[
https://issues.apache.org/jira/browse/RANGER-699?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15180417#comment-15180417
]
rangerqa commented on RANGER-699:
---------------------------------
{color:red}-1 overall{color}. Here are the results of testing the latest
attachment
http://issues.apache.org/jira/secure/attachment/12791504/RANGER-699.1.patch
against master revision 4577aff.
{color:green}+1 @author{color}. The patch does not contain any @author
tags.
{color:green}+1 tests included{color}. The patch appears to include 1 new
or modified test files.
{color:green}+1 javac{color}. The applied patch does not increase the
total number of javac compiler warnings.
{color:green}+1 javadoc{color}. There were no new javadoc warning messages.
+1 checkstyle. The patch generated 0 code style errors.
{color:green}+1 findbugs{color}. The patch does not introduce any new
Findbugs (version 2.0.3) warnings.
{color:green}+1 release audit{color}. The applied patch does not increase
the total number of release audit warnings.
{color:red}-1 core tests{color}. The test build failed in
Test results:
https://builds.apache.org/job/PreCommit-RANGER-Build/89//testReport/
Console output: https://builds.apache.org/job/PreCommit-RANGER-Build/89//console
This message is automatically generated.
> higher level policy API to hide complexity of policy update/create/delete
> -------------------------------------------------------------------------
>
> Key: RANGER-699
> URL: https://issues.apache.org/jira/browse/RANGER-699
> Project: Ranger
> Issue Type: Improvement
> Components: admin
> Affects Versions: 0.6.0
> Reporter: Edward Zhang
> Assignee: Abhay Kulkarni
> Fix For: 0.6.0
>
> Attachments: RANGER-699.1.patch, RANGER-699.2.patch
>
> Original Estimate: 720h
> Remaining Estimate: 720h
>
> Ranger has very good fine-grained policy API with which user can define
> access control rules for any resource. But sometimes it is not human being
> but third party tools may use Ranger policy API to temporarily block or
> unblock user. The third party tool just wants to simply tell Ranger that
> "please block/unblock this user from accessing resource A" and the third
> party tool is not able to analyze the complicated scenarios as follows:
> 1. The exactly same rule already exists for resource A
> 2. The current rules for resource A includes the new rule implicitly
> 3. There is no any rules for resource A
> If it's admin to operate the policy, admin can analyze policy semantics and
> will figure out it's to create a new policy or update an existing policy.
> To better support integration from third party tool, Ranger can provide a
> higher level API which accepts request like "block user access to one
> resource" and internally figure out what policy to create/update.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
