-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/70426/
-----------------------------------------------------------
(Updated April 17, 2019, 4:28 p.m.)
Review request for ranger, Madhan Neethiraj, Mehul Parikh, Nikhil P, Pradeep
Agrawal, Ramesh Mani, and Velmurugan Periasamy.
Changes
-------
Addressed review comments
Bugs: RANGER-2400
https://issues.apache.org/jira/browse/RANGER-2400
Repository: ranger
Description
-------
Ranger enforces uniqueness of policy name within a service. However, with
introduction of security zones, policy name needs to be unique within a
security zone and a service. This will obviate the need for inventing unique
policy names if the policy is associated with the same service but different
security zones, as well as present security zone as a namespace in Ranger admin
as it does for making authorization decisions.
Diffs (updated)
-----
agents-common/src/main/java/org/apache/ranger/plugin/model/RangerSecurityZone.java
c3e96bf60
agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java
710e75d57
agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerValidator.java
fa50ab2d6
agents-common/src/main/java/org/apache/ranger/plugin/store/ServiceStore.java
9e37cd550
agents-common/src/test/java/org/apache/ranger/plugin/model/validation/TestRangerPolicyValidator.java
8cdb9c3a6
security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 707c3119a
security-admin/db/mysql/patches/037-create-security-zone-schema.sql a50ec0e34
security-admin/db/mysql/patches/040-modify-unique-constraint-on-policy-table.sql
PRE-CREATION
security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql
e7d89898f
security-admin/db/oracle/patches/037-create-security-zone-schema.sql
354c74dd4
security-admin/db/oracle/patches/040-modify-unique-constraint-on-policy-table.sql
PRE-CREATION
security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql
a1998fc3e
security-admin/db/postgres/patches/037-create-security-zone-schema.sql
434231dd6
security-admin/db/postgres/patches/040-modify-unique-constraint-on-policy-table.sql
PRE-CREATION
security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql
207c5a3a5
security-admin/db/sqlanywhere/patches/037-create-security-zone-schema.sql
893d453e6
security-admin/db/sqlanywhere/patches/040-modify-unique-constraint-on-policy-table.sql
PRE-CREATION
security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql
36aefcff6
security-admin/db/sqlserver/patches/037-create-security-zone-schema.sql
a610b70b1
security-admin/db/sqlserver/patches/040-modify-unique-constraint-on-policy-table.sql
PRE-CREATION
security-admin/src/main/java/org/apache/ranger/biz/SecurityZoneDBStore.java
5499ea7c0
security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
1d341c56f
security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java 2a870efaa
security-admin/src/main/java/org/apache/ranger/entity/XXSecurityZone.java
eccff5feb
security-admin/src/main/java/org/apache/ranger/rest/SecurityZoneREST.java
3c1b1d2ee
security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java
c18759a5d
security-admin/src/main/resources/META-INF/jpa_named_queries.xml 18dc5fe48
security-admin/src/test/java/org/apache/ranger/biz/TestSecurityZoneDBStore.java
ecd120eef
security-admin/src/test/java/org/apache/ranger/rest/TestSecurityZoneREST.java
88a563b6d
security-admin/src/test/java/org/apache/ranger/service/TestRangerPolicyServiceBase.java
c32422ef4
Diff: https://reviews.apache.org/r/70426/diff/6/
Changes: https://reviews.apache.org/r/70426/diff/5-6/
Testing
-------
Created security zone and ensured that the default policies created within zone
have same names as corresponding default policies in unzoned zone. Ensured that
within same zone (including unzoned zone), two policies with same name cannot
be created.
Thanks,
Abhay Kulkarni
