Re: Review Request 72615: ATLAS-3855 Bulk entity tag association and bulk api enhancement

2020-07-08 Thread Sarath Subramanian

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72615/#review221151
---


Ship it!




Ship It!

- Sarath Subramanian


On July 7, 2020, 11:45 a.m., chaitali wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/72615/
> ---
> 
> (Updated July 7, 2020, 11:45 a.m.)
> 
> 
> Review request for atlas, Jayendra Parab, Nikhil Bonte, Nixon Rodrigues, and 
> Sarath Subramanian.
> 
> 
> Bugs: ATLAS-3855
> https://issues.apache.org/jira/browse/ATLAS-3855
> 
> 
> Repository: atlas
> 
> 
> Description
> ---
> 
> API : /api/atlas/v2/entity/bulk/classification & v2/entity/bulk : if some 
> guids belong to entities on which user is unauthorized other guids belong to 
> entities on which user is authorized This APIs fail with 403 error without 
> returning the authorized entities.
> 
> 1.Unauthorized guids are filtered with this patch for both the APIs.
> 2.Added ignoreUnauthorisedGuids flag for /bulk/classification API as it 
> doesn't return any object
> 2.Also added unauthorized guids in return object of /bulk in response for 
> user's reference.
> 
> 
> Diffs
> -
> 
>   
> repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java
>  bf1629cb3 
>   server-api/src/main/java/org/apache/atlas/RequestContext.java 282a66f1d 
>   webapp/src/main/java/org/apache/atlas/web/filters/AuditFilter.java 
> c663b00c9 
> 
> 
> Diff: https://reviews.apache.org/r/72615/diff/9/
> 
> 
> Testing
> ---
> 
> Tested with ranger policies:
> For /bulk api following policy were applied:
> 1.Added hive_column entity as entity type.
> 2.Included admin as user and prohibited access for read entity all this under 
> deny policy.
> 
> For /bulk/classification following policy were applied:
> 1.Added hive_column entity as entity type.
> 2.Gave all the access to admin but kwpt hive_column entity type in excluded 
> state.
> 
> 
> Thanks,
> 
> chaitali
> 
>



Re: Review Request 72615: ATLAS-3855 Bulk entity tag association and bulk api enhancement

2020-07-08 Thread Madhan Neethiraj

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72615/#review221150
---


Ship it!




Ship It!

- Madhan Neethiraj


On July 7, 2020, 6:45 p.m., chaitali wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/72615/
> ---
> 
> (Updated July 7, 2020, 6:45 p.m.)
> 
> 
> Review request for atlas, Jayendra Parab, Nikhil Bonte, Nixon Rodrigues, and 
> Sarath Subramanian.
> 
> 
> Bugs: ATLAS-3855
> https://issues.apache.org/jira/browse/ATLAS-3855
> 
> 
> Repository: atlas
> 
> 
> Description
> ---
> 
> API : /api/atlas/v2/entity/bulk/classification & v2/entity/bulk : if some 
> guids belong to entities on which user is unauthorized other guids belong to 
> entities on which user is authorized This APIs fail with 403 error without 
> returning the authorized entities.
> 
> 1.Unauthorized guids are filtered with this patch for both the APIs.
> 2.Added ignoreUnauthorisedGuids flag for /bulk/classification API as it 
> doesn't return any object
> 2.Also added unauthorized guids in return object of /bulk in response for 
> user's reference.
> 
> 
> Diffs
> -
> 
>   
> repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java
>  bf1629cb3 
>   server-api/src/main/java/org/apache/atlas/RequestContext.java 282a66f1d 
>   webapp/src/main/java/org/apache/atlas/web/filters/AuditFilter.java 
> c663b00c9 
> 
> 
> Diff: https://reviews.apache.org/r/72615/diff/9/
> 
> 
> Testing
> ---
> 
> Tested with ranger policies:
> For /bulk api following policy were applied:
> 1.Added hive_column entity as entity type.
> 2.Included admin as user and prohibited access for read entity all this under 
> deny policy.
> 
> For /bulk/classification following policy were applied:
> 1.Added hive_column entity as entity type.
> 2.Gave all the access to admin but kwpt hive_column entity type in excluded 
> state.
> 
> 
> Thanks,
> 
> chaitali
> 
>



Re: Review Request 72615: ATLAS-3855 Bulk entity tag association and bulk api enhancement

2020-07-07 Thread chaitali

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72615/
---

(Updated July 7, 2020, 6:45 p.m.)


Review request for atlas, Jayendra Parab, Nikhil Bonte, Nixon Rodrigues, and 
Sarath Subramanian.


Bugs: ATLAS-3855
https://issues.apache.org/jira/browse/ATLAS-3855


Repository: atlas


Description
---

API : /api/atlas/v2/entity/bulk/classification & v2/entity/bulk : if some guids 
belong to entities on which user is unauthorized other guids belong to entities 
on which user is authorized This APIs fail with 403 error without returning the 
authorized entities.

1.Unauthorized guids are filtered with this patch for both the APIs.
2.Added ignoreUnauthorisedGuids flag for /bulk/classification API as it doesn't 
return any object
2.Also added unauthorized guids in return object of /bulk in response for 
user's reference.


Diffs (updated)
-

  
repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java
 bf1629cb3 
  server-api/src/main/java/org/apache/atlas/RequestContext.java 282a66f1d 
  webapp/src/main/java/org/apache/atlas/web/filters/AuditFilter.java c663b00c9 


Diff: https://reviews.apache.org/r/72615/diff/9/

Changes: https://reviews.apache.org/r/72615/diff/8-9/


Testing
---

Tested with ranger policies:
For /bulk api following policy were applied:
1.Added hive_column entity as entity type.
2.Included admin as user and prohibited access for read entity all this under 
deny policy.

For /bulk/classification following policy were applied:
1.Added hive_column entity as entity type.
2.Gave all the access to admin but kwpt hive_column entity type in excluded 
state.


Thanks,

chaitali



Re: Review Request 72615: ATLAS-3855 Bulk entity tag association and bulk api enhancement

2020-07-07 Thread chaitali

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72615/
---

(Updated July 7, 2020, 11:02 a.m.)


Review request for atlas, Jayendra Parab, Nikhil Bonte, Nixon Rodrigues, and 
Sarath Subramanian.


Bugs: ATLAS-3855
https://issues.apache.org/jira/browse/ATLAS-3855


Repository: atlas


Description
---

API : /api/atlas/v2/entity/bulk/classification & v2/entity/bulk : if some guids 
belong to entities on which user is unauthorized other guids belong to entities 
on which user is authorized This APIs fail with 403 error without returning the 
authorized entities.

1.Unauthorized guids are filtered with this patch for both the APIs.
2.Added ignoreUnauthorisedGuids flag for /bulk/classification API as it doesn't 
return any object
2.Also added unauthorized guids in return object of /bulk in response for 
user's reference.


Diffs (updated)
-

  
repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java
 bf1629cb3 
  server-api/src/main/java/org/apache/atlas/RequestContext.java 282a66f1d 
  webapp/src/main/java/org/apache/atlas/web/filters/AuditFilter.java c663b00c9 


Diff: https://reviews.apache.org/r/72615/diff/8/

Changes: https://reviews.apache.org/r/72615/diff/7-8/


Testing
---

Tested with ranger policies:
For /bulk api following policy were applied:
1.Added hive_column entity as entity type.
2.Included admin as user and prohibited access for read entity all this under 
deny policy.

For /bulk/classification following policy were applied:
1.Added hive_column entity as entity type.
2.Gave all the access to admin but kwpt hive_column entity type in excluded 
state.


Thanks,

chaitali



Re: Review Request 72615: ATLAS-3855 Bulk entity tag association and bulk api enhancement

2020-07-06 Thread Madhan Neethiraj

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72615/#review221135
---



Consider updating all methods that deal with multiple entities to ignore 
unauthorized entities. Below is the list of such methods from quick look:

  - GET/bulk - EntityREST.getByGuids()
  - DELETE /bulk - EntityREST.deleteByGuids()
  - POST   /bulk/classification  - 
EntityREST.addClassification()
  - POST   /bulk/setClassifications  - 
EntityREST.setClassifications()
  - GET/bulk/headers - EntityREST.getEntityHeaders()
  - GET/bulk/uniqueAttribute/type/{typeName} - 
EntityREST.getEntitiesByUniqueAttributes()

Instead of changing signature for all these methods, I suggest to add flag 
RequestContext.ignoreUnauthorizedEntities and populate this from 
AuditFilter.doFilter().

- Madhan Neethiraj


On July 6, 2020, 3:02 p.m., chaitali wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/72615/
> ---
> 
> (Updated July 6, 2020, 3:02 p.m.)
> 
> 
> Review request for atlas, Jayendra Parab, Nikhil Bonte, Nixon Rodrigues, and 
> Sarath Subramanian.
> 
> 
> Bugs: ATLAS-3855
> https://issues.apache.org/jira/browse/ATLAS-3855
> 
> 
> Repository: atlas
> 
> 
> Description
> ---
> 
> API : /api/atlas/v2/entity/bulk/classification & v2/entity/bulk : if some 
> guids belong to entities on which user is unauthorized other guids belong to 
> entities on which user is authorized This APIs fail with 403 error without 
> returning the authorized entities.
> 
> 1.Unauthorized guids are filtered with this patch for both the APIs.
> 2.Added ignoreUnauthorisedGuids flag for /bulk/classification API as it 
> doesn't return any object
> 2.Also added unauthorized guids in return object of /bulk in response for 
> user's reference.
> 
> 
> Diffs
> -
> 
>   
> repository/src/main/java/org/apache/atlas/repository/store/graph/AtlasEntityStore.java
>  7b9455ef3 
>   
> repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java
>  bf1629cb3 
>   
> repository/src/test/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2Test.java
>  b9cbef1b0 
>   webapp/src/main/java/org/apache/atlas/web/resources/EntityResource.java 
> 00b29e6c8 
>   webapp/src/main/java/org/apache/atlas/web/rest/EntityREST.java 88de8b679 
>   webapp/src/test/java/org/apache/atlas/web/adapters/TestEntitiesREST.java 
> 615bc0f1b 
> 
> 
> Diff: https://reviews.apache.org/r/72615/diff/7/
> 
> 
> Testing
> ---
> 
> Tested with ranger policies:
> For /bulk api following policy were applied:
> 1.Added hive_column entity as entity type.
> 2.Included admin as user and prohibited access for read entity all this under 
> deny policy.
> 
> For /bulk/classification following policy were applied:
> 1.Added hive_column entity as entity type.
> 2.Gave all the access to admin but kwpt hive_column entity type in excluded 
> state.
> 
> 
> Thanks,
> 
> chaitali
> 
>



Re: Review Request 72615: ATLAS-3855 Bulk entity tag association and bulk api enhancement

2020-07-06 Thread chaitali

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72615/
---

(Updated July 6, 2020, 3:02 p.m.)


Review request for atlas, Jayendra Parab, Nikhil Bonte, Nixon Rodrigues, and 
Sarath Subramanian.


Bugs: ATLAS-3855
https://issues.apache.org/jira/browse/ATLAS-3855


Repository: atlas


Description
---

API : /api/atlas/v2/entity/bulk/classification & v2/entity/bulk : if some guids 
belong to entities on which user is unauthorized other guids belong to entities 
on which user is authorized This APIs fail with 403 error without returning the 
authorized entities.

1.Unauthorized guids are filtered with this patch for both the APIs.
2.Added ignoreUnauthorisedGuids flag for /bulk/classification API as it doesn't 
return any object
2.Also added unauthorized guids in return object of /bulk in response for 
user's reference.


Diffs (updated)
-

  
repository/src/main/java/org/apache/atlas/repository/store/graph/AtlasEntityStore.java
 7b9455ef3 
  
repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java
 bf1629cb3 
  
repository/src/test/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2Test.java
 b9cbef1b0 
  webapp/src/main/java/org/apache/atlas/web/resources/EntityResource.java 
00b29e6c8 
  webapp/src/main/java/org/apache/atlas/web/rest/EntityREST.java 88de8b679 
  webapp/src/test/java/org/apache/atlas/web/adapters/TestEntitiesREST.java 
615bc0f1b 


Diff: https://reviews.apache.org/r/72615/diff/7/

Changes: https://reviews.apache.org/r/72615/diff/6-7/


Testing
---

Tested with ranger policies:
For /bulk api following policy were applied:
1.Added hive_column entity as entity type.
2.Included admin as user and prohibited access for read entity all this under 
deny policy.

For /bulk/classification following policy were applied:
1.Added hive_column entity as entity type.
2.Gave all the access to admin but kwpt hive_column entity type in excluded 
state.


Thanks,

chaitali



Re: Review Request 72615: ATLAS-3855 Bulk entity tag association and bulk api enhancement

2020-07-01 Thread chaitali


> On June 29, 2020, 6:49 a.m., Sarath Subramanian wrote:
> > Consider introducing an optional query param in REST to pass - 
> > 'ignoreUnauthorized'. If this flag is set, the resultset should include 
> > only results of authorized entities.

Done


- chaitali


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72615/#review221087
---


On July 1, 2020, 9:39 a.m., chaitali wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/72615/
> ---
> 
> (Updated July 1, 2020, 9:39 a.m.)
> 
> 
> Review request for atlas, Jayendra Parab, Nikhil Bonte, Nixon Rodrigues, and 
> Sarath Subramanian.
> 
> 
> Bugs: ATLAS-3855
> https://issues.apache.org/jira/browse/ATLAS-3855
> 
> 
> Repository: atlas
> 
> 
> Description
> ---
> 
> API : /api/atlas/v2/entity/bulk/classification & v2/entity/bulk : if some 
> guids belong to entities on which user is unauthorized other guids belong to 
> entities on which user is authorized This APIs fail with 403 error without 
> returning the authorized entities.
> 
> 1.Unauthorized guids are filtered with this patch for both the APIs.
> 2.Added ignoreUnauthorisedGuids flag for /bulk/classification API as it 
> doesn't return any object
> 2.Also added unauthorized guids in return object of /bulk in response for 
> user's reference.
> 
> 
> Diffs
> -
> 
>   
> repository/src/main/java/org/apache/atlas/repository/store/graph/AtlasEntityStore.java
>  7b9455ef3 
>   
> repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java
>  bf1629cb3 
>   
> repository/src/test/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2Test.java
>  b9cbef1b0 
>   webapp/src/main/java/org/apache/atlas/web/resources/EntityResource.java 
> 00b29e6c8 
>   webapp/src/main/java/org/apache/atlas/web/rest/EntityREST.java 88de8b679 
>   webapp/src/test/java/org/apache/atlas/web/adapters/TestEntitiesREST.java 
> 615bc0f1b 
> 
> 
> Diff: https://reviews.apache.org/r/72615/diff/5/
> 
> 
> Testing
> ---
> 
> Tested with ranger policies:
> For /bulk api following policy were applied:
> 1.Added hive_column entity as entity type.
> 2.Included admin as user and prohibited access for read entity all this under 
> deny policy.
> 
> For /bulk/classification following policy were applied:
> 1.Added hive_column entity as entity type.
> 2.Gave all the access to admin but kwpt hive_column entity type in excluded 
> state.
> 
> 
> Thanks,
> 
> chaitali
> 
>



Re: Review Request 72615: ATLAS-3855 Bulk entity tag association and bulk api enhancement

2020-07-01 Thread chaitali

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72615/
---

(Updated July 1, 2020, 9:39 a.m.)


Review request for atlas, Jayendra Parab, Nikhil Bonte, Nixon Rodrigues, and 
Sarath Subramanian.


Changes
---

Removed getter setter for unauthorised entities


Bugs: ATLAS-3855
https://issues.apache.org/jira/browse/ATLAS-3855


Repository: atlas


Description
---

API : /api/atlas/v2/entity/bulk/classification & v2/entity/bulk : if some guids 
belong to entities on which user is unauthorized other guids belong to entities 
on which user is authorized This APIs fail with 403 error without returning the 
authorized entities.

1.Unauthorized guids are filtered with this patch for both the APIs.
2.Added ignoreUnauthorisedGuids flag for /bulk/classification API as it doesn't 
return any object
2.Also added unauthorized guids in return object of /bulk in response for 
user's reference.


Diffs (updated)
-

  
repository/src/main/java/org/apache/atlas/repository/store/graph/AtlasEntityStore.java
 7b9455ef3 
  
repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java
 bf1629cb3 
  
repository/src/test/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2Test.java
 b9cbef1b0 
  webapp/src/main/java/org/apache/atlas/web/resources/EntityResource.java 
00b29e6c8 
  webapp/src/main/java/org/apache/atlas/web/rest/EntityREST.java 88de8b679 
  webapp/src/test/java/org/apache/atlas/web/adapters/TestEntitiesREST.java 
615bc0f1b 


Diff: https://reviews.apache.org/r/72615/diff/5/

Changes: https://reviews.apache.org/r/72615/diff/4-5/


Testing
---

Tested with ranger policies:
For /bulk api following policy were applied:
1.Added hive_column entity as entity type.
2.Included admin as user and prohibited access for read entity all this under 
deny policy.

For /bulk/classification following policy were applied:
1.Added hive_column entity as entity type.
2.Gave all the access to admin but kwpt hive_column entity type in excluded 
state.


Thanks,

chaitali



Re: Review Request 72615: ATLAS-3855 Bulk entity tag association and bulk api enhancement

2020-06-30 Thread chaitali

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72615/
---

(Updated June 30, 2020, 2:56 p.m.)


Review request for atlas, Jayendra Parab, Nikhil Bonte, Nixon Rodrigues, and 
Sarath Subramanian.


Bugs: ATLAS-3855
https://issues.apache.org/jira/browse/ATLAS-3855


Repository: atlas


Description
---

API : /api/atlas/v2/entity/bulk/classification & v2/entity/bulk : if some guids 
belong to entities on which user is unauthorized other guids belong to entities 
on which user is authorized This APIs fail with 403 error without returning the 
authorized entities.

1.Unauthorized guids are filtered with this patch for both the APIs.
2.Added ignoreUnauthorisedGuids flag for /bulk/classification API as it doesn't 
return any object
2.Also added unauthorized guids in return object of /bulk in response for 
user's reference.


Diffs
-

  intg/src/main/java/org/apache/atlas/model/instance/AtlasEntity.java 4d8c94894 
  
repository/src/main/java/org/apache/atlas/repository/store/graph/AtlasEntityStore.java
 7b9455ef3 
  
repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java
 bf1629cb3 
  
repository/src/test/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2Test.java
 b9cbef1b0 
  webapp/src/main/java/org/apache/atlas/web/resources/EntityResource.java 
00b29e6c8 
  webapp/src/main/java/org/apache/atlas/web/rest/EntityREST.java 88de8b679 
  webapp/src/test/java/org/apache/atlas/web/adapters/TestEntitiesREST.java 
615bc0f1b 


Diff: https://reviews.apache.org/r/72615/diff/4/


Testing
---

Tested with ranger policies:
For /bulk api following policy were applied:
1.Added hive_column entity as entity type.
2.Included admin as user and prohibited access for read entity all this under 
deny policy.

For /bulk/classification following policy were applied:
1.Added hive_column entity as entity type.
2.Gave all the access to admin but kwpt hive_column entity type in excluded 
state.


Thanks,

chaitali