This is an automated email from the ASF dual-hosted git repository.
abhi pushed a change to branch ranger_5401
in repository https://gitbox.apache.org/repos/asf/ranger.git
discard 7e43c6417 RANGER-5401: Use Volume Mounts for ranger-plugin configs
add 2e62cd346 RANGER-5403: fix intermittent HDFS authorization failures
(#737)
add d50d8e654 RANGER-5313: Support FIPS compliant crypto algorithm to
encrypt/decry… (#723)
add 668b80b85 RANGER-5410: Rename should not be allowed on a table having
row filter or column masking policy
add c1fe2be4c RANGER-5351:Test Cases for agents-cred [ranger-plugins-cred]
Module (#745)
add 9403f5f16 RANGER-5344:Test Cases for hdfs-agent [ranger-hdfs-plugin]
Module (#690)
add 5ecf85f6f RANGER-5335:Test Cases for hive-agent [ranger-hive-plugin]
(#681)
add 86d379f87 RANGER-5404: fix incorrect evtTime format in audits to
ElasticSearch (#746)
add 189b8312f RANGER-5392: policies created by grant command have empty
'created by' and 'updated by' fields (#726)
add 8d904f044 RANGER-5413:Beeline failing in Hive Docker setup due to hive
failure to connect to YARN resource manager (#752)
add 54ec3bf26 RANGER-5405: PatchForSolrSvcDefAndPoliciesUpdate_J10055 Java
patch fails during upgrade (#740)
add 6138a418e RANGER-5369: introduce inline-policy to support
service-managed ACLs (#743)
add b313331c5 RANGER-5407: fix incorrect permissions in default policies
of Atlas service (#749)
add caa4478d8 RANGER-5341: Capture opCode in KMS access logs for EEK_OP
operations (#688)
add c16fa5ce5 RANGER-5346: Test Cases for agents-common Module: Packages
(org.apache.ranger: admin.client.datatype, admin.client, authorization.utils,
authorization.hadoop.config, plugin.audit, plugin.client) and
org.apache.hadoop.security (#692)
add 6eac7ee6d RANGER-5359: Add unit test cases for knox-agent module (#701)
add ea5042ab1 RANGER-5343: Add unit test cases for hbase-agent module
(#695)
add d9bbcfdd8 RANGER-5416:Disable Server Version Disclosure in HTTP
Response for Ranger KMS (#765)
add b48e3cb11 RANGER-5422: fixed incorrect date format in logback.xml
(#767)
add 3c8e5323c RANGER-5393: updated RangerOzoneAuthorizer to support
AssumeRole (#766)
add a1295a974 RANGER-4848: Migrate Ranger Junit tests to junit5 (#768)
add a7a1bb38f RANGER-5424:Hive Insert command failed in Ranger Docker
setup due to authentication and authorization issue. (#769)
add b22d25890 RANGER-5212: roles lookup API updated to apply role name
filter for role-membership as well
add 5b95e852f RANGER-5429: update unit tests for getResourceACLs() to
validate policyID (#772)
add 464bfd95e RANGER-5397: IllegalArgumentException in RangerRESTClient
when no ran… (#732)
add bb84319c0 Revert "RANGER-5397: IllegalArgumentException in
RangerRESTClient when no ran…" (#778)
add d21032d12 RANGER-5397: IllegalArgumentException in RangerRESTClient
when no ranger.plugin.<service>.policy.rest.url is configured (#779)
add d0091906b RANGER-5426: update Tomcat to 9.0.113 (#771)
add 046c27d93 Bump urllib3 from 1.26.19 to 2.6.0 in
/ranger-tools/src/main/python (#764)
add 7412aa5e9 RANGER-3166: fix setup.sh handling of property values having
spaces (#784)
add cde5be80c RANGER-5411: Refactor logic to use external Key as MasterKey
to avoid code redundancy (#747)
add d32b3abfb RANGER-5430:Handling Invalid cipher AES issues in UT (#781)
add ce162c78f RANGER-5322: PolicyRefresher can struck with no download
thread if exception thrown in startRefresher (#667)
add 5051ecca0 RANGER-5332: upgrade axios version 1.8.4 to latest 1.12.2
(#776)
add 1b142ac1d RANGER-4247: initialize RangerPolicyRepository members
before logging (#258)
add 2d6ad5ac7 RANGER-5431: fix setup.sh to handle missing values in
install.properties (#785)
add c034ef383 RANGER-3222: update YARN plugin to support fair scheduler
(#92)
add 3b1cc224f RANGER-3313: remove unused persistence.xml from agents-audit
module (#104)
add de4436651 RANGER-3313: remove unused persistence.xml from agents-audit
module (#104)
add 9e8172aa8 RANGER-5436: Fix typo in variable name for namespace
permission (#789)
add 59ec774f6 RANGER-5437: Add GitHub Pages configuration to .asf.yaml
(#792)
add ab3d058b1 RANGER-4939: upgrade Elasticsearch version to 7.17.29 (#398)
add 2e95a1544 RANGER-5433: update service-def json files for readability
and consistent formatting (#786)
add f64b4b3d2 RANGER-5248: Disable Log4J Audit Destination for Ozone in OM
container (#790)
add 8046faee1 Bump urllib3 from 2.6.0 to 2.6.3 in
/ranger-tools/src/main/python (#795)
add ae3e53708 RANGER-2713: Remove audit fields from XXPolicyRef objects
(#796)
add 2921ffe5d RANGER-3491: fix error logs while bootstraping service-defs
- TAG service-def not found (#125)
add 6d6bce47f RANGER-5148: fix redundant role cache update in concurrent
scenarios (#538)
add ad4e268f1 RANGER-5442: replace repeated Gson instantiation with
JsonUtils methods (#799)
add ac2ee833d Bump requests from 2.32.3 to 2.32.5 in
/ranger-tools/src/main/python (#587)
add 4e28186b2 Bump jinja2 from 3.1.5 to 3.1.6 in
/ranger-tools/src/main/python (#551)
add f0ef93e36 Bump fonttools from 4.34.4 to 4.61.0 in
/ranger-tools/src/main/python (#756)
add 6de71c0ed RANGER-5434: Docker setup update to support test users in
containers (#787)
add 10f5d07b7 RANGER-5353: Introduce Material for Mkdocs for Apache Ranger
Docs (#793)
add f5ca3ca06 RANGER-5312: authz-embedded (#696)
add bee5e20ce RANGER-5020: Fix duplicate ranger-pmd-ruleset and use
central ruleset in dev-support (#423)
add aeda5d4f3 RANGER-5126: Add workflow to test Ranger Upgrades in Docker
(#610)
add 7fa081002 RANGER-5355: Add content under Project tab (#804)
add 5c48116c2 RANGER-5438 : Upgrade qs, express and node-forge library in
Ranger React UI. (#806)
add 1e1f0db75 RANGER-5441: update Docker setup to support running
Zookeeper with Kerberos (#808)
add 57dbe01ca RANGER-5447: update local policy source implementations to
support loading from serviceName.json (#802)
add 12fd37ea5 RANGER-5354: Add content for getting-started tab (#805)
add 579e2cbfa RANGER-5451: Docker setup update to configure Ranger
authorization in Solr (#810)
add f9f9bde99 RANGER-5450:OpenSearch docker containerisation for Ranger
(#809)
add ba808b0cd RANGER-5327:Disable intermittently failing test cases in
ugsync (unixusersync) & ugsync-util modules (#814)
add 9233f1c5a RANGER-5401: Use Volume Mounts for ranger-plugin configs
This update added new revisions after undoing existing revisions.
That is to say, some revisions that were in the old version of the
branch are not in the new version. This situation occurs
when a user --force pushes a change and generates a repository
containing something like this:
* -- * -- B -- O -- O -- O (7e43c6417)
\
N -- N -- N refs/heads/ranger_5401 (9233f1c5a)
You should already have received notification emails for all of the O
revisions, and so the following emails describe only the N revisions
from the common base, B.
Any revisions marked "omit" are not gone; other references still
refer to them. Any revisions marked "discard" are gone forever.
No new revisions were added by this update.
Summary of changes:
.asf.yaml | 2 +
.github/workflows/ci.yml | 2 +
.github/workflows/docs.yml | 73 +
.github/workflows/upgrade-ranger.yaml | 93 +
agents-audit/core/pom.xml | 8 +-
.../src/main/resources/META-INF/persistence.xml | 26 -
.../audit/utils/RangerJSONAuditWriterTest.java | 12 +-
.../destination/ElasticSearchAuditDestination.java | 15 +-
.../${project.build.directory}/hbase_cm_hbase.json | 1 +
.../hbase_cm_hbase_roles.json | 1 +
agents-common/conf/logback.xml | 2 +-
agents-common/pom.xml | 19 +-
.../admin/client/EmbeddedResourcePolicySource.java | 142 +-
.../admin/client/LocalFolderPolicySource.java | 105 +-
.../ranger/admin/client/RangerPolicySource.java | 88 +
.../plugin/audit/RangerDefaultAuditHandler.java | 2 +-
.../ranger/plugin/model/RangerInlinePolicy.java | 178 ++
.../ranger/plugin/model/RangerPrincipal.java | 19 +
.../ranger/plugin/model/RangerServiceDef.java | 3 +
.../model/validation/RangerServiceDefHelper.java | 83 +-
.../plugin/policyengine/RangerAccessRequest.java | 6 +
.../policyengine/RangerAccessRequestImpl.java | 12 +
.../policyengine/RangerAccessRequestReadOnly.java | 7 +
.../policyengine/RangerAccessRequestWrapper.java | 6 +
.../policyengine/RangerPolicyEngineImpl.java | 20 +
.../policyengine/RangerPolicyRepository.java | 16 +-
.../plugin/policyengine/RangerResourceACLs.java | 43 +-
.../RangerInlinePolicyEvaluator.java | 307 +++
.../resourcematcher/RangerPathResourceMatcher.java | 22 +-
.../resourcematcher/RangerURLResourceMatcher.java | 24 +-
.../plugin/resourcematcher/ResourceMatcher.java | 162 +-
.../plugin/store/EmbeddedServiceDefsUtil.java | 12 +-
.../apache/ranger/plugin/util/PasswordUtils.java | 111 +-
.../apache/ranger/plugin/util/PolicyRefresher.java | 57 +-
.../plugin/util/RangerAccessRequestUtil.java | 20 +-
.../ranger/plugin/util/RangerRESTClient.java | 8 +-
.../plugin/util/RangerSupportedCryptoAlgo.java | 120 +
.../service-defs/ranger-servicedef-abfs.json | 162 +-
.../service-defs/ranger-servicedef-atlas.json | 797 ++----
.../ranger-servicedef-elasticsearch.json | 249 +-
.../service-defs/ranger-servicedef-gds.json | 58 +-
.../service-defs/ranger-servicedef-hbase.json | 346 +--
.../service-defs/ranger-servicedef-hdfs.json | 321 +--
.../service-defs/ranger-servicedef-hive.json | 664 ++---
.../service-defs/ranger-servicedef-kafka.json | 377 +--
.../service-defs/ranger-servicedef-kms.json | 189 +-
.../service-defs/ranger-servicedef-knox.json | 199 +-
.../service-defs/ranger-servicedef-kudu.json | 231 +-
.../service-defs/ranger-servicedef-kylin.json | 159 +-
.../ranger-servicedef-nestedstructure.json | 144 +-
.../ranger-servicedef-nifi-registry.json | 220 +-
.../service-defs/ranger-servicedef-nifi.json | 215 +-
.../service-defs/ranger-servicedef-ozone.json | 388 +--
.../service-defs/ranger-servicedef-presto.json | 601 ++---
.../ranger-servicedef-schema-registry.json | 339 +--
.../service-defs/ranger-servicedef-solr.json | 285 +-
.../service-defs/ranger-servicedef-sqoop.json | 196 +-
.../service-defs/ranger-servicedef-storm.json | 225 +-
.../service-defs/ranger-servicedef-tag.json | 107 +-
.../service-defs/ranger-servicedef-trino.json | 755 ++----
.../service-defs/ranger-servicedef-wasb.json | 141 +-
.../service-defs/ranger-servicedef-yarn.json | 200 +-
.../security/TestKrbPasswordSaverLoginModule.java | 74 +
.../hadoop/security/TestSecureClientLogin.java | 222 ++
.../client/TestAbstractRangerAdminClient.java | 98 +
.../client/TestEmbeddedResourcePolicySource.java | 96 +
.../admin/client/TestLocalFolderPolicySource.java | 96 +
.../admin/client/TestRangerAdminRESTClient.java | 1108 ++++++++
.../admin/client/datatype/TestGrantRevokeData.java | 155 ++
.../admin/client/datatype/TestRESTResponse.java | 150 ++
.../hadoop/config/TestRangerAdminConfig.java | 51 +
.../hadoop/config/TestRangerAuditConfig.java | 55 +
.../config/TestRangerChainedPluginConfig.java | 69 +
.../hadoop/config/TestRangerConfigConstants.java | 45 +
.../hadoop/config/TestRangerConfiguration.java | 97 +
.../config/TestRangerLegacyConfigBuilder.java | 174 ++
.../hadoop/config/TestRangerPluginConfig.java | 157 ++
.../ranger/authorization/utils/TestJsonUtils.java | 222 ++
.../ranger/authorization/utils/TestStringUtil.java | 305 ++-
.../audit/TestRangerDefaultAuditHandler.java | 390 +++
.../audit/TestRangerMultiResourceAuditHandler.java | 143 +
.../ranger/plugin/client/TestBaseClient.java | 329 +++
.../plugin/client/TestHadoopConfigHolder.java | 306 +++
.../ranger/plugin/client/TestHadoopException.java | 57 +
.../RangerCustomConditionMatcherTest.java | 88 +-
.../conditionevaluator/RangerIpMatcherTest.java | 184 +-
.../RangerRequestScriptEvaluatorTest.java | 636 ++---
.../RangerTimeOfDayMatcherTest.java | 40 +-
...stRangerValidityScheduleConditionEvaluator.java | 2 +-
.../plugin/contextenricher/TestTagEnricher.java | 20 +-
.../plugin/errors/TestValidationErrorCode.java | 11 +-
.../ranger/plugin/model/TestRangerHealth.java | 16 +-
.../ranger/plugin/model/TestRangerPolicy.java | 64 +-
.../model/TestRangerPolicyResourceSignature.java | 44 +-
.../ranger/plugin/model/TestRangerService.java | 12 +-
.../RangerSecurityZoneValidatorTest.java | 62 +-
.../plugin/model/validation/TestDirectedGraph.java | 4 +-
.../validation/TestRangerPolicyValidator.java | 170 +-
.../validation/TestRangerServiceDefHelper.java | 30 +-
.../validation/TestRangerServiceDefValidator.java | 12 +-
.../validation/TestRangerServiceValidator.java | 94 +-
.../model/validation/TestRangerValidator.java | 204 +-
.../model/validation/ValidationTestUtils.java | 12 +-
.../plugin/policyengine/RangerBasePluginTest.java | 34 +-
.../ranger/plugin/policyengine/TestCacheMap.java | 10 +-
.../plugin/policyengine/TestPathResourceTrie.java | 6 +-
.../ranger/plugin/policyengine/TestPolicyACLs.java | 46 +-
.../plugin/policyengine/TestPolicyEngine.java | 60 +-
.../policyengine/TestPolicyEngineComparison.java | 40 +-
.../policyengine/TestPolicyEngineForDeltas.java | 52 +-
.../plugin/policyengine/TestPolicyRefresher.java | 501 ++++
.../plugin/policyengine/TestRangerAuthContext.java | 34 +-
.../policyengine/TestRangerPluginCapability.java | 7 +-
.../TestRangerSecurityZoneMatcher.java | 6 +-
.../policyengine/gds/TestGdsPolicyEngine.java | 22 +-
.../RangerDefaultPolicyEvaluatorTest.java | 8 +-
.../policyevaluator/TestInlinePolicyEvaluator.java | 145 +
.../RangerAbstractResourceMatcherTest.java | 8 +-
.../RangerDefaultResourceMatcherTest.java | 12 +-
.../RangerPathResourceMatcherTest.java | 10 +-
.../RangerURLResourceMatcherTest.java | 8 +-
.../TestDefaultPolicyResourceMatcher.java | 26 +-
.../TestDefaultPolicyResourceMatcherForPolicy.java | 26 +-
.../resourcematcher/TestResourceMatcher.java | 26 +-
.../plugin/service/TestRangerBasePlugin.java | 54 +-
.../service/TestRangerBasePluginRaceCondition.java | 8 +-
.../ranger/plugin/util/JavaScriptEditsTest.java | 6 +-
.../ranger/plugin/util/MacroProcessorTest.java | 4 +-
.../ranger/plugin/util/PasswordUtilsTest.java | 8 +-
.../apache/ranger/plugin/util/RangerCacheTest.java | 18 +-
.../plugin/util/RangerRequestExprResolverTest.java | 6 +-
.../plugin/util/RangerTimeRangeCheckerTest.java | 76 +-
.../ranger/plugin/util/ServiceDefUtilTest.java | 136 +-
.../ranger/plugin/util/TestRangerRESTClient.java | 53 +
.../apache/ranger/plugin/util/TestServiceTags.java | 12 +-
.../src/test/resources/admin.client/dev_s3.json | 7 +
.../test/resources/admin.client/dev_s3_gds.json | 9 +
.../test/resources/admin.client/dev_s3_roles.json | 5 +
.../test/resources/admin.client/dev_s3_tag.json | 9 +
.../resources/admin.client/dev_s3_userstore.json | 6 +
.../admin.client/hiveServer2_dev_hive.json | 7 +
.../admin.client/hiveServer2_dev_hive_gds.json | 9 +
.../admin.client/hiveServer2_dev_hive_roles.json | 5 +
.../admin.client/hiveServer2_dev_hive_tag.json | 9 +
.../hiveServer2_dev_hive_userstore.json | 6 +
agents-common/src/test/resources/logback.xml | 2 +-
.../resources/plugin/test_base_plugin_hive.json | 10 +-
.../gds/test_gds_policy_hive_access.json | 68 +-
.../gds/test_gds_policy_hive_data_mask.json | 159 +-
.../gds/test_gds_policy_hive_row_filter.json | 68 +-
.../policyengine/test_aclprovider_default.json | 634 ++---
.../policyengine/test_aclprovider_hdfs.json | 101 +-
.../policyengine/test_aclprovider_mask_filter.json | 499 ++--
.../test_aclprovider_resource_hierarchy_tags.json | 130 +-
.../test_inline_policies_ozone.json | 233 ++
agents-cred/pom.xml | 14 +-
.../credutils/CredentialsProviderUtilTest.java | 218 ++
.../kerberos/KerberosCredentialsProviderTest.java | 86 +
.../credutils/kerberos/KeytabJaasConfTest.java | 73 +
.../hadoop/utils/RangerCredentialProviderTest.java | 37 +-
agents-cred/src/test/resources/logback.xml | 2 +-
authz-api/pom.xml | 9 +-
.../ranger/authz/model/RangerAuthzResult.java | 141 +-
.../authz/util/RangerResourceNameParser.java | 62 +-
.../authz/util/TestRangerResourceNameParser.java | 5 +-
{plugin-kudu => authz-embedded}/pom.xml | 36 +-
.../src/conf/ranger-authz-embedded.properties | 64 +
.../authz/embedded/RangerAuthzAuditHandler.java | 69 +
.../ranger/authz/embedded/RangerAuthzConfig.java | 123 +
.../ranger/authz/embedded/RangerAuthzPlugin.java | 409 +++
.../authz/embedded/RangerEmbeddedAuthorizer.java | 203 ++
.../embedded/RangerEmbeddedAuthzErrorCode.java | 63 +
.../authz/embedded/TestEmbeddedAuthorizer.java | 205 ++
.../authz/embedded/TestRangerAuthzConfig.java | 231 ++
.../src/test/resources/test_hive/README.txt | 26 +
.../src/test/resources/test_hive/dev_hive.json | 266 ++
.../src/test/resources/test_hive/dev_hive_gds.json | 112 +
.../src/test/resources/test_hive/dev_hive_tag.json | 24 +
.../test_hive/ranger-embedded-authz.properties | 17 +-
.../src/test/resources/test_hive/tests_authz.json | 829 ++++++
.../test_hive/tests_resource_permissions.json | 141 +
.../src/test/resources/test_s3/README.txt | 23 +
.../src/test/resources/test_s3/dev_s3.json | 139 +
.../src/test/resources/test_s3/dev_s3_gds.json | 90 +
.../src/test/resources/test_s3/dev_s3_roles.json | 8 +
.../src/test/resources/test_s3/dev_s3_tag.json | 20 +
.../test_s3/ranger-embedded-authz.properties | 17 +-
.../src/test/resources/test_s3/tests_authz.json | 788 ++++++
.../test/resources/test_s3/tests_multi_authz.json | 114 +
.../test_s3/tests_resource_permissions.json | 114 +
credentialbuilder/pom.xml | 2 +-
dev-support/checkstyle-suppressions.xml | 1 +
dev-support/ranger-docker/.dockerignore | 1 +
dev-support/ranger-docker/.env | 8 +-
dev-support/ranger-docker/Dockerfile.ranger | 3 +-
dev-support/ranger-docker/Dockerfile.ranger-hadoop | 2 -
dev-support/ranger-docker/Dockerfile.ranger-hbase | 2 -
dev-support/ranger-docker/Dockerfile.ranger-hive | 2 -
dev-support/ranger-docker/Dockerfile.ranger-kafka | 3 -
dev-support/ranger-docker/Dockerfile.ranger-kms | 2 -
dev-support/ranger-docker/Dockerfile.ranger-knox | 2 -
...init_mysql.sql => Dockerfile.ranger-opensearch} | 31 +-
dev-support/ranger-docker/Dockerfile.ranger-solr | 25 +-
.../ranger-docker/Dockerfile.ranger-tagsync | 2 -
.../ranger-docker/Dockerfile.ranger-usersync | 2 -
dev-support/ranger-docker/README.md | 8 +-
.../docker-compose.ranger-opensearch.yml | 49 +
.../ranger-docker/docker-compose.ranger.yml | 17 +
dev-support/ranger-docker/download-archives.sh | 4 +
dev-support/ranger-docker/download-ranger.sh | 51 +
.../scripts/admin/create-ranger-services.py | 17 +-
dev-support/ranger-docker/scripts/admin/ranger.sh | 1 +
.../scripts/hadoop/ranger-hadoop-setup.sh | 1 +
.../scripts/hbase/ranger-hbase-setup.sh | 1 +
.../scripts/hive/hive-log4j2.properties | 97 +
.../scripts/hive/hive-metastore-log4j2.properties | 97 +
.../scripts/hive/ranger-hive-setup.sh | 79 +-
.../ranger-docker/scripts/hive/ranger-hive.sh | 4 +-
.../scripts/kafka/ranger-kafka-setup.sh | 1 +
.../ranger-docker/scripts/kdc/entrypoint.sh | 17 +
.../ranger-docker/scripts/kms/ranger-kms.sh | 1 +
.../scripts/knox/ranger-knox-setup.sh | 1 +
.../scripts/opensearch/opensearch-jaas.conf | 18 +
.../scripts/opensearch/opensearch.yml | 50 +
.../ranger-opensearch-setup.sh} | 33 +-
.../ranger-opensearch.sh} | 31 +-
.../ozone/ranger-ozone-plugin-install.properties | 4 +-
.../ranger-docker/scripts/solr/core-site.xml | 7 +
.../ranger-solr-plugin-install.properties} | 31 +-
.../ranger-docker/scripts/solr/ranger-solr.sh | 24 +-
.../ranger-docker/scripts/solr/solr-jaas.conf | 4 +-
.../ranger-docker/scripts/solr/solr-security.json | 3 +
.../tagsync/ranger-tagsync-install.properties | 0
.../scripts/tagsync/ranger-tagsync.sh | 1 +
.../scripts/usersync/ranger-usersync.sh | 1 +
.../wait_for_testusers_keytab.sh} | 11 +-
dev-support/ranger-docker/scripts/zk/jaas.conf | 8 +
.../zookeeper-with-kerberos.sh} | 18 +-
distro/src/main/assembly/admin-web.xml | 1 +
distro/src/main/assembly/hbase-agent.xml | 1 +
distro/src/main/assembly/hdfs-agent.xml | 1 +
distro/src/main/assembly/hive-agent.xml | 1 +
distro/src/main/assembly/kms.xml | 1 +
distro/src/main/assembly/knox-agent.xml | 1 +
distro/src/main/assembly/plugin-atlas.xml | 1 +
distro/src/main/assembly/plugin-elasticsearch.xml | 1 +
distro/src/main/assembly/plugin-kafka.xml | 1 +
distro/src/main/assembly/plugin-kms.xml | 1 +
distro/src/main/assembly/plugin-kylin.xml | 1 +
distro/src/main/assembly/plugin-ozone.xml | 1 +
distro/src/main/assembly/plugin-presto.xml | 1 +
distro/src/main/assembly/plugin-solr.xml | 2 +
distro/src/main/assembly/plugin-sqoop.xml | 1 +
distro/src/main/assembly/plugin-trino.xml | 1 +
distro/src/main/assembly/plugin-yarn.xml | 1 +
distro/src/main/assembly/ranger-tools.xml | 1 +
distro/src/main/assembly/sample-client.xml | 1 +
distro/src/main/assembly/storm-agent.xml | 1 +
distro/src/main/assembly/tagsync.xml | 1 +
distro/src/main/assembly/usersync.xml | 1 +
.../tomcat/ElasticSearchIndexBootStrapper.java | 4 +-
.../ranger/server/tomcat/EmbeddedServer.java | 2 +-
hbase-agent/pom.xml | 14 +-
.../hbase/RangerAuthorizationCoprocessor.java | 4 +-
.../hbase/AuthorizationSessionTest.java | 424 ++-
.../authorization/hbase/ColumnIteratorTest.java | 16 +-
.../hbase/HBaseRangerAuthorizationTest.java | 70 +-
.../hbase/HbaseAuthUtilsImplTest.java | 139 +-
.../hbase/RangerAuthorizationCoprocessorTest.java | 2813 +++++++++++++++++++-
.../hbase/RangerAuthorizationFilterTest.java | 4 +-
.../hbase/TestHbaseAuditHandlerImpl.java | 85 +
.../authorization/hbase/TestHbaseConstants.java | 20 +-
.../authorization/hbase/TestHbaseFactory.java | 37 +-
.../hbase/TestHbaseUserUtilsImpl.java | 84 +
.../authorization/hbase/TestPolicyEngine.java | 26 +-
.../authorization/hbase/TestRangerHBasePlugin.java | 70 +
.../hbase/TestRangerHBaseResource.java | 79 +
.../services/hbase/TestRangerServiceHBase.java | 282 +-
.../services/hbase/client/TestHBaseClient.java | 609 +++++
.../hbase/client/TestHBaseConnectionMgr.java | 120 +
.../hbase/client/TestHBaseResourceMgr.java | 216 ++
hbase-agent/src/test/resources/logback.xml | 2 +-
hdfs-agent/pom.xml | 16 +-
.../hadoop/TestRangerAccessControlEnforcer.java | 493 ++++
.../TestRangerAccessControlException.java | 27 +-
.../ranger/services/hdfs/HDFSRangerTest.java | 90 +-
.../services/hdfs/RangerHdfsAuthorizerTest.java | 43 +-
.../services/hdfs/TestRangerServiceHdfs.java | 176 ++
.../services/hdfs/client/HdfsClientTest.java | 409 ++-
.../hdfs/client/TestHdfsConnectionMgr.java | 108 +
.../services/hdfs/client/TestHdfsResourceMgr.java | 229 ++
hdfs-agent/src/test/resources/logback.xml | 2 +-
hive-agent/pom.xml | 14 +-
.../hive/authorizer/RangerHiveAuthorizer.java | 2 +-
.../TestXaSecureHiveAuthorizerFactory.java | 20 +-
.../authorizer/TestRangerHiveAccessRequest.java | 156 ++
.../authorizer/TestRangerHiveAuditHandler.java | 297 +++
.../hive/authorizer/TestRangerHiveAuthorizer.java | 1454 ++++++++++
.../authorizer/TestRangerHiveAuthorizerBase.java | 166 ++
.../TestRangerHiveAuthorizerFactory.java | 34 +-
.../authorizer/TestRangerHivePolicyProvider.java | 128 +
.../hive/authorizer/TestRangerHiveResource.java | 105 +
.../authorizer/TestRangerHiveResourceACLs.java | 61 +
.../services/hive/TestRangerServiceHive.java | 230 ++
.../services/hive/client/TestHiveClient.java | 584 ++++
.../hive/client/TestHiveConnectionMgr.java | 126 +
.../services/hive/client/TestHiveResourceMgr.java | 98 +
hive-agent/src/test/resources/logback.xml | 2 +-
intg/pom.xml | 2 +-
intg/src/main/resources/logback.xml | 2 +-
.../java/org/apache/ranger/TestRangerClient.java | 17 +-
kms/config/webserver/ranger-kms-site.xml | 9 +
kms/pom.xml | 2 +-
.../org/apache/hadoop/crypto/key/DB2HSMMKUtil.java | 6 +-
.../apache/hadoop/crypto/key/DBToKeySecure.java | 6 +-
.../org/apache/hadoop/crypto/key/HSM2DBMKUtil.java | 14 +-
.../crypto/key/KeySecureToRangerDBMKUtil.java | 7 +-
.../org/apache/hadoop/crypto/key/RangerHSM.java | 3 +-
.../org/apache/hadoop/crypto/key/RangerKMSMKI.java | 4 +
.../apache/hadoop/crypto/key/RangerMasterKey.java | 38 +-
.../hadoop/crypto/key/RangerSafenetKeySecure.java | 3 +-
.../hadoop/crypto/key/kms/server/KMSMDCFilter.java | 54 +-
.../hadoop/crypto/key/RangerMasterKeyTest.java | 4 +-
.../crypto/key/kms/TestRangerSafenetKeySecure.java | 2 +-
.../key/kms/server/RangerKeyStoreProviderTest.java | 12 -
.../crypto/key/kms/server/TestKMSMDCFilter.java | 79 +
knox-agent/pom.xml | 14 +-
.../client/TestRangerAdminJersey2RESTClient.java | 780 ++++++
.../authorization/knox/TestKnoxRangerPlugin.java | 99 +
.../knox/TestRangerPDPKnoxFilter.java | 201 ++
.../ranger/services/knox/KnoxRangerTest.java | 24 +-
.../services/knox/RangerAdminClientImpl.java | 2 +-
.../services/knox/TestRangerServiceKnox.java | 162 ++
.../services/knox/client/TestKnoxClient.java | 438 +++
.../knox/client/TestKnoxConnectionMgr.java | 103 +
.../services/knox/client/TestKnoxResourceMgr.java | 157 ++
knox-agent/src/test/resources/logback.xml | 2 +-
mkdocs/README.md | 60 +
.../docs/arch/architecture.md | 5 +-
mkdocs/docs/assets/brand/Satoshi-Variable.ttf | Bin 0 -> 127420 bytes
mkdocs/docs/assets/brand/favicon.ico | Bin 0 -> 15406 bytes
mkdocs/docs/assets/brand/merged-logo.svg | 50 +
.../docs/assets/brand}/ranger-logo.svg | 0
mkdocs/docs/assets/css/custom.css | 102 +
mkdocs/docs/assets/css/search-bar.css | 91 +
mkdocs/docs/assets/css/table.css | 30 +
.../docs/assets/js/typewriter.js | 37 +-
.../docs/blog/blog.md | 5 +-
mkdocs/docs/features/client-interface/intro.md | 29 +
.../docs/features/gds/gds_intro.md | 5 +-
.../docs/features/sec-zone/intro.md | 5 +-
mkdocs/docs/getting-started/install.md | 38 +
mkdocs/docs/getting-started/trino-with-ranger.md | 46 +
mkdocs/docs/index.md | 35 +
mkdocs/docs/overrides/home.html | 135 +
.../docs/plugins/trino.md | 5 +-
.../docs/project/asf-index.md | 18 +-
mkdocs/docs/project/contributing.md | 63 +
mkdocs/docs/project/cve-list.md | 200 ++
mkdocs/docs/project/java-code-style.md | 140 +
mkdocs/docs/project/release-process.md | 415 +++
mkdocs/docs/release-notes/index.md | 20 +
.../docs/services/admin/service.md | 5 +-
.../docs/services/kms/service.md | 5 +-
.../docs/services/tagsync/service.md | 5 +-
.../docs/services/usersync/service.md | 5 +-
mkdocs/mkdocs.yml | 158 ++
mkdocs/requirements.txt | 6 +
plugin-atlas/pom.xml | 2 +-
.../ranger/services/atlas/RangerServiceAtlas.java | 7 +-
plugin-atlas/src/test/resources/logback.xml | 2 +-
plugin-kafka/pom.xml | 27 +-
plugin-kafka/src/test/resources/logback.xml | 2 +-
plugin-kms/pom.xml | 2 +-
plugin-kudu/pom.xml | 8 +-
plugin-kylin/pom.xml | 8 +-
.../authorizer/RangerKylinAuthorizerTest.java | 100 +-
plugin-kylin/src/test/resources/logback.xml | 2 +-
plugin-nestedstructure/pom.xml | 11 +-
.../nestedstructure/authorizer/TestDataMasker.java | 125 +-
.../authorizer/TestJsonManipulator.java | 60 +-
.../authorizer/TestNestedStructureAuthorizer.java | 16 +-
.../authorizer/TestRecordFilterJavaScript.java | 16 +-
plugin-nifi-registry/pom.xml | 8 +-
.../registry/client/TestNiFiRegistryClient.java | 48 +-
.../client/TestNiFiRegistryConnectionMgr.java | 36 +-
.../src/test/resources/logback.xml | 2 +-
plugin-nifi/pom.xml | 8 +-
.../services/nifi/client/TestNiFiClient.java | 48 +-
.../nifi/client/TestNiFiConnectionMgr.java | 36 +-
plugin-nifi/src/test/resources/logback.xml | 2 +-
plugin-ozone/pom.xml | 18 +-
.../ozone/authorizer/RangerOzoneAuthorizer.java | 190 +-
.../authorizer/TestRangerOzoneAuthorizer.java | 196 ++
plugin-ozone/src/test/resources/om_dev_ozone.json | 46 +
.../src/test/resources/ranger-ozone-security.xml | 18 +-
plugin-presto/pom.xml | 8 +-
.../authorizer/RangerSystemAccessControlTest.java | 12 +-
plugin-presto/src/test/resources/logback.xml | 2 +-
plugin-schema-registry/pom.xml | 12 +-
.../registry/client/AutocompletionAgentTest.java | 10 +-
.../client/SchemaRegistryResourceMgrTest.java | 6 +-
.../DefaultSchemaRegistryClientTest.java | 21 +-
.../client/connection/util/SecurityUtilsTest.java | 12 +-
.../src/test/resources/logback.xml | 2 +-
plugin-solr/conf/ranger-solr-audit-changes.cfg | 12 +-
plugin-solr/conf/ranger-solr-security-changes.cfg | 5 +-
.../solr/authorizer/RangerSolrAuditHandler.java | 5 +-
plugin-sqoop/pom.xml | 8 +-
.../authorizer/RangerSqoopAuthorizerTest.java | 203 +-
plugin-sqoop/src/test/resources/logback.xml | 2 +-
plugin-trino/pom.xml | 8 +-
plugin-trino/src/test/resources/logback.xml | 2 +-
.../client/json/model/YarnSchedulerResponse.java | 89 +-
pom.xml | 24 +-
ranger-authn/pom.xml | 3 +-
ranger-common-ha/pom.xml | 2 +-
.../plugin/RangerElasticsearchPlugin.java | 2 +-
ranger-examples/conditions-enrichers/pom.xml | 16 +-
.../src/test/resources/logback.xml | 2 +-
ranger-examples/dev-support/ranger-pmd-ruleset.xml | 121 -
ranger-examples/distro/pom.xml | 14 +
ranger-examples/plugin-sampleapp/pom.xml | 14 +
ranger-examples/sample-client/pom.xml | 14 +
.../sample-client/src/main/resources/logback.xml | 2 +-
ranger-examples/sampleapp/pom.xml | 14 +
.../ranger/examples/sampleapp/SampleApp.java | 4 +-
.../access/RangerAccessControlListsTest.java | 2 +-
ranger-knox-plugin-shim/pom.xml | 8 +-
ranger-metrics/pom.xml | 9 +-
.../source/TestRangerMetricsContainerSource.java | 38 +-
.../ozone/authorizer/RangerOzoneAuthorizer.java | 16 +
ranger-plugin-classloader/pom.xml | 8 +-
ranger-tools/conf/logback-mem-sizing.xml | 2 +-
ranger-tools/conf/logback.xml | 2 +-
ranger-tools/pom.xml | 8 +-
ranger-tools/src/main/python/requirements.txt | 8 +-
.../apache/ranger/policyengine/PerfTesterTest.java | 6 +-
.../RangerPolicyEnginePerformanceTest.java | 58 +-
ranger-tools/src/test/resources/logback.xml | 2 +-
.../optimized/current/ranger_core_db_mysql.sql | 98 +-
...7-drop-audit-columns-from-policy-ref-tables.sql | 155 ++
.../optimized/current/ranger_core_db_oracle.sql | 110 +-
...7-drop-audit-columns-from-policy-ref-tables.sql | 110 +
.../optimized/current/ranger_core_db_postgres.sql | 110 +-
...7-drop-audit-columns-from-policy-ref-tables.sql | 99 +
.../current/ranger_core_db_sqlanywhere.sql | 64 +-
...7-drop-audit-columns-from-policy-ref-tables.sql | 248 ++
.../optimized/current/ranger_core_db_sqlserver.sql | 152 +-
...7-drop-audit-columns-from-policy-ref-tables.sql | 316 +++
security-admin/pom.xml | 32 +-
security-admin/scripts/setup.sh | 334 +--
.../org/apache/ranger/biz/PolicyRefUpdater.java | 16 +-
.../java/org/apache/ranger/biz/RoleDBStore.java | 69 +-
.../java/org/apache/ranger/biz/RoleRefUpdater.java | 10 +-
.../apache/ranger/biz/SecurityZoneRefUpdater.java | 16 +-
.../java/org/apache/ranger/biz/ServiceDBStore.java | 2 +-
.../org/apache/ranger/common/RangerRoleCache.java | 87 +-
.../org/apache/ranger/db/XXGlobalStateDao.java | 13 +-
.../ranger/entity/XXPolicyRefAccessType.java | 2 +-
.../apache/ranger/entity/XXPolicyRefCondition.java | 2 +-
.../ranger/entity/XXPolicyRefDataMaskType.java | 2 +-
.../org/apache/ranger/entity/XXPolicyRefGroup.java | 4 +-
.../apache/ranger/entity/XXPolicyRefResource.java | 2 +-
.../org/apache/ranger/entity/XXPolicyRefRole.java | 2 +-
.../org/apache/ranger/entity/XXPolicyRefUser.java | 2 +-
.../org/apache/ranger/entity/XXRoleRefGroup.java | 2 +-
.../org/apache/ranger/entity/XXRoleRefRole.java | 2 +-
.../org/apache/ranger/entity/XXRoleRefUser.java | 2 +-
.../ranger/entity/XXSecurityZoneRefGroup.java | 8 +-
.../ranger/entity/XXSecurityZoneRefResource.java | 4 +-
.../ranger/entity/XXSecurityZoneRefService.java | 4 +-
.../ranger/entity/XXSecurityZoneRefTagService.java | 4 +-
.../ranger/entity/XXSecurityZoneRefUser.java | 4 +-
...chForAtlasPolicyUpdateForEntityRead_J10064.java | 155 ++
...PatchForSolrSvcDefAndPoliciesUpdate_J10055.java | 1 +
.../ranger/service/RangerBaseModelService.java | 17 +-
.../apache/ranger/service/XPortalUserService.java | 33 +-
.../src/main/webapp/react-webapp/package-lock.json | 468 +++-
.../src/main/webapp/react-webapp/package.json | 4 +-
.../src/main/webapp/react-webapp/src/App.jsx | 27 +-
.../org/apache/ranger/audit/TestAuditQueue.java | 74 +-
.../AmazonCloudWatchAuditDestinationTest.java | 10 +-
.../org/apache/ranger/biz/TestPolicyAdmin.java | 22 +-
.../java/org/apache/ranger/biz/TestPolicyDb.java | 22 +-
.../org/apache/ranger/biz/TestRangerBizUtil.java | 2 +-
.../ranger/biz/TestRangerPolicyAdminImpl.java | 22 +-
.../org/apache/ranger/biz/TestRoleDBStore.java | 21 +-
.../org/apache/ranger/biz/TestRoleRefUpdater.java | 6 -
.../ranger/biz/TestSecurityZoneRefUpdater.java | 13 -
.../org/apache/ranger/biz/TestServiceDBStore.java | 12 +-
.../java/org/apache/ranger/biz/TestUserMgr.java | 522 ++--
.../java/org/apache/ranger/biz/TestXUserMgr.java | 967 ++++---
.../org/apache/ranger/common/TestGUIDUtil.java | 3 +-
.../java/org/apache/ranger/common/TestMapUtil.java | 3 +-
.../ElasticSearchAccessAuditsServiceTest.java | 6 +-
...lServiceDefForPolicyConditionUpdate_J10060.java | 1 +
...viceDefUpdateForDefaultAuditFilters_J10049.java | 1 +
...efUpdateForResourceSpecificAccesses_J10012.java | 1 +
.../TestPatchForKafkaServiceDefUpdate_J10025.java | 1 +
.../TestPatchForKafkaServiceDefUpdate_J10033.java | 1 +
.../ranger/patch/TestPatchMigration_J10002.java | 1 +
...ForUpdateToUniqueResoureceSignature_J10053.java | 1 +
.../patch/TestPatchTagModulePermission_J10005.java | 5 +-
.../java/org/apache/ranger/rest/TestAssetREST.java | 124 +-
.../java/org/apache/ranger/rest/TestGdsREST.java | 5 +-
.../org/apache/ranger/rest/TestPublicAPIs.java | 86 +-
.../apache/ranger/rest/TestRangerHealthREST.java | 22 +-
.../org/apache/ranger/rest/TestServiceREST.java | 35 +-
.../ranger/rest/TestServiceTagProcessor.java | 10 +-
.../java/org/apache/ranger/rest/TestUserREST.java | 169 +-
.../org/apache/ranger/rest/TestXAuditREST.java | 58 +-
.../handler/TestRangerAuthenticationProvider.java | 3 +-
.../TestRangerAuthFailureHandler.java | 6 +
.../TestRangerAuthSuccessHandler.java | 9 +-
.../web/filter/TestRangerCSRFPreventionFilter.java | 3 +
.../filter/TestRangerKRBAuthenticationFilter.java | 10 +
.../service/TestAbstractBaseResourceService.java | 3 +
.../service/TestRangerPluginInfoService.java | 8 +-
.../ranger/service/TestRangerPolicyService.java | 6 +-
.../service/TestRangerPolicyServiceBase.java | 32 +-
.../service/TestRangerServiceDefService.java | 3 +-
.../service/TestRangerServiceDefServiceBase.java | 182 +-
.../ranger/service/TestRangerServiceService.java | 48 +-
.../service/TestRangerServiceServiceBase.java | 40 +-
.../ranger/service/TestRangerTagDefService.java | 32 +-
.../ranger/service/TestXPortalUserService.java | 48 +-
.../service/TestXResourceServiceAdditional.java | 9 +-
.../java/org/apache/ranger/solr/SolrMgrTest.java | 4 +-
.../test/java/org/apache/ranger/util/BaseTest.java | 6 +-
.../org/apache/ranger/util/TestRangerEnumUtil.java | 24 +-
.../apache/ranger/util/TestRangerMetricsUtil.java | 22 +-
.../ranger/util/TestRangerServerHealthUtil.java | 10 +-
.../RangerGdsValidationDBProviderTest.java | 3 +
storm-agent/pom.xml | 8 +-
.../storm/StormRangerAuthorizerTest.java | 20 +-
tagsync/pom.xml | 8 +-
.../nestedstructureplugin/ResourceTests.java | 66 +-
.../tagsync/process/TestAdlsResourceMapper.java | 33 +-
.../tagsync/process/TestHbaseResourceMapper.java | 90 +-
.../tagsync/process/TestHdfsResourceMapper.java | 38 +-
.../tagsync/process/TestHiveResourceMapper.java | 70 +-
.../tagsync/process/TestKafkaResourceMapper.java | 26 +-
.../tagsync/process/TestOzoneResourceMapper.java | 57 +-
.../tagsync/process/TestTagSynchronizer.java | 14 +-
tagsync/src/test/resources/logback.xml | 2 +-
ugsync-util/pom.xml | 8 +-
ugsync/pom.xml | 8 +-
.../process/TestFileSourceUserGroupBuilder.java | 2 +-
.../process/TestPolicyMgrUserGroupBuilder.java | 8 +
.../ranger/usergroupsync/TestUserGroupSync.java | 8 +
.../usergroupsync/TestUserSyncMetricsProducer.java | 16 +-
ugsync/src/test/resources/logback.xml | 2 +-
.../TestUnixAuthenticationService.java | 3 +-
554 files changed, 34345 insertions(+), 12209 deletions(-)
create mode 100644 .github/workflows/docs.yml
create mode 100644 .github/workflows/upgrade-ranger.yaml
delete mode 100644
agents-audit/core/src/main/resources/META-INF/persistence.xml
create mode 100644 agents-common/${project.build.directory}/hbase_cm_hbase.json
create mode 100644
agents-common/${project.build.directory}/hbase_cm_hbase_roles.json
create mode 100644
agents-common/src/main/java/org/apache/ranger/admin/client/RangerPolicySource.java
create mode 100644
agents-common/src/main/java/org/apache/ranger/plugin/model/RangerInlinePolicy.java
create mode 100644
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerInlinePolicyEvaluator.java
create mode 100644
agents-common/src/main/java/org/apache/ranger/plugin/util/RangerSupportedCryptoAlgo.java
create mode 100644
agents-common/src/test/java/org/apache/hadoop/security/TestKrbPasswordSaverLoginModule.java
create mode 100644
agents-common/src/test/java/org/apache/hadoop/security/TestSecureClientLogin.java
create mode 100644
agents-common/src/test/java/org/apache/ranger/admin/client/TestAbstractRangerAdminClient.java
create mode 100644
agents-common/src/test/java/org/apache/ranger/admin/client/TestEmbeddedResourcePolicySource.java
create mode 100644
agents-common/src/test/java/org/apache/ranger/admin/client/TestLocalFolderPolicySource.java
create mode 100644
agents-common/src/test/java/org/apache/ranger/admin/client/TestRangerAdminRESTClient.java
create mode 100644
agents-common/src/test/java/org/apache/ranger/admin/client/datatype/TestGrantRevokeData.java
create mode 100644
agents-common/src/test/java/org/apache/ranger/admin/client/datatype/TestRESTResponse.java
create mode 100644
agents-common/src/test/java/org/apache/ranger/authorization/hadoop/config/TestRangerAdminConfig.java
create mode 100644
agents-common/src/test/java/org/apache/ranger/authorization/hadoop/config/TestRangerAuditConfig.java
create mode 100644
agents-common/src/test/java/org/apache/ranger/authorization/hadoop/config/TestRangerChainedPluginConfig.java
create mode 100644
agents-common/src/test/java/org/apache/ranger/authorization/hadoop/config/TestRangerConfigConstants.java
create mode 100644
agents-common/src/test/java/org/apache/ranger/authorization/hadoop/config/TestRangerConfiguration.java
create mode 100644
agents-common/src/test/java/org/apache/ranger/authorization/hadoop/config/TestRangerLegacyConfigBuilder.java
create mode 100644
agents-common/src/test/java/org/apache/ranger/authorization/hadoop/config/TestRangerPluginConfig.java
create mode 100644
agents-common/src/test/java/org/apache/ranger/authorization/utils/TestJsonUtils.java
create mode 100644
agents-common/src/test/java/org/apache/ranger/plugin/audit/TestRangerDefaultAuditHandler.java
create mode 100644
agents-common/src/test/java/org/apache/ranger/plugin/audit/TestRangerMultiResourceAuditHandler.java
create mode 100644
agents-common/src/test/java/org/apache/ranger/plugin/client/TestBaseClient.java
create mode 100644
agents-common/src/test/java/org/apache/ranger/plugin/client/TestHadoopConfigHolder.java
create mode 100644
agents-common/src/test/java/org/apache/ranger/plugin/client/TestHadoopException.java
create mode 100644
agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyRefresher.java
create mode 100644
agents-common/src/test/java/org/apache/ranger/plugin/policyevaluator/TestInlinePolicyEvaluator.java
create mode 100644
agents-common/src/test/java/org/apache/ranger/plugin/util/TestRangerRESTClient.java
create mode 100644 agents-common/src/test/resources/admin.client/dev_s3.json
create mode 100644
agents-common/src/test/resources/admin.client/dev_s3_gds.json
create mode 100644
agents-common/src/test/resources/admin.client/dev_s3_roles.json
create mode 100644
agents-common/src/test/resources/admin.client/dev_s3_tag.json
create mode 100644
agents-common/src/test/resources/admin.client/dev_s3_userstore.json
create mode 100644
agents-common/src/test/resources/admin.client/hiveServer2_dev_hive.json
create mode 100644
agents-common/src/test/resources/admin.client/hiveServer2_dev_hive_gds.json
create mode 100644
agents-common/src/test/resources/admin.client/hiveServer2_dev_hive_roles.json
create mode 100644
agents-common/src/test/resources/admin.client/hiveServer2_dev_hive_tag.json
create mode 100644
agents-common/src/test/resources/admin.client/hiveServer2_dev_hive_userstore.json
create mode 100644
agents-common/src/test/resources/policyevaluator/test_inline_policies_ozone.json
create mode 100644
agents-cred/src/test/java/org/apache/ranger/authorization/credutils/CredentialsProviderUtilTest.java
create mode 100644
agents-cred/src/test/java/org/apache/ranger/authorization/credutils/kerberos/KerberosCredentialsProviderTest.java
create mode 100644
agents-cred/src/test/java/org/apache/ranger/authorization/credutils/kerberos/KeytabJaasConfTest.java
copy {plugin-kudu => authz-embedded}/pom.xml (84%)
create mode 100644 authz-embedded/src/conf/ranger-authz-embedded.properties
create mode 100644
authz-embedded/src/main/java/org/apache/ranger/authz/embedded/RangerAuthzAuditHandler.java
create mode 100644
authz-embedded/src/main/java/org/apache/ranger/authz/embedded/RangerAuthzConfig.java
create mode 100644
authz-embedded/src/main/java/org/apache/ranger/authz/embedded/RangerAuthzPlugin.java
create mode 100644
authz-embedded/src/main/java/org/apache/ranger/authz/embedded/RangerEmbeddedAuthorizer.java
create mode 100644
authz-embedded/src/main/java/org/apache/ranger/authz/embedded/RangerEmbeddedAuthzErrorCode.java
create mode 100644
authz-embedded/src/test/java/org/apache/ranger/authz/embedded/TestEmbeddedAuthorizer.java
create mode 100644
authz-embedded/src/test/java/org/apache/ranger/authz/embedded/TestRangerAuthzConfig.java
create mode 100644 authz-embedded/src/test/resources/test_hive/README.txt
create mode 100644 authz-embedded/src/test/resources/test_hive/dev_hive.json
create mode 100644
authz-embedded/src/test/resources/test_hive/dev_hive_gds.json
create mode 100644
authz-embedded/src/test/resources/test_hive/dev_hive_tag.json
copy security-admin/db/mysql/init/create_xa_core_db.sh =>
authz-embedded/src/test/resources/test_hive/ranger-embedded-authz.properties
(73%)
mode change 100755 => 100644
create mode 100644 authz-embedded/src/test/resources/test_hive/tests_authz.json
create mode 100644
authz-embedded/src/test/resources/test_hive/tests_resource_permissions.json
create mode 100644 authz-embedded/src/test/resources/test_s3/README.txt
create mode 100644 authz-embedded/src/test/resources/test_s3/dev_s3.json
create mode 100644 authz-embedded/src/test/resources/test_s3/dev_s3_gds.json
create mode 100644 authz-embedded/src/test/resources/test_s3/dev_s3_roles.json
create mode 100644 authz-embedded/src/test/resources/test_s3/dev_s3_tag.json
copy security-admin/db/mysql/init/create_xa_core_db.sh =>
authz-embedded/src/test/resources/test_s3/ranger-embedded-authz.properties (73%)
mode change 100755 => 100644
create mode 100644 authz-embedded/src/test/resources/test_s3/tests_authz.json
create mode 100644
authz-embedded/src/test/resources/test_s3/tests_multi_authz.json
create mode 100644
authz-embedded/src/test/resources/test_s3/tests_resource_permissions.json
copy dev-support/ranger-docker/{scripts/rdbms/init_mysql.sql =>
Dockerfile.ranger-opensearch} (53%)
create mode 100644
dev-support/ranger-docker/docker-compose.ranger-opensearch.yml
create mode 100755 dev-support/ranger-docker/download-ranger.sh
create mode 100644
dev-support/ranger-docker/scripts/hive/hive-log4j2.properties
create mode 100644
dev-support/ranger-docker/scripts/hive/hive-metastore-log4j2.properties
create mode 100644
dev-support/ranger-docker/scripts/opensearch/opensearch-jaas.conf
create mode 100644 dev-support/ranger-docker/scripts/opensearch/opensearch.yml
copy dev-support/ranger-docker/scripts/{wait_for_keytab.sh =>
opensearch/ranger-opensearch-setup.sh} (60%)
copy dev-support/ranger-docker/scripts/{wait_for_keytab.sh =>
opensearch/ranger-opensearch.sh} (52%)
create mode 100644 dev-support/ranger-docker/scripts/solr/core-site.xml
copy
dev-support/ranger-docker/scripts/{hive/ranger-hive-plugin-install.properties
=> solr/ranger-solr-plugin-install.properties} (81%)
mode change 100644 => 100755
dev-support/ranger-docker/scripts/tagsync/ranger-tagsync-install.properties
copy dev-support/ranger-docker/{Dockerfile.ranger-trino =>
scripts/wait_for_testusers_keytab.sh} (82%)
create mode 100644 dev-support/ranger-docker/scripts/zk/jaas.conf
copy dev-support/ranger-docker/scripts/{rdbms/init_postgres.sh =>
zk/zookeeper-with-kerberos.sh} (65%)
create mode 100644
hbase-agent/src/test/java/org/apache/ranger/authorization/hbase/TestHbaseAuditHandlerImpl.java
copy
unixauthclient/src/test/java/org/apache/ranger/authentication/unix/jaas/TestUnixGroupPrincipal.java
=>
hbase-agent/src/test/java/org/apache/ranger/authorization/hbase/TestHbaseConstants.java
(73%)
copy
security-admin/src/test/java/org/apache/ranger/security/context/TestRangerAdminOpContext.java
=>
hbase-agent/src/test/java/org/apache/ranger/authorization/hbase/TestHbaseFactory.java
(57%)
create mode 100644
hbase-agent/src/test/java/org/apache/ranger/authorization/hbase/TestHbaseUserUtilsImpl.java
create mode 100644
hbase-agent/src/test/java/org/apache/ranger/authorization/hbase/TestRangerHBasePlugin.java
create mode 100644
hbase-agent/src/test/java/org/apache/ranger/authorization/hbase/TestRangerHBaseResource.java
create mode 100644
hbase-agent/src/test/java/org/apache/ranger/services/hbase/client/TestHBaseClient.java
create mode 100644
hbase-agent/src/test/java/org/apache/ranger/services/hbase/client/TestHBaseConnectionMgr.java
create mode 100644
hbase-agent/src/test/java/org/apache/ranger/services/hbase/client/TestHBaseResourceMgr.java
create mode 100644
hdfs-agent/src/test/java/org/apache/ranger/authorization/hadoop/TestRangerAccessControlEnforcer.java
copy
ugsync-util/src/test/java/org/apache/ranger/ugsyncutil/transform/TestAbstractMapper.java
=>
hdfs-agent/src/test/java/org/apache/ranger/authorization/hadoop/exceptions/TestRangerAccessControlException.java
(61%)
create mode 100644
hdfs-agent/src/test/java/org/apache/ranger/services/hdfs/TestRangerServiceHdfs.java
create mode 100644
hdfs-agent/src/test/java/org/apache/ranger/services/hdfs/client/TestHdfsConnectionMgr.java
create mode 100644
hdfs-agent/src/test/java/org/apache/ranger/services/hdfs/client/TestHdfsResourceMgr.java
copy
kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestRangerJsonProvider.java
=>
hive-agent/src/test/java/com/xasecure/authorization/hive/authorizer/TestXaSecureHiveAuthorizerFactory.java
(74%)
create mode 100644
hive-agent/src/test/java/org/apache/ranger/authorization/hive/authorizer/TestRangerHiveAccessRequest.java
create mode 100644
hive-agent/src/test/java/org/apache/ranger/authorization/hive/authorizer/TestRangerHiveAuditHandler.java
create mode 100644
hive-agent/src/test/java/org/apache/ranger/authorization/hive/authorizer/TestRangerHiveAuthorizer.java
create mode 100644
hive-agent/src/test/java/org/apache/ranger/authorization/hive/authorizer/TestRangerHiveAuthorizerBase.java
copy
ugsync-util/src/test/java/org/apache/ranger/ugsyncutil/transform/TestAbstractMapper.java
=>
hive-agent/src/test/java/org/apache/ranger/authorization/hive/authorizer/TestRangerHiveAuthorizerFactory.java
(59%)
create mode 100644
hive-agent/src/test/java/org/apache/ranger/authorization/hive/authorizer/TestRangerHivePolicyProvider.java
create mode 100644
hive-agent/src/test/java/org/apache/ranger/authorization/hive/authorizer/TestRangerHiveResource.java
create mode 100644
hive-agent/src/test/java/org/apache/ranger/authorization/hive/authorizer/TestRangerHiveResourceACLs.java
create mode 100644
hive-agent/src/test/java/org/apache/ranger/services/hive/TestRangerServiceHive.java
create mode 100644
hive-agent/src/test/java/org/apache/ranger/services/hive/client/TestHiveClient.java
create mode 100644
hive-agent/src/test/java/org/apache/ranger/services/hive/client/TestHiveConnectionMgr.java
create mode 100644
hive-agent/src/test/java/org/apache/ranger/services/hive/client/TestHiveResourceMgr.java
create mode 100644
knox-agent/src/test/java/org/apache/ranger/admin/client/TestRangerAdminJersey2RESTClient.java
create mode 100644
knox-agent/src/test/java/org/apache/ranger/authorization/knox/TestKnoxRangerPlugin.java
create mode 100644
knox-agent/src/test/java/org/apache/ranger/authorization/knox/TestRangerPDPKnoxFilter.java
create mode 100644
knox-agent/src/test/java/org/apache/ranger/services/knox/TestRangerServiceKnox.java
create mode 100644
knox-agent/src/test/java/org/apache/ranger/services/knox/client/TestKnoxClient.java
create mode 100644
knox-agent/src/test/java/org/apache/ranger/services/knox/client/TestKnoxConnectionMgr.java
create mode 100644
knox-agent/src/test/java/org/apache/ranger/services/knox/client/TestKnoxResourceMgr.java
create mode 100644 mkdocs/README.md
copy
security-admin/src/main/webapp/META-INF/contextXML/ldap_security_settings.xml
=> mkdocs/docs/arch/architecture.md (92%)
create mode 100644 mkdocs/docs/assets/brand/Satoshi-Variable.ttf
create mode 100644 mkdocs/docs/assets/brand/favicon.ico
create mode 100644 mkdocs/docs/assets/brand/merged-logo.svg
copy {docs/src/site/resources => mkdocs/docs/assets/brand}/ranger-logo.svg
(100%)
create mode 100644 mkdocs/docs/assets/css/custom.css
create mode 100644 mkdocs/docs/assets/css/search-bar.css
create mode 100644 mkdocs/docs/assets/css/table.css
copy
kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSJMXServlet.java =>
mkdocs/docs/assets/js/typewriter.js (56%)
copy
security-admin/src/main/webapp/META-INF/contextXML/ldap_security_settings.xml
=> mkdocs/docs/blog/blog.md (92%)
create mode 100644 mkdocs/docs/features/client-interface/intro.md
copy
security-admin/src/main/webapp/META-INF/contextXML/ldap_security_settings.xml
=> mkdocs/docs/features/gds/gds_intro.md (92%)
copy
security-admin/src/main/webapp/META-INF/contextXML/ldap_security_settings.xml
=> mkdocs/docs/features/sec-zone/intro.md (92%)
create mode 100644 mkdocs/docs/getting-started/install.md
create mode 100644 mkdocs/docs/getting-started/trino-with-ranger.md
create mode 100644 mkdocs/docs/index.md
create mode 100644 mkdocs/docs/overrides/home.html
copy
security-admin/src/main/webapp/META-INF/contextXML/ldap_security_settings.xml
=> mkdocs/docs/plugins/trino.md (92%)
copy security-admin/src/main/resources/META-INF/infinispan-cache-config.xml =>
mkdocs/docs/project/asf-index.md (68%)
create mode 100644 mkdocs/docs/project/contributing.md
create mode 100644 mkdocs/docs/project/cve-list.md
create mode 100644 mkdocs/docs/project/java-code-style.md
create mode 100644 mkdocs/docs/project/release-process.md
create mode 100644 mkdocs/docs/release-notes/index.md
copy
security-admin/src/main/webapp/META-INF/contextXML/ldap_security_settings.xml
=> mkdocs/docs/services/admin/service.md (92%)
copy
security-admin/src/main/webapp/META-INF/contextXML/ldap_security_settings.xml
=> mkdocs/docs/services/kms/service.md (92%)
copy
security-admin/src/main/webapp/META-INF/contextXML/ldap_security_settings.xml
=> mkdocs/docs/services/tagsync/service.md (92%)
copy
security-admin/src/main/webapp/META-INF/contextXML/ldap_security_settings.xml
=> mkdocs/docs/services/usersync/service.md (92%)
create mode 100644 mkdocs/mkdocs.yml
create mode 100644 mkdocs/requirements.txt
create mode 100644
plugin-ozone/src/test/java/org/apache/ranger/authorization/ozone/authorizer/TestRangerOzoneAuthorizer.java
create mode 100644 plugin-ozone/src/test/resources/om_dev_ozone.json
copy ranger-examples/sample-client/conf/ssl-client.xml =>
plugin-ozone/src/test/resources/ranger-ozone-security.xml (68%)
mode change 100644 => 100755 pom.xml
delete mode 100644 ranger-examples/dev-support/ranger-pmd-ruleset.xml
create mode 100644
security-admin/db/mysql/patches/077-drop-audit-columns-from-policy-ref-tables.sql
create mode 100644
security-admin/db/oracle/patches/077-drop-audit-columns-from-policy-ref-tables.sql
create mode 100644
security-admin/db/postgres/patches/077-drop-audit-columns-from-policy-ref-tables.sql
create mode 100644
security-admin/db/sqlanywhere/patches/077-drop-audit-columns-from-policy-ref-tables.sql
create mode 100644
security-admin/db/sqlserver/patches/077-drop-audit-columns-from-policy-ref-tables.sql
create mode 100644
security-admin/src/main/java/org/apache/ranger/patch/PatchForAtlasPolicyUpdateForEntityRead_J10064.java
