Review Request 45669: RANGER-908: Ranger policy model updated to support row-filtering

Mon, 04 Apr 2016 00:45:12 -0700 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/45669/
-----------------------------------------------------------

Review request for ranger, Alok Lal, Don Bosco Durai, Gautam Borad, Abhay 
Kulkarni, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, 
Sailaja Polavarapu, and Velmurugan Periasamy.


Bugs: RANGER-908
    https://issues.apache.org/jira/browse/RANGER-908


Repository: ranger


Description
-------

Following updates were made to Ranger policy model to support row-filtering:
 - added new type of policy: POLICY_TYPE_ROWFILTER (2)
 - added RangerServiceDef.rowFilterDef, to capture details of the accessTypes, 
resources supported in rowFilter policies
 - added RangerPolicy.rowFilterPolicyItems, to capture details of the filter 
expression to apply for a given user/group/custom conditions
 - added RangerPolicyEngine.evalRowFilterPolicies(), to evaluate row-filter 
policies & return the filter-expression to apply
 - updated ServiceDBStore and other related objects to persist new fields in 
the database


Diffs
-----

  agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java 
f022707 
  
agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java
 1dac6e8 
  
agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerServiceDefHelper.java
 101d911 
  
agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngine.java
 d19e3d0 
  
agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java
 51cab80 
  
agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyRepository.java
 b1463bc 
  
agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerRowFilterResult.java
 PRE-CREATION 
  
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDataMaskPolicyItemEvaluator.java
 62d624c 
  
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultDataMaskPolicyItemEvaluator.java
 4583de9 
  
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java
 b87891f 
  
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultRowFilterPolicyItemEvaluator.java
 PRE-CREATION 
  
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerPolicyEvaluator.java
 1010727 
  
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerPolicyItemEvaluator.java
 3c4b926 
  
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerRowFilterPolicyItemEvaluator.java
 PRE-CREATION 
  
agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractPredicateUtil.java
 b154115 
  agents-common/src/main/java/org/apache/ranger/plugin/util/ServiceDefUtil.java 
34f4cc6 
  
agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngine.java
 05cbcde 
  
agents-common/src/test/resources/policyengine/test_policyengine_hive_mask_filter.json
 PRE-CREATION 
  
agents-common/src/test/resources/policyengine/test_policyengine_hive_masking.json
 b0e4557 
  security-admin/db/mysql/patches/020-datamask-policy.sql 8a612b3 
  security-admin/db/postgres/patches/020-datamask-policy.sql d000822 
  security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java 
89daaea 
  security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 
c4a823c 
  security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java e9c8394 
  security-admin/src/main/java/org/apache/ranger/common/AppConstants.java 
6988750 
  security-admin/src/main/java/org/apache/ranger/db/RangerDaoManagerBase.java 
5431553 
  
security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemRowFilterInfoDao.java
 PRE-CREATION 
  security-admin/src/main/java/org/apache/ranger/entity/XXAccessTypeDef.java 
5bc22e0 
  
security-admin/src/main/java/org/apache/ranger/entity/XXPolicyItemDataMaskInfo.java
 391f5a8 
  
security-admin/src/main/java/org/apache/ranger/entity/XXPolicyItemRowFilterInfo.java
 PRE-CREATION 
  security-admin/src/main/java/org/apache/ranger/entity/XXResourceDef.java 
6679c35 
  
security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefServiceBase.java
 a0047a5 
  security-admin/src/main/resources/META-INF/jpa_named_queries.xml 2bb66ca 
  security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java 
5cb0290 

Diff: https://reviews.apache.org/r/45669/diff/


Testing
-------

Added unit tests to verify the new type of policy


Thanks,

Madhan Neethiraj

Reply via email to