Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Gh-3300: Graph access controls for federated POC #3307

Open
wants to merge 12 commits into
base: develop
Choose a base branch
from
Open

Gh-3300: Graph access controls for federated POC #3307

wants to merge 12 commits into from

Conversation

tb06904
Copy link
Member

@tb06904 tb06904 commented Sep 30, 2024
edited by github-actions bot
Loading

Adds optional access controls for graphs added to federated stores to prevent users having visibility or modifying graphs they don't have access to.

Follows a similar concept to the old federated store by using the existing AccessControlledResource class and associated framework already in place. One main difference is graphAuths no longer exist they can instead be defined inside the DefaultUserPredicate or custom predicate, this would look something like the following if done via JSON:

{
    "readPredicate": {
        "class": "uk.gov.gchq.gaffer.access.predicate.AccessPredicate",
         "userPredicate": {
             "class": "uk.gov.gchq.gaffer.access.predicate.user.DefaultUserPredicate",
             "auths": [ "auth1", "auth2" ]
        }
    }
}

Related issue

@tb06904 tb06904 added federated-store Specific to/touches the federated-store module feature A proposed new feature labels Sep 30, 2024
@tb06904 tb06904 added this to the 2.4.0 milestone Sep 30, 2024
@tb06904 tb06904 linked an issue Sep 30, 2024 that may be closed by this pull request
Add Graph access controls for Federated POC #3300
Open
@codecov Codecov
Copy link

codecov bot commented Sep 30, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 86.50794% with 17 lines in your changes missing coverage. Please review.

Project coverage is 67.88%. Comparing base (9d4563d) to head (51d4609).

Files with missing lines Patch % Lines
...hq/gaffer/federated/simple/operation/AddGraph.java 72.72% 6 Missing ⚠️
...e/operation/handler/FederatedOperationHandler.java 50.00% 4 Missing and 1 partial ⚠️
...ple/operation/handler/misc/RemoveGraphHandler.java 71.42% 2 Missing ⚠️
...mple/operation/handler/FederatedOutputHandler.java 88.88% 0 Missing and 1 partial ⚠️
.../simple/operation/handler/add/AddGraphHandler.java 91.66% 0 Missing and 1 partial ⚠️
.../operation/handler/get/GetAllGraphInfoHandler.java 92.30% 0 Missing and 1 partial ⚠️
...e/operation/handler/misc/ChangeGraphIdHandler.java 80.00% 1 Missing ⚠️
Additional details and impacted files 
@@              Coverage Diff              @@
##             develop    #3307      +/-   ##
=============================================
+ Coverage      67.84%   67.88%   +0.03%     
  Complexity      2595     2595              
=============================================
  Files            951      952       +1     
  Lines          30353    30442      +89     
  Branches        3344     3358      +14     
=============================================
+ Hits           20594    20666      +72     
- Misses          8292     8304      +12     
- Partials        1467     1472       +5

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Sep 30, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cn337131 cn337131 Awaiting requested review from cn337131

@p29876 p29876 Awaiting requested review from p29876

@wb36499 wb36499 Awaiting requested review from wb36499

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
feature A proposed new feature federated-store Specific to/touches the federated-store module
Projects
None yet
Milestone
2.4.0
Development

Successfully merging this pull request may close these issues.

Add Graph access controls for Federated POC
1 participant
@tb06904