Merge pull request #3 from ing-bank/feature/cidr-range-addition

Add CIDR conditions to ranger and change implementing class

Author: Bongani

airlock-dev-apache-ranger/resources/policy/ranger-policy-s3.json

@@ -26,7 +26,14 @@
       "groups": [
         "testgroup"
       ],
-      "conditions": [],
+      "conditions": [
+        {
+          "type": "cidr",
+          "values": [
+            "*"
+          ]
+        }
+      ],
       "delegateAdmin": false
     }
   ],
@@ -46,6 +53,27 @@
       ],
       "conditions": [],
       "delegateAdmin": false
+    },
+    {
+      "accesses": [
+        {
+          "type": "read",
+          "isAllowed": true
+        }
+      ],
+      "users": [
+        "testuser"
+      ],
+      "groups": [],
+      "conditions": [
+        {
+          "type": "cidr",
+          "values": [
+            "1.2.3.4/32"
+          ]
+        }
+      ],
+      "delegateAdmin": false
     }
   ],
   "allowExceptions": [],

airlock-dev-apache-ranger/resources/servicedef/ranger-servicedef-s3.json

@@ -106,7 +106,7 @@
         "name": "cidr",
         "label": "IP address within cidr range?",
         "description": "Ip address within cidr range?",
-        "evaluator": "com.ing.ranger.conditions.IpMatcher",
+        "evaluator": "com.ing.wbaa.ranger.plugin.conditionevaluator.IpCidrMatcher",
         "evaluatorOptions": {}
       }
     ]