction','groupEditAction'], http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/0b258f8f/security-admin/src/main/webapp/scripts/utils/XAUtils.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/utils/XAUtils.js b/security-admin/src/main/webapp/scripts/utils/XAUtils.js index f258a95..d97cefc 100644 --- a/security-admin/src/main/webapp/scripts/utils/XAUtils.js +++ b/security-admin/src/main/webapp/scripts/utils/XAUtils.js @@ -1076,7 +1076,7 @@ define(function(require) { var denyControllerActions = [], denyModulesObj = []; var userModuleNames = _.pluck(vXPortalUser.get('userPermList'),'moduleName'); //TODO Temporary fix for tag based policies : need to come from server - userModuleNames.push('Tag Based Policies') +// userModuleNames.push('Tag Based Policies') //add by default permission module to admin user if (SessionMgr.isSystemAdmin()){ userModuleNames.push('Permissions') http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/0b258f8f/security-admin/src/main/webapp/templates/helpers/XAHelpers.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/templates/helpers/XAHelpers.js b/security-admin/src/main/webapp/templates/helpers/XAHelpers.js index 2b5effe..192bb06 100644 --- a/security-admin/src/main/webapp/templates/helpers/XAHelpers.js +++ b/security-admin/src/main/webapp/templates/helpers/XAHelpers.js @@ -534,7 +534,7 @@ return str.toUpperCase(); }); Handlebars.registerHelper('hasAccessToTab', function(tabName,options) { - if(tabName == 'Tag Based Policies') return options.fn(this); +// if(tabName == 'Tag Based Policies') return options.fn(this); var vxPortalUser = SessionMgr.getUserProfile(); var userModules = _.pluck(vxPortalUser.get('userPermList'), 'moduleName'); var groupModules = _.pluck(vxPortalUser.get('groupPermissions'), 'moduleName');
