[jira] [Comment Edited] (RANGER-3815) PolicyItem supports validity period setting

Tue, 31 Oct 2023 23:06:04 -0700 


    [ 
https://issues.apache.org/jira/browse/RANGER-3815?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17781603#comment-17781603
 ] 

Madhan Neethiraj edited comment on RANGER-3815 at 11/1/23 6:05 AM:
-------------------------------------------------------------------

{noformat}
commit 213b4abe2147e58b3aa12d824519b1cd543f5c18 (HEAD -> master, origin/master, 
origin/HEAD)
Author: Madhan Neethiraj <[email protected]>
Date:   Fri Oct 27 18:23:00 2023 -0700

    RANGER-3815: added support for validity-period/access-time condition in 
policy-items
{noformat}
 * added support for following macros in condition expresion
 -- IS_ACCESS_TIME_AFTER
 -- IS_ACCESS_TIME_BEFORE
 -- IS_ACCESS_TIME_BETWEEN
 * this enables policy authors to specify the time period in which 
users/groups/roles should be granted/denied access
 * example: to grant access to user1 after '2024/01/01 09:00', add condition 
{code:java}
IS_ACCESS_TIME_AFTER('2024/01/01 09:00'){code}

 * example: to grant access to user1 until '2024/01/01 09:00', add condition 
{code:java}
IS_ACCESS_TIME_BEFORE('2024/01/01 09:00'){code}

 * example: to grant access to user1 from '2023/10/01 to 2024/01/01', add 
condition 
{code:java}
IS_ACCESS_TIME_BETWEEN('2023/10/01', '2024/01/01'){code}


was (Author: madhan.neethiraj):
{noformat}
commit 213b4abe2147e58b3aa12d824519b1cd543f5c18 (HEAD -> master, origin/master, 
origin/HEAD)
Author: Madhan Neethiraj <[email protected]>
Date:   Fri Oct 27 18:23:00 2023 -0700

    RANGER-3815: added support for validity-period/access-time condition in 
policy-items
{noformat}

> PolicyItem supports validity period setting
> -------------------------------------------
>
>                 Key: RANGER-3815
>                 URL: https://issues.apache.org/jira/browse/RANGER-3815
>             Project: Ranger
>          Issue Type: New Feature
>          Components: admin
>    Affects Versions: 1.2.0, 2.2.0
>            Reporter: Binhua Hu
>            Assignee: Madhan Neethiraj
>            Priority: Major
>             Fix For: 3.0.0
>
>         Attachments: RANGER-3815.patch, policyItem's  validity period.png
>
>
> Currently, Ranger only supports policy setting validity period.However, in 
> some scenarios,for the same resource, such as a table of HBase, we want to 
> set different users to have different access permissions within different 
> validity periods.As shown below,
> !policyItem's  validity period.png|width=1005,height=507!
> So I think it is necessary for policyitem to set the validity period 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to