----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74763/#review226997 -----------------------------------------------------------
Ship it! Ship It! - Abhishek Patil On Oct. 9, 2024, 12:47 p.m., Pradeep Agrawal wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/74763/ > ----------------------------------------------------------- > > (Updated Oct. 9, 2024, 12:47 p.m.) > > > Review request for ranger, Abhishek Kumar, bhavik patel, Dhaval Shah, > Dineshkumar Yadav, Kishor Gollapalliwar, Abhay Kulkarni, Madhan Neethiraj, > Mehul Parikh, Ramesh Mani, Sailaja Polavarapu, and Velmurugan Periasamy. > > > Bugs: RANGER-4607 > https://issues.apache.org/jira/browse/RANGER-4607 > > > Repository: ranger > > > Description > ------- > > **Problem Statement:** Ranger REST API responses are not proper. Most of the > legacy REST API's response format are not correct and gives false information. > > **Proposed Solution:** This review request shall address multiple issues > related to old APIs. > The list of issues which shall be addressed with review request are : > > RANGER-4545: DELETE /assets/resources/{resource_id} API should return proper > status code for non admin users > RANGER-4546: /assets/ugsyncAudits/{sync_source} API is accessible by user > without permission on audit module > RANGER-4548: Return proper error message in the response for /tags/tags, > /tags/resources and /tags/types API for non admin users > RANGER-4547: The reponse metrics (pagination values) for the > /assets/ugsyncAudits/{sync_source} API is not proper > RANGER-4549: Non admin users cannot access /public/v2/api/roles/names and > /public/v2/api/roles/name/{name} API, but can access /public/v2/api/roles API > RANGER-4551: No response returned for /assets/policyList/{service_name} API > RANGER-4550: API request to /assets/resource/{id} returns no response > RANGER-4552: Response metrics for /assets/report is not proper, and > pagination does not work > RANGER-4553: Response metrics for /xaudit/trx_log not proper > RANGER-4554: Response metrics for /assets/resources not proper > RANGER-4555: Response metrics for /assets/assets API not proper > RANGER-4573: /xaudit/trx_log API not accessible by keyadmin user > RANGER-4578: /xuser/groupgroups and /xuser/groupusers APIs allow creation of > entities even without groupId / userId fields in the request > RANGER-4574: /public/v2/api/service/{service_name}/policy/{policy_name} API > returns policies for users without access to the policy > RANGER-4575: /plugins/policy/{policy_id}/version/{version_number} API returns > policies for users without access to the policy > RANGER-4576: User without access to policy is able to fetch policy details > using /plugins/policies/{service_type}/for-resource API endpoint > RANGER-4577: UI and API behaviour for fetching users not consistent for > keyadmin users > RANGER-4589: keyadmin user can update the user password via UI but cannot > update the user password using /users/{user_id}/passwordchange API > RANGER-4588: /xaudit/trx_log/{trx_log_id} is not accessible by keyadmin user > RANGER-4591: keyadmin user can access non kms related admin audits using > /assets/report/{transaction_id} API > RANGER-4594: keyadmin user can mark ROLE_USER users as disabled by setting > status to 0 using /users API > RANGER-4595: keyadmin user able to view the user permission objects via > /users API > RANGER-4596: keyadmin can fetch the details of admin and auditor users > through /users API endpoint > RANGER-4598: ROLE_USER cannot acccess /xusers/groups API but can access > /xusers/groups/groupName/{group_name} API > RANGER-4586: XUserREST and UserREST API improvement for keyadmin users > > Note: For individual issue fix please refer patch file attached in the > respective jira tickets. > > > Diffs > ----- > > security-admin/src/main/java/org/apache/ranger/biz/AssetMgr.java 00062f3e2 > security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java > c934fdd7c > security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java 0e723d9c4 > security-admin/src/main/java/org/apache/ranger/biz/XAuditMgr.java 2fde68de1 > security-admin/src/main/java/org/apache/ranger/biz/XAuditMgrBase.java > c53db99f3 > security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java 5ba6c14b9 > security-admin/src/main/java/org/apache/ranger/biz/XUserMgrBase.java > 54e6d373a > security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java > 93672662d > security-admin/src/main/java/org/apache/ranger/rest/RoleREST.java 7be7127cb > security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java > be56c487f > security-admin/src/main/java/org/apache/ranger/rest/TagREST.java 2adf0b0a2 > security-admin/src/main/java/org/apache/ranger/rest/UserREST.java c6557b11c > security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java > 0a3c524b5 > > security-admin/src/main/java/org/apache/ranger/security/context/RangerAPIList.java > 892414d8d > > security-admin/src/main/java/org/apache/ranger/security/context/RangerAPIMapping.java > 59cd2a6dc > security-admin/src/main/java/org/apache/ranger/service/XGroupService.java > 98ee62612 > > security-admin/src/main/java/org/apache/ranger/service/XUgsyncAuditInfoService.java > 942d53e91 > security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java > 2b4ba0d15 > security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java > 29f2ce802 > security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java > de342e994 > security-admin/src/test/java/org/apache/ranger/rest/TestAssetREST.java > fa14d93f9 > security-admin/src/test/java/org/apache/ranger/rest/TestRoleREST.java > 3978fab1b > security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java > 40de07150 > security-admin/src/test/java/org/apache/ranger/rest/TestTagREST.java > 7165a304d > security-admin/src/test/java/org/apache/ranger/rest/TestUserREST.java > cb2ccc47c > security-admin/src/test/java/org/apache/ranger/rest/TestXUserREST.java > 74744e6cf > > > Diff: https://reviews.apache.org/r/74763/diff/7/ > > > Testing > ------- > > Tested affected REST APIs using curl command and found the response as per > the expectation. > > > Thanks, > > Pradeep Agrawal > >
