From ffc15b1cee943187c36d99fbecf7aedbc54ad8ae Mon Sep 17 00:00:00 2001 From: ankitpatnaik-atlan Date: Tue, 18 Feb 2025 15:43:59 +0530 Subject: [PATCH 1/7] feat: empower admin --- addons/policies/bootstrap_entity_policies.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/addons/policies/bootstrap_entity_policies.json b/addons/policies/bootstrap_entity_policies.json index 8b1aaf90f2..5f2fcab4ef 100644 --- a/addons/policies/bootstrap_entity_policies.json +++ b/addons/policies/bootstrap_entity_policies.json @@ -2988,7 +2988,7 @@ "policySubCategory": "default", "policyServiceName": "atlas", "policyType": "allow", - "policyPriority": 0, + "policyPriority": 1, "policyUsers": [], "policyGroups": From 319745c1a30f550b5acd678cb717ef140d4e2d07 Mon Sep 17 00:00:00 2001 From: ankitpatnaik-atlan Date: Thu, 20 Feb 2025 13:48:41 +0530 Subject: [PATCH 2/7] enabling data product policy --- addons/policies/bootstrap_entity_policies.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/addons/policies/bootstrap_entity_policies.json b/addons/policies/bootstrap_entity_policies.json index 5f2fcab4ef..e2f8e07dab 100644 --- a/addons/policies/bootstrap_entity_policies.json +++ b/addons/policies/bootstrap_entity_policies.json @@ -2999,7 +2999,7 @@ "$api-token-default-access" ], "policyResourceCategory": "ENTITY", - "isPolicyEnabled": false, + "isPolicyEnabled": true, "policyResources": [ "entity-type:DataProduct", From 8b14c9b1cd68fe868c59319e32160515fd3dc5ff Mon Sep 17 00:00:00 2001 From: ankitpatnaik-atlan Date: Thu, 20 Feb 2025 17:20:24 +0530 Subject: [PATCH 3/7] updating metadata policy priority --- addons/policies/bootstrap_entity_policies.json | 1 + 1 file changed, 1 insertion(+) diff --git a/addons/policies/bootstrap_entity_policies.json b/addons/policies/bootstrap_entity_policies.json index e2f8e07dab..438c3c730e 100644 --- a/addons/policies/bootstrap_entity_policies.json +++ b/addons/policies/bootstrap_entity_policies.json @@ -2116,6 +2116,7 @@ "policySubCategory": "default", "policyServiceName": "atlas", "policyType": "allow", + "policyPriority": 1, "policyUsers": [ "admin", From 8edc035aaea0e3b0963d281b095dee82dbc73c19 Mon Sep 17 00:00:00 2001 From: ankitpatnaik-atlan Date: Thu, 20 Feb 2025 18:28:32 +0530 Subject: [PATCH 4/7] update data domain policy priority --- addons/policies/bootstrap_entity_policies.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/addons/policies/bootstrap_entity_policies.json b/addons/policies/bootstrap_entity_policies.json index 438c3c730e..50e0a042f2 100644 --- a/addons/policies/bootstrap_entity_policies.json +++ b/addons/policies/bootstrap_entity_policies.json @@ -2880,7 +2880,7 @@ "policySubCategory": "default", "policyServiceName": "atlas", "policyType": "allow", - "policyPriority": 0, + "policyPriority": 1, "policyUsers": [], "policyGroups": From cd8edd8fd01e0d2a5704b2f3fc132bcd8c16dc96 Mon Sep 17 00:00:00 2001 From: ankitpatnaik-atlan Date: Thu, 20 Feb 2025 21:06:01 +0530 Subject: [PATCH 5/7] new relationship bootstrap policies for stakeholder and output/input ports --- .../policies/bootstrap_entity_policies.json | 7 +- .../bootstrap_relationship_policies.json | 234 ++++++++++++++++++ 2 files changed, 238 insertions(+), 3 deletions(-) diff --git a/addons/policies/bootstrap_entity_policies.json b/addons/policies/bootstrap_entity_policies.json index 50e0a042f2..31bfad3670 100644 --- a/addons/policies/bootstrap_entity_policies.json +++ b/addons/policies/bootstrap_entity_policies.json @@ -2880,7 +2880,7 @@ "policySubCategory": "default", "policyServiceName": "atlas", "policyType": "allow", - "policyPriority": 1, + "policyPriority": 0, "policyUsers": [], "policyGroups": @@ -2982,8 +2982,8 @@ "typeName": "AuthPolicy", "attributes": { - "name": "CUD_DATA_PRODUCT_ENTITY", - "qualifiedName": "CUD_DATA_PRODUCT_ENTITY", + "name": "CRUD_DATA_PRODUCT_ENTITY", + "qualifiedName": "CRUD_DATA_PRODUCT_ENTITY", "description": "Allows user to perform cud operation on DataProduct assets.", "policyCategory": "bootstrap", "policySubCategory": "default", @@ -3009,6 +3009,7 @@ ], "policyActions": [ + "entity-read", "entity-create", "entity-update", "entity-delete" diff --git a/addons/policies/bootstrap_relationship_policies.json b/addons/policies/bootstrap_relationship_policies.json index 0213803d59..4523f8f4bd 100644 --- a/addons/policies/bootstrap_relationship_policies.json +++ b/addons/policies/bootstrap_relationship_policies.json @@ -993,6 +993,240 @@ "remove-relationship" ] } + }, + { + "typeName": "AuthPolicy", + "attributes": + { + "name": "LINK_MESH_DATA_DOMAIN_TO_STAKE_HOLDER", + "qualifiedName": "LINK_MESH_DATA_DOMAIN_TO_STAKE_HOLDER", + "policyCategory": "bootstrap", + "policySubCategory": "default", + "policyServiceName": "atlas", + "policyType": "allow", + "policyPriority": 0, + "policyUsers": + [], + "policyGroups": + [], + "policyRoles": + [ + "$admin", + "$api-token-default-access" + ], + "policyResourceCategory": "RELATIONSHIP", + "policyResources": + [ + "relationship-type:*", + "end-one-entity-type:DataDomain", + "end-one-entity-classification:*", + "end-one-entity:{entity}", + "end-two-entity-type:Stakeholder", + "end-two-entity-classification:*", + "end-two-entity:default/*/{entity}" + ], + "policyActions": + [ + "add-relationship", + "update-relationship", + "remove-relationship" + ] + } + }, + { + "typeName": "AuthPolicy", + "attributes": + { + "name": "LINK_STAKEHOLDER_TITLE_TO_DATA_DOMAIN_STAKEHOLDER", + "qualifiedName": "LINK_STAKEHOLDER_TITLE_TO_DATA_DOMAIN_STAKEHOLDER", + "policyCategory": "bootstrap", + "policySubCategory": "default", + "policyServiceName": "atlas", + "policyType": "allow", + "policyPriority": 0, + "policyUsers": + [], + "policyGroups": + [], + "policyRoles": + [ + "$admin", + "$api-token-default-access" + ], + "policyResourceCategory": "RELATIONSHIP", + "policyResources": + [ + "relationship-type:*", + "end-one-entity-type:StakeholderTitle", + "end-one-entity-classification:*", + "end-one-entity:*", + "end-two-entity-type:Stakeholder", + "end-two-entity-classification:*", + "end-two-entity:default/*/{entity}" + ], + "policyActions": + [ + "add-relationship", + "update-relationship", + "remove-relationship" + ] + } + }, + { + "typeName": "AuthPolicy", + "attributes": + { + "name": "LINK_MESH_DATA_SUB_DOMAIN_TO_STAKE_HOLDER", + "qualifiedName": "LINK_MESH_DATA_SUB_DOMAIN_TO_STAKE_HOLDER", + "policyCategory": "bootstrap", + "policySubCategory": "default", + "policyServiceName": "atlas", + "policyType": "allow", + "policyPriority": 0, + "policyUsers": + [], + "policyGroups": + [], + "policyRoles": + [ + "$admin", + "$api-token-default-access" + ], + "policyResourceCategory": "RELATIONSHIP", + "policyResources": + [ + "relationship-type:*", + "end-one-entity-type:DataDomain", + "end-one-entity-classification:*", + "end-one-entity:{entity}/*domain/*", + "end-two-entity-type:Stakeholder", + "end-two-entity-classification:*", + "end-two-entity:default/*/{entity}/*" + ], + "policyActions": + [ + "add-relationship", + "update-relationship", + "remove-relationship" + ] + } + }, + { + "typeName": "AuthPolicy", + "attributes": + { + "name": "LINK_STAKEHOLDER_TITLE_TO_DATA_SUB_DOMAIN_STAKEHOLDER", + "qualifiedName": "LINK_STAKEHOLDER_TITLE_TO_DATA_SUB_DOMAIN_STAKEHOLDER", + "policyCategory": "bootstrap", + "policySubCategory": "default", + "policyServiceName": "atlas", + "policyType": "allow", + "policyPriority": 0, + "policyUsers": + [], + "policyGroups": + [], + "policyRoles": + [ + "$admin", + "$api-token-default-access" + ], + "policyResourceCategory": "RELATIONSHIP", + "policyResources": + [ + "relationship-type:*", + "end-one-entity-type:StakeholderTitle", + "end-one-entity-classification:*", + "end-one-entity:*", + "end-two-entity-type:Stakeholder", + "end-two-entity-classification:*", + "end-two-entity:default/*/{entity}/*" + ], + "policyActions": + [ + "add-relationship", + "update-relationship", + "remove-relationship" + ] + } + }, + { + "typeName": "AuthPolicy", + "attributes": + { + "name": "LINK_MESH_DATA_PRODUCT_TO_ASSET", + "qualifiedName": "LINK_MESH_DATA_PRODUCT_TO_ASSET", + "policyCategory": "bootstrap", + "policySubCategory": "default", + "policyServiceName": "atlas", + "policyType": "allow", + "policyPriority": 0, + "policyUsers": + [], + "policyGroups": + [], + "policyRoles": + [ + "$admin", + "$api-token-default-access" + ], + "policyResourceCategory": "RELATIONSHIP", + "policyResources": + [ + "relationship-type:*", + "end-one-entity-type:Asset", + "end-one-entity-classification:*", + "end-one-entity:*", + "end-two-entity-type:DataProduct", + "end-two-entity-classification:*", + "end-two-entity:{entity}/*product/*" + ], + "policyActions": + [ + "add-relationship", + "update-relationship", + "remove-relationship" + ] + } + }, + { + "typeName": "AuthPolicy", + "attributes": + { + "name": "LINK_MESH_DATA_PRODUCT_TO_ASSET", + "qualifiedName": "LINK_MESH_DATA_PRODUCT_TO_ASSET", + "policyCategory": "bootstrap", + "policySubCategory": "default", + "policyServiceName": "atlas", + "policyType": "allow", + "policyPriority": 0, + "policyUsers": + [], + "policyGroups": + [], + "policyRoles": + [ + "$admin", + "$api-token-default-access" + ], + "policyResourceCategory": "RELATIONSHIP", + "policyResources": + [ + "relationship-type:*", + "end-one-entity-type:DataProduct", + "end-one-entity-classification:*", + "end-one-entity:{entity}/*product/*", + "end-two-entity-type:Asset", + "end-two-entity-classification:*", + "end-two-entity:*" + ], + "policyActions": + [ + "add-relationship", + "update-relationship", + "remove-relationship" + ] + } } ] } \ No newline at end of file From 41dfebde7ab21bc3a8f7c46f1f505118c74733f5 Mon Sep 17 00:00:00 2001 From: ankitpatnaik-atlan Date: Fri, 21 Feb 2025 13:07:02 +0530 Subject: [PATCH 6/7] corrected name for product-asset policy --- addons/policies/bootstrap_relationship_policies.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/addons/policies/bootstrap_relationship_policies.json b/addons/policies/bootstrap_relationship_policies.json index 4523f8f4bd..3bc789390a 100644 --- a/addons/policies/bootstrap_relationship_policies.json +++ b/addons/policies/bootstrap_relationship_policies.json @@ -1154,8 +1154,8 @@ "typeName": "AuthPolicy", "attributes": { - "name": "LINK_MESH_DATA_PRODUCT_TO_ASSET", - "qualifiedName": "LINK_MESH_DATA_PRODUCT_TO_ASSET", + "name": "LINK_ASSET_TO_DATA_PRODUCT", + "qualifiedName": "LINK_ASSET_TO_DATA_PRODUCT", "policyCategory": "bootstrap", "policySubCategory": "default", "policyServiceName": "atlas", From 86856e9c69db125d4ccf946354dcc151e134e6a9 Mon Sep 17 00:00:00 2001 From: ankitpatnaik-atlan Date: Fri, 21 Feb 2025 13:50:55 +0530 Subject: [PATCH 7/7] changing the policy priority of new policies --- .../bootstrap_relationship_policies.json | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/addons/policies/bootstrap_relationship_policies.json b/addons/policies/bootstrap_relationship_policies.json index 3bc789390a..fc0c55d76f 100644 --- a/addons/policies/bootstrap_relationship_policies.json +++ b/addons/policies/bootstrap_relationship_policies.json @@ -1004,7 +1004,7 @@ "policySubCategory": "default", "policyServiceName": "atlas", "policyType": "allow", - "policyPriority": 0, + "policyPriority": 1, "policyUsers": [], "policyGroups": @@ -1043,7 +1043,7 @@ "policySubCategory": "default", "policyServiceName": "atlas", "policyType": "allow", - "policyPriority": 0, + "policyPriority": 1, "policyUsers": [], "policyGroups": @@ -1082,7 +1082,7 @@ "policySubCategory": "default", "policyServiceName": "atlas", "policyType": "allow", - "policyPriority": 0, + "policyPriority": 1, "policyUsers": [], "policyGroups": @@ -1121,7 +1121,7 @@ "policySubCategory": "default", "policyServiceName": "atlas", "policyType": "allow", - "policyPriority": 0, + "policyPriority": 1, "policyUsers": [], "policyGroups": @@ -1154,13 +1154,13 @@ "typeName": "AuthPolicy", "attributes": { - "name": "LINK_ASSET_TO_DATA_PRODUCT", - "qualifiedName": "LINK_ASSET_TO_DATA_PRODUCT", + "name": "LINK_ASSET_TO_MESH_DATA_PRODUCT", + "qualifiedName": "LINK_ASSET_TO_MESH_DATA_PRODUCT", "policyCategory": "bootstrap", "policySubCategory": "default", "policyServiceName": "atlas", "policyType": "allow", - "policyPriority": 0, + "policyPriority": 1, "policyUsers": [], "policyGroups": @@ -1199,7 +1199,7 @@ "policySubCategory": "default", "policyServiceName": "atlas", "policyType": "allow", - "policyPriority": 0, + "policyPriority": 1, "policyUsers": [], "policyGroups":