> On July 7, 2020, 3:57 a.m., Pradeep Agrawal wrote: > > security-admin/src/main/java/org/apache/ranger/patch/PatchForAtlasToAddAdminPurge_J10039.java > > Lines 39 (patched) > > <https://reviews.apache.org/r/72621/diff/1/?file=2235021#file2235021line39> > > > > Can you review the changes done in patch > > https://github.com/apache/ranger/blob/master/security-admin/src/main/java/org/apache/ranger/patch/PatchForAtlasToAddEntityLabelAndBusinessMetadata_J10034.java#L65 > > > > > > I think this additional patch J10039 is not required. J10034 should > > address the required changes. if its not then you can add the required code > > change from J10039 to J10034. > > Please review again and post analysis if there is any problem with > > adding the changes in J10034. > > Nixon Rodrigues wrote: > Pradeep thanks for review. > > You are right that patch J10034 will handle the upgrade case, but since > some internal snapshot deployments where java patch J10034 is already applied > and admin-purge permission in accessTypeRestrictions is missing in serviceDef > will need patch J10039. > > Let me know if you need any information for this patch. > > Pradeep Agrawal wrote: > J10034 was introduced in current master branch(after 2.0.0 release) and > 2.1.0 is not released yet. Hence it will be good to add the necessary changes > in patch J10034 only. > > Only your local dev env may already have J10034, in that case you can > refresh your database or rerun the patch manually to make it work.
Thanks Pradeep for review and your idea of reapplying patch makes sense. I have updated the patch to add "admin-purge" permission in accessTypeRestrictions which is missing in serviceDef - Nixon ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/72621/#review221141 ----------------------------------------------------------- On June 26, 2020, 10:55 a.m., Nixon Rodrigues wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/72621/ > ----------------------------------------------------------- > > (Updated June 26, 2020, 10:55 a.m.) > > > Review request for ranger, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, > Sarath Subramanian, and Velmurugan Periasamy. > > > Bugs: RANGER-2821 > https://issues.apache.org/jira/browse/RANGER-2821 > > > Repository: ranger > > > Description > ------- > > This patch adds admin-purge permission into accessTypeRestrictions for > atlas-service resource. > > Also addded Java patch to handle upgrade scenerio for old ranger deployments > > > Diffs > ----- > > agents-common/src/main/resources/service-defs/ranger-servicedef-atlas.json > f93d7282b > security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql > 832d650cf > security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql > 4576e9677 > security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql > 6a0941ff6 > > security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql > b663f3b02 > security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql > 695615626 > > security-admin/src/main/java/org/apache/ranger/patch/PatchForAtlasToAddAdminPurge_J10039.java > PRE-CREATION > > > Diff: https://reviews.apache.org/r/72621/diff/1/ > > > Testing > ------- > > Testing:- > > Packaged Ranger 2.1.0 snapshot from master and installed and tested policy UI > for Atlas - Able to see "Admin Purge" permission for atlas-service resource. > > Upgrade case:- > Packaged Ranger-2.0.0 from release bits and installed and tested UI. > Packaged Ranger-2.1.0 from master and used same install.properties from 2.0.0 > and executed setup.py and started Ranger. Able to see "Admin Purge" > permission for atlas-service resource. > > > Thanks, > > Nixon Rodrigues > >
