----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74270/#review225066 -----------------------------------------------------------
security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefServiceBase.java Lines 135 (patched) <https://reviews.apache.org/r/74270/#comment313872> Is this for backward compatibility? Has it been tested? security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefServiceBase.java Lines 154 (patched) <https://reviews.apache.org/r/74270/#comment313871> This function adds all marker access-types to the "native" access-types defined for a service-definition. How does this work for tag policies (during authoring as well as rendering) in the GUI as well as when evaluating tag policies? Also, it may be useful to include unit test(s) that verify the feature. - Abhay Kulkarni On Jan. 4, 2023, 9:03 a.m., Madhan Neethiraj wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/74270/ > ----------------------------------------------------------- > > (Updated Jan. 4, 2023, 9:03 a.m.) > > > Review request for ranger, Ankita Sinha, Kishor Gollapalliwar, Abhay > Kulkarni, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, Sailaja Polavarapu, > Subhrat Chaudhary, and Velmurugan Periasamy. > > > Bugs: RANGER-4035 > https://issues.apache.org/jira/browse/RANGER-4035 > > > Repository: ranger > > > Description > ------- > > - added category field to AccessTypeDef, which can be set to one of the > following: CREATE/READ/UPDATE/DELETE/MANAGE > - updated to include access-typedef _ALL in each service-def, with all other > access-types as impliedGrants > - updated to include following access-typedefs in each service-def, each > including access-types having corresponding category > -- _CREATE > -- _READ > -- _UPDATE > -- _DELETE > -- _MANAGE > > > Diffs > ----- > > > agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java > 05dde4edf > > agents-common/src/main/java/org/apache/ranger/plugin/util/ServiceDefUtil.java > fe1cf9244 > security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java > 6cc3509d8 > security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java > 6b9604817 > > security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefServiceBase.java > 656bc0184 > > > Diff: https://reviews.apache.org/r/74270/diff/1/ > > > Testing > ------- > > - verified that policy UI renders built-in marker types added in service-def > - _ALL, _CREATE, _READ, _UPDATE, _DELETE, _MANAGE > - verified that plugin enforce built-in marker access-types referenced in > policies > > > Thanks, > > Madhan Neethiraj > >
