[AMBARI-13865] Add authorizations to permissions so that the definition of a permission (or role) is explicit - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Task
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: None
Component/s: None
Labels:
- rbac

Epic Link:
Ambari role-based access control

Description

Add authorizations to permissions so that the definition of a permission (or role) is explicit.

A new table needs to be created to store the authorizations:

TABLE roleauthorization (
  authorization_id VARCHAR(100) NOT NULL,
  authorization_name VARCHAR(255) NOT NULL,
  resource_type_id INTEGER NOT NULL,
  PRIMARY KEY(authorization_id)
)

A new table needs to be added to map authorizations to permissions

TABLE permission_roleauthorization (
  permission_id BIGINT NOT NULL,
  authorization_id VARCHAR(100) NOT NULL,
  PRIMARY KEY(permission_id, authorization_id)
);

A new Entity needs to be created to hold the authorization record data (org.apache.ambari.server.orm.entities.AuthorizationEntity).

The existing PermissionEntity org.apache.ambari.server.orm.entities.PermissionEntity needs to be updated to include AuthorizationEntities.

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

AMBARI-13865_trunk_03.patch
18/Nov/15 16:28
252 kB
Robert Levas
AMBARI-13865_trunk_02.patch
18/Nov/15 12:07
252 kB
Robert Levas
AMBARI-13865_trunk_01.patch
18/Nov/15 10:16
249 kB
Robert Levas

Activity

People

Assignee:: Robert Levas

Reporter:: Robert Levas

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 12/Nov/15 20:11

Updated:: 18/Nov/15 21:33

Resolved:: 18/Nov/15 18:44