[
https://issues.apache.org/jira/browse/RANGER-5367?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Madhan Neethiraj reassigned RANGER-5367:
----------------------------------------
Assignee: Madhan Neethiraj
> simplify resourceName parsing
> -----------------------------
>
> Key: RANGER-5367
> URL: https://issues.apache.org/jira/browse/RANGER-5367
> Project: Ranger
> Issue Type: Sub-task
> Components: pdp
> Reporter: Madhan Neethiraj
> Assignee: Madhan Neethiraj
> Priority: Major
>
> Authz APIs introduced in RANGER-5309 support name of the accessed resource to
> be provided as a string, instead of a map used in plugin APIs. For example:
> * a column:
> ** Authz APIs: {{column:db1.tbl1.col1}}
> ** plugin APIs: {{{ "database": "db1", "table": "tbl1", "column": "col1" }}}
> * an ozone key:
> ** Authz APIs: {{key:vol1.bucket1/p1/p2/file.txt}}
> ** plugin APIs: {{{ "volume": "vol1", "bucket": "bucket1", "key":
> "p1/p2/file.txt" }}}
> The string format is easier to read than the map format, and will result in
> smaller payloads as well. However, the parsing introduced in RANGER-5309
> supported more complex constructs like: prefix, suffix, different separators
> between resources. These are unnecessary, given the need is to capture
> hierarchy of resources. Hence, I propose to simplify the resource name format
> to:
> * remove support for prefix and suffix in resource names
> ** {{key:ofs://vol1/bucket1/p1/p2/file.txt}} will not be supported; this
> resource should be specified as {{key:vol1/bucket1/p1/p2/file.txt}}
> * use only "/" as the separator, with option to escape using backslash (\)
> ** {{relativepath:container1@account1/p1/p2/file.txt}} will not be
> supported; this resource should be specified as
> {{relativepath:account1/container/p1/p2/file.txt}}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
