----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/71413/#review217517 -----------------------------------------------------------
Please review RangerHiveAuditHandler.createAuditEvent() to ensure that it does not create an audit event if the policy-type is data-mask/row-filter and no data-masking/row-filtering is needed. - Abhay Kulkarni On Aug. 29, 2019, 11:20 p.m., Ramesh Mani wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/71413/ > ----------------------------------------------------------- > > (Updated Aug. 29, 2019, 11:20 p.m.) > > > Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, > Madhan Neethiraj, Pradeep Agrawal, Selvamohan Neethiraj, Sailaja Polavarapu, > and Velmurugan Periasamy. > > > Repository: ranger > > > Description > ------- > > RANGER-2556:RangerHivePlugin Row filtering and Column Masking auditing gives > inconsistent audit information > > > Diffs > ----- > > > hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java > bb015c5 > > > Diff: https://reviews.apache.org/r/71413/diff/1/ > > > Testing > ------- > > Testing done in Local VM > - Create a new Rowfilter and column masking policy on a table t1 > - do select * on table t1 with user who has masking / row filter policy > - check audits are created for the policies > - do select * on table t1 with user who does have masking / row filter > policy > - check that denial audits are not created for this and it audits only the > resource policy if it allows. > > > Thanks, > > Ramesh Mani > >
