Re: Review Request 50585: Ability to specify 'audit all accesses' via Ranger admin configuration

Abhay Kulkarni Thu, 28 Jul 2016 15:27:42 -0700

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/50585/
-----------------------------------------------------------


(Updated July 28, 2016, 10:21 p.m.)


Review request for ranger and Madhan Neethiraj.


Changes
-------

Added unit tests.


Bugs: RANGER-1129
    https://issues.apache.org/jira/browse/RANGER-1129


Repository: ranger


Description
-------

Currently, Ranger plugins create access audit log only when a policy that 
matches the accessed-resource has audit enabled. This patch adds supports to 
force audit generation, irrespective of existence of a policy with 
audit-enabled.


Diffs (updated)
-----

  
agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngine.java
 360da0c 
  
agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyRepository.java
 be98f3b 
  
agents-common/src/main/java/org/apache/ranger/plugin/util/ServicePolicies.java 
d450af1 
  
agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngine.java
 dd15ff8 
  
agents-common/src/test/resources/policyengine/test_policyengine_hdfs_allaudit.json
 PRE-CREATION 
  
agents-common/src/test/resources/policyengine/test_policyengine_hdfs_noaudit.json
 PRE-CREATION 
  security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 
7947d4b 

Diff: https://reviews.apache.org/r/50585/diff/


Testing
-------

Ran all unit tests successfully.


Thanks,

Abhay Kulkarni

Re: Review Request 50585: Ability to specify 'audit all accesses' via Ranger admin configuration

Reply via email to