-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/48898/
-----------------------------------------------------------
Review request for ranger, Alok Lal, Don Bosco Durai, Gautam Borad, Abhay
Kulkarni, Madhan Neethiraj, Ramesh Mani, Selvamohan Neethiraj, and Velmurugan
Periasamy.
Bugs: RANGER-1039
https://issues.apache.org/jira/browse/RANGER-1039
Repository: ranger
Description
-------
**Problem statement: ** User and groups having special characters are not
populating in edit policy page and user-group permission section is not
rendering permissions.
*Example Case:* Ranger admin behavior where one of policy contains username
usu+gonzáev
While loading Edit policy page; each user details are requested using
userSearch API by sending username as search filter.
observed REST request was :
http://localhost:6080/service/xusers/users?page=0&pageSize=25&startIndex=0&name=usu%2Bgonz%C3%A1ev
At Ranger admin end when request was received; then the same username was
received as : usu+gonzáev
To fetch user details; generated Sql query was : SELECT COUNT(ID) FROM x_user
WHERE ((1 = 1) AND LOWER(USER_NAME) LIKE '%usu+gonz??ev%')
Above SQL query didn't returned any row as provided username did not matches
with available username in db; in DB username entry was observed as :
'usu+gonz?ev'
REST call returned response code 200 with no records; UI end code did not get
any response object so it got stuck there.
**Proposed Solution: ** Rather using user search api; From UI below given APIs
can be used to avoid encoded character addition in request.
API for search based on username : **service/xusers/users/userName/{userName}**
API for search based on groupname :
**service/xusers/groups/groupName/{groupName}**
Diffs
-----
security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java 1441ff5
security-admin/src/main/webapp/scripts/views/policies/PermissionList.js
44134af
Diff: https://reviews.apache.org/r/48898/diff/
Testing
-------
**Steps performed(with patch)**
1. Installed and started Ranger admin and Ranger usersync.
2. Created a user 'usu+gonzáev' from curl request.
curl -u admin:admin -p -k --header "Accept:application/json" -H
"Content-Type:application/json" -X POST
"http://localhost:6080/service/xusers/secure/users"; -d
'{"groupIdList":null,"status":1,"userRoleList":["ROLE_USER"],"name":"usu+gonzáev","password":"user1234","firstName":"user4","lastName":"user4","emailAddress":""}'
3. Created a group 'usu+gonzáev'
curl -u admin:admin -p -k --header "Accept:application/json" -H
"Content-Type:application/json" -X POST
"http://localhost:6080/service/xusers/secure/groups"; -d
'{"name":"usu+gonzáev","description":"usu+gonzáev"}'
4. Logged into Ranger admin and created a knox policy.
5. Added user 'usu+gonzáev' and group 'usu+gonzáev' in that policy.
6. Visited edit policy page of above created knox policy.
**Expected Behavior:**
Edit policy page should load and in user-group permission page user/group
'usu+gonzáev' should appear.
**Actual Behavior:**
Edit policy page was loaded without any issue and in user-group permission page
user/group 'usu+gonzáev' was appearing.
Thanks,
Pradeep Agrawal
