[SENTRY-2265] Translate owner privilege in sentry binding for authorization - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Sub-task
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.1.0
Component/s: Sentry
Labels:
None

Description

When authorization is done, sentry binding should translate owner privilege to "ALL" before using it.

In CommonPrivilege, need to add Owner privilege and treat it as ALL privilege for authorization

 private boolean impliesResource(ImplyMethodType implyMethodType, String policyValue, String requestValue) {
    // wildcard support, "*", "+", "all"("+" and "all" are for backward compatibility) are represented as wildcard
    // if requestValue is wildcard, means privilege request is to match with any value of given resource
    if (SentryConstants.RESOURCE_WILDCARD_VALUE.equals(policyValue)
            || SentryConstants.RESOURCE_WILDCARD_VALUE.equals(requestValue)
            || SentryConstants.RESOURCE_WILDCARD_VALUE_ALL.equalsIgnoreCase(policyValue)
            || SentryConstants.RESOURCE_WILDCARD_VALUE_ALL.equalsIgnoreCase(requestValue)
            || SentryConstants.RESOURCE_WILDCARD_VALUE_SOME.equals(requestValue)) {
      return true;
    }

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

SENTRY-2265.1.patch
18/Jun/18 22:37
1 kB
Sergio Peña

Issue Links

links to

Review Board

Activity

People

Assignee:: Sergio Peña

Reporter:: Krishna Kalyan

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 11/Jun/18 22:48

Updated:: 19/Jun/18 18:16

Resolved:: 19/Jun/18 18:16