Re: Review Request 32552: Filter Hive database and table listing based on permissions

Mon, 30 Mar 2015 20:54:58 -0700 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/32552/
-----------------------------------------------------------

(Updated March 30, 2015, 7:57 p.m.)


Review request for ranger.


Changes
-------

Addressed rework comments.
1. This change will require not-yet-committed fix from Abhay related to audit 
flag in case of head match.  Note that testing was done by local application of 
patch from Abhay.  However, that patch is not included here.
2. This patch has not be rebased to current head.  When review is done I will 
provide a **new consoldiated** patch that is rebased to head.

**Testing done for hive audit refactoring**
1. Single policy for all columns: 1 audit
2. Multiple policies for columns with a few for multiple columns: multiple 
audits correspoding to number of policies.
3. Access denied due to 1st column when 2 other policies allowed: single denied 
audit logged.
4. Same as above except denial was for middle and last columns.


Bugs: RANGER-238
    https://issues.apache.org/jira/browse/RANGER-238


Repository: ranger


Description
-------

Filter Hive database and table listing based on permissions

Some additional changes submitted as part of the above
- Fixed a problem with "any" access logic.  New tests were added to validate 
this functionality.
- Removed explicit groupid of child projects.
- Removed redefinition depedencies version if specified in parent pom.
- Added generated code directory to .gitignore.


Diffs (updated)
-----

  
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java
 d5332b2 
  
agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngine.java
 b4175e2 
  agents-common/src/test/resources/policyengine/test_policyengine_hive.json 
2ac90ae 
  
hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuditHandler.java
 7110861 
  
hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
 72e6652 

Diff: https://reviews.apache.org/r/32552/diff/


Testing
-------

System tests to follow in another patch.


Thanks,

Alok Lal

Reply via email to