Review Request 49634: RANGER-1005: Add command line utility to change Ranger admin default password

Tue, 05 Jul 2016 07:23:54 -0700 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/49634/
-----------------------------------------------------------

Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay 
Kulkarni, Madhan Neethiraj, Mehul Parikh, Ramesh Mani, Selvamohan Neethiraj, 
and Velmurugan Periasamy.


Bugs: RANGER-1005
    https://issues.apache.org/jira/browse/RANGER-1005


Repository: ranger


Description
-------

**Problem Statement:** Ranger admin default password change status need to be 
maintained at Ranger end.

**Proposed Solution:** Ranger admin default password change event status can be 
maintained by making an entry in x_db_version_h table. First request to change 
password won't find entry in x_db_version_h table and will be eligible to 
change the ranger admin default password; However second call shall find the 
status entry in x_db_version_h table and request will not be processed and will 
fail with error message.


Diffs
-----

  security-admin/scripts/db_setup.py 0460efd 

Diff: https://reviews.apache.org/r/49634/diff/


Testing
-------

**Steps Performed(with patch):**
1. Installed ranger-admin from Build having changed of proposed patch.
2. Changed current directory to ranger-admin installation directory.
3. Started ranger-admin and was able to access ranger-admin home page/login 
page by using default password 'admin'
4. Logged out from Ranger-admin UI.
5. Run below given command to change 'admin' user password from 'admin' to 
'admin123'
python db_setup.py -changepassword admin admin admin123.
6. Password change request completed successfully with following message : 
'Ranger admin default password change request processed successfully..'
7. On the login page of ranger-admin entered username 'admin' and password 
'admin123'; clicked on 'Sign In' button to login page.

**Expected Behavior:**
'admin' user should get authenticated successfully and ranger-admin dashboard 
page for 'admin' user should appear.

**Actual Behavior:**
'admin' user was authenticated successfully and after authentication page was 
redirected to ranger-admin dashboard page.

7. Run below given command to change 'admin' user password from 'admin123' to 
'admin12345'
python db_setup.py -changepassword admin admin123 admin12345.

**Expected Behavior:**
Script should skip the change password request as password has been changed 
once. Appropriate message should appear if password has already been changed. 

**Actual Behavior:**
Password change request finished with following message : *'Ranger admin 
default password has already been changed!!'*


Thanks,

Pradeep Agrawal

Reply via email to