----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/71260/ -----------------------------------------------------------
(Updated Aug. 14, 2019, 12:44 a.m.) Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Selvamohan Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy. Changes ------- Fixed an issue with Grant pemission calls Bugs: RANGER-2512 https://issues.apache.org/jira/browse/RANGER-2512 Repository: ranger Description ------- RANGER-2512:RangerRolesRESTClient for serving user group roles to the plugins for evaluation Diffs (updated) ----- agents-common/src/main/java/org/apache/ranger/admin/client/AbstractRangerAdminClient.java 6367235 agents-common/src/main/java/org/apache/ranger/admin/client/RangerAdminClient.java b09a9be agents-common/src/main/java/org/apache/ranger/admin/client/RangerAdminRESTClient.java 62d5776 agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPluginInfo.java e3f9f15 agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngine.java d201aa6 agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineCache.java 015ca09 agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java daa62f4 agents-common/src/main/java/org/apache/ranger/plugin/service/RangerAuthContext.java 02f3431 agents-common/src/main/java/org/apache/ranger/plugin/service/RangerBasePlugin.java 8d89a18 agents-common/src/main/java/org/apache/ranger/plugin/util/PolicyRefresher.java 0e52c31 agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRESTUtils.java 310f69d agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRoles.java PRE-CREATION agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRolesProvider.java PRE-CREATION agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRolesUtil.java PRE-CREATION agents-common/src/main/java/org/apache/ranger/plugin/util/ServicePolicies.java 8c63434 agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngine.java d1e0c23 knox-agent/src/main/java/org/apache/ranger/admin/client/RangerAdminJersey2RESTClient.java f57012e security-admin/src/main/java/org/apache/ranger/biz/AssetMgr.java 63959c9 security-admin/src/main/java/org/apache/ranger/biz/RoleDBStore.java 28b2c11 security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java ef22354 security-admin/src/main/java/org/apache/ranger/common/RangerRoleCache.java PRE-CREATION security-admin/src/main/java/org/apache/ranger/db/XXGlobalStateDao.java f6b9e1a security-admin/src/main/java/org/apache/ranger/rest/RoleREST.java 25fb085 security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 348d072 Diff: https://reviews.apache.org/r/71260/diff/3/ Changes: https://reviews.apache.org/r/71260/diff/2-3/ Testing ------- - Testing done in Local Vm for 1) Role cache file creation along with Policy file. 2) Role based authorization happening based on the user / group role in the plugin. 3) Ranger Admin now has role version and based on the roles are to be fetched to the plugin. 4) RoleREST curl -u user:password -H "Accept: application/json" -H "Content-Type: application/json" -X GET "http://`hostname -f`:6080/service/roles/secure/download/cm_hive?lastKnownRoleVersion=-1" Thanks, Ramesh Mani