-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/70389/
-----------------------------------------------------------
Review request for ranger.
Bugs: RANGER-2394
https://issues.apache.org/jira/browse/RANGER-2394
Repository: ranger
Description
-------
Currently the audit search only allows to:
* filter to one user's activity
* exclude all 'service users' from every user's activity.
If there were way to search for multiple users or exclude multiple users from
the search list, it would make debugging complex interactions simpler, for
example only look for actions for 'alice' and 'hive' and 'yarn'
The frontend tweaked a bit, so if multiple users are passed to the jquery
layer, the user names are always converted as
requestUser=aaa&requestUser=bbb&requestUser=ccc instead of changing to
requestUser[]=aaa&requestUser[]=bbb&requestUser[]=ccc, which would be an
incompatible change between the server and to any potential client code.
Diffs
-----
security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java ce577e0fc
security-admin/src/main/java/org/apache/ranger/rest/XAuditREST.java fdf5ad86b
security-admin/src/main/java/org/apache/ranger/solr/SolrAccessAuditsService.java
cf2a3b4d8
security-admin/src/main/webapp/scripts/utils/XAUtils.js b14f4b918
security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js e7b45d992
Diff: https://reviews.apache.org/r/70389/diff/1/
Testing
-------
Tested on a live cluster that:
* searching for one user
* searching for multiple users
* excluding one user
* excluding multiple users
* searching for one user + 'excluding service users'
* searching for multiple users + 'excluding service users'
* excluding one user + 'excluding service users'
* excluding multiple users + 'excluding service users'
works as expected.
Thanks,
Zsombor Gegesy
