This is an automated email from the ASF dual-hosted git repository.
madhan pushed a commit to branch ranger-2.4
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/ranger-2.4 by this push:
new b71f7dda6 RANGER-4083: Tag-based policy UI to not show permissions in
deny/exception for services that don't support deny/exception
b71f7dda6 is described below
commit b71f7dda628bb27302d8fa4e4672ad788e16306e
Author: Dhaval Rajpara <[email protected]>
AuthorDate: Tue Mar 14 18:51:15 2023 +0530
RANGER-4083: Tag-based policy UI to not show permissions in deny/exception
for services that don't support deny/exception
Signed-off-by: Madhan Neethiraj <[email protected]>
(cherry picked from commit 32f8ce52a1f7ebfa45dce7c50e718250a0adce53)
---
.../scripts/views/policies/RangerPolicyCreate.js | 10 ++++++----
.../webapp/scripts/views/policies/RangerPolicyForm.js | 19 ++++++++++++++-----
2 files changed, 20 insertions(+), 9 deletions(-)
diff --git
a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyCreate.js
b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyCreate.js
index b1e7a11a0..e6c262235 100644
---
a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyCreate.js
+++
b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyCreate.js
@@ -35,6 +35,7 @@ define(function(require){
var RangerPolicycreateTmpl =
require('hbs!tmpl/policies/RangerPolicyCreate_tmpl');
var RangerPolicyForm = require('views/policies/RangerPolicyForm');
var RangerServiceDef = require('models/RangerServiceDef');
+ var RangerServiceDefList = require('collections/RangerServiceDefList');
var Vent = require('modules/Vent');
var RangerPolicyCreate = Backbone.Marionette.Layout.extend(
@@ -130,6 +131,7 @@ define(function(require){
model : this.model,
rangerServiceDefModel :
this.rangerServiceDefModel,
rangerService : this.rangerService,
+ rangerServiceDefList: this.RangerServiceDefList
});
this.editPolicy = this.model.has('id') ? true : false;
@@ -137,13 +139,13 @@ define(function(require){
this.params = {};
},
initializeServiceDef : function(){
-
- this.rangerServiceDefModel = new
RangerServiceDef();
- this.rangerServiceDefModel.url =
XAUtil.getRangerServiceDef(this.rangerService.get('type'));
- this.rangerServiceDefModel.fetch({
+ var that = this
+ this.RangerServiceDefList = new RangerServiceDefList();
+ this.RangerServiceDefList.fetch({
cache : false,
async : false
});
+ this.rangerServiceDefModel =
this.RangerServiceDefList.findWhere({'name' : that.rangerService.get('type')})
},
/** all events binding here */
diff --git
a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js
b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js
index 002621119..118dfe215 100644
--- a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js
+++ b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js
@@ -72,7 +72,7 @@ define(function(require){
},
initialize: function(options) {
console.log("initialized a RangerPolicyForm Form View");
- _.extend(this, _.pick(options, 'rangerServiceDefModel',
'rangerService'));
+ _.extend(this, _.pick(options, 'rangerServiceDefModel',
'rangerService', 'rangerServiceDefList'));
Backbone.Form.prototype.initialize.call(this, options);
this.initializeCollection();
@@ -363,7 +363,16 @@ define(function(require){
if(enableDenyAndExceptionsInPolicies &&
this.$el.find(this.ui.isDenyAllElse).find('.toggle-slide').hasClass('active')){
this.$el.find(this.ui.denyConditionItems).hide();
}
-
+ var enableDenyAndExceptions =
accessType.filter(function(m){
+
if(!_.contains((that.rangerServiceDefList.map(function(m){
+
if(m.get('options').enableDenyAndExceptionsInPolicies == "false"){
+ return m.get("name")
+ }
+ })).filter(Boolean),
m.name.substr(0,m.name.indexOf(":")))){
+ return m
+ }
+ })
+
that.$('[data-customfields="groupPerms"]').html(new
PermissionList({
collection : that.formInputList,
model : that.model,
@@ -377,7 +386,7 @@ define(function(require){
that.$('[data-customfields="groupPermsAllowExclude"]').html(new PermissionList({
collection :
that.formInputAllowExceptionList,
model : that.model,
- accessTypes: accessType,
+ accessTypes:
that.rangerServiceDefModel.get('name') != XAEnums.ServiceType.SERVICE_TAG.label
? accessType : enableDenyAndExceptions,
headerTitle: "",
rangerServiceDefModel :
that.rangerServiceDefModel,
rangerPolicyType :
that.model.get('policyType')
@@ -386,7 +395,7 @@ define(function(require){
that.$('[data-customfields="groupPermsDeny"]').html(new PermissionList({
collection : that.formInputDenyList,
model : that.model,
- accessTypes: accessType,
+ accessTypes:
that.rangerServiceDefModel.get('name') != XAEnums.ServiceType.SERVICE_TAG.label
? accessType : enableDenyAndExceptions,
headerTitle: "Deny",
rangerServiceDefModel :
that.rangerServiceDefModel,
rangerPolicyType :
that.model.get('policyType')
@@ -394,7 +403,7 @@ define(function(require){
that.$('[data-customfields="groupPermsDenyExclude"]').html(new PermissionList({
collection :
that.formInputDenyExceptionList,
model : that.model,
- accessTypes: accessType,
+ accessTypes:
that.rangerServiceDefModel.get('name') != XAEnums.ServiceType.SERVICE_TAG.label
? accessType : enableDenyAndExceptions,
headerTitle: "Deny",
rangerServiceDefModel :
that.rangerServiceDefModel,
rangerPolicyType :
that.model.get('policyType')
