From dce45ff80046eafa15788bd8bfbb499f5b652f3f Mon Sep 17 00:00:00 2001 From: Suman Das <59254445+sumandas0@users.noreply.github.com> Date: Mon, 9 Dec 2024 16:57:52 +0530 Subject: [PATCH 1/3] feat: add resources to tag service --- .../atlas-servicedef-atlas_tag.json | 450 +++++++++++++++++- 1 file changed, 448 insertions(+), 2 deletions(-) diff --git a/auth-agents-common/src/main/resources/service-defs/atlas-servicedef-atlas_tag.json b/auth-agents-common/src/main/resources/service-defs/atlas-servicedef-atlas_tag.json index 98ff10877f..cba65d8f6b 100644 --- a/auth-agents-common/src/main/resources/service-defs/atlas-servicedef-atlas_tag.json +++ b/auth-agents-common/src/main/resources/service-defs/atlas-servicedef-atlas_tag.json @@ -29,11 +29,457 @@ "uiHint":"{ \"singleValue\":true }", "label": "TAG", "description": "TAG" + }, + { + "itemId": 2, + "name": "type-category", + "type": "string", + "level": 10, + "mandatory": true, + "lookupSupported": true, + "recursiveSupported": false, + "excludesSupported": true, + "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", + "matcherOptions": { + "wildCard": "true", + "ignoreCase": "true" + }, + "label": "Type Catagory", + "description": "Type Catagory" + }, + { + "itemId": 3, + "name": "type", + "type": "string", + "level": 20, + "mandatory": true, + "parent": "type-category", + "isValidLeaf": true, + "lookupSupported": true, + "recursiveSupported": false, + "excludesSupported": true, + "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", + "matcherOptions": { + "wildCard": "true", + "ignoreCase": "false" + }, + "label": "Type Name", + "description": "Type Name", + "accessTypeRestrictions": ["type-read" ,"type-create", "type-update", "type-delete" ] + }, + { + "itemId": 4, + "name": "entity-type", + "type": "string", + "level": 10, + "mandatory": true, + "lookupSupported": true, + "recursiveSupported": false, + "excludesSupported": true, + "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", + "matcherOptions": { + "wildCard": "true", + "ignoreCase": "false" + }, + "label": "Entity Type", + "description": "Entity Type" + }, + { + "itemId": 5, + "name": "entity-classification", + "type": "string", + "level": 20, + "mandatory": true, + "parent": "entity-type", + "lookupSupported": true, + "recursiveSupported": false, + "excludesSupported": true, + "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", + "matcherOptions": { + "wildCard": "true", + "ignoreCase": "false" + }, + "label": "Entity Classification", + "description": "Entity Classification" + }, + { + "itemId": 6, + "name": "entity", + "type": "string", + "level": 30, + "mandatory": true, + "parent": "entity-classification", + "isValidLeaf": true, + "lookupSupported": true, + "recursiveSupported": false, + "excludesSupported": true, + "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", + "matcherOptions": { + "wildCard": "true", + "ignoreCase": "true" + }, + "label": "Entity ID", + "description": "Entity ID", + "accessTypeRestrictions": ["entity-read", "entity-create", "entity-update", "entity-delete"] + }, + { + "itemId": 7, + "name": "atlas-service", + "type": "string", + "level": 10, + "mandatory": true, + "lookupSupported": true, + "recursiveSupported": false, + "excludesSupported": true, + "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", + "matcherOptions": { + "wildCard": "true", + "ignoreCase": "true" + }, + "label": "Atlas Service", + "description": "Atlas Service", + "accessTypeRestrictions": ["admin-import", "admin-export", "admin-purge", "admin-audits", "admin-entity-audits", "admin-repair-index", "admin-task-cud"] + }, + { + "itemId": 8, + "name": "relationship-type", + "type": "string", + "level": 10, + "mandatory": true, + "lookupSupported": true, + "recursiveSupported": false, + "excludesSupported": true, + "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", + "matcherOptions": { + "wildCard": "true", + "ignoreCase": "false" + }, + "label": "Relationship Type", + "description": "Relationship Type" + }, + { + "itemId": 9, + "name": "end-one-entity-type", + "type": "string", + "level": 20, + "mandatory": true, + "parent": "relationship-type", + "lookupSupported": true, + "recursiveSupported": false, + "excludesSupported": true, + "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", + "matcherOptions": { + "wildCard": "true", + "ignoreCase": "false" + }, + "label": "End1 Entity Type", + "description": "End1 Entity Type" + }, + { + "itemId": 10, + "name": "end-one-entity-classification", + "type": "string", + "level": 30, + "mandatory": true, + "parent": "end-one-entity-type", + "lookupSupported": true, + "recursiveSupported": false, + "excludesSupported": true, + "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", + "matcherOptions": { + "wildCard": "true", + "ignoreCase": "false" + }, + "label": "End1 Entity Classification", + "description": "End1 Entity Classification" + }, + { + "itemId": 11, + "name": "end-one-entity", + "type": "string", + "level": 40, + "mandatory": true, + "parent": "end-one-entity-classification", + "lookupSupported": true, + "recursiveSupported": false, + "excludesSupported": true, + "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", + "matcherOptions": { + "wildCard": "true", + "ignoreCase": "true" + }, + "label": "End1 Entity ID", + "description": "End1 Entity ID" + }, + { + "itemId": 12, + "name": "end-two-entity-type", + "type": "string", + "level": 50, + "mandatory": true, + "parent": "end-one-entity", + "lookupSupported": true, + "recursiveSupported": false, + "excludesSupported": true, + "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", + "matcherOptions": { + "wildCard": "true", + "ignoreCase": "false" + }, + "label": "End2 Entity Type", + "description": "End2 Entity Type" + }, + { + "itemId": 13, + "name": "end-two-entity-classification", + "type": "string", + "level": 60, + "mandatory": true, + "parent": "end-two-entity-type", + "lookupSupported": true, + "recursiveSupported": false, + "excludesSupported": true, + "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", + "matcherOptions": { + "wildCard": "true", + "ignoreCase": "false" + }, + "label": "End2 Entity Classification", + "description": "End2 Entity Classification" + }, + { + "itemId": 14, + "name": "end-two-entity", + "type": "string", + "level": 70, + "mandatory": true, + "parent": "end-two-entity-classification", + "isValidLeaf": true, + "lookupSupported": true, + "recursiveSupported": false, + "excludesSupported": true, + "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", + "matcherOptions": { + "wildCard": "true", + "ignoreCase": "true" + }, + "label": "End2 Entity ID", + "description": "End2 Entity ID", + "accessTypeRestrictions": [ + "add-relationship", + "update-relationship", + "remove-relationship" + ] + }, + { + "itemId": 15, + "name": "entity-label", + "type": "string", + "level": 40, + "mandatory": true, + "parent": "entity", + "isValidLeaf": true, + "lookupSupported": true, + "recursiveSupported": false, + "excludesSupported": true, + "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", + "matcherOptions": { + "wildCard": "true", + "ignoreCase": "true" + }, + "label": "Label", + "description": "Label", + "accessTypeRestrictions": [ + "entity-add-label", + "entity-remove-label" + ] + }, + { + "itemId": 16, + "name": "entity-business-metadata", + "type": "string", + "level": 40, + "mandatory": true, + "parent": "entity", + "isValidLeaf": true, + "lookupSupported": true, + "recursiveSupported": false, + "excludesSupported": true, + "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", + "matcherOptions": { + "wildCard": "true", + "ignoreCase": "true" + }, + "label": "Business Metadata", + "description": "Business Metadata", + "accessTypeRestrictions": [ + "entity-update-business-metadata" + ] + }, + { + "itemId": 17, + "name": "classification", + "type": "string", + "level": 40, + "mandatory": true, + "parent": "entity", + "isValidLeaf": true, + "lookupSupported": true, + "recursiveSupported": false, + "excludesSupported": true, + "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", + "matcherOptions": { + "wildCard": "true", + "ignoreCase": "false" + }, + "label": "Targetted classifications", + "description": "Targetted classifications", + "accessTypeRestrictions": [ + "entity-add-classification", + "entity-update-classification", + "entity-remove-classification" + ] } ], - "accessTypes": - [ + "accessTypes": [ + { + "itemId": 1, + "name": "type-create", + "label": "Create Type", + "impliedGrants": + [ + "type-read" + ] + }, + { + "itemId": 2, + "name": "type-update", + "label": "Update Type", + "impliedGrants": + [ + "type-read" + ] + }, + { + "itemId": 3, + "name": "type-delete", + "label": "Delete Type", + "impliedGrants": + [ + "type-read" + ] + }, + { + "itemId": 4, + "name": "entity-read", + "label": "Read Entity" + }, + { + "itemId": 5, + "name": "entity-create", + "label": "Create Entity" + }, + { + "itemId": 6, + "name": "entity-update", + "label": "Update Entity" + }, + { + "itemId": 7, + "name": "entity-delete", + "label": "Delete Entity" + }, + { + "itemId": 8, + "name": "entity-add-classification", + "label": "Add Classification" + }, + { + "itemId": 9, + "name": "entity-update-classification", + "label": "Update Classification" + }, + { + "itemId": 10, + "name": "entity-remove-classification", + "label": "Remove Classification" + }, + { + "itemId": 11, + "name": "admin-export", + "label": "Admin Export" + }, + { + "itemId": 12, + "name": "admin-import", + "label": "Admin Import" + }, + { + "itemId": 13, + "name": "add-relationship", + "label": "Add Relationship" + }, + { + "itemId": 14, + "name": "update-relationship", + "label": "Update Relationship" + }, + { + "itemId": 15, + "name": "remove-relationship", + "label": "Remove Relationship" + }, + { + "itemId": 16, + "name": "admin-purge", + "label": "Admin Purge" + }, + { + "itemId": 17, + "name": "entity-add-label", + "label": "Add Label" + }, + { + "itemId": 18, + "name": "entity-remove-label", + "label": "Remove Label" + }, + { + "itemId": 19, + "name": "entity-update-business-metadata", + "label": "Update Business Metadata" + }, + { + "itemId": 20, + "name": "type-read", + "label": "Read Type" + }, + { + "itemId": 21, + "name": "admin-audits", + "label": "Admin Audits" + }, + { + "itemId": 22, + "name": "admin-entity-audits", + "label": "Admin Entity Audits" + }, + { + "itemId": 23, + "name": "admin-repair-index", + "label": "Admin Repair Index" + }, + { + "itemId": 24, + "name": "admin-task-cud", + "label": "Admin task CUD API" + }, + { + "itemId": 25, + "name": "admin-featureFlag-cud", + "label": "Admin featureflag CUD API" + } ], From 9d71641cdf724087c63e4d18790cc734ae46fe0b Mon Sep 17 00:00:00 2001 From: Suman Das <59254445+sumandas0@users.noreply.github.com> Date: Mon, 9 Dec 2024 18:21:41 +0530 Subject: [PATCH 2/3] Revert "feat: add resources to tag service" This reverts commit dce45ff80046eafa15788bd8bfbb499f5b652f3f. --- .../atlas-servicedef-atlas_tag.json | 450 +----------------- 1 file changed, 2 insertions(+), 448 deletions(-) diff --git a/auth-agents-common/src/main/resources/service-defs/atlas-servicedef-atlas_tag.json b/auth-agents-common/src/main/resources/service-defs/atlas-servicedef-atlas_tag.json index cba65d8f6b..98ff10877f 100644 --- a/auth-agents-common/src/main/resources/service-defs/atlas-servicedef-atlas_tag.json +++ b/auth-agents-common/src/main/resources/service-defs/atlas-servicedef-atlas_tag.json @@ -29,457 +29,11 @@ "uiHint":"{ \"singleValue\":true }", "label": "TAG", "description": "TAG" - }, - { - "itemId": 2, - "name": "type-category", - "type": "string", - "level": 10, - "mandatory": true, - "lookupSupported": true, - "recursiveSupported": false, - "excludesSupported": true, - "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", - "matcherOptions": { - "wildCard": "true", - "ignoreCase": "true" - }, - "label": "Type Catagory", - "description": "Type Catagory" - }, - { - "itemId": 3, - "name": "type", - "type": "string", - "level": 20, - "mandatory": true, - "parent": "type-category", - "isValidLeaf": true, - "lookupSupported": true, - "recursiveSupported": false, - "excludesSupported": true, - "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", - "matcherOptions": { - "wildCard": "true", - "ignoreCase": "false" - }, - "label": "Type Name", - "description": "Type Name", - "accessTypeRestrictions": ["type-read" ,"type-create", "type-update", "type-delete" ] - }, - { - "itemId": 4, - "name": "entity-type", - "type": "string", - "level": 10, - "mandatory": true, - "lookupSupported": true, - "recursiveSupported": false, - "excludesSupported": true, - "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", - "matcherOptions": { - "wildCard": "true", - "ignoreCase": "false" - }, - "label": "Entity Type", - "description": "Entity Type" - }, - { - "itemId": 5, - "name": "entity-classification", - "type": "string", - "level": 20, - "mandatory": true, - "parent": "entity-type", - "lookupSupported": true, - "recursiveSupported": false, - "excludesSupported": true, - "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", - "matcherOptions": { - "wildCard": "true", - "ignoreCase": "false" - }, - "label": "Entity Classification", - "description": "Entity Classification" - }, - { - "itemId": 6, - "name": "entity", - "type": "string", - "level": 30, - "mandatory": true, - "parent": "entity-classification", - "isValidLeaf": true, - "lookupSupported": true, - "recursiveSupported": false, - "excludesSupported": true, - "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", - "matcherOptions": { - "wildCard": "true", - "ignoreCase": "true" - }, - "label": "Entity ID", - "description": "Entity ID", - "accessTypeRestrictions": ["entity-read", "entity-create", "entity-update", "entity-delete"] - }, - { - "itemId": 7, - "name": "atlas-service", - "type": "string", - "level": 10, - "mandatory": true, - "lookupSupported": true, - "recursiveSupported": false, - "excludesSupported": true, - "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", - "matcherOptions": { - "wildCard": "true", - "ignoreCase": "true" - }, - "label": "Atlas Service", - "description": "Atlas Service", - "accessTypeRestrictions": ["admin-import", "admin-export", "admin-purge", "admin-audits", "admin-entity-audits", "admin-repair-index", "admin-task-cud"] - }, - { - "itemId": 8, - "name": "relationship-type", - "type": "string", - "level": 10, - "mandatory": true, - "lookupSupported": true, - "recursiveSupported": false, - "excludesSupported": true, - "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", - "matcherOptions": { - "wildCard": "true", - "ignoreCase": "false" - }, - "label": "Relationship Type", - "description": "Relationship Type" - }, - { - "itemId": 9, - "name": "end-one-entity-type", - "type": "string", - "level": 20, - "mandatory": true, - "parent": "relationship-type", - "lookupSupported": true, - "recursiveSupported": false, - "excludesSupported": true, - "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", - "matcherOptions": { - "wildCard": "true", - "ignoreCase": "false" - }, - "label": "End1 Entity Type", - "description": "End1 Entity Type" - }, - { - "itemId": 10, - "name": "end-one-entity-classification", - "type": "string", - "level": 30, - "mandatory": true, - "parent": "end-one-entity-type", - "lookupSupported": true, - "recursiveSupported": false, - "excludesSupported": true, - "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", - "matcherOptions": { - "wildCard": "true", - "ignoreCase": "false" - }, - "label": "End1 Entity Classification", - "description": "End1 Entity Classification" - }, - { - "itemId": 11, - "name": "end-one-entity", - "type": "string", - "level": 40, - "mandatory": true, - "parent": "end-one-entity-classification", - "lookupSupported": true, - "recursiveSupported": false, - "excludesSupported": true, - "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", - "matcherOptions": { - "wildCard": "true", - "ignoreCase": "true" - }, - "label": "End1 Entity ID", - "description": "End1 Entity ID" - }, - { - "itemId": 12, - "name": "end-two-entity-type", - "type": "string", - "level": 50, - "mandatory": true, - "parent": "end-one-entity", - "lookupSupported": true, - "recursiveSupported": false, - "excludesSupported": true, - "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", - "matcherOptions": { - "wildCard": "true", - "ignoreCase": "false" - }, - "label": "End2 Entity Type", - "description": "End2 Entity Type" - }, - { - "itemId": 13, - "name": "end-two-entity-classification", - "type": "string", - "level": 60, - "mandatory": true, - "parent": "end-two-entity-type", - "lookupSupported": true, - "recursiveSupported": false, - "excludesSupported": true, - "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", - "matcherOptions": { - "wildCard": "true", - "ignoreCase": "false" - }, - "label": "End2 Entity Classification", - "description": "End2 Entity Classification" - }, - { - "itemId": 14, - "name": "end-two-entity", - "type": "string", - "level": 70, - "mandatory": true, - "parent": "end-two-entity-classification", - "isValidLeaf": true, - "lookupSupported": true, - "recursiveSupported": false, - "excludesSupported": true, - "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", - "matcherOptions": { - "wildCard": "true", - "ignoreCase": "true" - }, - "label": "End2 Entity ID", - "description": "End2 Entity ID", - "accessTypeRestrictions": [ - "add-relationship", - "update-relationship", - "remove-relationship" - ] - }, - { - "itemId": 15, - "name": "entity-label", - "type": "string", - "level": 40, - "mandatory": true, - "parent": "entity", - "isValidLeaf": true, - "lookupSupported": true, - "recursiveSupported": false, - "excludesSupported": true, - "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", - "matcherOptions": { - "wildCard": "true", - "ignoreCase": "true" - }, - "label": "Label", - "description": "Label", - "accessTypeRestrictions": [ - "entity-add-label", - "entity-remove-label" - ] - }, - { - "itemId": 16, - "name": "entity-business-metadata", - "type": "string", - "level": 40, - "mandatory": true, - "parent": "entity", - "isValidLeaf": true, - "lookupSupported": true, - "recursiveSupported": false, - "excludesSupported": true, - "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", - "matcherOptions": { - "wildCard": "true", - "ignoreCase": "true" - }, - "label": "Business Metadata", - "description": "Business Metadata", - "accessTypeRestrictions": [ - "entity-update-business-metadata" - ] - }, - { - "itemId": 17, - "name": "classification", - "type": "string", - "level": 40, - "mandatory": true, - "parent": "entity", - "isValidLeaf": true, - "lookupSupported": true, - "recursiveSupported": false, - "excludesSupported": true, - "matcher": "org.apache.atlas.plugin.resourcematcher.RangerDefaultResourceMatcher", - "matcherOptions": { - "wildCard": "true", - "ignoreCase": "false" - }, - "label": "Targetted classifications", - "description": "Targetted classifications", - "accessTypeRestrictions": [ - "entity-add-classification", - "entity-update-classification", - "entity-remove-classification" - ] } ], - "accessTypes": [ - { - "itemId": 1, - "name": "type-create", - "label": "Create Type", - "impliedGrants": - [ - "type-read" - ] - }, - { - "itemId": 2, - "name": "type-update", - "label": "Update Type", - "impliedGrants": - [ - "type-read" - ] - }, - { - "itemId": 3, - "name": "type-delete", - "label": "Delete Type", - "impliedGrants": - [ - "type-read" - ] - }, - { - "itemId": 4, - "name": "entity-read", - "label": "Read Entity" - }, - { - "itemId": 5, - "name": "entity-create", - "label": "Create Entity" - }, - { - "itemId": 6, - "name": "entity-update", - "label": "Update Entity" - }, - { - "itemId": 7, - "name": "entity-delete", - "label": "Delete Entity" - }, - { - "itemId": 8, - "name": "entity-add-classification", - "label": "Add Classification" - }, - { - "itemId": 9, - "name": "entity-update-classification", - "label": "Update Classification" - }, - { - "itemId": 10, - "name": "entity-remove-classification", - "label": "Remove Classification" - }, - { - "itemId": 11, - "name": "admin-export", - "label": "Admin Export" - }, - { - "itemId": 12, - "name": "admin-import", - "label": "Admin Import" - }, - { - "itemId": 13, - "name": "add-relationship", - "label": "Add Relationship" - }, - { - "itemId": 14, - "name": "update-relationship", - "label": "Update Relationship" - }, - { - "itemId": 15, - "name": "remove-relationship", - "label": "Remove Relationship" - }, - { - "itemId": 16, - "name": "admin-purge", - "label": "Admin Purge" - }, - { - "itemId": 17, - "name": "entity-add-label", - "label": "Add Label" - }, - { - "itemId": 18, - "name": "entity-remove-label", - "label": "Remove Label" - }, - { - "itemId": 19, - "name": "entity-update-business-metadata", - "label": "Update Business Metadata" - }, - { - "itemId": 20, - "name": "type-read", - "label": "Read Type" - }, - { - "itemId": 21, - "name": "admin-audits", - "label": "Admin Audits" - }, - { - "itemId": 22, - "name": "admin-entity-audits", - "label": "Admin Entity Audits" - }, - { - "itemId": 23, - "name": "admin-repair-index", - "label": "Admin Repair Index" - }, - { - "itemId": 24, - "name": "admin-task-cud", - "label": "Admin task CUD API" - }, - { - "itemId": 25, - "name": "admin-featureFlag-cud", - "label": "Admin featureflag CUD API" - } + "accessTypes": + [ ], From 8b9f30b89aa13277629a7d874d30f712575941c9 Mon Sep 17 00:00:00 2001 From: Suman Das <59254445+sumandas0@users.noreply.github.com> Date: Mon, 9 Dec 2024 18:22:13 +0530 Subject: [PATCH 3/3] feat: add atlas authZ in case of relationship evaluator --- .../policytransformer/CachePolicyTransformerImpl.java | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/auth-agents-common/src/main/java/org/apache/atlas/policytransformer/CachePolicyTransformerImpl.java b/auth-agents-common/src/main/java/org/apache/atlas/policytransformer/CachePolicyTransformerImpl.java index 87df320336..bfab5baa6c 100644 --- a/auth-agents-common/src/main/java/org/apache/atlas/policytransformer/CachePolicyTransformerImpl.java +++ b/auth-agents-common/src/main/java/org/apache/atlas/policytransformer/CachePolicyTransformerImpl.java @@ -82,6 +82,7 @@ import static org.apache.atlas.repository.util.AccessControlUtils.POLICY_CATEGORY_PURPOSE; import static org.apache.atlas.repository.util.AccessControlUtils.getIsPolicyEnabled; import static org.apache.atlas.repository.util.AccessControlUtils.getPolicyCategory; +import static org.apache.atlas.services.tag.RangerServiceTag.TAG_RESOURCE_NAME; @Component public class CachePolicyTransformerImpl { @@ -709,7 +710,14 @@ private RangerPolicy getRangerPolicy(AtlasEntityHeader atlasPolicy, String servi //policy.setId(atlasPolicy.getGuid()); policy.setName((String) atlasPolicy.getAttribute(QUALIFIED_NAME)); policy.setService((String) atlasPolicy.getAttribute(ATTR_POLICY_SERVICE_NAME)); - policy.setServiceType(serviceType); + + // Adding atlas as serviceType for tag policies, as atlas_tag doesn't have all the resource available for evaluation + if (serviceType != null && serviceType.equals(TAG_RESOURCE_NAME) && policy.getService().equals("atlas")) { + policy.setServiceType("atlas"); + } else { + policy.setServiceType(serviceType); + } + policy.setGuid(atlasPolicy.getGuid()); policy.setCreatedBy(atlasPolicy.getCreatedBy()); policy.setCreateTime(atlasPolicy.getCreateTime());