Re: Review Request 74404: RANGER-4165:API to find whether a user/group is authorized to the given operation on any resource of give type

Ramesh Mani Fri, 05 May 2023 08:52:23 -0700

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74404/
-----------------------------------------------------------


(Updated May 5, 2023, 3:51 p.m.)


Review request for ranger, Abhay Kulkarni and Madhan Neethiraj.


Changes
-------

Testing descriptiosn changed


Bugs: RANGER-4165
    https://issues.apache.org/jira/browse/RANGER-4165


Repository: ranger


Description
-------

RANGER-4165:API to find whether a user/group is authorized to the given 
operation on any resource of give type


Diffs
-----

  
agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerTagEnricher.java
 e0a86c398 
  
agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerSecurityZoneValidator.java
 ca899979a 
  
agents-common/src/main/java/org/apache/ranger/plugin/policyengine/PolicyEngine.java
 3864f30d2 
  
agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java
 e75bb722c 
  
agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyRepository.java
 b5b26702c 
  
agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerResourceTrie.java
 f89d51e35 
  
agents-common/src/main/java/org/apache/ranger/plugin/resourcematcher/RangerAbstractResourceMatcher.java
 032d4487c 
  
agents-common/src/main/java/org/apache/ranger/plugin/resourcematcher/RangerDefaultResourceMatcher.java
 c421388e7 
  
agents-common/src/main/java/org/apache/ranger/plugin/resourcematcher/ResourceMatcher.java
 5df4f1e3a 
  
agents-common/src/main/java/org/apache/ranger/plugin/util/RangerAccessRequestUtil.java
 b505f495b 
  
agents-common/src/main/java/org/apache/ranger/plugin/util/RangerResourceEvaluatorsRetriever.java
 e60fe055b 
  
agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngine.java
 b2a5151e5 
  agents-common/src/test/resources/policyengine/test_policyengine_kafka.json 
PRE-CREATION 
  
agents-common/src/test/resources/resourcematcher/test_resourcematcher_default.json
 779f57a0b 
  security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyAdminImpl.java 
97a384f30 


Diff: https://reviews.apache.org/r/74404/diff/1/


Testing (updated)
-------

- Testing done with TestCase.
    -- Request has to set the resource as "_any_<resourceType>" and add a 
request context "RESOURCE_TYPE" = "<resourceType>".
          example: resource => "_any_topic",  context => "topic" , operation => 
consume, user => "user1"
    -- Policy maintained => user1 will have access to consume on several 
topics, this call should result in "ALLOWED".
    
-- Testing done with new tests in 
agents-common/src/test/resources/policyengine/test_policyengine_kafka.json

-- Ran all the PolicyEngine and plugin tests.


Thanks,

Ramesh Mani

Re: Review Request 74404: RANGER-4165:API to find whether a user/group is authorized to the given operation on any resource of give type

Reply via email to