ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Abhay Kulkarni <akulka...@hortonworks.com>
Subject Review Request 68209: RANGER-2183: Use INodeAttribute information to authorize HDFS access
Date Sat, 04 Aug 2018 18:38:31 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/68209/
-----------------------------------------------------------

Review request for ranger, Madhan Neethiraj, Ramesh Mani, and Velmurugan Periasamy.


Bugs: RANGER-2183
    https://issues.apache.org/jira/browse/RANGER-2183


Repository: ranger


Description
-------

Currently, Ranger HDFS authorizer uses INodes provided in the authorization API to get the
path to the accessed HDFS resource. Such path may not be correct in some cases, notably, if
the accessed directory's parent directory is snapshot-enabled, and then parent directory and
its contents are removed.

With this change, resource path is computed from INodeAttributes provided in the authorization
API.


Diffs
-----

  hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java
3697b8c44 


Diff: https://reviews.apache.org/r/68209/diff/1/


Testing
-------

Ran and passed all unit tests.


Thanks,

Abhay Kulkarni


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message