-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72615/
-----------------------------------------------------------

(Updated July 7, 2020, 6:45 p.m.)


Review request for atlas, Jayendra Parab, Nikhil Bonte, Nixon Rodrigues, and 
Sarath Subramanian.


Bugs: ATLAS-3855
    https://issues.apache.org/jira/browse/ATLAS-3855


Repository: atlas


Description
-------

API : /api/atlas/v2/entity/bulk/classification & v2/entity/bulk : if some guids 
belong to entities on which user is unauthorized other guids belong to entities 
on which user is authorized This APIs fail with 403 error without returning the 
authorized entities.

1.Unauthorized guids are filtered with this patch for both the APIs.
2.Added ignoreUnauthorisedGuids flag for /bulk/classification API as it doesn't 
return any object
2.Also added unauthorized guids in return object of /bulk in response for 
user's reference.


Diffs (updated)
-----

  
repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java
 bf1629cb3 
  server-api/src/main/java/org/apache/atlas/RequestContext.java 282a66f1d 
  webapp/src/main/java/org/apache/atlas/web/filters/AuditFilter.java c663b00c9 


Diff: https://reviews.apache.org/r/72615/diff/9/

Changes: https://reviews.apache.org/r/72615/diff/8-9/


Testing
-------

Tested with ranger policies:
For /bulk api following policy were applied:
1.Added hive_column entity as entity type.
2.Included admin as user and prohibited access for read entity all this under 
deny policy.

For /bulk/classification following policy were applied:
1.Added hive_column entity as entity type.
2.Gave all the access to admin but kwpt hive_column entity type in excluded 
state.


Thanks,

chaitali

Reply via email to