----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/58608/#review172931 -----------------------------------------------------------
Ship it! Ship It! - Velmurugan Periasamy On April 25, 2017, 6:30 a.m., bhavik patel wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/58608/ > ----------------------------------------------------------- > > (Updated April 25, 2017, 6:30 a.m.) > > > Review request for ranger, Ankita Sinha, Gautam Borad, Abhay Kulkarni, Madhan > Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, > and Velmurugan Periasamy. > > > Bugs: RANGER-1481 > https://issues.apache.org/jira/browse/RANGER-1481 > > > Repository: ranger > > > Description > ------- > > In order to support Ranger authorization from multiple clusters, it will be > useful to capture details of Ambari cluster name, Ranger needs to make > provision to capture that info to be shown in Audit Access logs. > This will be helpful when centralized Ranger is used to authorize hadoop > components across multiple clusters setup by Ambari. > > > Diffs > ----- > > > agents-audit/src/main/java/org/apache/ranger/audit/destination/SolrAuditDestination.java > e689e5d > > agents-audit/src/main/java/org/apache/ranger/audit/model/AuthzAuditEvent.java > b547c43 > > agents-audit/src/main/java/org/apache/ranger/audit/provider/solr/SolrAuditProvider.java > 22aebb5 > > agents-common/src/main/java/org/apache/ranger/admin/client/RangerAdminRESTClient.java > bcb07d7 > > agents-common/src/main/java/org/apache/ranger/plugin/audit/RangerDefaultAuditHandler.java > 1cb2295 > > agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequest.java > 0668d57 > > agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java > 17d1a71 > > agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestReadOnly.java > a18e8bc > > agents-common/src/main/java/org/apache/ranger/plugin/service/RangerBasePlugin.java > eda0014 > > agents-common/src/main/java/org/apache/ranger/plugin/util/GrantRevokeRequest.java > c9b3481 > > agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRESTUtils.java > 609f717 > > hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/AuthorizationSession.java > dedbe1e > > hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationCoprocessor.java > 8ee3580 > > hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java > 460c692 > > hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAccessRequest.java > b9f1cde > > hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java > 2baa97b > > knox-agent/src/main/java/org/apache/ranger/admin/client/RangerAdminJersey2RESTClient.java > fb92616 > > knox-agent/src/main/java/org/apache/ranger/authorization/knox/KnoxRangerPlugin.java > 61604b0 > > knox-agent/src/main/java/org/apache/ranger/authorization/knox/RangerPDPKnoxFilter.java > 55ebf58 > > plugin-atlas/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasAuthorizer.java > 2038645 > > plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java > 472b734 > > plugin-kms/src/main/java/org/apache/ranger/authorization/kms/authorizer/RangerKmsAuthorizer.java > 9bebafa > > plugin-yarn/src/main/java/org/apache/ranger/authorization/yarn/authorizer/RangerYarnAuthorizer.java > 2338ba1 > security-admin/db/mysql/patches/026-add-column-in-x_policy_export_audit.sql > PRE-CREATION > > security-admin/db/oracle/patches/026-add-column-in-x_policy_export_audit.sql > PRE-CREATION > > security-admin/db/postgres/patches/026-add-column-in-x_policy_export_audit.sql > PRE-CREATION > > security-admin/db/sqlanywhere/patches/026-add-column-in-x_policy_export_audit.sql > PRE-CREATION > > security-admin/db/sqlserver/patches/026-add-column-in-x_policy_export_audit.sql > PRE-CREATION > > security-admin/src/main/java/org/apache/ranger/entity/XXPolicyExportAudit.java > 4544614 > security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java f0d2401 > security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java > 9ec81b3 > > security-admin/src/main/java/org/apache/ranger/service/XAccessAuditService.java > e8fff6a > > security-admin/src/main/java/org/apache/ranger/service/XPolicyExportAuditService.java > 870e45d > > security-admin/src/main/java/org/apache/ranger/service/XPolicyExportAuditServiceBase.java > e83d70a > > security-admin/src/main/java/org/apache/ranger/solr/SolrAccessAuditsService.java > 917c760 > security-admin/src/main/java/org/apache/ranger/solr/SolrUtil.java a851c3e > security-admin/src/main/java/org/apache/ranger/view/VXAccessAudit.java > f99aa05 > > security-admin/src/main/java/org/apache/ranger/view/VXPolicyExportAudit.java > 41322da > security-admin/src/main/webapp/scripts/modules/globalize/message/en.js > 1551d86 > security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js 8a0abb8 > security-admin/src/test/java/org/apache/ranger/rest/TestAssetREST.java > 193bffe > security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java > c546747 > > storm-agent/src/main/java/org/apache/ranger/authorization/storm/StormRangerPlugin.java > 111083c > > storm-agent/src/main/java/org/apache/ranger/authorization/storm/authorizer/RangerStormAuthorizer.java > 9751213 > > > Diff: https://reviews.apache.org/r/58608/diff/3/ > > > Testing > ------- > > 1.Verified cluster name is getting populated on on Audit => Access tab, when > audit events generated by multiple clusters. > > 2.Verified cluster name is getting populated on Audit => Plugins tab, when > plugin is synchronized with ranger from separate clusters setup by Ambari. > > 3.Verified upgrade scenario from older version to latest version. As soon as > we upgrade to latest version, If it is a Ambari based install and if plugin > passes the Ambari cluster name. It starts showing in Access log as well as in > plugins tab. > > > Thanks, > > bhavik patel > >