[ https://issues.apache.org/jira/browse/ATLAS-3950?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17204465#comment-17204465 ]
ASF subversion and git services commented on ATLAS-3950: -------------------------------------------------------- Commit d4a50aadfc2e7076d8e5281f9be60fad4c5c232d in atlas's branch refs/heads/master from chaitali borole [ https://gitbox.apache.org/repos/asf?p=atlas.git;h=d4a50aa ] ATLAS-3950 : Authorize for Read Type for Classification, Business metadata , Entity typesdef attributes. Signed-off-by: nixonrodrigues <ni...@apache.org> > Read Type Auth : Classification, Business metadata , Entity types are able to > have attributes of type which are not permissible to read > --------------------------------------------------------------------------------------------------------------------------------------- > > Key: ATLAS-3950 > URL: https://issues.apache.org/jira/browse/ATLAS-3950 > Project: Atlas > Issue Type: Improvement > Affects Versions: 3.0.0 > Reporter: chaitali borole > Assignee: chaitali borole > Priority: Major > Fix For: 3.0.0 > > > Steps to reproduce :- > hrt_qa has : > CRUD permissions on hive_table type > CRUD permissions on all business_metadata type. > hrt_qa creates a business metadata bm1 > hrt_qa is able to create an attribute for bm1 - say attrib1 which allows > Applicable types to be anything. UI displays only hive_table but through REST > , hrt_qa is able to add any type as Applicable type. > > Same for classifications : > hrt_qa has CRUD permissions on all classification types but read only for > hive_table entity type. > Through REST , hrt_qa is able to add all types as entityTypes. > Example REST call where allowed entity types are hive_table and hdfs_path : > > {code:java} > /api/atlas/v2/types/typedefs?type=classification > { "classificationDefs":[ > { "name":"PII", "description":"PII", "superTypes":[ ], "attributeDefs":[ ], > "entityTypes":[ "hdfs_path", "hive_table" ], "category":"CLASSIFICATION", > "guid":"123456789" } > ], "entityDefs":[ > ], "enumDefs":[ > ], "structDefs":[ > ] > } > > {code} > > Call succeeds with 200 Ok. > > For Entity type: > Updating hive_table entity typedef with a new attribute of type hdfs_path is > allowed. > > Expected is , in all 3 cases of business metadata , classification and > entity, response to be authorization denied because hdfs_path type provided. -- This message was sent by Atlassian Jira (v8.3.4#803005)