atlas-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nixon Rodrigues <nixon.rodrig...@freestoneinfotech.com>
Subject Re: Review Request 65770: ATLAS-2459:-Authorization enhancements to support instance level access controls
Date Sun, 25 Feb 2018 16:47:50 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/65770/
-----------------------------------------------------------

(Updated Feb. 25, 2018, 4:47 p.m.)


Review request for atlas, Apoorv Naik, Ashutosh Mestry, and Madhan Neethiraj.


Changes
-------

This patch include simplification of authz intrumented code from earlier version and also
below changes.

* Removal of AtlasAuthorizationFilter.java, Metrics.java, ..
* Updates to AuditFilter, to capture response status and timeTaken in audit.log
* Added atlas-simple-authz-policy.json as an embedded-resource in authorization jar. If the
file is not present in CLASSPATH, it will be loaded from the jar file
* Updated entity-access authorization to take into account policies for super-types of entity/classifications.
For example, anyone with access to ‘Asset’ type will be able to read all sub-types of
Asset.


Bugs: ATLAS-2459
    https://issues.apache.org/jira/browse/ATLAS-2459


Repository: atlas


Description
-------

The patch contains changes for Fine grained authorization at Instance level.
Earlier implementation of authorization at API level is removed.

https://issues.apache.org/jira/browse/ATLAS-2459


Diffs (updated)
-----

  authorization/pom.xml f210a2f8 
  authorization/src/main/java/org/apache/atlas/authorize/AtlasAccessRequest.java 07cb2b07

  authorization/src/main/java/org/apache/atlas/authorize/AtlasActionTypes.java c5969db1 
  authorization/src/main/java/org/apache/atlas/authorize/AtlasAuthorizer.java d64c6923 
  authorization/src/main/java/org/apache/atlas/authorize/AtlasAuthorizerFactory.java 9b7933e0

  authorization/src/main/java/org/apache/atlas/authorize/AtlasEntityAccessRequest.java PRE-CREATION

  authorization/src/main/java/org/apache/atlas/authorize/AtlasResourceTypes.java 7e2808cb

  authorization/src/main/java/org/apache/atlas/authorize/AtlasTypeAccessRequest.java PRE-CREATION

  authorization/src/main/java/org/apache/atlas/authorize/simple/AtlasAuthorizationUtils.java
5bc19414 
  authorization/src/main/java/org/apache/atlas/authorize/simple/AtlasSimpleAuthzPolicy.java
PRE-CREATION 
  authorization/src/main/java/org/apache/atlas/authorize/simple/FileReaderUtil.java 88bf56b1

  authorization/src/main/java/org/apache/atlas/authorize/simple/PolicyDef.java 6b2b8b30 
  authorization/src/main/java/org/apache/atlas/authorize/simple/PolicyParser.java f61bbf76

  authorization/src/main/java/org/apache/atlas/authorize/simple/PolicyUtil.java 9c08e405 
  authorization/src/main/java/org/apache/atlas/authorize/simple/SimpleAtlasAuthorizer.java
2eb0cd50 
  authorization/src/main/resources/atlas-simple-authz-policy.json PRE-CREATION 
  authorization/src/test/java/org/apache/atlas/authorize/simple/AtlasAuthorizationUtilsTest.java
adebb627 
  authorization/src/test/java/org/apache/atlas/authorize/simple/PolicyParserTest.java 3b7869aa

  authorization/src/test/java/org/apache/atlas/authorize/simple/PolicyUtilTest.java 1cefbcdf

  authorization/src/test/java/org/apache/atlas/authorize/simple/SimpleAtlasAuthorizerTest.java
b36c9c75 
  intg/src/main/java/org/apache/atlas/ApplicationProperties.java 320563e0 
  intg/src/main/java/org/apache/atlas/AtlasErrorCode.java f1d45365 
  intg/src/main/java/org/apache/atlas/model/instance/AtlasEntityHeader.java 340cd05c 
  intg/src/main/java/org/apache/atlas/type/AtlasClassificationType.java ae0c206b 
  intg/src/main/java/org/apache/atlas/utils/AtlasJson.java 9aacb2d2 
  repository/pom.xml 87fe7fde 
  repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasClassificationDefStoreV1.java
8214cea6 
  repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasEntityDefStoreV1.java
1d784ef8 
  repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasEntityStoreV1.java
bf417dd0 
  repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasStructDefStoreV1.java
83a6d1d6 
  repository/src/main/java/org/apache/atlas/repository/store/graph/v1/EntityGraphRetriever.java
1833b72e 
  repository/src/main/java/org/apache/atlas/util/AtlasRepositoryConfiguration.java 85f0d060

  repository/src/test/java/org/apache/atlas/repository/impexp/ExportServiceTest.java 07524d08

  repository/src/test/java/org/apache/atlas/repository/impexp/ImportServiceTest.java 136fe8a1

  repository/src/test/java/org/apache/atlas/repository/impexp/ZipFileResourceTestUtils.java
5ab8c01b 
  repository/src/test/java/org/apache/atlas/repository/store/graph/AtlasTypeDefGraphStoreTest.java
2fc8015e 
  repository/src/test/java/org/apache/atlas/repository/store/graph/v1/AtlasEntityStoreV1Test.java
f4b70531 
  repository/src/test/java/org/apache/atlas/repository/store/graph/v1/AtlasRelationshipStoreV1Test.java
8de978c8 
  repository/src/test/java/org/apache/atlas/repository/store/graph/v1/InverseReferenceUpdateV1Test.java
6e4689d3 
  server-api/src/main/java/org/apache/atlas/RequestContextV1.java 9177cb82 
  server-api/src/main/java/org/apache/atlas/aspect/Loggable.java 64f21695 
  server-api/src/main/java/org/apache/atlas/aspect/Monitored.java 909fab68 
  server-api/src/main/java/org/apache/atlas/discovery/DiscoveryException.java ba69af76 
  server-api/src/main/java/org/apache/atlas/exception/SchemaNotFoundException.java 981ef2a8

  server-api/src/main/java/org/apache/atlas/exception/TraitNotFoundException.java ba46a2e4

  server-api/src/main/java/org/apache/atlas/metrics/Metrics.java e0f4e494 
  webapp/src/main/java/org/apache/atlas/notification/NotificationHookConsumer.java ced9b7e6

  webapp/src/main/java/org/apache/atlas/web/filters/AtlasAuthenticationFilter.java ddc2ff2b

  webapp/src/main/java/org/apache/atlas/web/filters/AtlasAuthorizationFilter.java 8a29bb3f

  webapp/src/main/java/org/apache/atlas/web/filters/AuditFilter.java 3225b0ec 
  webapp/src/main/java/org/apache/atlas/web/resources/AdminResource.java 86485fba 
  webapp/src/main/java/org/apache/atlas/web/rest/TypesREST.java 7177ac74 
  webapp/src/main/java/org/apache/atlas/web/security/AtlasSecurityConfig.java 24be5de2 
  webapp/src/main/java/org/apache/atlas/web/util/DateTimeHelper.java 26f3f1ca 
  webapp/src/main/resources/spring-security.xml 17432182 
  webapp/src/test/java/org/apache/atlas/web/filters/AtlasAuthenticationSimpleFilterIT.java
78f983f8 
  webapp/src/test/java/org/apache/atlas/web/resources/AdminResourceTest.java fd96fc3d 
  webapp/src/test/resources/test-spring-security.xml 4455b0ad 


Diff: https://reviews.apache.org/r/65770/diff/3/

Changes: https://reviews.apache.org/r/65770/diff/2-3/


Testing
-------

maven build is gone fine.
Testing of endpoints is in progress.


Thanks,

Nixon Rodrigues


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message