This is an automated email from the ASF dual-hosted git repository. madhan pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/ranger.git
commit 32f8ce52a1f7ebfa45dce7c50e718250a0adce53 Author: Dhaval Rajpara <[email protected]> AuthorDate: Tue Mar 14 18:51:15 2023 +0530 RANGER-4083: Tag-based policy UI to not show permissions in deny/exception for services that don't support deny/exception Signed-off-by: Madhan Neethiraj <[email protected]> --- .../scripts/views/policies/RangerPolicyCreate.js | 10 ++++++---- .../webapp/scripts/views/policies/RangerPolicyForm.js | 19 ++++++++++++++----- 2 files changed, 20 insertions(+), 9 deletions(-) diff --git a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyCreate.js b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyCreate.js index b1e7a11a0..e6c262235 100644 --- a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyCreate.js +++ b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyCreate.js @@ -35,6 +35,7 @@ define(function(require){ var RangerPolicycreateTmpl = require('hbs!tmpl/policies/RangerPolicyCreate_tmpl'); var RangerPolicyForm = require('views/policies/RangerPolicyForm'); var RangerServiceDef = require('models/RangerServiceDef'); + var RangerServiceDefList = require('collections/RangerServiceDefList'); var Vent = require('modules/Vent'); var RangerPolicyCreate = Backbone.Marionette.Layout.extend( @@ -130,6 +131,7 @@ define(function(require){ model : this.model, rangerServiceDefModel : this.rangerServiceDefModel, rangerService : this.rangerService, + rangerServiceDefList: this.RangerServiceDefList }); this.editPolicy = this.model.has('id') ? true : false; @@ -137,13 +139,13 @@ define(function(require){ this.params = {}; }, initializeServiceDef : function(){ - - this.rangerServiceDefModel = new RangerServiceDef(); - this.rangerServiceDefModel.url = XAUtil.getRangerServiceDef(this.rangerService.get('type')); - this.rangerServiceDefModel.fetch({ + var that = this + this.RangerServiceDefList = new RangerServiceDefList(); + this.RangerServiceDefList.fetch({ cache : false, async : false }); + this.rangerServiceDefModel = this.RangerServiceDefList.findWhere({'name' : that.rangerService.get('type')}) }, /** all events binding here */ diff --git a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js index 002621119..118dfe215 100644 --- a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js +++ b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js @@ -72,7 +72,7 @@ define(function(require){ }, initialize: function(options) { console.log("initialized a RangerPolicyForm Form View"); - _.extend(this, _.pick(options, 'rangerServiceDefModel', 'rangerService')); + _.extend(this, _.pick(options, 'rangerServiceDefModel', 'rangerService', 'rangerServiceDefList')); Backbone.Form.prototype.initialize.call(this, options); this.initializeCollection(); @@ -363,7 +363,16 @@ define(function(require){ if(enableDenyAndExceptionsInPolicies && this.$el.find(this.ui.isDenyAllElse).find('.toggle-slide').hasClass('active')){ this.$el.find(this.ui.denyConditionItems).hide(); } - + var enableDenyAndExceptions = accessType.filter(function(m){ + if(!_.contains((that.rangerServiceDefList.map(function(m){ + if(m.get('options').enableDenyAndExceptionsInPolicies == "false"){ + return m.get("name") + } + })).filter(Boolean), m.name.substr(0,m.name.indexOf(":")))){ + return m + } + }) + that.$('[data-customfields="groupPerms"]').html(new PermissionList({ collection : that.formInputList, model : that.model, @@ -377,7 +386,7 @@ define(function(require){ that.$('[data-customfields="groupPermsAllowExclude"]').html(new PermissionList({ collection : that.formInputAllowExceptionList, model : that.model, - accessTypes: accessType, + accessTypes: that.rangerServiceDefModel.get('name') != XAEnums.ServiceType.SERVICE_TAG.label ? accessType : enableDenyAndExceptions, headerTitle: "", rangerServiceDefModel : that.rangerServiceDefModel, rangerPolicyType : that.model.get('policyType') @@ -386,7 +395,7 @@ define(function(require){ that.$('[data-customfields="groupPermsDeny"]').html(new PermissionList({ collection : that.formInputDenyList, model : that.model, - accessTypes: accessType, + accessTypes: that.rangerServiceDefModel.get('name') != XAEnums.ServiceType.SERVICE_TAG.label ? accessType : enableDenyAndExceptions, headerTitle: "Deny", rangerServiceDefModel : that.rangerServiceDefModel, rangerPolicyType : that.model.get('policyType') @@ -394,7 +403,7 @@ define(function(require){ that.$('[data-customfields="groupPermsDenyExclude"]').html(new PermissionList({ collection : that.formInputDenyExceptionList, model : that.model, - accessTypes: accessType, + accessTypes: that.rangerServiceDefModel.get('name') != XAEnums.ServiceType.SERVICE_TAG.label ? accessType : enableDenyAndExceptions, headerTitle: "Deny", rangerServiceDefModel : that.rangerServiceDefModel, rangerPolicyType : that.model.get('policyType')
