[
https://issues.apache.org/jira/browse/RANGER-2909?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Nityananda Gohain updated RANGER-2909:
--------------------------------------
Description:
We were using Ranger 2.0.0 with Atlas which was working perfectly fine, but we
wanted authorisation for `entity-labels` and `entity-business-metadata` that
comes with new version of Atlas i.e Atlas 2.0.0.
# We tried building ranger from the master branch, but authorisation for roles
which were attached to policies was not working (authorisation for users and
groups attached to policies was working)
# Since the above didn’t work we tried building ranger from the specific
commit where the patch to support authorisation for labels and
business-metadata was added
[https://github.com/apache/ranger/commit/3b49c2f9fb77d76154911b7dd61f2382d0b56bfb]
, the same problem appeared here i.e authorisation for roles attached to
policies was not working
# Finally, we added the patches to Ranger 2.0.0
## Applied the patches
[https://github.com/atlanhq/ranger/commit/a252ecf4b1006cc78e1c48cc3bacc518401b4825]
,
[https://github.com/atlanhq/ranger/commit/a7024c23bf6f54e39dfb3b31f6186ebd21977f93]
## After building and running ranger I had to manually delete the entry from
`x_db_version_h` table i.e `J10034` and then restart ranger to apply the patch
by running `db_setup.py`. Even after applying the patch, the changes are not
reflected. i.e(No option for `entity-label` and `entity-business-metadata`
What will be the best way to move forward to support authorisation for `labels`
and `business-metadata` where authorisation policies work with roles.
was:
We were using Ranger 2.0.0 with Atlas which was working perfectly fine, but we
wanted authorisation for `entity-labels` and `entity-business-metadata` that
comes with new version of Atlas i.e Atlas 2.0.0.
# We tried building ranger from the master branch, but authorisation for roles
which were attached to policies was not working (authorisation for users and
groups attached to policies was working)
# Since the above didn’t work we tried building ranger from the specific
commit where the patch to support authorisation for labels and
business-metadata was added
[https://github.com/apache/ranger/commit/3b49c2f9fb77d76154911b7dd61f2382d0b56bfb]
, the same problem appeared here i.e authorisation for roles attached to
policies was not working
# Finally, we added the patches to Ranger 2.0.0
## Applied the patches
[https://github.com/atlanhq/ranger/commit/a252ecf4b1006cc78e1c48cc3bacc518401b4825]
,
[https://github.com/atlanhq/ranger/commit/a7024c23bf6f54e39dfb3b31f6186ebd21977f93]
## After building and running ranger I had to manually delete the entry from
`x_db_version_h` table i.e `J10034` and then restart ranger to apply the patch.
Even after applying the patch, the changes are not reflected. i.e(No option for
`entity-label` and `entity-business-metadata`
What will be the best way to move forward to support authorisation for `labels`
and `business-metadata` where authorisation policies work with roles.
> Authorization support for atlas `entity-label` and `entity-business metadata`
> -----------------------------------------------------------------------------
>
> Key: RANGER-2909
> URL: https://issues.apache.org/jira/browse/RANGER-2909
> Project: Ranger
> Issue Type: Bug
> Components: Ranger
> Affects Versions: ranger-2.0
> Reporter: Nityananda Gohain
> Priority: Major
>
> We were using Ranger 2.0.0 with Atlas which was working perfectly fine, but
> we wanted authorisation for `entity-labels` and `entity-business-metadata`
> that comes with new version of Atlas i.e Atlas 2.0.0.
> # We tried building ranger from the master branch, but authorisation for
> roles which were attached to policies was not working (authorisation for
> users and groups attached to policies was working)
> # Since the above didn’t work we tried building ranger from the specific
> commit where the patch to support authorisation for labels and
> business-metadata was added
> [https://github.com/apache/ranger/commit/3b49c2f9fb77d76154911b7dd61f2382d0b56bfb]
> , the same problem appeared here i.e authorisation for roles attached to
> policies was not working
> # Finally, we added the patches to Ranger 2.0.0
> ## Applied the patches
> [https://github.com/atlanhq/ranger/commit/a252ecf4b1006cc78e1c48cc3bacc518401b4825]
> ,
> [https://github.com/atlanhq/ranger/commit/a7024c23bf6f54e39dfb3b31f6186ebd21977f93]
> ## After building and running ranger I had to manually delete the entry from
> `x_db_version_h` table i.e `J10034` and then restart ranger to apply the
> patch by running `db_setup.py`. Even after applying the patch, the changes
> are not reflected. i.e(No option for `entity-label` and
> `entity-business-metadata`
> What will be the best way to move forward to support authorisation for
> `labels` and `business-metadata` where authorisation policies work with roles.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
