atlas-simple-authz-policy.json 2.25 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23
{
  "roles": {
    "ROLE_ADMIN": {
      "adminPermissions": [
        {
          "privileges": [ ".*" ]
        }
      ],

      "entityPermissions": [
        {
          "privileges":      [ ".*" ],
          "entityTypes":     [ ".*" ],
          "entityIds":       [ ".*" ],
          "classifications": [ ".*" ]
        }
      ],

      "typePermissions": [
        {
          "privileges":     [ ".*" ],
          "typeCategories": [ ".*" ],
          "typeNames":      [ ".*" ]
24 25 26 27
        }
      ],
      "relationshipPermissions": [
        {
28 29 30 31 32 33 34 35
          "privileges":                 [ ".*" ],
          "relationshipTypes":          [ ".*" ],
          "endOneEntityType":           [ ".*" ],
          "endOneEntityId":             [ ".*" ],
          "endOneEntityClassification": [ ".*" ],
          "endTwoEntityType":           [ ".*" ],
          "endTwoEntityId":             [ ".*" ],
          "endTwoEntityClassification": [ ".*" ]
36 37 38 39 40 41 42
        }
      ]
    },

    "DATA_SCIENTIST": {
      "entityPermissions": [
        {
43 44 45 46 47 48
          "privileges":       [ "entity-read", "entity-read-classification" ],
          "entityTypes":      [ ".*" ],
          "entityIds":        [ ".*" ],
          "classifications":  [ ".*" ],
          "labels":           [ ".*" ],
          "businessMetadata": [ ".*" ]
49 50 51 52 53 54 55
        }
      ]
    },

    "DATA_STEWARD": {
      "entityPermissions": [
        {
56 57 58 59 60 61
          "privileges":       [ "entity-read", "entity-create", "entity-update", "entity-read-classification", "entity-add-classification", "entity-update-classification", "entity-remove-classification", "entity-add-label", "entity-remove-label", "entity-update-business-metadata" ],
          "entityTypes":      [ ".*" ],
          "entityIds":        [ ".*" ],
          "classifications":  [ ".*" ],
          "labels":           [ ".*" ],
          "businessMetadata": [ ".*" ]
62 63 64 65 66 67
        }
      ]
    }
  },

  "userRoles": {
68 69
    "admin":          [ "ROLE_ADMIN" ],
    "rangertagsync":  [ "DATA_SCIENTIST" ],
70
    "dataScientist1": [ "DATA_SCIENTIST"],
71
    "dataSteward1":   [ "DATA_STEWARD"]
72 73 74 75 76 77 78 79 80
  },

  "groupRoles": {
    "ROLE_ADMIN":      [ "ROLE_ADMIN" ],
    "hadoop":          [ "DATA_STEWARD" ],
    "DATA_STEWARD":    [ "DATA_STEWARD" ],
    "RANGER_TAG_SYNC": [ "DATA_SCIENTIST" ]
  }
}