This is an automated email from the ASF dual-hosted git repository.
abhi pushed a change to branch ranger_5353
in repository https://gitbox.apache.org/repos/asf/ranger.git
omit 05dbccd20 Add licenses to files
omit 8ba27c84c RANGER-5353: Introduce Material for Mkdocs for Apache Ranger
Docs
add 9e8172aa8 RANGER-5436: Fix typo in variable name for namespace
permission (#789)
add 59ec774f6 RANGER-5437: Add GitHub Pages configuration to .asf.yaml
(#792)
add ab3d058b1 RANGER-4939: upgrade Elasticsearch version to 7.17.29 (#398)
add 2e95a1544 RANGER-5433: update service-def json files for readability
and consistent formatting (#786)
add f64b4b3d2 RANGER-5248: Disable Log4J Audit Destination for Ozone in OM
container (#790)
add 8046faee1 Bump urllib3 from 2.6.0 to 2.6.3 in
/ranger-tools/src/main/python (#795)
add ae3e53708 RANGER-2713: Remove audit fields from XXPolicyRef objects
(#796)
add 2921ffe5d RANGER-3491: fix error logs while bootstraping service-defs
- TAG service-def not found (#125)
add 6d6bce47f RANGER-5148: fix redundant role cache update in concurrent
scenarios (#538)
add ad4e268f1 RANGER-5442: replace repeated Gson instantiation with
JsonUtils methods (#799)
add ac2ee833d Bump requests from 2.32.3 to 2.32.5 in
/ranger-tools/src/main/python (#587)
add 4e28186b2 Bump jinja2 from 3.1.5 to 3.1.6 in
/ranger-tools/src/main/python (#551)
add f0ef93e36 Bump fonttools from 4.34.4 to 4.61.0 in
/ranger-tools/src/main/python (#756)
add 6de71c0ed RANGER-5434: Docker setup update to support test users in
containers (#787)
add 10f5d07b7 RANGER-5353: Introduce Material for Mkdocs for Apache Ranger
Docs (#793)
add f5ca3ca06 RANGER-5312: authz-embedded (#696)
add bee5e20ce RANGER-5020: Fix duplicate ranger-pmd-ruleset and use
central ruleset in dev-support (#423)
add aeda5d4f3 RANGER-5126: Add workflow to test Ranger Upgrades in Docker
(#610)
new 4400c809a RANGER-5355: Add content under Project tab
This update added new revisions after undoing existing revisions.
That is to say, some revisions that were in the old version of the
branch are not in the new version. This situation occurs
when a user --force pushes a change and generates a repository
containing something like this:
* -- * -- B -- O -- O -- O (05dbccd20)
\
N -- N -- N refs/heads/ranger_5353 (4400c809a)
You should already have received notification emails for all of the O
revisions, and so the following emails describe only the N revisions
from the common base, B.
Any revisions marked "omit" are not gone; other references still
refer to them. Any revisions marked "discard" are gone forever.
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.asf.yaml | 2 +
.github/workflows/ci.yml | 1 +
.github/workflows/upgrade-ranger.yaml | 93 +++
.../plugin/store/EmbeddedServiceDefsUtil.java | 12 +-
.../service-defs/ranger-servicedef-abfs.json | 162 ++--
.../service-defs/ranger-servicedef-atlas.json | 797 ++++++++------------
.../ranger-servicedef-elasticsearch.json | 249 ++-----
.../service-defs/ranger-servicedef-gds.json | 58 +-
.../service-defs/ranger-servicedef-hbase.json | 346 +++------
.../service-defs/ranger-servicedef-hdfs.json | 321 ++------
.../service-defs/ranger-servicedef-hive.json | 664 +++++------------
.../service-defs/ranger-servicedef-kafka.json | 377 +++-------
.../service-defs/ranger-servicedef-kms.json | 189 +----
.../service-defs/ranger-servicedef-knox.json | 199 ++---
.../service-defs/ranger-servicedef-kudu.json | 231 ++----
.../service-defs/ranger-servicedef-kylin.json | 159 +---
.../ranger-servicedef-nestedstructure.json | 144 ++--
.../ranger-servicedef-nifi-registry.json | 220 +-----
.../service-defs/ranger-servicedef-nifi.json | 215 +-----
.../service-defs/ranger-servicedef-ozone.json | 413 +++-------
.../service-defs/ranger-servicedef-presto.json | 601 +++++----------
.../ranger-servicedef-schema-registry.json | 339 +++------
.../service-defs/ranger-servicedef-solr.json | 285 +++----
.../service-defs/ranger-servicedef-sqoop.json | 196 ++---
.../service-defs/ranger-servicedef-storm.json | 225 ++----
.../service-defs/ranger-servicedef-tag.json | 107 +--
.../service-defs/ranger-servicedef-trino.json | 755 ++++++-------------
.../service-defs/ranger-servicedef-wasb.json | 141 ++--
.../service-defs/ranger-servicedef-yarn.json | 200 ++---
.../ranger/authz/model/RangerAuthzResult.java | 141 +++-
.../authz/util/RangerResourceNameParser.java | 24 +-
.../authz/util/TestRangerResourceNameParser.java | 54 +-
{plugin-kudu => authz-embedded}/pom.xml | 34 +-
.../src/conf/ranger-authz-embedded.properties | 64 ++
.../authz/embedded/RangerAuthzAuditHandler.java | 69 ++
.../ranger/authz/embedded/RangerAuthzConfig.java | 123 +++
.../ranger/authz/embedded/RangerAuthzPlugin.java | 409 ++++++++++
.../authz/embedded/RangerEmbeddedAuthorizer.java | 203 +++++
.../embedded/RangerEmbeddedAuthzErrorCode.java | 63 ++
.../authz/embedded/TestEmbeddedAuthorizer.java | 205 +++++
.../authz/embedded/TestRangerAuthzConfig.java | 231 ++++++
.../src/test/resources/test_hive/README.txt | 26 +
.../test/resources/test_hive/hive_dev_hive.json | 266 +++++++
.../resources/test_hive/hive_dev_hive_gds.json | 112 +++
.../resources/test_hive/hive_dev_hive_tag.json | 24 +
.../test_hive/ranger-embedded-authz.properties | 17 +-
.../src/test/resources/test_hive/tests_authz.json | 829 +++++++++++++++++++++
.../test_hive/tests_resource_permissions.json | 141 ++++
.../src/test/resources/test_s3/README.txt | 23 +
.../test_s3/ranger-embedded-authz.properties | 17 +-
.../src/test/resources/test_s3/s3_dev_s3.json | 139 ++++
.../src/test/resources/test_s3/s3_dev_s3_gds.json | 90 +++
.../test/resources/test_s3/s3_dev_s3_roles.json | 8 +
.../src/test/resources/test_s3/s3_dev_s3_tag.json | 20 +
.../src/test/resources/test_s3/tests_authz.json | 788 ++++++++++++++++++++
.../test/resources/test_s3/tests_multi_authz.json | 114 +++
.../test_s3/tests_resource_permissions.json | 114 +++
dev-support/ranger-docker/Dockerfile.ranger | 4 +-
dev-support/ranger-docker/Dockerfile.ranger-hadoop | 2 +
dev-support/ranger-docker/Dockerfile.ranger-hbase | 2 +
dev-support/ranger-docker/Dockerfile.ranger-hive | 2 +
dev-support/ranger-docker/Dockerfile.ranger-kafka | 2 +
dev-support/ranger-docker/Dockerfile.ranger-kms | 2 +
dev-support/ranger-docker/Dockerfile.ranger-knox | 2 +
dev-support/ranger-docker/Dockerfile.ranger-solr | 3 +-
.../ranger-docker/Dockerfile.ranger-tagsync | 2 +
.../ranger-docker/Dockerfile.ranger-usersync | 2 +
dev-support/ranger-docker/download-ranger.sh | 51 ++
dev-support/ranger-docker/scripts/admin/ranger.sh | 1 +
.../scripts/hadoop/ranger-hadoop-setup.sh | 1 +
.../scripts/hbase/ranger-hbase-setup.sh | 1 +
.../scripts/hive/ranger-hive-setup.sh | 1 +
.../scripts/kafka/ranger-kafka-setup.sh | 1 +
.../ranger-docker/scripts/kdc/entrypoint.sh | 9 +
.../ranger-docker/scripts/kms/ranger-kms.sh | 1 +
.../scripts/knox/ranger-knox-setup.sh | 1 +
.../ozone/ranger-ozone-plugin-install.properties | 4 +-
.../ranger-docker/scripts/solr/ranger-solr.sh | 3 +-
.../tagsync/ranger-tagsync-install.properties | 0
.../scripts/tagsync/ranger-tagsync.sh | 1 +
.../scripts/usersync/ranger-usersync.sh | 1 +
.../wait_for_testusers_keytab.sh} | 11 +-
.../tomcat/ElasticSearchIndexBootStrapper.java | 4 +-
.../hbase/RangerAuthorizationCoprocessor.java | 4 +-
mkdocs/docs/project/contributing.md | 44 +-
mkdocs/docs/project/cve-list.md | 178 +++++
mkdocs/docs/project/java-code-style.md | 119 +++
mkdocs/docs/project/release-process.md | 433 ++++++++++-
pom.xml | 5 +-
.../plugin/RangerElasticsearchPlugin.java | 2 +-
ranger-examples/conditions-enrichers/pom.xml | 14 +
ranger-examples/dev-support/ranger-pmd-ruleset.xml | 121 ---
ranger-examples/distro/pom.xml | 14 +
ranger-examples/plugin-sampleapp/pom.xml | 14 +
ranger-examples/sample-client/pom.xml | 14 +
ranger-examples/sampleapp/pom.xml | 14 +
.../ranger/examples/sampleapp/SampleApp.java | 4 +-
ranger-tools/src/main/python/requirements.txt | 8 +-
.../optimized/current/ranger_core_db_mysql.sql | 97 +--
...7-drop-audit-columns-from-policy-ref-tables.sql | 155 ++++
.../optimized/current/ranger_core_db_oracle.sql | 109 +--
...7-drop-audit-columns-from-policy-ref-tables.sql | 110 +++
.../optimized/current/ranger_core_db_postgres.sql | 109 +--
...7-drop-audit-columns-from-policy-ref-tables.sql | 99 +++
.../current/ranger_core_db_sqlanywhere.sql | 62 +-
...7-drop-audit-columns-from-policy-ref-tables.sql | 248 ++++++
.../optimized/current/ranger_core_db_sqlserver.sql | 151 +---
...7-drop-audit-columns-from-policy-ref-tables.sql | 316 ++++++++
.../org/apache/ranger/biz/PolicyRefUpdater.java | 16 +-
.../java/org/apache/ranger/biz/RoleRefUpdater.java | 10 +-
.../apache/ranger/biz/SecurityZoneRefUpdater.java | 16 +-
.../org/apache/ranger/common/RangerRoleCache.java | 87 ++-
.../org/apache/ranger/db/XXGlobalStateDao.java | 13 +-
.../ranger/entity/XXPolicyRefAccessType.java | 2 +-
.../apache/ranger/entity/XXPolicyRefCondition.java | 2 +-
.../ranger/entity/XXPolicyRefDataMaskType.java | 2 +-
.../org/apache/ranger/entity/XXPolicyRefGroup.java | 4 +-
.../apache/ranger/entity/XXPolicyRefResource.java | 2 +-
.../org/apache/ranger/entity/XXPolicyRefRole.java | 2 +-
.../org/apache/ranger/entity/XXPolicyRefUser.java | 2 +-
.../org/apache/ranger/entity/XXRoleRefGroup.java | 2 +-
.../org/apache/ranger/entity/XXRoleRefRole.java | 2 +-
.../org/apache/ranger/entity/XXRoleRefUser.java | 2 +-
.../ranger/entity/XXSecurityZoneRefGroup.java | 8 +-
.../ranger/entity/XXSecurityZoneRefResource.java | 4 +-
.../ranger/entity/XXSecurityZoneRefService.java | 4 +-
.../ranger/entity/XXSecurityZoneRefTagService.java | 4 +-
.../ranger/entity/XXSecurityZoneRefUser.java | 4 +-
.../apache/ranger/service/XPortalUserService.java | 33 +-
.../org/apache/ranger/biz/TestRoleRefUpdater.java | 6 -
.../ranger/biz/TestSecurityZoneRefUpdater.java | 13 -
.../org/apache/ranger/biz/TestServiceDBStore.java | 11 -
.../ranger/service/TestXPortalUserService.java | 48 +-
133 files changed, 8454 insertions(+), 6452 deletions(-)
create mode 100644 .github/workflows/upgrade-ranger.yaml
copy {plugin-kudu => authz-embedded}/pom.xml (80%)
create mode 100644 authz-embedded/src/conf/ranger-authz-embedded.properties
create mode 100644
authz-embedded/src/main/java/org/apache/ranger/authz/embedded/RangerAuthzAuditHandler.java
create mode 100644
authz-embedded/src/main/java/org/apache/ranger/authz/embedded/RangerAuthzConfig.java
create mode 100644
authz-embedded/src/main/java/org/apache/ranger/authz/embedded/RangerAuthzPlugin.java
create mode 100644
authz-embedded/src/main/java/org/apache/ranger/authz/embedded/RangerEmbeddedAuthorizer.java
create mode 100644
authz-embedded/src/main/java/org/apache/ranger/authz/embedded/RangerEmbeddedAuthzErrorCode.java
create mode 100644
authz-embedded/src/test/java/org/apache/ranger/authz/embedded/TestEmbeddedAuthorizer.java
create mode 100644
authz-embedded/src/test/java/org/apache/ranger/authz/embedded/TestRangerAuthzConfig.java
create mode 100644 authz-embedded/src/test/resources/test_hive/README.txt
create mode 100644
authz-embedded/src/test/resources/test_hive/hive_dev_hive.json
create mode 100644
authz-embedded/src/test/resources/test_hive/hive_dev_hive_gds.json
create mode 100644
authz-embedded/src/test/resources/test_hive/hive_dev_hive_tag.json
copy security-admin/db/mysql/init/create_xa_core_db.sh =>
authz-embedded/src/test/resources/test_hive/ranger-embedded-authz.properties
(73%)
mode change 100755 => 100644
create mode 100644 authz-embedded/src/test/resources/test_hive/tests_authz.json
create mode 100644
authz-embedded/src/test/resources/test_hive/tests_resource_permissions.json
create mode 100644 authz-embedded/src/test/resources/test_s3/README.txt
copy security-admin/db/mysql/init/create_xa_core_db.sh =>
authz-embedded/src/test/resources/test_s3/ranger-embedded-authz.properties (73%)
mode change 100755 => 100644
create mode 100644 authz-embedded/src/test/resources/test_s3/s3_dev_s3.json
create mode 100644 authz-embedded/src/test/resources/test_s3/s3_dev_s3_gds.json
create mode 100644
authz-embedded/src/test/resources/test_s3/s3_dev_s3_roles.json
create mode 100644 authz-embedded/src/test/resources/test_s3/s3_dev_s3_tag.json
create mode 100644 authz-embedded/src/test/resources/test_s3/tests_authz.json
create mode 100644
authz-embedded/src/test/resources/test_s3/tests_multi_authz.json
create mode 100644
authz-embedded/src/test/resources/test_s3/tests_resource_permissions.json
create mode 100755 dev-support/ranger-docker/download-ranger.sh
mode change 100644 => 100755
dev-support/ranger-docker/scripts/tagsync/ranger-tagsync-install.properties
copy dev-support/ranger-docker/{Dockerfile.ranger-trino =>
scripts/wait_for_testusers_keytab.sh} (81%)
mode change 100644 => 100755 pom.xml
delete mode 100644 ranger-examples/dev-support/ranger-pmd-ruleset.xml
create mode 100644
security-admin/db/mysql/patches/077-drop-audit-columns-from-policy-ref-tables.sql
create mode 100644
security-admin/db/oracle/patches/077-drop-audit-columns-from-policy-ref-tables.sql
create mode 100644
security-admin/db/postgres/patches/077-drop-audit-columns-from-policy-ref-tables.sql
create mode 100644
security-admin/db/sqlanywhere/patches/077-drop-audit-columns-from-policy-ref-tables.sql
create mode 100644
security-admin/db/sqlserver/patches/077-drop-audit-columns-from-policy-ref-tables.sql
