Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Gh-3300: Graph access controls for federated POC #3307

Merged
merged 19 commits into from
Oct 14, 2024
Merged

Gh-3300: Graph access controls for federated POC #3307

merged 19 commits into from
Oct 14, 2024

Conversation

tb06904
Copy link
Member

@tb06904 tb06904 commented Sep 30, 2024
edited by github-actions bot
Loading

Adds optional access controls for graphs added to federated stores to prevent users having visibility or modifying graphs they don't have access to.

Follows a similar concept to the old federated store by using the existing AccessControlledResource class and associated framework already in place. One main difference is graphAuths no longer exist they can instead be defined inside the DefaultUserPredicate or custom predicate, this would look something like the following if done via JSON:

{
    "readPredicate": {
        "class": "uk.gov.gchq.gaffer.access.predicate.AccessPredicate",
         "userPredicate": {
             "class": "uk.gov.gchq.gaffer.access.predicate.user.DefaultUserPredicate",
             "auths": [ "auth1", "auth2" ]
        }
    }
}

Related issue

@tb06904 tb06904 added federated-store Specific to/touches the federated-store module feature A proposed new feature labels Sep 30, 2024
@tb06904 tb06904 added this to the 2.4.0 milestone Sep 30, 2024
@tb06904 tb06904 linked an issue Sep 30, 2024 that may be closed by this pull request
Add Graph access controls for Federated POC #3300
Closed
@codecov Codecov
Copy link

codecov bot commented Sep 30, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 86.92308% with 17 lines in your changes missing coverage. Please review.

Project coverage is 67.91%. Comparing base (ac9c4a7) to head (f3b45d5).
Report is 1 commits behind head on develop.

Files with missing lines Patch % Lines
...hq/gaffer/federated/simple/operation/AddGraph.java 72.72% 6 Missing ⚠️
...e/operation/handler/FederatedOperationHandler.java 58.33% 4 Missing and 1 partial ⚠️
...ple/operation/handler/misc/RemoveGraphHandler.java 71.42% 2 Missing ⚠️
...mple/operation/handler/FederatedOutputHandler.java 88.88% 0 Missing and 1 partial ⚠️
.../simple/operation/handler/add/AddGraphHandler.java 91.66% 0 Missing and 1 partial ⚠️
.../operation/handler/get/GetAllGraphInfoHandler.java 92.30% 0 Missing and 1 partial ⚠️
...e/operation/handler/misc/ChangeGraphIdHandler.java 80.00% 1 Missing ⚠️
Additional details and impacted files 
@@              Coverage Diff              @@
##             develop    #3307      +/-   ##
=============================================
+ Coverage      67.87%   67.91%   +0.04%     
  Complexity      2596     2596              
=============================================
  Files            951      952       +1     
  Lines          30377    30469      +92     
  Branches        3347     3361      +14     
=============================================
+ Hits           20617    20692      +75     
- Misses          8293     8305      +12     
- Partials        1467     1472       +5

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@tb06904 tb06904 mentioned this pull request Oct 3, 2024
Merged
cn337131
cn337131 previously approved these changes Oct 4, 2024
View reviewed changes
cn337131
cn337131 previously approved these changes Oct 8, 2024
View reviewed changes
p29876
p29876 previously approved these changes Oct 8, 2024
View reviewed changes
@tb06904 tb06904 dismissed stale reviews from p29876 and cn337131 via 02fa850 October 14, 2024 11:05
@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Oct 14, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@wb36499 wb36499 merged commit 2b89f94 into develop Oct 14, 2024
27 of 28 checks passed
@wb36499 wb36499 deleted the gh-3300-access-control-federated-poc branch October 14, 2024 15:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cn337131 cn337131 cn337131 approved these changes

@p29876 p29876 p29876 approved these changes

@wb36499 wb36499 Awaiting requested review from wb36499

Assignees
No one assigned
Labels
feature A proposed new feature federated-store Specific to/touches the federated-store module
Projects
None yet
Milestone
2.4.0
Development

Successfully merging this pull request may close these issues.

Add Graph access controls for Federated POC
5 participants
@tb06904 @cn337131 @p29876 @wb36499 @j69772