Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Improvement] Filter Catalog securiable object in authorization Ranger #5106

Closed
Tracked by #5115
xunliu opened this issue Oct 11, 2024 · 0 comments
Closed
Tracked by #5115

[Improvement] Filter Catalog securiable object in authorization Ranger #5106

xunliu opened this issue Oct 11, 2024 · 0 comments
Assignees
@xunliu
Labels
0.7.0 Release v0.7.0 improvement Improvements on everything
Milestone
Gravitino 0.7.0

Comments

@xunliu
Copy link
Member

xunliu commented Oct 11, 2024

What would you like to be improved?

Currently, authorization Ranger didn't filter Catalog securiable object in the set owner operation, It will create a Ranger policy but doesn't have any resource, This is an invalidate Ranger Policy.

How should we improve?

Filter Catalog securiable object in the set owner operation
@xunliu xunliu added the improvement Improvements on everything label Oct 11, 2024
@xunliu xunliu self-assigned this Oct 11, 2024
xunliu added a commit to xunliu/gravitino that referenced this issue Oct 11, 2024
@xunliu
[apache#5106] improve(auth-ranger): Filter Catalog securiable object …
bbaa781 
…in the onOwnerSet
xunliu added a commit to xunliu/gravitino that referenced this issue Oct 11, 2024
@xunliu
[apache#5106] improve(auth-ranger): Filter Catalog securiable object …
e4b5127 
…in the onOwnerSet
@xunliu xunliu mentioned this issue Oct 11, 2024
Merged
@xunliu xunliu changed the title [Improvement] Filter Catalog securiable object in the set owner operation [Improvement] Filter Catalog securiable object in authorization Ranger Oct 12, 2024
@xunliu xunliu mentioned this issue Oct 12, 2024
Open
17 tasks
xunliu added a commit to xunliu/gravitino that referenced this issue Oct 12, 2024
@xunliu
[apache#5106] improve(auth-ranger): Filter Catalog securiable object …
0c32387 
…in the onOwnerSet
xunliu added a commit to xunliu/gravitino that referenced this issue Oct 16, 2024
@xunliu
[apache#5106] improve(auth-ranger): Filter Catalog securiable object …
e3fd681 
…in the onOwnerSet
xunliu added a commit to xunliu/gravitino that referenced this issue Oct 16, 2024
@xunliu
[apache#5106] improve(auth-ranger): Filter Catalog securiable object …
fc29438 
…in the onOwnerSet
xunliu added a commit to xunliu/gravitino that referenced this issue Oct 16, 2024
@xunliu
[apache#5106] improve(auth-ranger): Filter Catalog securiable object …
dcafa1d 
…in the onOwnerSet
xunliu added a commit to xunliu/gravitino that referenced this issue Oct 16, 2024
@xunliu
[apache#5106] improve(auth-ranger): Filter Catalog securiable object …
b2cb8f2 
…in the onOwnerSet
xunliu added a commit to xunliu/gravitino that referenced this issue Oct 18, 2024
@xunliu
[apache#5106] improve(auth-ranger): Filter Catalog securiable object …
d2ef4c5 
…in the onOwnerSet
yuqi1129 pushed a commit that referenced this issue Oct 21, 2024
@xunliu
[#5116][#5106][#4616][#5135] improve(auth-ranger): The owner of catal…
7a050d6 
…og/metalake should have all the privileges of schemas/tables (#5113)

### What changes were proposed in this pull request?

The owner of catalog/metalake should have all the privileges of schemas/tables.

### Why are the changes needed?

Fix: 
- #5116
- #5106
- #4616
- #5135

### Does this PR introduce _any_ user-facing change?

N/A

### How was this patch tested?

Add ITs.
@jerqi jerqi closed this as completed Oct 21, 2024
@jerryshao jerryshao added the 0.7.0 Release v0.7.0 label Oct 21, 2024
@xunliu xunliu added this to the Gravitino 0.7.0 milestone Oct 28, 2024
mplmoknijb pushed a commit to mplmoknijb/gravitino that referenced this issue Nov 6, 2024
@xunliu @mplmoknijb
[apache#5116][apache#5106][apache#4616][apache#5135] improve(auth-ran…
8a6b890 
…ger): The owner of catalog/metalake should have all the privileges of schemas/tables (apache#5113)

### What changes were proposed in this pull request?

The owner of catalog/metalake should have all the privileges of schemas/tables.

### Why are the changes needed?

Fix: 
- apache#5116
- apache#5106
- apache#4616
- apache#5135

### Does this PR introduce _any_ user-facing change?

N/A

### How was this patch tested?

Add ITs.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@xunliu xunliu

Labels
0.7.0 Release v0.7.0 improvement Improvements on everything
Projects
None yet
Milestone
Gravitino 0.7.0
Development

No branches or pull requests
3 participants
@jerryshao @xunliu @jerqi