> On June 29, 2020, 6:49 a.m., Sarath Subramanian wrote:
> > Consider introducing an optional query param in REST to pass - 
> > 'ignoreUnauthorized'. If this flag is set, the resultset should include 
> > only results of authorized entities.

Done


- chaitali


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72615/#review221087
-----------------------------------------------------------


On July 1, 2020, 9:39 a.m., chaitali wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/72615/
> -----------------------------------------------------------
> 
> (Updated July 1, 2020, 9:39 a.m.)
> 
> 
> Review request for atlas, Jayendra Parab, Nikhil Bonte, Nixon Rodrigues, and 
> Sarath Subramanian.
> 
> 
> Bugs: ATLAS-3855
>     https://issues.apache.org/jira/browse/ATLAS-3855
> 
> 
> Repository: atlas
> 
> 
> Description
> -------
> 
> API : /api/atlas/v2/entity/bulk/classification & v2/entity/bulk : if some 
> guids belong to entities on which user is unauthorized other guids belong to 
> entities on which user is authorized This APIs fail with 403 error without 
> returning the authorized entities.
> 
> 1.Unauthorized guids are filtered with this patch for both the APIs.
> 2.Added ignoreUnauthorisedGuids flag for /bulk/classification API as it 
> doesn't return any object
> 2.Also added unauthorized guids in return object of /bulk in response for 
> user's reference.
> 
> 
> Diffs
> -----
> 
>   
> repository/src/main/java/org/apache/atlas/repository/store/graph/AtlasEntityStore.java
>  7b9455ef3 
>   
> repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java
>  bf1629cb3 
>   
> repository/src/test/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2Test.java
>  b9cbef1b0 
>   webapp/src/main/java/org/apache/atlas/web/resources/EntityResource.java 
> 00b29e6c8 
>   webapp/src/main/java/org/apache/atlas/web/rest/EntityREST.java 88de8b679 
>   webapp/src/test/java/org/apache/atlas/web/adapters/TestEntitiesREST.java 
> 615bc0f1b 
> 
> 
> Diff: https://reviews.apache.org/r/72615/diff/5/
> 
> 
> Testing
> -------
> 
> Tested with ranger policies:
> For /bulk api following policy were applied:
> 1.Added hive_column entity as entity type.
> 2.Included admin as user and prohibited access for read entity all this under 
> deny policy.
> 
> For /bulk/classification following policy were applied:
> 1.Added hive_column entity as entity type.
> 2.Gave all the access to admin but kwpt hive_column entity type in excluded 
> state.
> 
> 
> Thanks,
> 
> chaitali
> 
>

Reply via email to