----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31763/#review75392 -----------------------------------------------------------
security-admin/src/main/java/org/apache/ranger/rest/RangerPolicyValidator.java <https://reviews.apache.org/r/31763/#comment122407> serviceType validatity check should be applicable even when policyItems is empty - for example to validate the resources in the policy. Why this condition "CollectionUtils.isNotEmpty(policyItems)"? . security-admin/src/main/java/org/apache/ranger/rest/RangerPolicyValidator.java <https://reviews.apache.org/r/31763/#comment122414> ResourceDef.validationRegEx should be used to validate the resource values in the policy. security-admin/src/main/java/org/apache/ranger/rest/RangerPolicyValidator.java <https://reviews.apache.org/r/31763/#comment122415> This check is duplicated in the caller. Please remove one of these. security-admin/src/main/java/org/apache/ranger/rest/RangerPolicyValidator.java <https://reviews.apache.org/r/31763/#comment122416> It might be efficient to collect all accessTypes in "accesses" to a Set<String> and compare/difference with getServiceTypes(serviceDef). security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java <https://reviews.apache.org/r/31763/#comment122418> validation missing during policy CREATE? security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java <https://reviews.apache.org/r/31763/#comment122419> validation missing during policy UPDATE? security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java <https://reviews.apache.org/r/31763/#comment122420> CREATE ==> DELETE - Madhan Neethiraj On March 5, 2015, 8:29 a.m., Alok Lal wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/31763/ > ----------------------------------------------------------- > > (Updated March 5, 2015, 8:29 a.m.) > > > Review request for ranger. > > > Bugs: RANGER-278 > https://issues.apache.org/jira/browse/RANGER-278 > > > Repository: ranger > > > Description > ------- > > Added validation for policy create/update/delete operations. Moved action out > of ctor to validate call. > > > Diffs > ----- > > agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java > ab8384c > > security-admin/src/main/java/org/apache/ranger/rest/RangerPolicyValidator.java > PRE-CREATION > > security-admin/src/main/java/org/apache/ranger/rest/RangerServiceValidator.java > 08184c7 > security-admin/src/main/java/org/apache/ranger/rest/RangerValidator.java > 3f25266 > > security-admin/src/main/java/org/apache/ranger/rest/RangerValidatorFactory.java > 6c75a2f > security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java > fc2178f > > security-admin/src/test/java/org/apache/ranger/rest/TestRangerPolicyValidator.java > PRE-CREATION > > security-admin/src/test/java/org/apache/ranger/rest/TestRangerServiceValidator.java > 3bbb123 > > security-admin/src/test/java/org/apache/ranger/rest/TestServiceRESTForValidation.java > 483e914 > > security-admin/src/test/java/org/apache/ranger/rest/TestServiceValidator.java > a1879c4 > > security-admin/src/test/java/org/apache/ranger/rest/ValidationTestUtils.java > 0925aa1 > > Diff: https://reviews.apache.org/r/31763/diff/ > > > Testing > ------- > > Additional junits added. Patch allies to latest trunk. > > > Thanks, > > Alok Lal > >
