----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74404/ -----------------------------------------------------------
(Updated May 5, 2023, 3:51 p.m.) Review request for ranger, Abhay Kulkarni and Madhan Neethiraj. Changes ------- Testing descriptiosn changed Bugs: RANGER-4165 https://issues.apache.org/jira/browse/RANGER-4165 Repository: ranger Description ------- RANGER-4165:API to find whether a user/group is authorized to the given operation on any resource of give type Diffs ----- agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerTagEnricher.java e0a86c398 agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerSecurityZoneValidator.java ca899979a agents-common/src/main/java/org/apache/ranger/plugin/policyengine/PolicyEngine.java 3864f30d2 agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java e75bb722c agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyRepository.java b5b26702c agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerResourceTrie.java f89d51e35 agents-common/src/main/java/org/apache/ranger/plugin/resourcematcher/RangerAbstractResourceMatcher.java 032d4487c agents-common/src/main/java/org/apache/ranger/plugin/resourcematcher/RangerDefaultResourceMatcher.java c421388e7 agents-common/src/main/java/org/apache/ranger/plugin/resourcematcher/ResourceMatcher.java 5df4f1e3a agents-common/src/main/java/org/apache/ranger/plugin/util/RangerAccessRequestUtil.java b505f495b agents-common/src/main/java/org/apache/ranger/plugin/util/RangerResourceEvaluatorsRetriever.java e60fe055b agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngine.java b2a5151e5 agents-common/src/test/resources/policyengine/test_policyengine_kafka.json PRE-CREATION agents-common/src/test/resources/resourcematcher/test_resourcematcher_default.json 779f57a0b security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyAdminImpl.java 97a384f30 Diff: https://reviews.apache.org/r/74404/diff/1/ Testing (updated) ------- - Testing done with TestCase. -- Request has to set the resource as "_any_<resourceType>" and add a request context "RESOURCE_TYPE" = "<resourceType>". example: resource => "_any_topic", context => "topic" , operation => consume, user => "user1" -- Policy maintained => user1 will have access to consume on several topics, this call should result in "ALLOWED". -- Testing done with new tests in agents-common/src/test/resources/policyengine/test_policyengine_kafka.json -- Ran all the PolicyEngine and plugin tests. Thanks, Ramesh Mani