Review Request 74825: RANGER-4638:Multiple Columns Revoke not generating policies with correct number of columns

[Ramesh Mani]

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74825/
-----------------------------------------------------------

Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, 
Pradeep Agrawal, Selvamohan Neethiraj, Sailaja Polavarapu, and Velmurugan 
Periasamy.


Bugs: RANGER-4638
    https://issues.apache.org/jira/browse/RANGER-4638


Repository: ranger


Description
-------

RANGER-4638:Multiple Columns Revoke not generating policies with correct number 
of columns


Diffs
-----

  
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java
 7fe2a2eb3 
  
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerPolicyEvaluator.java
 0a14b387a 
  
agents-common/src/main/java/org/apache/ranger/plugin/policyresourcematcher/RangerDefaultPolicyResourceMatcher.java
 f16157ce6 
  
agents-common/src/main/java/org/apache/ranger/plugin/policyresourcematcher/RangerPolicyResourceMatcher.java
 e1cd89b70 
  
agents-common/src/main/java/org/apache/ranger/plugin/resourcematcher/RangerAbstractResourceMatcher.java
 5eee8d11a 
  
agents-common/src/main/java/org/apache/ranger/plugin/resourcematcher/RangerResourceMatcher.java
 ec22e01bf 
  
agents-common/src/test/java/org/apache/ranger/plugin/resourcematcher/TestDefaultPolicyResourceisCompleteOrSomeMatchMatcher.java
 PRE-CREATION 
  
agents-common/src/test/resources/resourcematcher/test_defaultpolicyresource_isCompleteOrSomeMatch_matcher.json
 PRE-CREATION 
  security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyAdmin.java 
15a1e7118 
  security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyAdminImpl.java 
84ee31ba2 
  security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 
cc9df27d6 
  security-admin/src/main/java/org/apache/ranger/rest/ServiceRESTUtil.java 
60e34c0c7 
  security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java 
a630e575b 


Diff: https://reviews.apache.org/r/74825/diff/1/


Testing
-------

Impala / Hive beeline.

1) "grant select(col1, col2, col3)  on table demo.test  to role Role1"  => 
Create a Grant Policy for the given resource in Hadoop Sql
   

2) "grant select(col1, col2, col3, col4)  on table demo.test  to role Role1"  
=> updates the policy created in #1 with new col4 resource

     if  "revoke select(col1, col2, col3, col4) on table demo.test from role 
Role1" is done => Since all the columns are revoked for Select, we delete the 
policy created in #1
     if  "revoke select(col1, col2, col3) on table demo.test from role Role1" 
is done => policy created in #1 will be updated to remove col1,col2,col3 from 
the policy to revoke the access.

HBASE shell

grant 'nifi', 'RWXCA', 'test'  => create policy with 'RWXCA' access for user 
nifi on table 'test'.


revoke 'nifi', 'test' => revoke access for user "nifi" on hbase table 'test'. 
Here policy will be removed.


Thanks,

Ramesh Mani