[jira] [Commented] (RANGER-1796) Updated masking policy for hive to support for deny/allowException/denyExceptions

[Madhan Neethiraj (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-1796?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16181977#comment-16181977
 ] 

Madhan Neethiraj commented on RANGER-1796:
--

bq.  the case you mentioned can be handled
[~peng.jianhua] - can you add details on how the approach you suggest address 
this use case? 

> Updated masking policy for hive  to support for 
> deny/allowException/denyExceptions
> --
>
> Key: RANGER-1796
> URL: https://issues.apache.org/jira/browse/RANGER-1796
> Project: Ranger
>  Issue Type: New Feature
>  Components: plugins
>Affects Versions: 1.0.0, master
>Reporter: peng.jianhua
>Assignee: peng.jianhua
>  Labels: newbie, patch
> Attachments: 
> 0001-RANGER-1796-Updated-masking-policy-for-hive-to-suppo.patch, 
> masking2.png, usecase-01.png
>
>
> Masking policy for hive  should support for 
> deny/allowException/denyExceptions to meet further business needs. Such as 
> masking policy for hive should support as following scene and so on:
> USER1, USER2 and USER3 belong to the user group GROUPA. Select GROUPA group 
> when created masking policy. The USER1 does not use masking and USER2, USER3 
> need masking.
> We rigorously tested this issue. The test result shows that the feature is ok.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (RANGER-1748) User is unable to update existing policy while importing policy from file

[Pradeep Agrawal (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1748?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Pradeep Agrawal updated RANGER-1748:

Affects Version/s: 1.0.0
   0.7.0

> User is unable to update existing policy while importing policy from file
> -
>
> Key: RANGER-1748
> URL: https://issues.apache.org/jira/browse/RANGER-1748
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 0.7.0, 1.0.0
>Reporter: bhavik patel
>Assignee: bhavik patel
> Fix For: 1.0.0, 0.7.2
>
> Attachments: RANGER-1748-master-01.patch, RANGER-1748-master.patch, 
> RANGER-1748-ranger07-1.patch, RANGER-1748-ranger07.patch
>
>
> Currently if user importing policy from file and if policy already exist then 
> it is't not allowing to update that policy.
> Adding a flag(updateIfExists) in API to update existing policy during import 
> operation.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (RANGER-1748) User is unable to update existing policy while importing policy from file

[Pradeep Agrawal (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1748?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Pradeep Agrawal updated RANGER-1748:

Fix Version/s: 1.0.0

> User is unable to update existing policy while importing policy from file
> -
>
> Key: RANGER-1748
> URL: https://issues.apache.org/jira/browse/RANGER-1748
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: bhavik patel
>Assignee: bhavik patel
> Fix For: 1.0.0, 0.7.2
>
> Attachments: RANGER-1748-master-01.patch, RANGER-1748-master.patch, 
> RANGER-1748-ranger07-1.patch, RANGER-1748-ranger07.patch
>
>
> Currently if user importing policy from file and if policy already exist then 
> it is't not allowing to update that policy.
> Adding a flag(updateIfExists) in API to update existing policy during import 
> operation.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (RANGER-1748) User is unable to update existing policy while importing policy from file

[Pradeep Agrawal (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-1748?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16181962#comment-16181962
 ] 

Pradeep Agrawal commented on RANGER-1748:
-

Committed to master branch: 
https://github.com/apache/ranger/commit/a95606928d372f5214b0b55500408ad66a831bc0
Committed to ranger-0.7 branch: 
https://github.com/apache/ranger/commit/90ed7025d9abfdd98b72349bf54b19957065a5e2

> User is unable to update existing policy while importing policy from file
> -
>
> Key: RANGER-1748
> URL: https://issues.apache.org/jira/browse/RANGER-1748
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: bhavik patel
>Assignee: bhavik patel
> Fix For: 0.7.2
>
> Attachments: RANGER-1748-master-01.patch, RANGER-1748-master.patch, 
> RANGER-1748-ranger07-1.patch, RANGER-1748-ranger07.patch
>
>
> Currently if user importing policy from file and if policy already exist then 
> it is't not allowing to update that policy.
> Adding a flag(updateIfExists) in API to update existing policy during import 
> operation.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Re: Review Request 62611: RANGER-1748 : User is unable to update existing policy while importing policy from file

[Pradeep Agrawal]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62611/#review186372
---


Ship it!




Ship It!

- Pradeep Agrawal


On Sept. 27, 2017, 4:12 a.m., bhavik patel wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62611/
> ---
> 
> (Updated Sept. 27, 2017, 4:12 a.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay 
> Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan 
> Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1748
> https://issues.apache.org/jira/browse/RANGER-1748
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Currently if user importing policy from file and user want's to update any 
> policy for a specific resource which is not allowed.
> 
> For the given resource following rules shall apply:
> 
> If a policy contains one or more resources along with given resource then the 
> policy will not be exported.
> If a policy contains one or more resources along with given resource then the 
> policy will not be deleted from target ranger during import call.
> 
> Note:
> Export policy example URL: 
> http://localhost:6080/service/plugins/policies/exportJson?serviceName=source_hive=employee:database=employee=hive=self_or_ancestor
> Import policy example URL: 
> http://localhost:6080/service/plugins/policies/importPoliciesFromFile?updateIfExists=true=employee
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 
> 5fa114d 
> 
> 
> Diff: https://reviews.apache.org/r/62611/diff/1/
> 
> 
> Testing
> ---
> 
> 1. Verified policies are getting updated while importing from file for 
> specific resource.
> 
> 
> Thanks,
> 
> bhavik patel
> 
>

Re: Review Request 62534: RANGER-1748 : User is unable to update existing policy while importing policy from file

[Pradeep Agrawal]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62534/#review186370
---


Ship it!




Ship It!

- Pradeep Agrawal


On Sept. 27, 2017, 3:52 a.m., bhavik patel wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62534/
> ---
> 
> (Updated Sept. 27, 2017, 3:52 a.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay 
> Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan 
> Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1748
> https://issues.apache.org/jira/browse/RANGER-1748
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Currently if user importing policy from file and user want's to update any 
> policy for a specific resource which is not allowed.
> 
> For the given resource following rules shall apply:
> 
> 1. If a policy contains one or more resources along with given resource then 
> the policy will not be exported.
> 2. If a policy contains one or more resources along with given resource then 
> the policy will not be deleted from target ranger during import call.
> 
> **Note:**
> Export policy example URL: 
> http://localhost:6080/service/plugins/policies/exportJson?serviceName=source_hive=employee:database=employee=hive=self_or_ancestor
> Import policy example URL: 
> http://localhost:6080/service/plugins/policies/importPoliciesFromFile?updateIfExists=true=employee
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 
> f1ce3af 
> 
> 
> Diff: https://reviews.apache.org/r/62534/diff/1/
> 
> 
> Testing
> ---
> 
> 1. Verified policies are getting updated while importing from file for 
> specific resource.
> 
> 
> Thanks,
> 
> bhavik patel
> 
>

Re: Review Request 62534: RANGER-1748 : User is unable to update existing policy while importing policy from file

[bhavik patel]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62534/
---

(Updated Sept. 27, 2017, 3:52 a.m.)


Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay 
Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, 
Sailaja Polavarapu, and Velmurugan Periasamy.


Bugs: RANGER-1748
https://issues.apache.org/jira/browse/RANGER-1748


Repository: ranger


Description
---

Currently if user importing policy from file and user want's to update any 
policy for a specific resource which is not allowed.

For the given resource following rules shall apply:

1. If a policy contains one or more resources along with given resource then 
the policy will not be exported.
2. If a policy contains one or more resources along with given resource then 
the policy will not be deleted from target ranger during import call.

**Note:**
Export policy example URL: 
http://localhost:6080/service/plugins/policies/exportJson?serviceName=source_hive=employee:database=employee=hive=self_or_ancestor
Import policy example URL: 
http://localhost:6080/service/plugins/policies/importPoliciesFromFile?updateIfExists=true=employee


Diffs
-

  security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java f1ce3af 


Diff: https://reviews.apache.org/r/62534/diff/1/


Testing
---

1. Verified policies are getting updated while importing from file for specific 
resource.


Thanks,

bhavik patel

Re: Build Process Apache Ranger

[Ronny Hidayat]

I'm using openjdk version "1.8.0_131", Apache Maven 3.3.9 and linux ubuntu
Thanks.

2017-09-26 15:57 GMT+07.00, Colm O hEigeartaigh :
> What JDK and maven versions are you using by the way (and what OS)?
>
> Colm.
>
> On Tue, Sep 26, 2017 at 7:39 AM, Ronny Hidayat 
> wrote:
>
>> Hi Don Bosco Durai,
>>
>> It work.
>>
>> Thank you very much.
>>
>> 2017-09-26 10:46 GMT+07.00, Don Bosco Durai :
>> > You can try with -DskipTests options.
>> >
>> > Also, there is Docker option to build.
>> >
>> > Bosco
>> >
>> >
>> >
>> > On 9/25/17, 8:30 PM, "Ronny Hidayat"  wrote:
>> >
>> > Hi all,
>> >
>> > I am new in using Apache Ranger plugin.
>> > So I download plugin from https://github.com/apache/ranger.
>> > Then I build using "$ mvn clean compile package install
>> > assembly:assembly" command.
>> > But I get error message like this :
>> >
>> > [INFO] ---
>> > [INFO]  T E S T S
>> > [INFO] ---
>> > [INFO] Running
>> > org.apache.ranger.authorization.kafka.authorizer.
>> KafkaRangerAuthorizerSASLSSLTest
>> > log4j:WARN No appenders could be found for logger
>> > (org.apache.zookeeper.server.ZooKeeperServerMain).
>> > log4j:WARN Please initialize the log4j system properly.
>> > log4j:WARN See
>> > http://logging.apache.org/log4j/1.2/faq.html#noconfig
>> > for more info.
>> > [INFO] Running
>> > org.apache.ranger.authorization.kafka.authorizer.
>> KafkaRangerAuthorizerTest
>> > log4j:WARN No appenders could be found for logger
>> > (org.apache.zookeeper.server.ZooKeeperServerMain).
>> > log4j:WARN Please initialize the log4j system properly.
>> > log4j:WARN See
>> > http://logging.apache.org/log4j/1.2/faq.html#noconfig
>> > for more info.
>> > [INFO] Tests run: 4, Failures: 0, Errors: 0, Skipped: 0, Time
>> elapsed:
>> > 19.1 s - in
>> > org.apache.ranger.authorization.kafka.authorizer.
>> KafkaRangerAuthorizerTest
>> > [INFO] Running
>> > org.apache.ranger.authorization.kafka.authorizer.
>> KafkaRangerAuthorizerGSSTest
>> > log4j:WARN No appenders could be found for logger
>> >
>> > (org.apache.kerby.kerberos.kerb.identity.backend.
>> AbstractIdentityBackend).
>> > log4j:WARN Please initialize the log4j system properly.
>> > log4j:WARN See
>> > http://logging.apache.org/log4j/1.2/faq.html#noconfig
>> > for more info.
>> > [ERROR] Tests run: 2, Failures: 0, Errors: 1, Skipped: 0, Time
>> > elapsed: 12.479 s <<< FAILURE! - in
>> >
>> > org.apache.ranger.authorization.kafka.authorizer.
>> KafkaRangerAuthorizerGSSTest
>> > [ERROR]
>> > testAuthorizedRead(org.apache.ranger.authorization.kafka.authorizer.
>> KafkaRangerAuthorizerGSSTest)
>> >  Time elapsed: 0.728 s  <<< ERROR!
>> > org.apache.kafka.common.errors.TopicAuthorizationException: Not
>> > authorized to access topics: [test]
>> >
>> > [INFO]
>> > [INFO] Results:
>> > [INFO]
>> > [ERROR] Errors:
>> > [ERROR]   KafkaRangerAuthorizerGSSTest.testAuthorizedRead »
>> > TopicAuthorization Not autho...
>> > [INFO]
>> > [ERROR] Tests run: 6, Failures: 0, Errors: 1, Skipped: 0
>> >
>> > How to resolve this problem ?
>> >
>> > Thanks.
>> >
>> >
>> >
>> >
>>
>
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
>

[jira] [Assigned] (RANGER-1802) Here is a error in getStatusResponse() when post data exception for AtlasClient class

[peng.jianhua (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1802?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

peng.jianhua reassigned RANGER-1802:


Assignee: peng.jianhua  (was: Qiang Zhang)

> Here is a error in getStatusResponse() when post data exception for 
> AtlasClient class
> -
>
> Key: RANGER-1802
> URL: https://issues.apache.org/jira/browse/RANGER-1802
> Project: Ranger
>  Issue Type: Bug
>  Components: plugins
>Affects Versions: 1.0.0, master
>Reporter: Qiang Zhang
>Assignee: peng.jianhua
>Priority: Minor
> Attachments: 
> 0001-RANGER-1802-Here-is-a-error-in-getStatusResponse-whe.patch, 
> 0001-RANGER-1802-Here-is-a-error-in-getStatusResponse-whe.patch
>
>
> Here is a error in getStatusResponse() when post data exception for 
> AtlasClient class
> {code}
> try {
>   statusResponse = 
> webResource.type("application/x-www-form-urlencoded").post(ClientResponse.class,
>   formData);
>   } catch (Exception e) {
>   String msgDesc = "Unable to get a valid 
> statusResponse for " + "expected mime type : ["
>   + EXPECTED_MIME_TYPE + "] URL : 
> " + statusUrl + " - got null response.";
>   LOG.error(msgDesc);
>   }
> {code}
> should be
> {code}
> try {
>   statusResponse = 
> webResource.type("application/x-www-form-urlencoded").post(ClientResponse.class,
>   formData);
>   } catch (Exception e) {
>   String msgDesc = "Unable to get a valid 
> statusResponse for " + "expected mime type : 
> [application/x-www-form-urlencoded] URL : " + statusUrl + " - got null 
> response.";
>   LOG.error(msgDesc);
>   }
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (RANGER-1802) Here is a error in getStatusResponse() when post data exception for AtlasClient class

[peng.jianhua (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1802?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

peng.jianhua updated RANGER-1802:
-
Attachment: 0001-RANGER-1802-Here-is-a-error-in-getStatusResponse-whe.patch

> Here is a error in getStatusResponse() when post data exception for 
> AtlasClient class
> -
>
> Key: RANGER-1802
> URL: https://issues.apache.org/jira/browse/RANGER-1802
> Project: Ranger
>  Issue Type: Bug
>  Components: plugins
>Affects Versions: 1.0.0, master
>Reporter: Qiang Zhang
>Assignee: peng.jianhua
>Priority: Minor
> Attachments: 
> 0001-RANGER-1802-Here-is-a-error-in-getStatusResponse-whe.patch, 
> 0001-RANGER-1802-Here-is-a-error-in-getStatusResponse-whe.patch
>
>
> Here is a error in getStatusResponse() when post data exception for 
> AtlasClient class
> {code}
> try {
>   statusResponse = 
> webResource.type("application/x-www-form-urlencoded").post(ClientResponse.class,
>   formData);
>   } catch (Exception e) {
>   String msgDesc = "Unable to get a valid 
> statusResponse for " + "expected mime type : ["
>   + EXPECTED_MIME_TYPE + "] URL : 
> " + statusUrl + " - got null response.";
>   LOG.error(msgDesc);
>   }
> {code}
> should be
> {code}
> try {
>   statusResponse = 
> webResource.type("application/x-www-form-urlencoded").post(ClientResponse.class,
>   formData);
>   } catch (Exception e) {
>   String msgDesc = "Unable to get a valid 
> statusResponse for " + "expected mime type : 
> [application/x-www-form-urlencoded] URL : " + statusUrl + " - got null 
> response.";
>   LOG.error(msgDesc);
>   }
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Re: Review Request 62520: Here is a error in getStatusResponse() when post data exception for AtlasClient class

[pengjianhua]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62520/
---

(Updated 九月 27, 2017, 1:59 a.m.)


Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O 
hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan 
Neethiraj, Velmurugan Periasamy, and Qiang Zhang.


Bugs: RANGER-1802
https://issues.apache.org/jira/browse/RANGER-1802


Repository: ranger


Description
---

Here is a error in getStatusResponse() when post data exception for AtlasClient 
class
{code}
try {
statusResponse = 
webResource.type("application/x-www-form-urlencoded").post(ClientResponse.class,
formData);
} catch (Exception e) {
String msgDesc = "Unable to get a valid 
statusResponse for " + "expected mime type : ["
+ EXPECTED_MIME_TYPE + "] URL : 
" + statusUrl + " - got null response.";
LOG.error(msgDesc);
}
{code}

should be

{code}
try {
statusResponse = 
webResource.type("application/x-www-form-urlencoded").post(ClientResponse.class,
formData);
} catch (Exception e) {
String msgDesc = "Unable to get a valid 
statusResponse for " + "expected mime type : 
[application/x-www-form-urlencoded] URL : " + statusUrl + " - got null 
response.";
LOG.error(msgDesc);
}
{code}


Diffs (updated)
-

  
plugin-atlas/src/main/java/org/apache/ranger/services/atlas/client/AtlasClient.java
 c10da79c 


Diff: https://reviews.apache.org/r/62520/diff/5/

Changes: https://reviews.apache.org/r/62520/diff/4-5/


Testing
---


Thanks,

pengjianhua

Re: Review Request 62520: Here is a error in getStatusResponse() when post data exception for AtlasClient class

[pengjianhua]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62520/
---

(Updated 九月 27, 2017, 1:54 a.m.)


Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O 
hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan 
Neethiraj, Velmurugan Periasamy, and Qiang Zhang.


Bugs: RANGER-1802
https://issues.apache.org/jira/browse/RANGER-1802


Repository: ranger


Description
---

Here is a error in getStatusResponse() when post data exception for AtlasClient 
class
{code}
try {
statusResponse = 
webResource.type("application/x-www-form-urlencoded").post(ClientResponse.class,
formData);
} catch (Exception e) {
String msgDesc = "Unable to get a valid 
statusResponse for " + "expected mime type : ["
+ EXPECTED_MIME_TYPE + "] URL : 
" + statusUrl + " - got null response.";
LOG.error(msgDesc);
}
{code}

should be

{code}
try {
statusResponse = 
webResource.type("application/x-www-form-urlencoded").post(ClientResponse.class,
formData);
} catch (Exception e) {
String msgDesc = "Unable to get a valid 
statusResponse for " + "expected mime type : 
[application/x-www-form-urlencoded] URL : " + statusUrl + " - got null 
response.";
LOG.error(msgDesc);
}
{code}


Diffs (updated)
-

  
plugin-atlas/src/main/java/org/apache/ranger/services/atlas/client/AtlasClient.java
 c10da79c 


Diff: https://reviews.apache.org/r/62520/diff/4/

Changes: https://reviews.apache.org/r/62520/diff/3-4/


Testing
---


Thanks,

pengjianhua

Re: Review Request 62520: Here is a error in getStatusResponse() when post data exception for AtlasClient class

[pengjianhua]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62520/
---

(Updated 九月 27, 2017, 1:49 a.m.)


Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O 
hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan 
Neethiraj, Velmurugan Periasamy, and Qiang Zhang.


Bugs: RANGER-1802
https://issues.apache.org/jira/browse/RANGER-1802


Repository: ranger


Description
---

Here is a error in getStatusResponse() when post data exception for AtlasClient 
class
{code}
try {
statusResponse = 
webResource.type("application/x-www-form-urlencoded").post(ClientResponse.class,
formData);
} catch (Exception e) {
String msgDesc = "Unable to get a valid 
statusResponse for " + "expected mime type : ["
+ EXPECTED_MIME_TYPE + "] URL : 
" + statusUrl + " - got null response.";
LOG.error(msgDesc);
}
{code}

should be

{code}
try {
statusResponse = 
webResource.type("application/x-www-form-urlencoded").post(ClientResponse.class,
formData);
} catch (Exception e) {
String msgDesc = "Unable to get a valid 
statusResponse for " + "expected mime type : 
[application/x-www-form-urlencoded] URL : " + statusUrl + " - got null 
response.";
LOG.error(msgDesc);
}
{code}


Diffs (updated)
-

  
plugin-atlas/src/main/java/org/apache/ranger/services/atlas/client/AtlasClient.java
 c10da79c 


Diff: https://reviews.apache.org/r/62520/diff/3/

Changes: https://reviews.apache.org/r/62520/diff/2-3/


Testing
---


Thanks,

pengjianhua

Re: Review Request 62555: RANGER-1801: group user mapping updates to ranger admin fail when the mapping is already existed in ranger DB

[Alejandro Fernandez]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62555/#review186330
---


Fix it, then Ship it!





security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
Lines 589 (patched)


Small nitpick here, there are 2 spaces after "groupname ="


- Alejandro Fernandez


On Sept. 26, 2017, 8:35 p.m., Sailaja Polavarapu wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62555/
> ---
> 
> (Updated Sept. 26, 2017, 8:35 p.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Gautam Borad, Abhay Kulkarni, Madhan 
> Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
> Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1801
> https://issues.apache.org/jira/browse/RANGER-1801
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Added code to check if the groupname and userid entry is already existing in 
> ranger db before adding or updating the entry.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java 7450302 
>   security-admin/src/main/java/org/apache/ranger/db/XXGroupUserDao.java 
> 1a76d27 
>   
> security-admin/src/main/java/org/apache/ranger/service/XGroupUserService.java 
> d1901d9 
>   security-admin/src/main/resources/META-INF/jpa_named_queries.xml 68548a5 
> 
> 
> Diff: https://reviews.apache.org/r/62555/diff/2/
> 
> 
> Testing
> ---
> 
> 1. Performed some functional tests with delta sync and update group 
> memberships in AD.
> 2. Verified all the existing unit tests are passing.
> 
> 
> Thanks,
> 
> Sailaja Polavarapu
> 
>

Re: Review Request 62555: RANGER-1801: group user mapping updates to ranger admin fail when the mapping is already existed in ranger DB

[Velmurugan Periasamy]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62555/#review186329
---


Ship it!




Ship It!

- Velmurugan Periasamy


On Sept. 26, 2017, 8:35 p.m., Sailaja Polavarapu wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62555/
> ---
> 
> (Updated Sept. 26, 2017, 8:35 p.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Gautam Borad, Abhay Kulkarni, Madhan 
> Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
> Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1801
> https://issues.apache.org/jira/browse/RANGER-1801
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Added code to check if the groupname and userid entry is already existing in 
> ranger db before adding or updating the entry.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java 7450302 
>   security-admin/src/main/java/org/apache/ranger/db/XXGroupUserDao.java 
> 1a76d27 
>   
> security-admin/src/main/java/org/apache/ranger/service/XGroupUserService.java 
> d1901d9 
>   security-admin/src/main/resources/META-INF/jpa_named_queries.xml 68548a5 
> 
> 
> Diff: https://reviews.apache.org/r/62555/diff/2/
> 
> 
> Testing
> ---
> 
> 1. Performed some functional tests with delta sync and update group 
> memberships in AD.
> 2. Verified all the existing unit tests are passing.
> 
> 
> Thanks,
> 
> Sailaja Polavarapu
> 
>

[jira] [Updated] (RANGER-1801) group user mapping updates to ranger admin fail when the mapping is already existed in ranger DB.

[Sailaja Polavarapu (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1801?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sailaja Polavarapu updated RANGER-1801:
---
Attachment: 0001-RANGER-1801-group-user-mapping-updates-to-ranger-adm.patch

Attached the patch for master branch with same changes as ranger-0.7

> group user mapping updates to ranger admin fail when the mapping is already 
> existed in ranger DB.
> -
>
> Key: RANGER-1801
> URL: https://issues.apache.org/jira/browse/RANGER-1801
> Project: Ranger
>  Issue Type: Bug
>  Components: admin, Ranger
>Reporter: Sailaja Polavarapu
>Assignee: Sailaja Polavarapu
> Fix For: 1.0.0, 0.7.2
>
> Attachments: 
> 0001-RANGER-1801-group-user-mapping-updates-to-ranger-adm.patch
>
>
> As part of recent changes for RANGER-1765, db doesn't allow duplicate entries 
> in the x_group_user table. 
> But while adding the entries to x_group_user table, ranger code is not 
> checking if the entry is already existing or not. Because of this the 
> subsequent group membership updates from usersync are failing.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Comment Edited] (RANGER-1801) group user mapping updates to ranger admin fail when the mapping is already existed in ranger DB.

[Sailaja Polavarapu (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-1801?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16181547#comment-16181547
 ] 

Sailaja Polavarapu edited comment on RANGER-1801 at 9/26/17 8:54 PM:
-

Review request available at:
https://reviews.apache.org/r/62555/

This patch is for ranger-0.7 branch.


was (Author: spolavarapu):
Review request available at:
https://reviews.apache.org/r/62555/

> group user mapping updates to ranger admin fail when the mapping is already 
> existed in ranger DB.
> -
>
> Key: RANGER-1801
> URL: https://issues.apache.org/jira/browse/RANGER-1801
> Project: Ranger
>  Issue Type: Bug
>  Components: admin, Ranger
>Reporter: Sailaja Polavarapu
>Assignee: Sailaja Polavarapu
> Fix For: 1.0.0, 0.7.2
>
>
> As part of recent changes for RANGER-1765, db doesn't allow duplicate entries 
> in the x_group_user table. 
> But while adding the entries to x_group_user table, ranger code is not 
> checking if the entry is already existing or not. Because of this the 
> subsequent group membership updates from usersync are failing.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (RANGER-1801) group user mapping updates to ranger admin fail when the mapping is already existed in ranger DB.

[Sailaja Polavarapu (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-1801?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16181547#comment-16181547
 ] 

Sailaja Polavarapu commented on RANGER-1801:


Review request available at:
https://reviews.apache.org/r/62555/

> group user mapping updates to ranger admin fail when the mapping is already 
> existed in ranger DB.
> -
>
> Key: RANGER-1801
> URL: https://issues.apache.org/jira/browse/RANGER-1801
> Project: Ranger
>  Issue Type: Bug
>  Components: admin, Ranger
>Reporter: Sailaja Polavarapu
>Assignee: Sailaja Polavarapu
> Fix For: 1.0.0, 0.7.2
>
>
> As part of recent changes for RANGER-1765, db doesn't allow duplicate entries 
> in the x_group_user table. 
> But while adding the entries to x_group_user table, ranger code is not 
> checking if the entry is already existing or not. Because of this the 
> subsequent group membership updates from usersync are failing.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Re: Review Request 62519: RANGER-1800: Usersync fails to update users and groups during incremental sync with nested groups and group first search enabled

[Alejandro Fernandez]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62519/#review186316
---


Ship it!




Ship It!

- Alejandro Fernandez


On Sept. 22, 2017, 10:43 p.m., Sailaja Polavarapu wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62519/
> ---
> 
> (Updated Sept. 22, 2017, 10:43 p.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Gautam Borad, Abhay Kulkarni, Madhan 
> Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
> Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1800
> https://issues.apache.org/jira/browse/RANGER-1800
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Fixed a minor issue where groups are not properly added to the cache.
> 
> 
> Diffs
> -
> 
>   
> ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapDeltaUserGroupBuilder.java
>  394bde2 
> 
> 
> Diff: https://reviews.apache.org/r/62519/diff/1/
> 
> 
> Testing
> ---
> 
> 1. Successfully ran the unit tests for regressions
> 2. Ran few functional tested with AD as the sync source.
> 
> 
> Thanks,
> 
> Sailaja Polavarapu
> 
>

Re: Review Request 62519: RANGER-1800: Usersync fails to update users and groups during incremental sync with nested groups and group first search enabled

[Velmurugan Periasamy]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62519/#review186314
---


Ship it!




Ship It!

- Velmurugan Periasamy


On Sept. 22, 2017, 10:43 p.m., Sailaja Polavarapu wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62519/
> ---
> 
> (Updated Sept. 22, 2017, 10:43 p.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Gautam Borad, Abhay Kulkarni, Madhan 
> Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
> Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1800
> https://issues.apache.org/jira/browse/RANGER-1800
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Fixed a minor issue where groups are not properly added to the cache.
> 
> 
> Diffs
> -
> 
>   
> ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapDeltaUserGroupBuilder.java
>  394bde2 
> 
> 
> Diff: https://reviews.apache.org/r/62519/diff/1/
> 
> 
> Testing
> ---
> 
> 1. Successfully ran the unit tests for regressions
> 2. Ran few functional tested with AD as the sync source.
> 
> 
> Thanks,
> 
> Sailaja Polavarapu
> 
>

Re: Review Request 62436: RANGER-1779 : last resource gets duplicated during update policy if policy is created through public api rest call

[Alejandro Fernandez]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62436/#review186294
---


Fix it, then Ship it!





security-admin/src/main/java/org/apache/ranger/patch/PatchForNifiResourceUpdateExclude_J10010.java
Lines 43 (patched)


Please add some Javadoc for what this class does.


- Alejandro Fernandez


On Sept. 26, 2017, 4:27 p.m., Nikhil P wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62436/
> ---
> 
> (Updated Sept. 26, 2017, 4:27 p.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay 
> Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan 
> Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1779
> https://issues.apache.org/jira/browse/RANGER-1779
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> 1) create a policy with multiple resource *,default using public api
> 2) go to ranger admin ui and update the policy without any change
> 3) again view the policy.
> Issue:
> default gets duplicated as resource in the policy.
> and even new entry is added in resource map table for the last resource.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 
> da65074 
>   
> security-admin/src/main/java/org/apache/ranger/patch/PatchForNifiResourceUpdateExclude_J10008.java
>  634082c 
>   
> security-admin/src/main/java/org/apache/ranger/patch/PatchForNifiResourceUpdateExclude_J10010.java
>  PRE-CREATION 
> 
> 
> Diff: https://reviews.apache.org/r/62436/diff/3/
> 
> 
> Testing
> ---
> 
> 1)Verified if same resource does not get duplicated during create and update 
> policy.
> 2)Verified if resource duplication does not happen through public API and 
> Public APIv2 as well.
> 3)Verified if policies are getting created with multiple distinct resource.
> 
> 
> Thanks,
> 
> Nikhil P
> 
>

Re: Review Request 62024: RANGER-1756: Handle role related restrictions for users having User role.

[Alejandro Fernandez]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62024/#review186293
---


Fix it, then Ship it!





security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java
Line 358 (original), 367 (patched)


Nitpick here, but should have a space before and after = sign.
Same in line 353 and 382


- Alejandro Fernandez


On Sept. 25, 2017, 5:05 a.m., Nitin Galave wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62024/
> ---
> 
> (Updated Sept. 25, 2017, 5:05 a.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Fatima Khan, Gautam Borad, Mehul 
> Parikh, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1756
> https://issues.apache.org/jira/browse/RANGER-1756
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Handle role related restrictions for users having User role.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java 739ea05 
>   security-admin/src/main/webapp/scripts/utils/XAUtils.js ecf43ad 
> 
> 
> Diff: https://reviews.apache.org/r/62024/diff/3/
> 
> 
> Testing
> ---
> 
> Verified scenario's :
> 1. A user with ROLE_ADMIN able to see users which has USER_ROLE/ADMIN_ROLE.
> 2. A user with ROLE_KEYADMIN able to see users which has 
> USER_ROLE/KEYADMIN_ROLE.
> 3. A user with role ROLE_USER able to see only himself.
> 
> 
> Thanks,
> 
> Nitin Galave
> 
>

Re: Review Request 62398: From the ease of use point of view, Select / Deselect All and other checkbox should be associated in add/edit permissions pop window.

[Alejandro Fernandez]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62398/#review186292
---


Ship it!




Ship It!

- Alejandro Fernandez


On Sept. 21, 2017, 8:47 a.m., pengjianhua wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62398/
> ---
> 
> (Updated Sept. 21, 2017, 8:47 a.m.)
> 
> 
> Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O 
> hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan 
> Neethiraj, Velmurugan Periasamy, and Qiang Zhang.
> 
> 
> Bugs: RANGER-1790
> https://issues.apache.org/jira/browse/RANGER-1790
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> The current logic is as following:
> 1. Other checkbox will be selected when the "Select checkbox" was selected.
> 2. Other checkbox will be deselected when the "Deselect checkbox" was 
> selected.
> 3. The "Select / Deselect All" checkbox was not automatically selected when 
> all checkbox were Selected.
> 4. The "Select / Deselect All" checkbox was not automatically deselected when 
> all checkbox were deselected.
> The right logic should be as following:
> 1. Other checkbox will be selected when the "Select checkbox" was selected.
> 2. Other checkbox will be deselected when the "Deselect checkbox" was 
> selected.
> 3. The "Select / Deselect All" checkbox was automatically selected when all 
> checkbox were Selected.
> 4. The "Select / Deselect All" checkbox was automatically deselected when all 
> checkbox were deselected.
> Please refer to select-all-permissions.png and select-all-permissions-01.png.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/webapp/scripts/views/policies/PermissionList.js 
> 0803945e 
> 
> 
> Diff: https://reviews.apache.org/r/62398/diff/1/
> 
> 
> Testing
> ---
> 
> 
> Thanks,
> 
> pengjianhua
> 
>

Re: Review Request 62490: Updated masking policy for hive to support for deny/allowException/denyExceptions

[Alejandro Fernandez]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62490/#review186290
---


Ship it!




Ship It!

- Alejandro Fernandez


On Sept. 26, 2017, 7:31 a.m., pengjianhua wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62490/
> ---
> 
> (Updated Sept. 26, 2017, 7:31 a.m.)
> 
> 
> Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O 
> hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan 
> Neethiraj, Velmurugan Periasamy, and Qiang Zhang.
> 
> 
> Bugs: RANGER-1796
> https://issues.apache.org/jira/browse/RANGER-1796
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Masking policy for hive should support for deny/allowException/denyExceptions 
> to meet further business needs. Such as masking policy for hive should 
> support as following scene and so on:
> USER1, USER2 and USER3 belong to the user group GROUPA. Select GROUPA group 
> when created masking policy. The USER1 does not use masking and USER2, USER3 
> need masking.
> 
> We rigorously tested this issue. The test result shows that the feature is ok.
> 
> 
> Diffs
> -
> 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java 
> 60daed9 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java
>  0b5fc0e 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyRepository.java
>  067ca04 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java
>  f5d7ad3 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerOptimizedPolicyEvaluator.java
>  47b4921 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerPolicyItemEvaluator.java
>  edbde29 
>   
> security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java 
> 1b6f440 
>   security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 
> da65074 
>   
> security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java
>  f55a103 
>   security-admin/src/main/webapp/scripts/utils/XAUtils.js ecf43ad 
>   security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js 
> 9a8d82d 
> 
> 
> Diff: https://reviews.apache.org/r/62490/diff/2/
> 
> 
> Testing
> ---
> 
> tested it
> 
> 
> Thanks,
> 
> pengjianhua
> 
>

Re: Review Request 62437: RANGER-1779 : last resource gets duplicated during update policy if policy is created through public api rest call

[Nikhil P]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62437/
---

(Updated Sept. 26, 2017, 10:03 p.m.)


Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay 
Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, 
Sailaja Polavarapu, and Velmurugan Periasamy.


Bugs: RANGER-1779
https://issues.apache.org/jira/browse/RANGER-1779


Repository: ranger


Description
---

1) create a policy with multiple resource *,default using public api
2) go to ranger admin ui and update the policy without any change
3) again view the policy.
Issue:
default gets duplicated as resource in the policy.
and even new entry is added in resource map table for the last resource.


Diffs (updated)
-

  security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 
63fdf4f 
  
security-admin/src/main/java/org/apache/ranger/patch/PatchForNifiResourceUpdateExclude_J10008.java
 634082c 
  
security-admin/src/main/java/org/apache/ranger/patch/PatchForNifiResourceUpdateExclude_J10010.java
 PRE-CREATION 


Diff: https://reviews.apache.org/r/62437/diff/3/

Changes: https://reviews.apache.org/r/62437/diff/2-3/


Testing
---

1)Verified if same resource does not get duplicated during create and update 
policy.
2)Verified if resource duplication does not happen through public API and 
Public APIv2 as well.
3)Verified if policies are getting created with multiple distinct resource.


Thanks,

Nikhil P

Re: Review Request 62436: RANGER-1779 : last resource gets duplicated during update policy if policy is created through public api rest call

[Nikhil P]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62436/
---

(Updated Sept. 26, 2017, 9:57 p.m.)


Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay 
Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, 
Sailaja Polavarapu, and Velmurugan Periasamy.


Bugs: RANGER-1779
https://issues.apache.org/jira/browse/RANGER-1779


Repository: ranger


Description
---

1) create a policy with multiple resource *,default using public api
2) go to ranger admin ui and update the policy without any change
3) again view the policy.
Issue:
default gets duplicated as resource in the policy.
and even new entry is added in resource map table for the last resource.


Diffs (updated)
-

  security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 
da65074 
  
security-admin/src/main/java/org/apache/ranger/patch/PatchForNifiResourceUpdateExclude_J10008.java
 634082c 
  
security-admin/src/main/java/org/apache/ranger/patch/PatchForNifiResourceUpdateExclude_J10010.java
 PRE-CREATION 


Diff: https://reviews.apache.org/r/62436/diff/3/

Changes: https://reviews.apache.org/r/62436/diff/2-3/


Testing
---

1)Verified if same resource does not get duplicated during create and update 
policy.
2)Verified if resource duplication does not happen through public API and 
Public APIv2 as well.
3)Verified if policies are getting created with multiple distinct resource.


Thanks,

Nikhil P

Re: Review Request 62538: Good coding practice in Ranger recommended by static code analysis

[Velmurugan Periasamy]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62538/#review186271
---


Ship it!




Ship It!

- Velmurugan Periasamy


On Sept. 26, 2017, 1:39 p.m., Fatima Khan wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62538/
> ---
> 
> (Updated Sept. 26, 2017, 1:39 p.m.)
> 
> 
> Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, 
> Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
> Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1806
> https://issues.apache.org/jira/browse/RANGER-1806
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Good coding practice in Ranger recommended by static code analysis on
> 1.RoleBasedUserSearchUtil.java
> 2.TestRoleBasedUserSearchUtil.java
> 
> 
> Diffs
> -
> 
>   
> security-admin/src/main/java/org/apache/ranger/patch/cliutil/RoleBasedUserSearchUtil.java
>  0459be6 
>   
> security-admin/src/test/java/org/apache/ranger/patch/cliutil/TestRoleBasedUserSearchUtil.java
>  83eab7a 
> 
> 
> Diff: https://reviews.apache.org/r/62538/diff/2/
> 
> 
> Testing
> ---
> 
> 1.Tested SSO Authentication
> 2.Junit test was successful
> 
> 
> Thanks,
> 
> Fatima Khan
> 
>

Re: Review Request 62024: RANGER-1756: Handle role related restrictions for users having User role.

[Velmurugan Periasamy]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62024/#review186269
---


Ship it!




Ship It!

- Velmurugan Periasamy


On Sept. 25, 2017, 5:05 a.m., Nitin Galave wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62024/
> ---
> 
> (Updated Sept. 25, 2017, 5:05 a.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Fatima Khan, Gautam Borad, Mehul 
> Parikh, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1756
> https://issues.apache.org/jira/browse/RANGER-1756
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Handle role related restrictions for users having User role.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java 739ea05 
>   security-admin/src/main/webapp/scripts/utils/XAUtils.js ecf43ad 
> 
> 
> Diff: https://reviews.apache.org/r/62024/diff/3/
> 
> 
> Testing
> ---
> 
> Verified scenario's :
> 1. A user with ROLE_ADMIN able to see users which has USER_ROLE/ADMIN_ROLE.
> 2. A user with ROLE_KEYADMIN able to see users which has 
> USER_ROLE/KEYADMIN_ROLE.
> 3. A user with role ROLE_USER able to see only himself.
> 
> 
> Thanks,
> 
> Nitin Galave
> 
>

Re: Review Request 62538: Good coding practice in Ranger recommended by static code analysis

[Fatima Khan]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62538/
---

(Updated Sept. 26, 2017, 1:39 p.m.)


Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, 
Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
Polavarapu, and Velmurugan Periasamy.


Changes
---

Update rr based on Colm's review comment


Bugs: RANGER-1806
https://issues.apache.org/jira/browse/RANGER-1806


Repository: ranger


Description
---

Good coding practice in Ranger recommended by static code analysis on
1.RoleBasedUserSearchUtil.java
2.TestRoleBasedUserSearchUtil.java


Diffs (updated)
-

  
security-admin/src/main/java/org/apache/ranger/patch/cliutil/RoleBasedUserSearchUtil.java
 0459be6 
  
security-admin/src/test/java/org/apache/ranger/patch/cliutil/TestRoleBasedUserSearchUtil.java
 83eab7a 


Diff: https://reviews.apache.org/r/62538/diff/2/

Changes: https://reviews.apache.org/r/62538/diff/1-2/


Testing
---

1.Tested SSO Authentication
2.Junit test was successful


Thanks,

Fatima Khan

[jira] [Updated] (RANGER-1806) Good coding practice in Ranger recommended by static code analysis

[Fatima Amjad Khan (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1806?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Fatima Amjad Khan updated RANGER-1806:
--
Attachment: 0001-RANGER-1806-v1.patch

> Good coding practice in Ranger recommended by static code analysis
> --
>
> Key: RANGER-1806
> URL: https://issues.apache.org/jira/browse/RANGER-1806
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: master, 0.7.1
>Reporter: Fatima Amjad Khan
>Assignee: Fatima Amjad Khan
> Fix For: master, 0.7.1
>
> Attachments: 0001-RANGER-1806.patch, 0001-RANGER-1806-v1.patch
>
>
> Good coding practice in Ranger recommended by static code analysis on the 
> last commit made.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Re: Review Request 62538: Good coding practice in Ranger recommended by static code analysis

[Fatima Khan]

> On Sept. 25, 2017, 2:08 p.m., Colm O hEigeartaigh wrote:
> > Why not just change the existing for loops to use 
> > "roleSysAdminMap.entrySet()" instead of adding an Iterator?
> 
> Fatima Khan wrote:
> In coverity scan, we had got FB.WMI_WRONG_MAP_ITERATOR issue. To solve 
> this i used roleSysAdminMap.entrySet(), if we use Iterator, then we might get 
> the same coverity issue.
> 
> Colm O hEigeartaigh wrote:
> I don't understand, the diff for this issue shows Iterator being used and 
> not entrySet?

Apologies I will update the patch and review request.


- Fatima


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62538/#review186118
---


On Sept. 25, 2017, 10:44 a.m., Fatima Khan wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62538/
> ---
> 
> (Updated Sept. 25, 2017, 10:44 a.m.)
> 
> 
> Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, 
> Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
> Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1806
> https://issues.apache.org/jira/browse/RANGER-1806
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Good coding practice in Ranger recommended by static code analysis on
> 1.RoleBasedUserSearchUtil.java
> 2.TestRoleBasedUserSearchUtil.java
> 
> 
> Diffs
> -
> 
>   
> security-admin/src/main/java/org/apache/ranger/patch/cliutil/RoleBasedUserSearchUtil.java
>  0459be6 
>   
> security-admin/src/test/java/org/apache/ranger/patch/cliutil/TestRoleBasedUserSearchUtil.java
>  83eab7a 
> 
> 
> Diff: https://reviews.apache.org/r/62538/diff/1/
> 
> 
> Testing
> ---
> 
> 1.Tested SSO Authentication
> 2.Junit test was successful
> 
> 
> Thanks,
> 
> Fatima Khan
> 
>

Re: Review Request 62538: Good coding practice in Ranger recommended by static code analysis

[Colm O hEigeartaigh]

> On Sept. 25, 2017, 2:08 p.m., Colm O hEigeartaigh wrote:
> > Why not just change the existing for loops to use 
> > "roleSysAdminMap.entrySet()" instead of adding an Iterator?
> 
> Fatima Khan wrote:
> In coverity scan, we had got FB.WMI_WRONG_MAP_ITERATOR issue. To solve 
> this i used roleSysAdminMap.entrySet(), if we use Iterator, then we might get 
> the same coverity issue.

I don't understand, the diff for this issue shows Iterator being used and not 
entrySet?


- Colm


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62538/#review186118
---


On Sept. 25, 2017, 10:44 a.m., Fatima Khan wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62538/
> ---
> 
> (Updated Sept. 25, 2017, 10:44 a.m.)
> 
> 
> Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, 
> Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
> Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1806
> https://issues.apache.org/jira/browse/RANGER-1806
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Good coding practice in Ranger recommended by static code analysis on
> 1.RoleBasedUserSearchUtil.java
> 2.TestRoleBasedUserSearchUtil.java
> 
> 
> Diffs
> -
> 
>   
> security-admin/src/main/java/org/apache/ranger/patch/cliutil/RoleBasedUserSearchUtil.java
>  0459be6 
>   
> security-admin/src/test/java/org/apache/ranger/patch/cliutil/TestRoleBasedUserSearchUtil.java
>  83eab7a 
> 
> 
> Diff: https://reviews.apache.org/r/62538/diff/1/
> 
> 
> Testing
> ---
> 
> 1.Tested SSO Authentication
> 2.Junit test was successful
> 
> 
> Thanks,
> 
> Fatima Khan
> 
>

Re: Review Request 62538: Good coding practice in Ranger recommended by static code analysis

[Fatima Khan]

> On Sept. 25, 2017, 2:08 p.m., Colm O hEigeartaigh wrote:
> > Why not just change the existing for loops to use 
> > "roleSysAdminMap.entrySet()" instead of adding an Iterator?

In coverity scan, we had got FB.WMI_WRONG_MAP_ITERATOR issue. To solve this i 
used roleSysAdminMap.entrySet(), if we use Iterator, then we might get the same 
coverity issue.


- Fatima


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62538/#review186118
---


On Sept. 25, 2017, 10:44 a.m., Fatima Khan wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62538/
> ---
> 
> (Updated Sept. 25, 2017, 10:44 a.m.)
> 
> 
> Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, 
> Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
> Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1806
> https://issues.apache.org/jira/browse/RANGER-1806
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Good coding practice in Ranger recommended by static code analysis on
> 1.RoleBasedUserSearchUtil.java
> 2.TestRoleBasedUserSearchUtil.java
> 
> 
> Diffs
> -
> 
>   
> security-admin/src/main/java/org/apache/ranger/patch/cliutil/RoleBasedUserSearchUtil.java
>  0459be6 
>   
> security-admin/src/test/java/org/apache/ranger/patch/cliutil/TestRoleBasedUserSearchUtil.java
>  83eab7a 
> 
> 
> Diff: https://reviews.apache.org/r/62538/diff/1/
> 
> 
> Testing
> ---
> 
> 1.Tested SSO Authentication
> 2.Junit test was successful
> 
> 
> Thanks,
> 
> Fatima Khan
> 
>

Re: Review Request 62398: From the ease of use point of view, Select / Deselect All and other checkbox should be associated in add/edit permissions pop window.

[Qiang Zhang]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62398/#review186236
---


Ship it!




Ship It!

- Qiang Zhang


On 九月 21, 2017, 8:47 a.m., pengjianhua wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62398/
> ---
> 
> (Updated 九月 21, 2017, 8:47 a.m.)
> 
> 
> Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O 
> hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan 
> Neethiraj, Velmurugan Periasamy, and Qiang Zhang.
> 
> 
> Bugs: RANGER-1790
> https://issues.apache.org/jira/browse/RANGER-1790
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> The current logic is as following:
> 1. Other checkbox will be selected when the "Select checkbox" was selected.
> 2. Other checkbox will be deselected when the "Deselect checkbox" was 
> selected.
> 3. The "Select / Deselect All" checkbox was not automatically selected when 
> all checkbox were Selected.
> 4. The "Select / Deselect All" checkbox was not automatically deselected when 
> all checkbox were deselected.
> The right logic should be as following:
> 1. Other checkbox will be selected when the "Select checkbox" was selected.
> 2. Other checkbox will be deselected when the "Deselect checkbox" was 
> selected.
> 3. The "Select / Deselect All" checkbox was automatically selected when all 
> checkbox were Selected.
> 4. The "Select / Deselect All" checkbox was automatically deselected when all 
> checkbox were deselected.
> Please refer to select-all-permissions.png and select-all-permissions-01.png.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/webapp/scripts/views/policies/PermissionList.js 
> 0803945e 
> 
> 
> Diff: https://reviews.apache.org/r/62398/diff/1/
> 
> 
> Testing
> ---
> 
> 
> Thanks,
> 
> pengjianhua
> 
>

Review Request 62567: RANGER-1727 : Ranger allows user to change an external user's password with 'null' old password

[Fatima Khan]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62567/
---

Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, 
Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
Polavarapu, and Velmurugan Periasamy.


Bugs: RANGER-1727
https://issues.apache.org/jira/browse/RANGER-1727


Repository: ranger


Description
---

Ranger allows user to change an external user's password with 'null' old 
password


Diffs
-

  security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java cc81029 
  security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java 447aebb 
  security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java d0fb3dc 


Diff: https://reviews.apache.org/r/62567/diff/1/


Testing
---

1.External user is not able to change the password using ranger Api's (same as 
ui).
2.Verified all the existing unit tests are passing.
3.Verified password change feature for internal users.


Thanks,

Fatima Khan

Re: Review Request 62503: RANGER-1799 - Knox Ranger test coverity fixes

[Qiang Zhang]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62503/#review186233
---


Ship it!




Ship It!

- Qiang Zhang


On 九月 22, 2017, 11:53 a.m., Colm O hEigeartaigh wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62503/
> ---
> 
> (Updated 九月 22, 2017, 11:53 a.m.)
> 
> 
> Review request for ranger.
> 
> 
> Bugs: RANGER-1799
> https://issues.apache.org/jira/browse/RANGER-1799
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Some fixes as flagged by coverity for the Knox tests.
> 
> 
> Diffs
> -
> 
>   
> knox-agent/src/test/java/org/apache/ranger/services/knox/KnoxRangerTest.java 
> deae6840 
>   
> knox-agent/src/test/java/org/apache/ranger/services/knox/RangerAdminClientImpl.java
>  6ce6979f 
> 
> 
> Diff: https://reviews.apache.org/r/62503/diff/1/
> 
> 
> Testing
> ---
> 
> 
> Thanks,
> 
> Colm O hEigeartaigh
> 
>

[jira] [Updated] (RANGER-1727) Ranger allows user to change an external user's password with 'null' old password

[Fatima Amjad Khan (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1727?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Fatima Amjad Khan updated RANGER-1727:
--
Attachment: 0001-RANGER-1727-V1.patch

> Ranger allows user to change an external user's password with 'null' old 
> password
> -
>
> Key: RANGER-1727
> URL: https://issues.apache.org/jira/browse/RANGER-1727
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Pradeep Agrawal
>Assignee: Fatima Amjad Khan
> Fix For: 1.0.0
>
> Attachments: 0001-RANGER-1727.patch, 0001-RANGER-1727-V1.patch
>
>




--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (RANGER-1727) Ranger allows user to change an external user's password with 'null' old password

[Fatima Amjad Khan (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1727?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Fatima Amjad Khan updated RANGER-1727:
--
Attachment: (was: 0001-RANGER-1727-V1.patch)

> Ranger allows user to change an external user's password with 'null' old 
> password
> -
>
> Key: RANGER-1727
> URL: https://issues.apache.org/jira/browse/RANGER-1727
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Pradeep Agrawal
>Assignee: Fatima Amjad Khan
> Fix For: 1.0.0
>
> Attachments: 0001-RANGER-1727.patch, 0001-RANGER-1727-V1.patch
>
>




--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Resolved] (RANGER-1803) Json may be analysis a null value at tests[] for test_resourcematcher_default.json

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1803?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh resolved RANGER-1803.
-
Resolution: Fixed

> Json may be analysis a null value at tests[] for 
> test_resourcematcher_default.json
> --
>
> Key: RANGER-1803
> URL: https://issues.apache.org/jira/browse/RANGER-1803
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: WangYuan
>Assignee: WangYuan
>Priority: Minor
> Fix For: 1.0.0
>
> Attachments: 
> 0001-RANGER-1803-Json-may-be-analysis-a-null-value-at-tes.patch
>
>
> For test_resourcematcher_default.json, there is one more comma at last line.
> I think the comma in end line should be deleled,otherwise may be analysis a 
> null value.
> For example:
> {code}
> "tests":[
>   { "name":"all-lower","input":"simple", "result":true},
> ... ...
> ... ...
>   { "name":"invalid-mixed-case-wild","input":"OtHeR-SiMpLe", 
> "result":false},
>###{ "name":"invalid-mixed-case-wild","input":"OtHeR-SiMpLe", 
> "result":false}
>   ]
> {code}
> {code}
> "tests":[
>   { "name":"all-lower","input":"simple", "result":true},
> ... ...
> ... ...
>   { "name":"invalid-mixed-case","input":"oThEr-StRiNg", 
> "result":false},
> ###{ "name":"invalid-mixed-case","input":"oThEr-StRiNg", 
> "result":false}
>   ]
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Resolved] (RANGER-1804) The exception information is error when judge password for RangerKeyStoreProvider class

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1804?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh resolved RANGER-1804.
-
Resolution: Fixed

> The exception information is error when judge password for 
> RangerKeyStoreProvider class
> ---
>
> Key: RANGER-1804
> URL: https://issues.apache.org/jira/browse/RANGER-1804
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: WangYuan
>Assignee: WangYuan
>Priority: Minor
> Fix For: 1.0.0
>
> Attachments: 
> 0001-RANGER-1804-The-exception-information-is-error-when-.patch
>
>
> The exception information is error when judge password for 
> RangerKeyStoreProvider class
> I think it should throw the password is error instead of throw master key not 
> exists.
> {code}
> String password = conf.get(ENCRYPTION_KEY);
>   if(password == null || password.trim().equals("") || 
> password.trim().equals("_") || password.trim().equals("crypted")){
>   throw new IOException("Master Key Jceks does not 
> exists");
>   }
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (RANGER-1803) Json may be analysis a null value at tests[] for test_resourcematcher_default.json

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1803?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated RANGER-1803:

Fix Version/s: 1.0.0

> Json may be analysis a null value at tests[] for 
> test_resourcematcher_default.json
> --
>
> Key: RANGER-1803
> URL: https://issues.apache.org/jira/browse/RANGER-1803
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: WangYuan
>Assignee: WangYuan
>Priority: Minor
> Fix For: 1.0.0
>
> Attachments: 
> 0001-RANGER-1803-Json-may-be-analysis-a-null-value-at-tes.patch
>
>
> For test_resourcematcher_default.json, there is one more comma at last line.
> I think the comma in end line should be deleled,otherwise may be analysis a 
> null value.
> For example:
> {code}
> "tests":[
>   { "name":"all-lower","input":"simple", "result":true},
> ... ...
> ... ...
>   { "name":"invalid-mixed-case-wild","input":"OtHeR-SiMpLe", 
> "result":false},
>###{ "name":"invalid-mixed-case-wild","input":"OtHeR-SiMpLe", 
> "result":false}
>   ]
> {code}
> {code}
> "tests":[
>   { "name":"all-lower","input":"simple", "result":true},
> ... ...
> ... ...
>   { "name":"invalid-mixed-case","input":"oThEr-StRiNg", 
> "result":false},
> ###{ "name":"invalid-mixed-case","input":"oThEr-StRiNg", 
> "result":false}
>   ]
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (RANGER-1804) The exception information is error when judge password for RangerKeyStoreProvider class

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1804?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated RANGER-1804:

Fix Version/s: 1.0.0

> The exception information is error when judge password for 
> RangerKeyStoreProvider class
> ---
>
> Key: RANGER-1804
> URL: https://issues.apache.org/jira/browse/RANGER-1804
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: WangYuan
>Assignee: WangYuan
>Priority: Minor
> Fix For: 1.0.0
>
> Attachments: 
> 0001-RANGER-1804-The-exception-information-is-error-when-.patch
>
>
> The exception information is error when judge password for 
> RangerKeyStoreProvider class
> I think it should throw the password is error instead of throw master key not 
> exists.
> {code}
> String password = conf.get(ENCRYPTION_KEY);
>   if(password == null || password.trim().equals("") || 
> password.trim().equals("_") || password.trim().equals("crypted")){
>   throw new IOException("Master Key Jceks does not 
> exists");
>   }
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Re: Review Request 62522: The exception information is error when judge password for RangerKeyStoreProvider class

[Colm O hEigeartaigh]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62522/#review186231
---


Ship it!




Ship It!

- Colm O hEigeartaigh


On Sept. 26, 2017, 7:35 a.m., wang yuan wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62522/
> ---
> 
> (Updated Sept. 26, 2017, 7:35 a.m.)
> 
> 
> Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O 
> hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan 
> Neethiraj, Velmurugan Periasamy, and Qiang Zhang.
> 
> 
> Bugs: RANGER-1804
> https://issues.apache.org/jira/browse/RANGER-1804
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> The exception information is error when judge password for 
> RangerKeyStoreProvider class
> I think it should throw the password is error instead of throw master key not 
> exists.
> {code}
> String password = conf.get(ENCRYPTION_KEY);
>   if(password == null || password.trim().equals("") || 
> password.trim().equals("_") || password.trim().equals("crypted")){
>   throw new IOException("Master Key Jceks does not 
> exists");
>   }
> {code}
> 
> 
> Diffs
> -
> 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
> 267fcf08 
> 
> 
> Diff: https://reviews.apache.org/r/62522/diff/4/
> 
> 
> Testing
> ---
> 
> 
> Thanks,
> 
> wang yuan
> 
>

Re: Review Request 62521: Json may be analysis a null value at tests[] for test_resourcematcher_default.json

[Colm O hEigeartaigh]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62521/#review186230
---


Ship it!




Ship It!

- Colm O hEigeartaigh


On Sept. 25, 2017, 7:15 a.m., wang yuan wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62521/
> ---
> 
> (Updated Sept. 25, 2017, 7:15 a.m.)
> 
> 
> Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O 
> hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan 
> Neethiraj, Velmurugan Periasamy, and Qiang Zhang.
> 
> 
> Bugs: RANGER-1803
> https://issues.apache.org/jira/browse/RANGER-1803
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> For test_resourcematcher_default.json, there is one more comma at last line.
> I think the comma in end line should be deleled,otherwise may be analysis a 
> null value.
> For example:
> "tests":[
>   { "name":"all-lower","input":"simple", "result":true},
> ... ...
> ... ...
>   { "name":"invalid-mixed-case-wild","input":"OtHeR-SiMpLe", 
> "result":false},
>###{ "name":"invalid-mixed-case-wild","input":"OtHeR-SiMpLe", 
> "result":false}
>   ]
> "tests":[
>   { "name":"all-lower","input":"simple", "result":true},
> ... ...
> ... ...
>   { "name":"invalid-mixed-case","input":"oThEr-StRiNg", 
> "result":false},
> ###{ "name":"invalid-mixed-case","input":"oThEr-StRiNg", 
> "result":false}
>   ]
> 
> 
> Diffs
> -
> 
>   
> agents-common/src/test/resources/resourcematcher/test_resourcematcher_default.json
>  50b4cc32 
> 
> 
> Diff: https://reviews.apache.org/r/62521/diff/2/
> 
> 
> Testing
> ---
> 
> 
> Thanks,
> 
> wang yuan
> 
>

[jira] [Updated] (RANGER-1727) Ranger allows user to change an external user's password with 'null' old password

[Fatima Amjad Khan (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1727?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Fatima Amjad Khan updated RANGER-1727:
--
Attachment: 0001-RANGER-1727-V1.patch

> Ranger allows user to change an external user's password with 'null' old 
> password
> -
>
> Key: RANGER-1727
> URL: https://issues.apache.org/jira/browse/RANGER-1727
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Pradeep Agrawal
>Assignee: Fatima Amjad Khan
> Fix For: 1.0.0
>
> Attachments: 0001-RANGER-1727.patch, 0001-RANGER-1727-V1.patch
>
>




--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Created] (RANGER-1810) Ranger supports plugin to enable, monitor and manage apache Sqoop2

[Qiang Zhang (JIRA)]

Qiang Zhang created RANGER-1810:
---

 Summary: Ranger supports plugin to enable, monitor and manage 
apache Sqoop2
 Key: RANGER-1810
 URL: https://issues.apache.org/jira/browse/RANGER-1810
 Project: Ranger
  Issue Type: New Feature
  Components: plugins
Affects Versions: 1.0.0, master
Reporter: Qiang Zhang
Assignee: Qiang Zhang


Apache Sqoop2 is a tool designed for efficiently transferring data betweeen 
structured, semi-structured and unstructured data sources. Relational databases 
are examples of structured data sources with well defined schema for the data 
they store. Cassandra, Hbase are examples of semi-structured data sources and 
HDFS is an example of unstructured data source that Sqoop can support.

Ranger should support plugin to enable, monitor and manage apache Sqoop2



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (RANGER-1796) Updated masking policy for hive to support for deny/allowException/denyExceptions

[peng.jianhua (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-1796?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16180513#comment-16180513
 ] 

peng.jianhua commented on RANGER-1796:
--

Hi [~madhan.neethiraj], the case you mentioned can be handled. The feature will 
not affect the existing function, it is the enhancement and improvement for the 
existing function.  These existing functions have no effect after joined this 
issue. It allows Ranger to support features that were not previously supported.

> Updated masking policy for hive  to support for 
> deny/allowException/denyExceptions
> --
>
> Key: RANGER-1796
> URL: https://issues.apache.org/jira/browse/RANGER-1796
> Project: Ranger
>  Issue Type: New Feature
>  Components: plugins
>Affects Versions: 1.0.0, master
>Reporter: peng.jianhua
>Assignee: peng.jianhua
>  Labels: newbie, patch
> Attachments: 
> 0001-RANGER-1796-Updated-masking-policy-for-hive-to-suppo.patch, 
> masking2.png, usecase-01.png
>
>
> Masking policy for hive  should support for 
> deny/allowException/denyExceptions to meet further business needs. Such as 
> masking policy for hive should support as following scene and so on:
> USER1, USER2 and USER3 belong to the user group GROUPA. Select GROUPA group 
> when created masking policy. The USER1 does not use masking and USER2, USER3 
> need masking.
> We rigorously tested this issue. The test result shows that the feature is ok.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Re: Build Process Apache Ranger

[Colm O hEigeartaigh]

What JDK and maven versions are you using by the way (and what OS)?

Colm.

On Tue, Sep 26, 2017 at 7:39 AM, Ronny Hidayat 
wrote:

> Hi Don Bosco Durai,
>
> It work.
>
> Thank you very much.
>
> 2017-09-26 10:46 GMT+07.00, Don Bosco Durai :
> > You can try with -DskipTests options.
> >
> > Also, there is Docker option to build.
> >
> > Bosco
> >
> >
> >
> > On 9/25/17, 8:30 PM, "Ronny Hidayat"  wrote:
> >
> > Hi all,
> >
> > I am new in using Apache Ranger plugin.
> > So I download plugin from https://github.com/apache/ranger.
> > Then I build using "$ mvn clean compile package install
> > assembly:assembly" command.
> > But I get error message like this :
> >
> > [INFO] ---
> > [INFO]  T E S T S
> > [INFO] ---
> > [INFO] Running
> > org.apache.ranger.authorization.kafka.authorizer.
> KafkaRangerAuthorizerSASLSSLTest
> > log4j:WARN No appenders could be found for logger
> > (org.apache.zookeeper.server.ZooKeeperServerMain).
> > log4j:WARN Please initialize the log4j system properly.
> > log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig
> > for more info.
> > [INFO] Running
> > org.apache.ranger.authorization.kafka.authorizer.
> KafkaRangerAuthorizerTest
> > log4j:WARN No appenders could be found for logger
> > (org.apache.zookeeper.server.ZooKeeperServerMain).
> > log4j:WARN Please initialize the log4j system properly.
> > log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig
> > for more info.
> > [INFO] Tests run: 4, Failures: 0, Errors: 0, Skipped: 0, Time
> elapsed:
> > 19.1 s - in
> > org.apache.ranger.authorization.kafka.authorizer.
> KafkaRangerAuthorizerTest
> > [INFO] Running
> > org.apache.ranger.authorization.kafka.authorizer.
> KafkaRangerAuthorizerGSSTest
> > log4j:WARN No appenders could be found for logger
> >
> > (org.apache.kerby.kerberos.kerb.identity.backend.
> AbstractIdentityBackend).
> > log4j:WARN Please initialize the log4j system properly.
> > log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig
> > for more info.
> > [ERROR] Tests run: 2, Failures: 0, Errors: 1, Skipped: 0, Time
> > elapsed: 12.479 s <<< FAILURE! - in
> >
> > org.apache.ranger.authorization.kafka.authorizer.
> KafkaRangerAuthorizerGSSTest
> > [ERROR]
> > testAuthorizedRead(org.apache.ranger.authorization.kafka.authorizer.
> KafkaRangerAuthorizerGSSTest)
> >  Time elapsed: 0.728 s  <<< ERROR!
> > org.apache.kafka.common.errors.TopicAuthorizationException: Not
> > authorized to access topics: [test]
> >
> > [INFO]
> > [INFO] Results:
> > [INFO]
> > [ERROR] Errors:
> > [ERROR]   KafkaRangerAuthorizerGSSTest.testAuthorizedRead »
> > TopicAuthorization Not autho...
> > [INFO]
> > [ERROR] Tests run: 6, Failures: 0, Errors: 1, Skipped: 0
> >
> > How to resolve this problem ?
> >
> > Thanks.
> >
> >
> >
> >
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

[jira] [Updated] (RANGER-1804) The exception information is error when judge password for RangerKeyStoreProvider class

[WangYuan (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1804?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

WangYuan updated RANGER-1804:
-
Attachment: 0001-RANGER-1804-The-exception-information-is-error-when-.patch

> The exception information is error when judge password for 
> RangerKeyStoreProvider class
> ---
>
> Key: RANGER-1804
> URL: https://issues.apache.org/jira/browse/RANGER-1804
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: WangYuan
>Assignee: WangYuan
>Priority: Minor
> Attachments: 
> 0001-RANGER-1804-The-exception-information-is-error-when-.patch
>
>
> The exception information is error when judge password for 
> RangerKeyStoreProvider class
> I think it should throw the password is error instead of throw master key not 
> exists.
> {code}
> String password = conf.get(ENCRYPTION_KEY);
>   if(password == null || password.trim().equals("") || 
> password.trim().equals("_") || password.trim().equals("crypted")){
>   throw new IOException("Master Key Jceks does not 
> exists");
>   }
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (RANGER-1804) The exception information is error when judge password for RangerKeyStoreProvider class

[WangYuan (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1804?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

WangYuan updated RANGER-1804:
-
Attachment: (was: 
0001-RANGER-1804-The-exception-information-is-error-when-.patch)

> The exception information is error when judge password for 
> RangerKeyStoreProvider class
> ---
>
> Key: RANGER-1804
> URL: https://issues.apache.org/jira/browse/RANGER-1804
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: WangYuan
>Assignee: WangYuan
>Priority: Minor
> Attachments: 
> 0001-RANGER-1804-The-exception-information-is-error-when-.patch
>
>
> The exception information is error when judge password for 
> RangerKeyStoreProvider class
> I think it should throw the password is error instead of throw master key not 
> exists.
> {code}
> String password = conf.get(ENCRYPTION_KEY);
>   if(password == null || password.trim().equals("") || 
> password.trim().equals("_") || password.trim().equals("crypted")){
>   throw new IOException("Master Key Jceks does not 
> exists");
>   }
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Re: Review Request 62522: The exception information is error when judge password for RangerKeyStoreProvider class

[wang yuan]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62522/
---

(Updated 九月 26, 2017, 7:35 a.m.)


Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O 
hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan 
Neethiraj, Velmurugan Periasamy, and Qiang Zhang.


Bugs: RANGER-1804
https://issues.apache.org/jira/browse/RANGER-1804


Repository: ranger


Description
---

The exception information is error when judge password for 
RangerKeyStoreProvider class
I think it should throw the password is error instead of throw master key not 
exists.
{code}
String password = conf.get(ENCRYPTION_KEY);
if(password == null || password.trim().equals("") || 
password.trim().equals("_") || password.trim().equals("crypted")){
throw new IOException("Master Key Jceks does not 
exists");
}
{code}


Diffs (updated)
-

  kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
267fcf08 


Diff: https://reviews.apache.org/r/62522/diff/4/

Changes: https://reviews.apache.org/r/62522/diff/3-4/


Testing
---


Thanks,

wang yuan

[jira] [Updated] (RANGER-1804) The exception information is error when judge password for RangerKeyStoreProvider class

[WangYuan (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1804?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

WangYuan updated RANGER-1804:
-
Attachment: 0001-RANGER-1804-The-exception-information-is-error-when-.patch

> The exception information is error when judge password for 
> RangerKeyStoreProvider class
> ---
>
> Key: RANGER-1804
> URL: https://issues.apache.org/jira/browse/RANGER-1804
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: WangYuan
>Assignee: WangYuan
>Priority: Minor
> Attachments: 
> 0001-RANGER-1804-The-exception-information-is-error-when-.patch
>
>
> The exception information is error when judge password for 
> RangerKeyStoreProvider class
> I think it should throw the password is error instead of throw master key not 
> exists.
> {code}
> String password = conf.get(ENCRYPTION_KEY);
>   if(password == null || password.trim().equals("") || 
> password.trim().equals("_") || password.trim().equals("crypted")){
>   throw new IOException("Master Key Jceks does not 
> exists");
>   }
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Re: Review Request 62490: Updated masking policy for hive to support for deny/allowException/denyExceptions

[pengjianhua]

> On 九月 25, 2017, 11:56 a.m., Qiang Zhang wrote:
> > The following codes should be modified:
> > 1. `if(this.dataMaskPolicyAllowItemExceptions == 
> > dataMaskPolicyAllowItemExceptions) {` in 
> > `setDataMaskPolicyAllowItemExceptions(` for RangerPolicy.java
> > 2. `if(this.dataMaskPolicyDenyItems == dataMaskPolicyDenyItems) {` in 
> > `public void setDataMaskPolicyDenyItems(` for RangerPolicy.java
> > 3. `if(this.dataMaskPolicyDenyItemExceptions == 
> > dataMaskPolicyDenyItemExceptions) {` in `public void 
> > setDataMaskPolicyDenyItemExceptions(` for RangerPolicy.java
> > 
> > Please fix them.

Thanks for you review I had update the patch ,Please review again.


- pengjianhua


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62490/#review186105
---


On 九月 26, 2017, 7:31 a.m., pengjianhua wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62490/
> ---
> 
> (Updated 九月 26, 2017, 7:31 a.m.)
> 
> 
> Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O 
> hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan 
> Neethiraj, Velmurugan Periasamy, and Qiang Zhang.
> 
> 
> Bugs: RANGER-1796
> https://issues.apache.org/jira/browse/RANGER-1796
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Masking policy for hive should support for deny/allowException/denyExceptions 
> to meet further business needs. Such as masking policy for hive should 
> support as following scene and so on:
> USER1, USER2 and USER3 belong to the user group GROUPA. Select GROUPA group 
> when created masking policy. The USER1 does not use masking and USER2, USER3 
> need masking.
> 
> We rigorously tested this issue. The test result shows that the feature is ok.
> 
> 
> Diffs
> -
> 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java 
> 60daed9 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java
>  0b5fc0e 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyRepository.java
>  067ca04 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java
>  f5d7ad3 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerOptimizedPolicyEvaluator.java
>  47b4921 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerPolicyItemEvaluator.java
>  edbde29 
>   
> security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java 
> 1b6f440 
>   security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 
> da65074 
>   
> security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java
>  f55a103 
>   security-admin/src/main/webapp/scripts/utils/XAUtils.js ecf43ad 
>   security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js 
> 9a8d82d 
> 
> 
> Diff: https://reviews.apache.org/r/62490/diff/2/
> 
> 
> Testing
> ---
> 
> tested it
> 
> 
> Thanks,
> 
> pengjianhua
> 
>

[jira] [Updated] (RANGER-1804) The exception information is error when judge password for RangerKeyStoreProvider class

[WangYuan (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1804?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

WangYuan updated RANGER-1804:
-
Attachment: (was: 
0001-RANGER-1804-The-exception-information-is-error-when-.patch)

> The exception information is error when judge password for 
> RangerKeyStoreProvider class
> ---
>
> Key: RANGER-1804
> URL: https://issues.apache.org/jira/browse/RANGER-1804
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: WangYuan
>Assignee: WangYuan
>Priority: Minor
>
> The exception information is error when judge password for 
> RangerKeyStoreProvider class
> I think it should throw the password is error instead of throw master key not 
> exists.
> {code}
> String password = conf.get(ENCRYPTION_KEY);
>   if(password == null || password.trim().equals("") || 
> password.trim().equals("_") || password.trim().equals("crypted")){
>   throw new IOException("Master Key Jceks does not 
> exists");
>   }
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Re: Review Request 62490: Updated masking policy for hive to support for deny/allowException/denyExceptions

[pengjianhua]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62490/
---

(Updated 九月 26, 2017, 7:31 a.m.)


Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O 
hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan 
Neethiraj, Velmurugan Periasamy, and Qiang Zhang.


Bugs: RANGER-1796
https://issues.apache.org/jira/browse/RANGER-1796


Repository: ranger


Description
---

Masking policy for hive should support for deny/allowException/denyExceptions 
to meet further business needs. Such as masking policy for hive should support 
as following scene and so on:
USER1, USER2 and USER3 belong to the user group GROUPA. Select GROUPA group 
when created masking policy. The USER1 does not use masking and USER2, USER3 
need masking.

We rigorously tested this issue. The test result shows that the feature is ok.


Diffs (updated)
-

  agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java 
60daed9 
  
agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java
 0b5fc0e 
  
agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyRepository.java
 067ca04 
  
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java
 f5d7ad3 
  
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerOptimizedPolicyEvaluator.java
 47b4921 
  
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerPolicyItemEvaluator.java
 edbde29 
  security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java 
1b6f440 
  security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 
da65074 
  
security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java 
f55a103 
  security-admin/src/main/webapp/scripts/utils/XAUtils.js ecf43ad 
  security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js 
9a8d82d 


Diff: https://reviews.apache.org/r/62490/diff/2/

Changes: https://reviews.apache.org/r/62490/diff/1-2/


Testing
---

tested it


Thanks,

pengjianhua

Re: Review Request 62522: The exception information is error when judge password for RangerKeyStoreProvider class

[wang yuan]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62522/
---

(Updated 九月 26, 2017, 7:30 a.m.)


Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O 
hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan 
Neethiraj, Velmurugan Periasamy, and Qiang Zhang.


Bugs: RANGER-1804
https://issues.apache.org/jira/browse/RANGER-1804


Repository: ranger


Description
---

The exception information is error when judge password for 
RangerKeyStoreProvider class
I think it should throw the password is error instead of throw master key not 
exists.
{code}
String password = conf.get(ENCRYPTION_KEY);
if(password == null || password.trim().equals("") || 
password.trim().equals("_") || password.trim().equals("crypted")){
throw new IOException("Master Key Jceks does not 
exists");
}
{code}


Diffs (updated)
-

  kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
267fcf08 


Diff: https://reviews.apache.org/r/62522/diff/3/

Changes: https://reviews.apache.org/r/62522/diff/2-3/


Testing
---


Thanks,

wang yuan

Re: Build Process Apache Ranger

[Ronny Hidayat]

Hi Don Bosco Durai,

It work.

Thank you very much.

2017-09-26 10:46 GMT+07.00, Don Bosco Durai :
> You can try with -DskipTests options.
>
> Also, there is Docker option to build.
>
> Bosco
>
>
>
> On 9/25/17, 8:30 PM, "Ronny Hidayat"  wrote:
>
> Hi all,
>
> I am new in using Apache Ranger plugin.
> So I download plugin from https://github.com/apache/ranger.
> Then I build using "$ mvn clean compile package install
> assembly:assembly" command.
> But I get error message like this :
>
> [INFO] ---
> [INFO]  T E S T S
> [INFO] ---
> [INFO] Running
> org.apache.ranger.authorization.kafka.authorizer.KafkaRangerAuthorizerSASLSSLTest
> log4j:WARN No appenders could be found for logger
> (org.apache.zookeeper.server.ZooKeeperServerMain).
> log4j:WARN Please initialize the log4j system properly.
> log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig
> for more info.
> [INFO] Running
> org.apache.ranger.authorization.kafka.authorizer.KafkaRangerAuthorizerTest
> log4j:WARN No appenders could be found for logger
> (org.apache.zookeeper.server.ZooKeeperServerMain).
> log4j:WARN Please initialize the log4j system properly.
> log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig
> for more info.
> [INFO] Tests run: 4, Failures: 0, Errors: 0, Skipped: 0, Time elapsed:
> 19.1 s - in
> org.apache.ranger.authorization.kafka.authorizer.KafkaRangerAuthorizerTest
> [INFO] Running
> org.apache.ranger.authorization.kafka.authorizer.KafkaRangerAuthorizerGSSTest
> log4j:WARN No appenders could be found for logger
>
> (org.apache.kerby.kerberos.kerb.identity.backend.AbstractIdentityBackend).
> log4j:WARN Please initialize the log4j system properly.
> log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig
> for more info.
> [ERROR] Tests run: 2, Failures: 0, Errors: 1, Skipped: 0, Time
> elapsed: 12.479 s <<< FAILURE! - in
>
> org.apache.ranger.authorization.kafka.authorizer.KafkaRangerAuthorizerGSSTest
> [ERROR]
> testAuthorizedRead(org.apache.ranger.authorization.kafka.authorizer.KafkaRangerAuthorizerGSSTest)
>  Time elapsed: 0.728 s  <<< ERROR!
> org.apache.kafka.common.errors.TopicAuthorizationException: Not
> authorized to access topics: [test]
>
> [INFO]
> [INFO] Results:
> [INFO]
> [ERROR] Errors:
> [ERROR]   KafkaRangerAuthorizerGSSTest.testAuthorizedRead »
> TopicAuthorization Not autho...
> [INFO]
> [ERROR] Tests run: 6, Failures: 0, Errors: 1, Skipped: 0
>
> How to resolve this problem ?
>
> Thanks.
>
>
>
>