> On Dec. 2, 2020, 1:32 a.m., Abhay Kulkarni wrote: > > security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java > > Lines 4379 (patched) > > <https://reviews.apache.org/r/73033/diff/2/?file=2242123#file2242123line4439> > > > > Does bizUtil.hasAdminPermissions check if the user is Ranger admin or > > has service admin privileges? If not, then please make sure that > > service-admin can delete the service.
This behaviour is part of existing delete functionality. Since any user (for instance user with role auditor can be service-admin) can be service-admin this will increase complexity for patch and testing. I will create seperate jira to track this task. - Kishor ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73033/#review222264 ----------------------------------------------------------- On Dec. 3, 2020, 11:51 a.m., Kishor Gollapalliwar wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/73033/ > ----------------------------------------------------------- > > (Updated Dec. 3, 2020, 11:51 a.m.) > > > Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Jayendra Parab, > Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Ramesh Mani, Vishal Suvagia, > and Velmurugan Periasamy. > > > Bugs: RANGER-2972 > https://issues.apache.org/jira/browse/RANGER-2972 > > > Repository: ranger > > > Description > ------- > > Create REST api in ranger admin which will delete services/ repos associated > with a cluster. > > > Diffs > ----- > > > agents-common/src/main/java/org/apache/ranger/plugin/model/ServiceDeleteResponse.java > PRE-CREATION > > security-admin/src/main/java/org/apache/ranger/db/XXServiceConfigMapDao.java > 4217473fe > security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java > 1049d16a5 > > security-admin/src/main/java/org/apache/ranger/security/context/RangerAPIList.java > 1e38ef1b5 > security-admin/src/main/resources/META-INF/jpa_named_queries.xml 1ba652905 > > > Diff: https://reviews.apache.org/r/73033/diff/3/ > > > Testing > ------- > > Existing Functionality: > 1.CREATE service via UI > 2.CREATE service via CURL > 3.UPDATE service via UI > 4.UPDATE service via CURL > 5.DELETE service via UI > 6.DELETE service via CURL > > New Functinality: > 1.Curl command to tear down cluster, with zero associated services > 2.Curl command to tear down cluster, with more than 1 associated services > (single cluster) > 3.Curl command to tear down cluster, with more than 1 associated services > (multi cluster) > > Sample Curl Commands: > 1. curl -v -u admin:admin123 -X POST -H "Accept:application/json" -H > "Content-Type:application/json" > http://localhost:6080/service/plugins/services -d > '{"name":"hive2","displayName":"hive2","description":"hive2","isEnabled":true,"tagService":"","configs":{"service.user.hive":"hive","service.user.group.hadoop":"hadoop","service.user.group.public":"public","username":"admin","password":"admin","jdbc.driverClassName":"org.apache.hive.jdbc.HiveDriver","jdbc.url":"jdbc://localhost:9083","cluster.name":"cluster3"},"type":"hive"}' > 2. curl -v -u admin:admin123 -X PUT -H "Accept:application/json" -H > "Content-Type:application/json" > "http://localhost:6080/service/plugins/services/12"; -d > '{"id":14,"guid":"43a890b3-a4c2-4ff8-95d7-1e7c3abb08c9","isEnabled":true,"createdBy":"Admin","updatedBy":"Admin","createTime":1606197964895,"updateTime":1606197964896,"version":1,"type":"hive","name":"hive2","displayName":"hive2","description":"hive2","configs":{"cluster.name":"cluster4","password":"*****","service.user.group.public":"public","service.user.hive":"hive","service.user.group.hadoop":"hadoop","jdbc.driverClassName":"org.apache.hive.jdbc.HiveDriver","jdbc.url":"jdbc://localhost:9083","username":"admin"},"policyVersion":1,"policyUpdateTime":1606197964897,"tagVersion":1,"tagUpdateTime":1606197964897}' > 3. curl -iv -u admin:admin123 -X POST -H "Accept:application/json" -H > "Content-Type:application/json" > http://localhost:6080/service/plugins/cluster/tear-down/cluster3 > > > Thanks, > > Kishor Gollapalliwar > >
