mneethiraj commented on code in PR #866:
URL: https://github.com/apache/ranger/pull/866#discussion_r2880335763
##########
agents-common/src/main/resources/service-defs/ranger-servicedef-polaris.json:
##########
@@ -211,47 +156,14 @@
"principal-properties-read",
"principal-properties-write",
"principal-metadata-full",
- "principal-grants-list",
- "principal-grants-manage",
- "principal-grants-for-grantee-manage",
- "principal-credentials-reset",
- "principal-role-create",
- "principal-role-drop",
- "principal-role-list",
- "principal-role-grants-list",
- "principal-role-grants-manage",
- "principal-role-properties-read",
- "principal-role-properties-write",
- "principal-role-metadata-full",
- "principal-role-grants-for-grantee-manage"
+ "principal-credentials-reset"
]
},
- { "itemId": 2, "name": "catalog-create", "label": "Catalog Create",
"category": "CREATE", "impliedGrants": [ "catalog-list" ] },
- { "itemId": 3, "name": "catalog-drop", "label": "Catalog Drop",
"category": "DELETE" },
- { "itemId": 4, "name": "catalog-list", "label": "Catalog List",
"category": "READ" },
- { "itemId": 5, "name": "catalog-access-manage", "label": "Catalog Manage
Access", "category": "MANAGE",
- "impliedGrants": [
- "catalog-grants-list",
- "catalog-grants-manage",
- "catalog-role-create",
- "catalog-role-drop",
- "catalog-role-list",
- "catalog-role-properties-read",
- "catalog-role-properties-write",
- "catalog-role-metadata-full",
- "catalog-role-grants-list",
- "catalog-role-grants-manage",
- "catalog-role-grants-for-grantee-manage",
- "namespace-grants-list",
- "namespace-grants-manage",
- "table-grants-list",
- "table-grants-manage",
- "view-grants-list",
- "view-grants-manage",
- "policy-grants-manage"
- ]
- },
- { "itemId": 6, "name": "catalog-content-manage", "label": "Catalog Manage
Content", "category": "MANAGE",
+
+ { "itemId": 2, "name": "catalog-create", "label": "Catalog
Create", "category": "CREATE", "impliedGrants": [ "catalog-list" ] },
+ { "itemId": 3, "name": "catalog-drop", "label": "Catalog Drop",
"category": "DELETE" },
+ { "itemId": 4, "name": "catalog-list", "label": "Catalog List",
"category": "READ" },
+ { "itemId": 5, "name": "catalog-content-manage", "label": "Catalog Manage
Content", "category": "MANAGE",
Review Comment:
All grant related permissions are tied to PRINCIPAL_ROLE and CATALOG_ROLE
resources. Hence these permissions are also removed here.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
