Description
Current Ranger policy model supports authorization/column-masking/row-filtering for users/user-groups based on various criteria like accessed-resource, resource-classifications, IP-address and custom conditions. Given the wide-spread use of role-based authorization in traditional enterprise applications (like RDBMS, J2EE), it will be very useful for Ranger policy model to support 'roles' i.e. to be able to specify authorization/column-masking/row-filtering for roles as well - in addition to existing support for users and user-groups.