Re: Review Request 75213: RANGER-4937: Enhance GDS resources API to support creation of datashare add resources and add to dataset as an option

Fri, 04 Oct 2024 00:18:41 -0700 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/75213/#review226963
-----------------------------------------------------------




security-admin/src/main/java/org/apache/ranger/rest/GdsREST.java
Line 1079 (original), 1089 (patched)
<https://reviews.apache.org/r/75213/#comment315253>

    Given the purpose of the updated API is to add resources to a dataset, I 
suggest to introduce a new API that takes datasetId and serviceName in path 
parameters - as given below:
    
    @POST
    @Path("/dataset/{id}/resources/{serviceName}")
    @Consumes({ "application/json" })
    @Produces({ "application/json" })
    @PreAuthorize("@rangerPreAuthSecurityHandler.isAPIAccessible(\"" + 
RangerAPIList.ADD_SHARED_RESOURCES + "\")")
    public List<RangerSharedResource> addDatasetResources(@PathParam("id") Long 
datasetId,
                                                          
@PathParam("serviceName") String serviceName,
                                                          
@QueryParam("zoneName") @DefaultValue("") String zoneName,
                                                          
List<RangerSharedResource> resources) {
      Long   serviceId     = getServiceId(serviceName);
      Long   zoneId        = getZoneId(zoneName);
      
      // validate serviceId and zoneId
    
      String dataShareName = "__dataset_" + datasetId + "__service_" + 
serviceId + "__zone_" + zoneId;
      
      Long dataShareId = getOrCreateDataShare(dataShareName);
      
      resources.forEach(resource -> resource.setDataShareId(dataShareId));
      
      return addSharedResources(resources);
    }


- Madhan Neethiraj


On Sept. 30, 2024, 3:59 a.m., Ramesh Mani wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/75213/
> -----------------------------------------------------------
> 
> (Updated Sept. 30, 2024, 3:59 a.m.)
> 
> 
> Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, and Radhika 
> Kundam.
> 
> 
> Bugs: RANGER-4937
>     https://issues.apache.org/jira/browse/RANGER-4937
> 
> 
> Repository: ranger
> 
> 
> Description
> -------
> 
> RANGER-4937: Enhance GDS resources API to support creation of datashare add 
> resources and add to dataset as an option
> 
> 
> Diffs
> -----
> 
>   security-admin/src/main/java/org/apache/ranger/rest/GdsREST.java 0b3d91001 
> 
> 
> Diff: https://reviews.apache.org/r/75213/diff/2/
> 
> 
> Testing
> -------
> 
> Enhance GDS resources API to support creation of datashare, add resources and 
> add to dataset as an option
> 
> - add a resource to a dataset using existing API "POST service/gds/resource", 
> with following enhancements:
> - receive optional parameters "serviceName" and "datasetId"
> -  when dataShareId=-1 in the payload, this API should do the following:
>        if a data share named "_dataset<datasetId>service<svcId>" does not 
> exist, create it, associate it with the dataset with status=ACTIVE
> add the given resource/resources to this datashare
>        This would be useful to integrate external service which would use the 
> GDS functionality to create DataShare in ranger with resources
>  
>  Testing done with local vm:
>   - Create a DataSet with "POST service/gds/dataset".
>   - Call the enhanced API  "POST service/gds/resources" as following.
>   
>   curl  -ikv -u <user:password> -X POST  -H "Content-Type: application/json" 
> 'http://localhost:6080/service/gds/resources?serviceName=cm_hive&id=26' 
> --data '[ { "createdBy": "Admin", "isEnabled": "true", "version": 1, 
> "dataShareId":"-1", "resource":{ "database":{ "values":["test_db"] }, 
> "table":{ "values":["sal1","sal2","sal4"] }, "column": { "values": [ "id" ], 
> "isExcludes": false, "isRecursive": false } }, "name":"test-resource-17", 
> "accessTypes":["all"] }, { "createdBy": "Admin", "isEnabled": "true", 
> "version": 1, "dataShareId":"-1", "resource":{ "database":{ 
> "values":["default"] }, "table":{ 
> "values":["sal2","emp","tb_1","sal1","sal3","tb_2"] }, "column": { "values": 
> [ "*" ], "isExcludes": false, "isRecursive": false } }, 
> "name":"test-resource-18", "accessTypes":["all"] } ]'
>   
>    curl  -ikv -u admin:Admin123 -X POST  -H "Content-Type: application/json" 
> 'http://localhost:6080/service/gds/resources' --data '[ { "createdBy": 
> "Admin", "isEnabled": "true", "version": 1, "dataShareId":"29", "resource":{ 
> "database":{ "values":["test_db"] }, "table":{ 
> "values":["sal1","sal2","sal4"] }, "column": { "values": [ "id" ], 
> "isExcludes": false, "isRecursive": false } }, "name":"test-resource-17", 
> "accessTypes":["all"] }, { "createdBy": "Admin", "isEnabled": "true", 
> "version": 1, "dataShareId":"29", "resource":{ "database":{ 
> "values":["default"] }, "table":{ 
> "values":["sal2","emp","tb_1","sal1","sal3","tb_2"] }, "column": { "values": 
> [ "*" ], "isExcludes": false, "isRecursive": false } }, 
> "name":"test-resource-18", "accessTypes":["all"] } ]'
> 
> 
> Thanks,
> 
> Ramesh Mani
> 
>

Reply via email to