-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74744/
-----------------------------------------------------------
(Updated Nov. 29, 2023, 3:51 p.m.)
Review request for ranger, Anand Nadar, Ankita Sinha, Madhan Neethiraj, Monika
Kachhadiya, Prashant Satam, and Siddhesh Phatak.
Changes
-------
Addressed review comment.
Bugs: RANGER-4535
https://issues.apache.org/jira/browse/RANGER-4535
Repository: ranger
Description
-------
When the GET dataset /gds/dataset API is called, gdsPermission=LIST is passed
in query-param, available ACLs are not returned in the dataset.
It will be helpful to know, if the current dataset is accessible to public
group, in case gdsPermission=LIST is passed in query-param (which can be
eventually used by the depending applications). We can add the the ACL, in the
returned dataset (if available):
"groups": { "public": "LIST" }
Diffs (updated)
-----
security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java 589fcdd68
Diff: https://reviews.apache.org/r/74744/diff/3/
Changes: https://reviews.apache.org/r/74744/diff/2-3/
Testing (updated)
-------
Following cases are validated (tested with GET /gds/dataset API):
1. All the datasets where public : LIST access is given, are returned in
response (with gdsPermission=LIST passed in query-param).
2. When the API is called by ranger admin user, all the datasets are returned
and only permission for public group is returned in the ACL (no other
permissions are added in the ACL, even if the user has them in the dataset).
Thanks,
Subhrat Chaudhary
