----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/72136/#review219596 -----------------------------------------------------------
agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerUserStoreEnricher.java Lines 45 (patched) <https://reviews.apache.org/r/72136/#comment307777> Is it required that Solr service definition is updated to include this context-enricher? If so, it needs to be included in this patch. Also, if it is included, a Java patch for upgrading Solr service definition also needs to be included. agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerUserStoreEnricher.java Lines 74 (patched) <https://reviews.apache.org/r/72136/#comment307774> If the class-name for UserStoreRetriever is not provided, should it default to some known class (which populates UserStore using adminRESTClient)? agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerUserStoreEnricher.java Lines 504 (patched) <https://reviews.apache.org/r/72136/#comment307772> Is this intended to the implementation of RangerUserStoreRetriever.retrieveUserStoreInfo()? Please review. agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerUserStoreRetriever.java Lines 28 (patched) <https://reviews.apache.org/r/72136/#comment307773> A class implementing RangerUserStoreRetriever needs to be included in the patch. Please review. plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java Lines 370 (patched) <https://reviews.apache.org/r/72136/#comment307775> Would this cause a lot of logging output? Please review and consider logging it at level DEBUG. plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java Lines 384 (patched) <https://reviews.apache.org/r/72136/#comment307776> Is it possible for getUserStoreEnricher() to return null even though attrEnabled is set to true? If so, please check for null to avoid potential NPE. - Abhay Kulkarni On Feb. 15, 2020, 2:03 a.m., Sailaja Polavarapu wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/72136/ > ----------------------------------------------------------- > > (Updated Feb. 15, 2020, 2:03 a.m.) > > > Review request for ranger, Abhay Kulkarni, Ramesh Mani, and Velmurugan > Periasamy. > > > Bugs: RANGER-2723 > https://issues.apache.org/jira/browse/RANGER-2723 > > > Repository: ranger > > > Description > ------- > > Added new context enricher to download userstore to solr plugin. Also > integrated Sentry changes to RangerSolrAuthorizer to use the ldap attributes > and add it to the filter query to while querying documents in solr. > > > Diffs > ----- > > > agents-common/src/main/java/org/apache/ranger/admin/client/AbstractRangerAdminClient.java > 87d0190e6 > > agents-common/src/main/java/org/apache/ranger/admin/client/RangerAdminClient.java > 58eb00a4e > > agents-common/src/main/java/org/apache/ranger/admin/client/RangerAdminRESTClient.java > e5f97477b > > agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerAdminUserStoreRetriever.java > PRE-CREATION > > agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerUserStoreEnricher.java > PRE-CREATION > > agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerUserStoreRetriever.java > PRE-CREATION > > agents-common/src/main/java/org/apache/ranger/plugin/util/RangerAccessRequestUtil.java > bd980ce09 > > agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRESTUtils.java > 0b492ab99 > > plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/FieldToAttributeMapping.java > PRE-CREATION > > plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java > 4538a5bf2 > > plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/SubsetQueryPlugin.java > PRE-CREATION > > > Diff: https://reviews.apache.org/r/72136/diff/1/ > > > Testing > ------- > > 1. Patched test cluster and verified userstore is download to solr plugin > 2. Also verified basic funtionality based on some ldap attributes while > querying solr documents. > > > Thanks, > > Sailaja Polavarapu > >
