ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Velmurugan Periasamy <vperias...@hortonworks.com>
Subject Re: Review Request 68209: RANGER-2183: Use INodeAttribute information to authorize HDFS access
Date Thu, 09 Aug 2018 20:33:23 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/68209/#review207050
-----------------------------------------------------------


Ship it!




Ship It!

- Velmurugan Periasamy


On Aug. 4, 2018, 6:38 p.m., Abhay Kulkarni wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/68209/
> -----------------------------------------------------------
> 
> (Updated Aug. 4, 2018, 6:38 p.m.)
> 
> 
> Review request for ranger, Madhan Neethiraj, Ramesh Mani, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2183
>     https://issues.apache.org/jira/browse/RANGER-2183
> 
> 
> Repository: ranger
> 
> 
> Description
> -------
> 
> Currently, Ranger HDFS authorizer uses INodes provided in the authorization API to get
the path to the accessed HDFS resource. Such path may not be correct in some cases, notably,
if the accessed directory's parent directory is snapshot-enabled, and then parent directory
and its contents are removed.
> 
> With this change, resource path is computed from INodeAttributes provided in the authorization
API.
> 
> 
> Diffs
> -----
> 
>   hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java
3697b8c44 
> 
> 
> Diff: https://reviews.apache.org/r/68209/diff/1/
> 
> 
> Testing
> -------
> 
> Ran and passed all unit tests.
> 
> 
> Thanks,
> 
> Abhay Kulkarni
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message