-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72615/#review221150
-----------------------------------------------------------


Ship it!




Ship It!

- Madhan Neethiraj


On July 7, 2020, 6:45 p.m., chaitali wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/72615/
> -----------------------------------------------------------
> 
> (Updated July 7, 2020, 6:45 p.m.)
> 
> 
> Review request for atlas, Jayendra Parab, Nikhil Bonte, Nixon Rodrigues, and 
> Sarath Subramanian.
> 
> 
> Bugs: ATLAS-3855
>     https://issues.apache.org/jira/browse/ATLAS-3855
> 
> 
> Repository: atlas
> 
> 
> Description
> -------
> 
> API : /api/atlas/v2/entity/bulk/classification & v2/entity/bulk : if some 
> guids belong to entities on which user is unauthorized other guids belong to 
> entities on which user is authorized This APIs fail with 403 error without 
> returning the authorized entities.
> 
> 1.Unauthorized guids are filtered with this patch for both the APIs.
> 2.Added ignoreUnauthorisedGuids flag for /bulk/classification API as it 
> doesn't return any object
> 2.Also added unauthorized guids in return object of /bulk in response for 
> user's reference.
> 
> 
> Diffs
> -----
> 
>   
> repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java
>  bf1629cb3 
>   server-api/src/main/java/org/apache/atlas/RequestContext.java 282a66f1d 
>   webapp/src/main/java/org/apache/atlas/web/filters/AuditFilter.java 
> c663b00c9 
> 
> 
> Diff: https://reviews.apache.org/r/72615/diff/9/
> 
> 
> Testing
> -------
> 
> Tested with ranger policies:
> For /bulk api following policy were applied:
> 1.Added hive_column entity as entity type.
> 2.Included admin as user and prohibited access for read entity all this under 
> deny policy.
> 
> For /bulk/classification following policy were applied:
> 1.Added hive_column entity as entity type.
> 2.Gave all the access to admin but kwpt hive_column entity type in excluded 
> state.
> 
> 
> Thanks,
> 
> chaitali
> 
>

Reply via email to