[RANGER-3765] tag-based policy masking to override resource-based policy - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 3.0.0, 2.3.0
Fix Version/s: 3.0.0, 2.3.0
Component/s: plugins
Labels:
None

Description

1. consider following two masking policies - one tag-based policy and the other resource-based:

tag-based policy:
  id: 1, tag: TAG1,
    users: [ user1 ], maskType: MASK_NULL

resource-based policy:
  id: 2, database: db1, table: tbl1, column: col1,
    users: [ user1 ], maskType: MASK_SHOW_LAST_4

2. consider that column db1.tbl1.col1 has tag TAG1.

When user1 accesses table db1.tbl1, the value of column col1 should be masked as specified in tag-based policy id=1; however, mask specified in resource-based policy id=2 is applied instead. This should be updated to choose the mask specified in tag-based policy when both tag-based and resource-based policies have same priority.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

RANGER-3765.patch
16/May/22 21:13
13 kB
Madhan Neethiraj

Activity

People

Assignee:: Madhan Neethiraj

Reporter:: Madhan Neethiraj

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 16/May/22 20:59

Updated:: 17/May/22 16:02

Resolved:: 17/May/22 15:32