yujunjun/OpenMetadata
1
0
Fork 0
mirror of https://github.com/open-metadata/OpenMetadata.git synced 2025-12-12 07:48:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Domain Policy Update to be non-system (#19060)

Browse Source 
(cherry picked from commit 3578a4b32d605494d44073bfe3fb82742a62b93e)
This commit is contained in:
Mohit Yadav 2024-12-15 01:18:12 +05:30 committed by mohitdeuex
parent d2d7212bc6
commit 7175afb0cd
6 changed files with 14 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
bootstrap/sql/migrations/native/1.5.15/mysql/postDataMigrationSQLScript.sql Normal file
View File

5
bootstrap/sql/migrations/native/1.5.15/mysql/schemaChanges.sql Normal file
View File

@ -0,0 +1,5 @@
-- Make domain policy and role non-system
UPDATE policy_entity SET json = JSON_SET(json, '$.provider', 'user') where name = 'DomainOnlyAccessPolicy';
UPDATE policy_entity SET json = JSON_SET(json, '$.allowDelete', true) where name = 'DomainOnlyAccessPolicy';
UPDATE role_entity SET json = JSON_SET(json, '$.provider', 'user') where name = 'DomainOnlyAccessRole';
UPDATE role_entity SET json = JSON_SET(json, '$.allowDelete', true) where name = 'DomainOnlyAccessRole';

0
bootstrap/sql/migrations/native/1.5.15/postgres/postDataMigrationSQLScript.sql Normal file
View File

5
bootstrap/sql/migrations/native/1.5.15/postgres/schemaChanges.sql Normal file
View File

@ -0,0 +1,5 @@
-- Make domain policy and role non-system
UPDATE policy_entity SET json = JSONB_SET(json::jsonb, '{provider}', '"user"', true) where name = 'DomainOnlyAccessPolicy';
UPDATE policy_entity SET json = JSONB_SET(json::jsonb, '{allowDelete}', 'true', true) WHERE name = 'DomainOnlyAccessPolicy';
UPDATE role_entity SET json = JSONB_SET(json::jsonb, '{provider}', '"user"', true) where name = 'DomainOnlyAccessRole';
UPDATE role_entity SET json = JSONB_SET(json::jsonb, '{allowDelete}', 'true', true) WHERE name = 'DomainOnlyAccessRole';

4
openmetadata-service/src/main/resources/json/data/policy/DomainAccessPolicy.json
View File

@ -4,8 +4,8 @@
"fullyQualifiedName": "DomainOnlyAccessPolicy", "fullyQualifiedName": "DomainOnlyAccessPolicy",
"description": "This Policy adds restrictions so that users will have access to domain related data. If the user has some domain, then he will be able to access data only for that domain. If the user does not have any domain assigned , he will be able to access only assets which also does not have any domain.", "description": "This Policy adds restrictions so that users will have access to domain related data. If the user has some domain, then he will be able to access data only for that domain. If the user does not have any domain assigned , he will be able to access only assets which also does not have any domain.",
"enabled": true, "enabled": true,
"allowDelete": false, "allowDelete": true,
"provider": "system", "provider": "user",
"rules": [ "rules": [
{ {
"name": "DomainOnlyAccessRule", "name": "DomainOnlyAccessRule",

4
openmetadata-service/src/main/resources/json/data/role/DomainOnlyAccessRole.json
View File

@ -2,8 +2,8 @@
"name": "DomainOnlyAccessRole", "name": "DomainOnlyAccessRole",
"displayName": "Domain Only Access Role", "displayName": "Domain Only Access Role",
"description": "Role Corresponding to Domain Access Restriction.", "description": "Role Corresponding to Domain Access Restriction.",
"allowDelete": false, "allowDelete": true,
"provider": "system", "provider": "user",
"policies" : [ "policies" : [
{ {
"type" : "policy", "type" : "policy",