Skip to content

HIVE-23433 : Add Deny Policy on Replicated Database #1016

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
aasha wants to merge 2 commits into from
Closed

HIVE-23433 : Add Deny Policy on Replicated Database #1016

aasha wants to merge 2 commits into from

Conversation

@aasha
Copy link
Contributor

@aasha aasha commented May 12, 2020

No description provided.

@aasha aasha force-pushed the HIVE-23433 branch 3 times, most recently from 2340c4f to 9513679 Compare May 15, 2020 12:22
pkumarsinha
pkumarsinha reviewed May 18, 2020
View reviewed changes
ql/src/test/org/apache/hadoop/hive/ql/exec/repl/TestRangerLoadTask.java Outdated
Mockito.when(conf.getVar(REPL_RANGER_SERVICE_NAME)).thenReturn("hive");
Path rangerDumpPath = new Path("/tmp");
Mockito.when(work.getCurrentDumpPath()).thenReturn(rangerDumpPath);
mockClient.saveRangerPoliciesToFile(rangerPolicyList,
Copy link
Contributor

@pkumarsinha pkumarsinha May 18, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this line needed? you anyway returning policyList on readRangerPoliciesFromJsonFile call: 178

pkumarsinha
pkumarsinha reviewed May 19, 2020
View reviewed changes
ql/src/java/org/apache/hadoop/hive/ql/exec/repl/ranger/RangerRestClientImpl.java
denyExceptionsPolicyItem.setAccesses(denyExceptionsPolicyItemAccesses);
denyExceptionsItemsForBeaconUser.add(denyExceptionsPolicyItem);
List<String> denyExceptionsPolicyItemsUsers = new ArrayList<String>();
denyExceptionsPolicyItemsUsers.add("hive");
Copy link
Contributor

@pkumarsinha pkumarsinha May 19, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't it be hive service user and obtained from conf?

ql/src/java/org/apache/hadoop/hive/ql/exec/repl/ranger/RangerRestClientImpl.java Outdated
denyRangerPolicy.setResources(rangerPolicyResourceMap);

List<String> accessTypes = new ArrayList<>();
accessTypes.addAll(Arrays.asList("create", "update", "drop", "alter", "index", "lock", "write", "ReplAdmin"));
Copy link
Contributor

@pkumarsinha pkumarsinha May 19, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Don't need to do addAll. You can directly use List accessTypes = Arrays.asList

@github-actions
Copy link

github-actions bot commented Jul 19, 2020

This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.
Feel free to reach out on the dev@hive.apache.org list if the patch is in need of reviews.

@github-actions github-actions bot added the stale label Jul 19, 2020
@github-actions github-actions bot closed this Jul 26, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pkumarsinha pkumarsinha pkumarsinha left review comments

Assignees

No one assigned

Labels

stale

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@aasha @pkumarsinha