Re: Review Request 61692: RANGER-1736 : Good coding practice in Ranger recommended by static code analysis *

[Ankita Sinha]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/61692/#review183576
---


Ship it!




Ship It!

- Ankita Sinha


On Aug. 16, 2017, 2:01 p.m., Fatima Khan wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/61692/
> ---
> 
> (Updated Aug. 16, 2017, 2:01 p.m.)
> 
> 
> Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, 
> Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
> Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1736
> https://issues.apache.org/jira/browse/RANGER-1736
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Good coding practice in Ranger recommended by static code analysis on
> 1.UserMgr.java
> 2.XUserMgr.java
> 3.TestXUserMgr.java
> 4.LdapPolicyMgrUserGroupBuilder.java
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java f27bfc1 
>   security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java 676b1e3 
>   security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java 
> 6e6be72 
>   
> ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapPolicyMgrUserGroupBuilder.java
>  9548ed4 
> 
> 
> Diff: https://reviews.apache.org/r/61692/diff/1/
> 
> 
> Testing
> ---
> 
> 1.Verified when ranger-admin connect to LDAP server than users are 
> synchronised form there they got same role which is specified in 
> usersync-side.
> 2.Verified unix authentication and usersync.
> 3.Junit test was successful
> 
> 
> Thanks,
> 
> Fatima Khan
> 
>

Re: Review Request 61691: RANGER-1736 : Good coding practice in Ranger recommended by static code analysis

[Ankita Sinha]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/61691/#review183575
---


Ship it!




Ship It!

- Ankita Sinha


On Aug. 16, 2017, 2:03 p.m., Fatima Khan wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/61691/
> ---
> 
> (Updated Aug. 16, 2017, 2:03 p.m.)
> 
> 
> Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, 
> Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
> Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1736
> https://issues.apache.org/jira/browse/RANGER-1736
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Good coding practice in Ranger recommended by static code analysis on
> 1.UserMgr.java
> 2.XUserMgr.java
> 3.TestXUserMgr.java
> 4.LdapPolicyMgrUserGroupBuilder.java
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java c1145e7 
>   security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java 5a5335a 
>   security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java 
> 601af14 
>   
> ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapPolicyMgrUserGroupBuilder.java
>  c39cc57 
> 
> 
> Diff: https://reviews.apache.org/r/61691/diff/1/
> 
> 
> Testing
> ---
> 
> 1.Verified when ranger-admin connect to LDAP server than users are 
> synchronised form there they got same role which is specified in 
> usersync-side.
> 2.Verified unix authentication and usersync.
> 3.Junit test was successful
> 
> 
> Thanks,
> 
> Fatima Khan
> 
>

Re: Review Request 61025: Good coding practice in Ranger recommended by static code analysis

[Mehul Parikh]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/61025/#review183569
---


Ship it!




Ship It!

- Mehul Parikh


On July 21, 2017, 12:33 p.m., Ankita Sinha wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/61025/
> ---
> 
> (Updated July 21, 2017, 12:33 p.m.)
> 
> 
> Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, 
> Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
> Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1705
> https://issues.apache.org/jira/browse/RANGER-1705
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Good coding practice in Ranger recommended by static code analysis on
> 1. TestRangerKeyStore.java
> 2. TestServiceREST.java
> 3. RangerSSOAuthenticationFilter.java
> 
> 
> Diffs
> -
> 
>   kms/src/test/java/org/apache/hadoop/crypto/key/kms/TestRangerKeyStore.java 
> c1925f8 
>   
> security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSSOAuthenticationFilter.java
>  b912e7e 
>   security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java 
> 4bb0746 
> 
> 
> Diff: https://reviews.apache.org/r/61025/diff/1/
> 
> 
> Testing
> ---
> 
> 1. Tested SSO Authentication 
> 2. Junit test was successful
> 
> 
> Thanks,
> 
> Ankita Sinha
> 
>

[jira] [Updated] (RANGER-1746) The prompt message is incorrect when test hdfs connection and check 'dfs.ha.namenodes.[nameservice ID]' to be mandatory.

[peng.jianhua (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1746?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

peng.jianhua updated RANGER-1746:
-
Attachment: incorrect prompt.PNG

> The prompt message is incorrect when test hdfs connection and check 
> 'dfs.ha.namenodes.[nameservice ID]' to be mandatory.
> 
>
> Key: RANGER-1746
> URL: https://issues.apache.org/jira/browse/RANGER-1746
> Project: Ranger
>  Issue Type: Bug
>  Components: plugins
>Affects Versions: 1.0.0
>Reporter: peng.jianhua
>Assignee: peng.jianhua
>Priority: Minor
>  Labels: patch
> Attachments: incorrect prompt.PNG
>
>
> The prompt message should be "Value for dfs.ha.namenodes.[nameservice ID] not 
> specified".



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Created] (RANGER-1746) The prompt message is incorrect when test hdfs connection and check 'dfs.ha.namenodes.[nameservice ID]' to be mandatory.

[peng.jianhua (JIRA)]

peng.jianhua created RANGER-1746:


 Summary: The prompt message is incorrect when test hdfs connection 
and check 'dfs.ha.namenodes.[nameservice ID]' to be mandatory.
 Key: RANGER-1746
 URL: https://issues.apache.org/jira/browse/RANGER-1746
 Project: Ranger
  Issue Type: Bug
  Components: plugins
Affects Versions: 1.0.0
Reporter: peng.jianhua
Assignee: peng.jianhua
Priority: Minor


The prompt message should be "Value for dfs.ha.namenodes.[nameservice ID] not 
specified".



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Resolved] (RANGER-1742) Like setup.sh, the set_globals.sh should check whether the user group exists before created user group in security admin.

[Qiang Zhang (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1742?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Qiang Zhang resolved RANGER-1742.
-
   Resolution: Fixed
Fix Version/s: 1.0.0

> Like setup.sh, the set_globals.sh should check whether the user group exists 
> before created user group in security admin.
> -
>
> Key: RANGER-1742
> URL: https://issues.apache.org/jira/browse/RANGER-1742
> Project: Ranger
>  Issue Type: Bug
>  Components: admin
>Affects Versions: 1.0.0, 0.7.1
>Reporter: peng.jianhua
>Assignee: peng.jianhua
>Priority: Minor
>  Labels: patch
> Fix For: 1.0.0
>
> Attachments: 
> 0001-RANGER-1742-Like-setup.sh-the-set_globals.sh-should-.patch
>
>
> Like setup.sh, the set_globals.sh should check whether the user group exists 
> before created user group in security admin.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Resolved] (RANGER-1743) Comment lines have not been filtered out when the populate_global_dict function parsed install.properties in security-admin/scripts/restrict_permissions.py. Like RANGER

[Qiang Zhang (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1743?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Qiang Zhang resolved RANGER-1743.
-
   Resolution: Fixed
Fix Version/s: 1.0.0

> Comment lines have not been filtered out when the populate_global_dict 
> function parsed install.properties in 
> security-admin/scripts/restrict_permissions.py. Like RANGER-1284, we should 
> modify it.
> ---
>
> Key: RANGER-1743
> URL: https://issues.apache.org/jira/browse/RANGER-1743
> Project: Ranger
>  Issue Type: Bug
>  Components: admin
>Affects Versions: 1.0.0, 0.7.1
>Reporter: peng.jianhua
>Assignee: peng.jianhua
>  Labels: patch
> Fix For: 1.0.0
>
> Attachments: 
> 0001-RANGER-1743-Comment-lines-have-not-been-filtered-out.patch
>
>
> Comment lines have not been filtered out when the populate_global_dict 
> function parsed install.properties in 
> security-admin/scripts/restrict_permissions.py. So if we use '#' to comment a 
> line and it includes '=', the comment will not work. On the left of the '=', 
> it will be parsed as a key and the right will be parsed as a value. As a 
> result, there are two problems as follows:
> 1. There are invalid attribute values in globalDict variable.
> 2. Invalid parsing will degrade the performance of program.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Re: Review Request 61771: Comment lines have not been filtered out when the populate_global_dict function parsed install.properties in security-admin/scripts/restrict_permissions.py. Like RANGER-1284,

[pengjianhua]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/61771/
---

(Updated 八月 23, 2017, 1:42 a.m.)


Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O 
hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan 
Neethiraj, Velmurugan Periasamy, and Qiang Zhang.


Bugs: RANGER-1743
https://issues.apache.org/jira/browse/RANGER-1743


Repository: ranger


Description
---

Comment lines have not been filtered out when the populate_global_dict function 
parsed install.properties in security-admin/scripts/restrict_permissions.py. So 
if we use '#' to comment a line and it includes '=', the comment will not work. 
On the left of the '=', it will be parsed as a key and the right will be parsed 
as a value. As a result, there are two problems as follows:
1. There are invalid attribute values in globalDict variable.
2. Invalid parsing will degrade the performance of program.


Diffs
-

  security-admin/scripts/restrict_permissions.py a4998be 


Diff: https://reviews.apache.org/r/61771/diff/1/


Testing
---


Thanks,

pengjianhua

[jira] [Resolved] (RANGER-1741) The initd ran repeatedly when ranger-usersync-services.sh was running

[Qiang Zhang (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1741?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Qiang Zhang resolved RANGER-1741.
-
   Resolution: Fixed
Fix Version/s: 1.0.0

> The initd ran repeatedly when ranger-usersync-services.sh was running
> -
>
> Key: RANGER-1741
> URL: https://issues.apache.org/jira/browse/RANGER-1741
> Project: Ranger
>  Issue Type: Bug
>  Components: usersync
>Affects Versions: 0.7.1
>Reporter: peng.jianhua
>Assignee: peng.jianhua
>  Labels: patch
> Fix For: 1.0.0
>
> Attachments: 
> 0001-RANGER-1741-The-initd-ran-repeatedly-when-ranger-use.patch
>
>
> Compared with the ranger-usersync-services.sh, the initd deals with the logic 
> of pidf is not the same. The result is that the initd will run repeatedly 
> when ranger-usersync-services.sh was running.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Resolved] (RANGER-1740) There is a exception when the ranger_credential_helper.py was executed.

[Qiang Zhang (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1740?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Qiang Zhang resolved RANGER-1740.
-
   Resolution: Fixed
Fix Version/s: 1.0.0

> There is a exception when the ranger_credential_helper.py was executed.
> ---
>
> Key: RANGER-1740
> URL: https://issues.apache.org/jira/browse/RANGER-1740
> Project: Ranger
>  Issue Type: Bug
>  Components: plugins
>Reporter: peng.jianhua
>Assignee: peng.jianhua
>  Labels: patch
> Fix For: 1.0.0
>
> Attachments: 
> 0001-RANGER-1740-There-is-a-exception-when-the-ranger_cre.patch
>
>
> The following exception occured when I executed the 
> ranger_credential_helper.py.
> OSError: [Errno 2] No such file or directory
> Compared with the other installer, It deals with the logic of JAVA_HOME 
> variable is not the same. The ranger_credential_helper.py throws above 
> exception and other programs normally exit when the JAVA_HOME variable equals 
> to empty.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Re: Review Request 61692: RANGER-1736 : Good coding practice in Ranger recommended by static code analysis *

[Sailaja Polavarapu]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/61692/#review183554
---


Ship it!




Ship It!

- Sailaja Polavarapu


On Aug. 16, 2017, 2:01 p.m., Fatima Khan wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/61692/
> ---
> 
> (Updated Aug. 16, 2017, 2:01 p.m.)
> 
> 
> Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, 
> Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
> Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1736
> https://issues.apache.org/jira/browse/RANGER-1736
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Good coding practice in Ranger recommended by static code analysis on
> 1.UserMgr.java
> 2.XUserMgr.java
> 3.TestXUserMgr.java
> 4.LdapPolicyMgrUserGroupBuilder.java
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java f27bfc1 
>   security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java 676b1e3 
>   security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java 
> 6e6be72 
>   
> ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapPolicyMgrUserGroupBuilder.java
>  9548ed4 
> 
> 
> Diff: https://reviews.apache.org/r/61692/diff/1/
> 
> 
> Testing
> ---
> 
> 1.Verified when ranger-admin connect to LDAP server than users are 
> synchronised form there they got same role which is specified in 
> usersync-side.
> 2.Verified unix authentication and usersync.
> 3.Junit test was successful
> 
> 
> Thanks,
> 
> Fatima Khan
> 
>

Re: Review Request 61691: RANGER-1736 : Good coding practice in Ranger recommended by static code analysis

[Sailaja Polavarapu]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/61691/#review183553
---


Ship it!




Ship It!

- Sailaja Polavarapu


On Aug. 16, 2017, 2:03 p.m., Fatima Khan wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/61691/
> ---
> 
> (Updated Aug. 16, 2017, 2:03 p.m.)
> 
> 
> Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, 
> Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
> Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1736
> https://issues.apache.org/jira/browse/RANGER-1736
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Good coding practice in Ranger recommended by static code analysis on
> 1.UserMgr.java
> 2.XUserMgr.java
> 3.TestXUserMgr.java
> 4.LdapPolicyMgrUserGroupBuilder.java
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java c1145e7 
>   security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java 5a5335a 
>   security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java 
> 601af14 
>   
> ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapPolicyMgrUserGroupBuilder.java
>  c39cc57 
> 
> 
> Diff: https://reviews.apache.org/r/61691/diff/1/
> 
> 
> Testing
> ---
> 
> 1.Verified when ranger-admin connect to LDAP server than users are 
> synchronised form there they got same role which is specified in 
> usersync-side.
> 2.Verified unix authentication and usersync.
> 3.Junit test was successful
> 
> 
> Thanks,
> 
> Fatima Khan
> 
>

[jira] [Updated] (RANGER-1632) Users are not sync'd when sAMAccountName is different than CN associated with groups

[Sailaja Polavarapu (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1632?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sailaja Polavarapu updated RANGER-1632:
---
Fix Version/s: 0.7.2

> Users are not sync'd when sAMAccountName is different than CN associated with 
> groups
> 
>
> Key: RANGER-1632
> URL: https://issues.apache.org/jira/browse/RANGER-1632
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger, usersync
>Affects Versions: 0.7.0
>Reporter: Sailaja Polavarapu
>Assignee: Sailaja Polavarapu
> Fix For: 1.0.0, 0.7.2
>
> Attachments: 
> 0001-RANGER-1632-Fixed-issue-where-Users-are-not-sync-d-w.patch, 
> 0001-RANGER-1632-Fixed-issue-where-Users-are-not-sync-d-w.patch
>
>
> When "Enable Group Search First" is true and "Enable User Search" is true, 
> then users are not sync'd to Ranger where CN of the user is different from 
> sAMAccountName.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (RANGER-1632) Users are not sync'd when sAMAccountName is different than CN associated with groups

[Sailaja Polavarapu (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-1632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16137561#comment-16137561
 ] 

Sailaja Polavarapu commented on RANGER-1632:


Committed changes to master and ranger-0.7 branches.

> Users are not sync'd when sAMAccountName is different than CN associated with 
> groups
> 
>
> Key: RANGER-1632
> URL: https://issues.apache.org/jira/browse/RANGER-1632
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger, usersync
>Affects Versions: 0.7.0
>Reporter: Sailaja Polavarapu
>Assignee: Sailaja Polavarapu
> Fix For: 1.0.0
>
> Attachments: 
> 0001-RANGER-1632-Fixed-issue-where-Users-are-not-sync-d-w.patch, 
> 0001-RANGER-1632-Fixed-issue-where-Users-are-not-sync-d-w.patch
>
>
> When "Enable Group Search First" is true and "Enable User Search" is true, 
> then users are not sync'd to Ranger where CN of the user is different from 
> sAMAccountName.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (RANGER-1632) Users are not sync'd when sAMAccountName is different than CN associated with groups

[Sailaja Polavarapu (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1632?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sailaja Polavarapu updated RANGER-1632:
---
Attachment: 0001-RANGER-1632-Fixed-issue-where-Users-are-not-sync-d-w.patch

Made similar changes to ranger-0.7 branch as well

> Users are not sync'd when sAMAccountName is different than CN associated with 
> groups
> 
>
> Key: RANGER-1632
> URL: https://issues.apache.org/jira/browse/RANGER-1632
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger, usersync
>Affects Versions: 0.7.0
>Reporter: Sailaja Polavarapu
>Assignee: Sailaja Polavarapu
> Fix For: 1.0.0
>
> Attachments: 
> 0001-RANGER-1632-Fixed-issue-where-Users-are-not-sync-d-w.patch, 
> 0001-RANGER-1632-Fixed-issue-where-Users-are-not-sync-d-w.patch
>
>
> When "Enable Group Search First" is true and "Enable User Search" is true, 
> then users are not sync'd to Ranger where CN of the user is different from 
> sAMAccountName.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Re: Review Request 61783: created unit test for RANGER-1631

[Ramesh Mani]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/61783/#review183542
---




hive-agent/src/test/java/org/apache/ranger/services/hive/HIVERangerAuthorizerTest.java
Lines 334 (patched)


- I am not able to apply this patch on master. please rebase it to latest 
code and update this review patch.
- Also please remove the unnecessary whitespace in the 
HIVERangerAuthorizerTest.java code which shows up in RED bars in the review.


- Ramesh Mani


On Aug. 21, 2017, 3:04 p.m., Endre Zoltan Kovacs wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/61783/
> ---
> 
> (Updated Aug. 21, 2017, 3:04 p.m.)
> 
> 
> Review request for ranger.
> 
> 
> Bugs: RANGER-1631
> https://issues.apache.org/jira/browse/RANGER-1631
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> added unit test for RANGER-1631
> 
> 
> Diffs
> -
> 
>   
> hive-agent/src/test/java/org/apache/ranger/services/hive/HIVERangerAuthorizerTest.java
>  2c9e9552 
>   hive-agent/src/test/resources/hive-policies.json 41a4e203 
> 
> 
> Diff: https://reviews.apache.org/r/61783/diff/1/
> 
> 
> Testing
> ---
> 
> added unit test to cover use case of: 
> RANGER-1631: create temp function failing with permission issues 
> (2e193e124399cf685c17798b8243e1d62f223315)
> 
> My unit test creates a database test1.
> Creates a UDF for test1.
> Creates a temporary UDF (which is not bound to any database)
> Asserts for the presence of these 2 UDFs.
> 
> The test case includes: 1 Junit test method in 
> hive-agent/src/test/java/org/apache/ranger/services/hive/HIVERangerAuthorizerTest.java
> 
> and a new User called: tom in the policies file:
> hive-agent/src/test/resources/hive-policies.json
> 
> tom has Ranger policies to:
> - create/read/update/delete databases
> - create/read/update/delete UDF on test1 database
> 
> 
> this unit test WILL fail when commit 2e193e124399cf685c17798b8243e1d62f223315 
> is not present / reverted
> (HiveAccessControlException: Permission denied: user [tom] does not have 
> [CREATE] privilege on [tmp])
> , and it will pass when that commit is present.
> 
> 
> To run this test:
> cd ranger/hive-agent
> mvn test -Dtest=HIVERangerAuthorizerTest#testHiveUdfCreateOnWildcardDatabase
> 
> To run this test alongside with its siblings:
> cd ranger/hive-agent
> mvn test -Dtest=HIVERangerAuthorizerTest
> 
> 
> Thanks,
> 
> Endre Zoltan Kovacs
> 
>

Re: Review Request 61809: From the performance and code logic analysis, we should optimize the flush function of HDFSAuditDestination class.

[Don Bosco Durai]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/61809/#review183530
---




agents-audit/src/main/java/org/apache/ranger/audit/destination/HDFSAuditDestination.java
Lines 203 (patched)


Not sure whether moving the logger.info will help in performance 
improvement. Are you using any metrics to see whether this change is really 
improving the performance?

Thanks


- Don Bosco Durai


On Aug. 22, 2017, 3:14 a.m., Qiang Zhang wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/61809/
> ---
> 
> (Updated Aug. 22, 2017, 3:14 a.m.)
> 
> 
> Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O 
> hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan 
> Neethiraj, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1745
> https://issues.apache.org/jira/browse/RANGER-1745
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> From the performance and code logic analysis, we should optimize the flush 
> function of HDFSAuditDestination class. The reason is as following:
> 1. Its logic is not clear. There are duplicate code and repeated judgment.
> 2. Through my tests, in the case of large data, the log io will have a big 
> impact on performance.
> 
> 
> Diffs
> -
> 
>   
> agents-audit/src/main/java/org/apache/ranger/audit/destination/HDFSAuditDestination.java
>  66d8504 
> 
> 
> Diff: https://reviews.apache.org/r/61809/diff/1/
> 
> 
> Testing
> ---
> 
> 
> Thanks,
> 
> Qiang Zhang
> 
>

[jira] [Updated] (RANGER-1697) Update NiFi service def

[Nikhil Purbhe (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1697?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Nikhil Purbhe updated RANGER-1697:
--
Attachment: RANGER-1697.patch

> Update NiFi service def
> ---
>
> Key: RANGER-1697
> URL: https://issues.apache.org/jira/browse/RANGER-1697
> Project: Ranger
>  Issue Type: Improvement
>  Components: plugins
>Reporter: Matt Gilman
>Assignee: Nikhil Purbhe
>Priority: Minor
> Attachments: 0001-RANGER-1697.patch, RANGER-1697.patch
>
>
> Apache NiFi would like to update the service def file to ensure more 
> consistent policy support between NiFi and Ranger. NiFi is in the process of 
> introducing an improved Ranger authorizer that allows the policies to be 
> viewed in NiFi UI for easier, in app, understanding of the policies 
> configured in Ranger UI. This effort is being tracked with this JIRA [1].
> I would like to supply a patch with updates to the NiFi service def file.
> Thanks!
> [1] https://issues.apache.org/jira/browse/NIFI-4032



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (RANGER-1726) Users are not getting deleted when Knox proxy is Enabled.

[Nikhil Purbhe (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1726?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Nikhil Purbhe updated RANGER-1726:
--
Attachment: RANGER-1726_1.patch

> Users are not getting deleted when Knox proxy is Enabled.
> -
>
> Key: RANGER-1726
> URL: https://issues.apache.org/jira/browse/RANGER-1726
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 0.7.1
>Reporter: Nikhil Purbhe
>Assignee: Nikhil Purbhe
> Fix For: 1.0.0, 0.7.2
>
> Attachments: RANGER-1726_1.patch, RANGER-1726.patch
>
>
> Users are not getting deleted when Knoxproxy is enabled
> Steps -
> 1.Enter the knox proxy url- "https://:8443/gateway/ui/ranger/"
> 2.Login to Ranger with admin credentials.
> 3.Go to 'Users/Groups' Page by clicking on 'Users/Groups' button present 
> under 'Settings' tab.
> 4.Click on 'Add New User'.
> 5.Enter the details and click on Save.
> 6.Select the created user from Users page by selecting the checkbox present 
> beside username.
> 7.Click on delete button.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Re: Review Request 61555: RANGER-1726 : Users are not getting deleted when Knox proxy is Enabled.

[Nikhil P]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/61555/
---

(Updated Aug. 22, 2017, 6:55 a.m.)


Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay 
Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, 
Sailaja Polavarapu, and Velmurugan Periasamy.


Changes
---

updated patch with review comment i.e. updated the method name.


Bugs: RANGER-1726
https://issues.apache.org/jira/browse/RANGER-1726


Repository: ranger


Description
---

Users are not getting deleted when Knoxproxy is enabled.
Steps -
1.Enter the knox proxy url- "https://:8443/gateway/ui/ranger/"
2.Login to Ranger with admin credentials.
3.Go to 'Users/Groups' Page by clicking on 'Users/Groups' button present under 
'Settings' tab.
4.Click on 'Add New User'.
5.Enter the details and click on Save.
6.Select the created user from Users page by selecting the checkbox present 
beside username.
7.Click on delete button.


Diffs (updated)
-

  security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java 676b1e3 
  security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java 6e9161e 
  security-admin/src/main/webapp/scripts/model_bases/VXGroupBase.js 96e0946 
  security-admin/src/main/webapp/scripts/model_bases/VXUserBase.js db6d511 
  security-admin/src/main/webapp/scripts/views/users/UserTableLayout.js 8e465d7 


Diff: https://reviews.apache.org/r/61555/diff/2/

Changes: https://reviews.apache.org/r/61555/diff/1-2/


Testing
---

1.Verified if users are getting deleted when knox proxy is enabled.
2.Verified if multiple users are getting deleted at once.
3.Verified if users are getting deleted when knox proxy is disabled.


Thanks,

Nikhil P