----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/42105/ -----------------------------------------------------------
Review request for ranger, Alok Lal, Don Bosco Durai, Abhay Kulkarni, Madhan Neethiraj, Ramesh Mani, Selvamohan Neethiraj, and Velmurugan Periasamy. Bugs: RANGER-806 https://issues.apache.org/jira/browse/RANGER-806 Repository: ranger Description ------- Problem Statement: As of now, Delete Users feature is not available in Ranger UI. Proposed Solution: This JIRA provides, java utility patch that users can use to delete list of users from Ranger database. Utility can accept an input file which should have users need to be deleted and a replacing user, which shall be used to change references of deleted user. if replacing user does not exist or not provided then system shall pick one available user with role 'ROLE_SYS_ADMIN'. After Ranger admin is installed successfully, User should be able to execute this command line utility by providing Driver jar file according to his Ranger DB Flavour. A sample command need to be provided and documented so that user can execute them by changing path of Ranger Admin install dir, libraries and logs according to his environment. Diffs ----- security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java aaa4fa5 security-admin/src/main/java/org/apache/ranger/db/XXAuditMapDao.java 481e486 security-admin/src/main/java/org/apache/ranger/db/XXAuthSessionDao.java 4c9bdc5 security-admin/src/main/java/org/apache/ranger/db/XXGroupUserDao.java ffc3c32 security-admin/src/main/java/org/apache/ranger/db/XXPermMapDao.java 23c5c48 security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemUserPermDao.java 40a0da1 security-admin/src/main/java/org/apache/ranger/db/XXPortalUserDao.java 393252c security-admin/src/main/java/org/apache/ranger/db/XXPortalUserRoleDao.java 99d0fe2 security-admin/src/main/java/org/apache/ranger/db/XXUserPermissionDao.java 2db6fd6 security-admin/src/main/java/org/apache/ranger/patch/cliutil/DeleteUserUtil.java PRE-CREATION security-admin/src/main/resources/META-INF/jpa_named_queries.xml 55c4f1c Diff: https://reviews.apache.org/r/42105/diff/ Testing ------- Steps performed (with patch) : 1. After Ranger installation, started Ranger admin and usersync to sync unix os users. 2. Created one input file and added user names from the list of synced users. 3. Executed below given command to delete users: /usr/lib/jvm/java-1.7.0-openjdk.x86_64/bin/java -Dlogdir=/tmp/ranger-0.5.0-admin/ews/logs -Dlog4j.configuration=db_patch.log4j.xml -cp /tmp/ranger-0.5.0-admin/ews/webapp/WEB-INF/classes/conf:/tmp/ranger-0.5.0-admin/ews/webapp/WEB-INF/classes/lib/*:/tmp/ranger-0.5.0-admin/ews/webapp/WEB-INF/:/tmp/ranger-0.5.0-admin/ews/webapp/META-INF/:/tmp/ranger-0.5.0-admin/ews/webapp/WEB-INF/lib/*:/tmp/ranger-0.5.0-admin/ews/webapp/WEB-INF/classes/:/tmp/ranger-0.5.0-admin/ews/webapp/WEB-INF/classes/META-INF:/usr/share/java/mysql-connector-java.jar org.apache.ranger.patch.cliutil.DeleteUserUtil -f /tmp/user.txt -ru admin Result/Behavior: 1. Browsed user/group page in Ranger Admin UI and found that users name added in user.txt are now not appearing in UI. 2. Picked a deleted user and Checked reference of that user in various ranger db tables, references were replaced with 'admin' user as it was given with '-ru' switch. Thanks, Gautam Borad