| { |
| "serviceName":"hbasedev", |
| |
| "serviceDef":{ |
| "name":"hbase", |
| "id":2, |
| "resources":[ |
| {"name":"table","level":1,"parent":"","mandatory":true,"lookupSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":{"wildCard":true, "ignoreCase":true},"label":"HBase Table","description":"HBase Table"}, |
| {"name":"column-family","level":2,"parent":"table","mandatory":true,"lookupSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":{"wildCard":true, "ignoreCase":true},"label":"HBase Column-Family","description":"HBase Column-Family"}, |
| {"name":"column","level":3,"parent":"column-family","mandatory":true,"lookupSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":{"wildCard":true, "ignoreCase":true},"label":"HBase Column","description":"HBase Column"} |
| ], |
| "accessTypes":[ |
| {"name":"read","label":"Read"}, |
| {"name":"write","label":"Write"}, |
| {"name":"create","label":"Create"}, |
| {"name":"admin","label":"Admin","impliedGrants":["read","write","create"]} |
| ] |
| }, |
| |
| "policies":[ |
| {"id":1,"name":"table=default,*; column-family=default,*; column=default, *: audit-all-access","isEnabled":true,"isAuditEnabled":true, |
| "resources":{"table":{"values":["default", "*"]},"column-family":{"values":["default", "*"]}, "column":{"values":["default", "*"]}}, |
| "policyItems":[ |
| {"accesses":[{"type":"read","isAllowed":true},{"type":"write","isAllowed":true}, {"type":"create", "isAllowed":true}, |
| {"type":"admin", "isAllowed":true}],"users":["user1"],"groups":[],"delegateAdmin":false} |
| , |
| {"accesses":[{"type":"read","isAllowed":true}],"users":["hrt_qa"],"groups":[],"delegateAdmin":false} |
| ] |
| } |
| , |
| {"id":2,"name":"table=*; column-family=*; column=*: audit-all-access","isEnabled":true,"isAuditEnabled":true, |
| "resources":{"table":{"values":["*"]},"column-family":{"values":["*"]}, "column":{"values":["*"]}}, |
| "policyItems":[ |
| {"accesses":[{"type":"read","isAllowed":true},{"type":"write","isAllowed":true}, {"type":"create", "isAllowed":true}, |
| {"type":"admin", "isAllowed":true}],"users":["user1"],"groups":[],"delegateAdmin":false} |
| , |
| {"accesses":[{"type":"read","isAllowed":true}, {"type":"write", "isAllowed":true}],"users":["hrt_qa"],"groups":[],"delegateAdmin":false} |
| ] |
| } |
| ], |
| |
| "tests":[ |
| {"name":"TEST!!! ALLOW 'scan finance restricted-cf;' for hrt_qa", |
| "request":{ |
| "resource":{"elements":{"table":"finance","column-family":"restricted-cf"}}, |
| "accessType":"read","user":"hrt_qa","userGroups":[],"requestData":"scan finance restricted-cf; for hrt_qa" |
| }, |
| "result":{"isAudited":true,"isAllowed":true,"policyId":1} |
| } |
| , |
| {"name":"TEST!!! ALLOW 'put finance restricted-cf;' for hrt_qa", |
| "request":{ |
| "resource":{"elements":{"table":"finance","column-family":"restricted-cf"}}, |
| "accessType":"write","user":"hrt_qa","userGroups":[],"requestData":"put finance restricted-cf; for hrt_qa" |
| }, |
| "result":{"isAudited":true,"isAllowed":true,"policyId":2} |
| }, |
| {"name":"TEST!!! DENY 'create finance restricted-cf;' for hrt_qa", |
| "request":{ |
| "resource":{"elements":{"table":"finance","column-family":"restricted-cf"}}, |
| "accessType":"create","user":"hrt_qa","userGroups":[],"requestData":"create finance restricted-cf; for hrt_qa" |
| }, |
| "result":{"isAudited":true,"isAllowed":false,"policyId":-1} |
| } |
| , |
| {"name":"TEST!!! ALLOW 'create finance restricted-cf;' for user1", |
| "request":{ |
| "resource":{"elements":{"table":"finance","column-family":"restricted-cf"}}, |
| "accessType":"create","user":"user1","userGroups":[],"requestData":"create finance restricted-cf; for user1" |
| }, |
| "result":{"isAudited":true,"isAllowed":true,"policyId":1} |
| } |
| ] |
| } |
| |