-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/70658/
-----------------------------------------------------------
(Updated May 21, 2019, 6:57 p.m.)
Review request for ranger, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj,
Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja Polavarapu, and
Velmurugan Periasamy.
Bugs: RANGER-2436
https://issues.apache.org/jira/browse/RANGER-2436
Repository: ranger
Description
-------
Include a custom-condition that checks if the current cluster-name matches one
of the condition values. This will enable setting up different authorization
policies depending on the cluster from which access was performed.
Diffs (updated)
-----
agents-common/src/main/java/org/apache/ranger/plugin/conditionevaluator/RangerAccessedFromClusterCondition.java
PRE-CREATION
agents-common/src/main/java/org/apache/ranger/plugin/conditionevaluator/RangerAccessedNotFromClusterCondition.java
PRE-CREATION
Diff: https://reviews.apache.org/r/70658/diff/3/
Changes: https://reviews.apache.org/r/70658/diff/2-3/
Testing
-------
1.Tested If cluster name condition is provided in policy/policyItem condition
then access is granted if that cluster name is given in policy condition while
setting up the policy.
2.If condition is specified with some cluster names and the cluster from which
access request is coming is not present in condition then access is denied.
3.Tested for hive plugin
Thanks,
Nikhil P
