Re: Review Request 58658: RANGER-1513:Add Support for S3 authorization in Ranger Hive Plugin

Sun, 30 Apr 2017 13:26:13 -0700 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58658/#review173456
-----------------------------------------------------------




agents-common/src/main/resources/service-defs/ranger-servicedef-hive.json
Line 143 (original), 162 (patched)
<https://reviews.apache.org/r/58658/#comment246436>

    It might be good to add the new access-types, read/write, be added in 
impliedGrants of "all". Please review.



hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
Lines 1415 (patched)
<https://reviews.apache.org/r/58658/#comment246435>

    Would current URI access checks (for hdfs://, file://), that are performed 
by FileSystem, be done using Ranger Hive policies after this patch?
    
    If yes, new Ranger Hive policies would have to be added to allow URL 
access; else it might break existing deployments. Please review.
    
    One option to consider is to fallback on FileSystem access check when there 
is no Ranger Hive policy to grant the necessary access.


- Madhan Neethiraj


On April 30, 2017, 9:37 a.m., Ramesh Mani wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58658/
> -----------------------------------------------------------
> 
> (Updated April 30, 2017, 9:37 a.m.)
> 
> 
> Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, and Velmurugan 
> Periasamy.
> 
> 
> Bugs: RANGER-1513
>     https://issues.apache.org/jira/browse/RANGER-1513
> 
> 
> Repository: ranger
> 
> 
> Description
> -------
> 
> RANGER-1513:Add Support for S3 authorization in Ranger Hive Plugin
> 
> 
> Diffs
> -----
> 
>   agents-common/src/main/resources/service-defs/ranger-servicedef-hive.json 
> b254d20 
>   
> hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
>  2baa97b 
>   
> hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveResource.java
>  09ecd1e 
>   
> hive-agent/src/test/java/org/apache/ranger/services/hive/HIVERangerAuthorizerTest.java
>  57b4eef 
>   hive-agent/src/test/resources/hive-policies.json 2b568dc 
>   
> security-admin/src/main/java/org/apache/ranger/patch/PatchForHiveServiceDefUpdate_J10006.java
>  7d6a23d 
> 
> 
> Diff: https://reviews.apache.org/r/58658/diff/2/
> 
> 
> Testing
> -------
> 
> Test in local VM
> 
> 
> Thanks,
> 
> Ramesh Mani
> 
>

Reply via email to