-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/42105/
-----------------------------------------------------------
Review request for ranger, Alok Lal, Don Bosco Durai, Abhay Kulkarni, Madhan
Neethiraj, Ramesh Mani, Selvamohan Neethiraj, and Velmurugan Periasamy.
Bugs: RANGER-806
https://issues.apache.org/jira/browse/RANGER-806
Repository: ranger
Description
-------
Problem Statement:
As of now, Delete Users feature is not available in Ranger UI.
Proposed Solution:
This JIRA provides, java utility patch that users can use to delete list of
users from Ranger database. Utility can accept an input file which should have
users need to be deleted and a replacing user, which shall be used to change
references of deleted user. if replacing user does not exist or not provided
then system shall pick one available user with role 'ROLE_SYS_ADMIN'.
After Ranger admin is installed successfully, User should be able to execute
this command line utility by providing Driver jar file according to his Ranger
DB Flavour.
A sample command need to be provided and documented so that user can execute
them by changing path of Ranger Admin install dir, libraries and logs according
to his environment.
Diffs
-----
security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java aaa4fa5
security-admin/src/main/java/org/apache/ranger/db/XXAuditMapDao.java 481e486
security-admin/src/main/java/org/apache/ranger/db/XXAuthSessionDao.java
4c9bdc5
security-admin/src/main/java/org/apache/ranger/db/XXGroupUserDao.java ffc3c32
security-admin/src/main/java/org/apache/ranger/db/XXPermMapDao.java 23c5c48
security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemUserPermDao.java
40a0da1
security-admin/src/main/java/org/apache/ranger/db/XXPortalUserDao.java
393252c
security-admin/src/main/java/org/apache/ranger/db/XXPortalUserRoleDao.java
99d0fe2
security-admin/src/main/java/org/apache/ranger/db/XXUserPermissionDao.java
2db6fd6
security-admin/src/main/java/org/apache/ranger/patch/cliutil/DeleteUserUtil.java
PRE-CREATION
security-admin/src/main/resources/META-INF/jpa_named_queries.xml 55c4f1c
Diff: https://reviews.apache.org/r/42105/diff/
Testing
-------
Steps performed (with patch) :
1. After Ranger installation, started Ranger admin and usersync to sync unix os
users.
2. Created one input file and added user names from the list of synced users.
3. Executed below given command to delete users:
/usr/lib/jvm/java-1.7.0-openjdk.x86_64/bin/java
-Dlogdir=/tmp/ranger-0.5.0-admin/ews/logs
-Dlog4j.configuration=db_patch.log4j.xml -cp
/tmp/ranger-0.5.0-admin/ews/webapp/WEB-INF/classes/conf:/tmp/ranger-0.5.0-admin/ews/webapp/WEB-INF/classes/lib/*:/tmp/ranger-0.5.0-admin/ews/webapp/WEB-INF/:/tmp/ranger-0.5.0-admin/ews/webapp/META-INF/:/tmp/ranger-0.5.0-admin/ews/webapp/WEB-INF/lib/*:/tmp/ranger-0.5.0-admin/ews/webapp/WEB-INF/classes/:/tmp/ranger-0.5.0-admin/ews/webapp/WEB-INF/classes/META-INF:/usr/share/java/mysql-connector-java.jar
org.apache.ranger.patch.cliutil.DeleteUserUtil -f /tmp/user.txt -ru admin
Result/Behavior:
1. Browsed user/group page in Ranger Admin UI and found that users name added
in user.txt are now not appearing in UI.
2. Picked a deleted user and Checked reference of that user in various ranger
db tables, references were replaced with 'admin' user as it was given with
'-ru' switch.
Thanks,
Gautam Borad
