----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/48898/#review138747 -----------------------------------------------------------
Ship it! Ship It! - Velmurugan Periasamy On June 18, 2016, 3:19 a.m., Pradeep Agrawal wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/48898/ > ----------------------------------------------------------- > > (Updated June 18, 2016, 3:19 a.m.) > > > Review request for ranger, Alok Lal, Don Bosco Durai, Gautam Borad, Abhay > Kulkarni, Madhan Neethiraj, Ramesh Mani, Selvamohan Neethiraj, and Velmurugan > Periasamy. > > > Bugs: RANGER-1039 > https://issues.apache.org/jira/browse/RANGER-1039 > > > Repository: ranger > > > Description > ------- > > **Problem statement: ** User and groups having special characters are not > populating in edit policy page and user-group permission section is not > rendering permissions. > *Example Case:* Ranger admin behavior where one of policy contains username > usu+gonzáev > While loading Edit policy page; each user details are requested using > userSearch API by sending username as search filter. > observed REST request was : > http://localhost:6080/service/xusers/users?page=0&pageSize=25&startIndex=0&name=usu%2Bgonz%C3%A1ev > At Ranger admin end when request was received; then the same username was > received as : usu+gonzáev > To fetch user details; generated Sql query was : SELECT COUNT(ID) FROM x_user > WHERE ((1 = 1) AND LOWER(USER_NAME) LIKE '%usu+gonz??ev%') > Above SQL query didn't returned any row as provided username did not matches > with available username in db; in DB username entry was observed as : > 'usu+gonz?ev' > REST call returned response code 200 with no records; UI end code did not get > any response object so it got stuck there. > **Proposed Solution: ** Rather using user search api; From UI below given > APIs can be used to avoid encoded character addition in request. > API for search based on username : > **service/xusers/users/userName/{userName}** > API for search based on groupname : > **service/xusers/groups/groupName/{groupName}** > > > Diffs > ----- > > security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java 1441ff5 > security-admin/src/main/webapp/scripts/views/policies/PermissionList.js > 44134af > > Diff: https://reviews.apache.org/r/48898/diff/ > > > Testing > ------- > > **Steps performed(with patch)** > 1. Installed and started Ranger admin and Ranger usersync. > 2. Created a user 'usu+gonzáev' from curl request. > curl -u admin:admin -p -k --header "Accept:application/json" -H > "Content-Type:application/json" -X POST > "http://localhost:6080/service/xusers/secure/users"; -d > '{"groupIdList":null,"status":1,"userRoleList":["ROLE_USER"],"name":"usu+gonzáev","password":"user1234","firstName":"user4","lastName":"user4","emailAddress":""}' > 3. Created a group 'usu+gonzáev' > curl -u admin:admin -p -k --header "Accept:application/json" -H > "Content-Type:application/json" -X POST > "http://localhost:6080/service/xusers/secure/groups"; -d > '{"name":"usu+gonzáev","description":"usu+gonzáev"}' > 4. Logged into Ranger admin and created a knox policy. > 5. Added user 'usu+gonzáev' and group 'usu+gonzáev' in that policy. > 6. Visited edit policy page of above created knox policy. > > **Expected Behavior:** > Edit policy page should load and in user-group permission page user/group > 'usu+gonzáev' should appear. > **Actual Behavior:** > Edit policy page was loaded without any issue and in user-group permission > page user/group 'usu+gonzáev' was appearing. > > > Thanks, > > Pradeep Agrawal > >
