Re: Request for adding me as contributor

[Madhan Neethiraj]

Akash,

Thanks for your interest in contributing to Apache Ranger. You have been added 
as a contributor. Welcome to Apache Ranger community. 

Regards,
Madhan



On 10/4/18, 11:06 PM, "Akash Pawale"  wrote:

Hi,
My username in https://issues.apache.org is
akashp16

Thanks,
Akash Pawale.


On Thu, Oct 4, 2018 at 10:48 PM Madhan Neethiraj  wrote:

> Akash,
>
> Thanks for your interest in contributing to Apache Ranger. Can you please
> let me know your username in https://issues.apache.org?
>
> Thanks,
> Madhan
>
>
>
>
> On 10/3/18, 10:45 PM, "Akash Pawale"  wrote:
>
> Hi All,
>
> I would like to contribute to Apache Ranger project, Can
> you please add me as a contributor to the project?
>
> Thanks,
> Akash Pawale.
>
>
>
>

Re: Request for adding me as contributor

[Akash Pawale]

Hi,
My username in https://issues.apache.org is
akashp16

Thanks,
Akash Pawale.


On Thu, Oct 4, 2018 at 10:48 PM Madhan Neethiraj  wrote:

> Akash,
>
> Thanks for your interest in contributing to Apache Ranger. Can you please
> let me know your username in https://issues.apache.org?
>
> Thanks,
> Madhan
>
>
>
>
> On 10/3/18, 10:45 PM, "Akash Pawale"  wrote:
>
> Hi All,
>
> I would like to contribute to Apache Ranger project, Can
> you please add me as a contributor to the project?
>
> Thanks,
> Akash Pawale.
>
>
>
>

Re: Review Request 68908: Perform graceful terminate with retries before doing forceful kill for usersync and tagsync

[Velmurugan Periasamy]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/68908/#review209244
---


Fix it, then Ship it!





tagsync/scripts/ranger-tagsync-services.sh
Lines 124 (patched)


Can you please make sure this is merged in ranger-1 line branches?


- Velmurugan Periasamy


On Oct. 3, 2018, 6:43 a.m., bhavik patel wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/68908/
> ---
> 
> (Updated Oct. 3, 2018, 6:43 a.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay 
> Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan 
> Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2229
> https://issues.apache.org/jira/browse/RANGER-2229
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> In ranger usersync and tagsync scripts, stop of the process is done 
> forcefully using kill -9.
> Suggestion is to do a graceful shutdown with retries and do a force kill only 
> if graceful shutdown is not successful.
> 
> Stop section from ranger-tagsync-services.sh and ranger-tusersync-services.sh
> 
> 
> Diffs
> -
> 
>   tagsync/scripts/ranger-tagsync-services.sh 5686390 
>   unixauthservice/scripts/ranger-usersync-services.sh 028ad08 
> 
> 
> Diff: https://reviews.apache.org/r/68908/diff/1/
> 
> 
> Testing
> ---
> 
> Tested ranger usersync & ranger tagsync are getting shutdown gracefully, also 
> verified if graceful shutdown is not successful(after 15 retries) than it 
> used kill -9 to stopped the proccess forcefully.
> 
> 
> Thanks,
> 
> bhavik patel
> 
>

Re: Review Request 68881: RANGER-2203: Review and update database schema for ranger policies to minimize database queries/updates

[Abhay Kulkarni]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/68881/
---

(Updated Oct. 5, 2018, 2:47 a.m.)


Review request for ranger, Madhan Neethiraj, Mehul Parikh, Nikhil P, Pradeep 
Agrawal, and Velmurugan Periasamy.


Changes
---

Addressed some review comments.


Bugs: RANGER-2186, RANGER-2195 and RANGER-2219
https://issues.apache.org/jira/browse/RANGER-2186
https://issues.apache.org/jira/browse/RANGER-2195
https://issues.apache.org/jira/browse/RANGER-2219


Repository: ranger


Description
---

Notes:

This is a composite patch for updating database schema for Ranger policy and 
tag related objects.

Notes:

This patch is more complete than the one posted earlier 
(https://reviews.apache.org/r/68876/). Database scripts to drop foreign-keys 
are missing for some database types. They need to be added.

This patch also subsumes back-ports of RANGER-2186 and RANGER-2195 from master 
to ranger-0.7 branch. Porting those JIRA separately involved fixing conflicts 
in many common files.

Description:

Currently, ranger policies are fully normalized and stored in a multiple 
Relational database tables. There is a performance overhead incurred when 
retrieving a ranger policy, as multiple database accesses are required to fully 
reconstruct it. This is significant when there are large ranger policies (that 
is, the number of resources addressed by the policy is large), and/or when 
there is a large number of ranger policies in an installation.

This Jira tracks alternate design of database schema, where a policy is stored 
in a de-normalized way, in its entirely, in one database table (preferably as a 
JSON string).


Diffs (updated)
-

  
agents-common/src/main/java/org/apache/ranger/authorization/utils/JsonUtils.java
 PRE-CREATION 
  agents-common/src/main/java/org/apache/ranger/plugin/model/RangerTag.java 
743b02825 
  
agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractServiceStore.java
 a75ca59e8 
  agents-common/src/main/java/org/apache/ranger/plugin/store/TagStore.java 
5918b1292 
  embeddedwebserver/scripts/ranger-admin-services.sh 19dab2a9d 
  security-admin/db/mysql/patches/035-update-schema-for-x-policy.sql 
PRE-CREATION 
  security-admin/db/mysql/patches/040-denormalize-tag-tables.sql PRE-CREATION 
  security-admin/db/oracle/patches/035-update-schema-for-x-policy.sql 
PRE-CREATION 
  security-admin/db/oracle/patches/040-denormalize-tag-tables.sql PRE-CREATION 
  security-admin/db/postgres/patches/035-update-schema-for-x-policy.sql 
PRE-CREATION 
  security-admin/db/postgres/patches/040-denormalize-tag-tables.sql 
PRE-CREATION 
  security-admin/db/sqlanywhere/patches/035-update-schema-for-x-policy.sql 
PRE-CREATION 
  security-admin/db/sqlanywhere/patches/040-denormalize-tag-tables.sql 
PRE-CREATION 
  security-admin/db/sqlserver/patches/035-update-schema-for-x-policy.sql 
PRE-CREATION 
  security-admin/db/sqlserver/patches/040-denormalize-tag-tables.sql 
PRE-CREATION 
  security-admin/scripts/db_setup.py d4f37ed6f 
  security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java 
PRE-CREATION 
  security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java 
354ab1cba 
  security-admin/src/main/java/org/apache/ranger/biz/RangerTagDBRetriever.java 
53683ec04 
  security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 
ceee8cef2 
  security-admin/src/main/java/org/apache/ranger/biz/TagDBStore.java 3234be6a2 
  
security-admin/src/main/java/org/apache/ranger/common/db/RangerTransactionSynchronizationAdapter.java
 2a62fb408 
  security-admin/src/main/java/org/apache/ranger/db/RangerDaoManager.java 
e3b878b3e 
  security-admin/src/main/java/org/apache/ranger/db/RangerDaoManagerBase.java 
d718441ee 
  security-admin/src/main/java/org/apache/ranger/db/XXAccessTypeDefDao.java 
8f3a50687 
  security-admin/src/main/java/org/apache/ranger/db/XXDataMaskTypeDefDao.java 
f6e1aff0b 
  security-admin/src/main/java/org/apache/ranger/db/XXGroupDao.java 19e2e11f3 
  
security-admin/src/main/java/org/apache/ranger/db/XXPolicyConditionDefDao.java 
21afcac89 
  security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemAccessDao.java 
de37e10cd 
  
security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemConditionDao.java 
11596ef4d 
  
security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemDataMaskInfoDao.java
 a8418c626 
  
security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemGroupPermDao.java 
8c05699b2 
  
security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemRowFilterInfoDao.java
 4618e7dc7 
  
security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemUserPermDao.java 
40a0da13b 
  
security-admin/src/main/java/org/apache/ranger/db/XXPolicyRefAccessTypeDao.java 
PRE-CREATION 
  
security-admin/src/main/java/org/apache/ranger/db/XXPolicyRefConditionDao.java 
P

CVE update - fixed in Apache Ranger 1.2.0

[Velmurugan Periasamy]

Hello:

Please find below details on CVE fixed in Ranger 1.2.0 release. Release details 
can be found at 
https://cwiki.apache.org/confluence/display/RANGER/1.2.0+Release+-+Apache+Ranger


CVE-2018-11778: Apache Ranger Stack based buffer overflow
Severity: Critical
Vendor: The Apache Software Foundation
Versions Affected: Apache Ranger versions prior to 1.2.0
Users affected: Unix Authentication Service users 
Description: Apache Ranger UnixAuthenticationService should properly handle 
user input to avoid Stack-based buffer overflow.
Fix detail: UnixAuthenticationService was updated to correctly handle user 
input.
Mitigation: Users should upgrade to 1.2.0 or later version of Apache Ranger 
with the fix.
Credit: Alexander Klink.


Thank you,
Velmurugan Periasamy

[jira] [Updated] (RANGER-2222) Apache RangerKafkaPlugin support to handle Kafka Cluster as a new resource

[Ramesh Mani (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-:

Attachment: 0001-RANGER--Apache-RangerKafkaPlugin-support-to-hand.patch

> Apache RangerKafkaPlugin support to handle Kafka Cluster as a new resource
> --
>
> Key: RANGER-
> URL: https://issues.apache.org/jira/browse/RANGER-
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 2.0.0
>Reporter: Ramesh Mani
>Assignee: Ramesh Mani
>Priority: Major
> Attachments: 
> 0001-RANGER--Apache-RangerKafkaPlugin-support-to-hand.patch
>
>
> Currently, cluster resource permissions are exposed in Ranger with Topic 
> resource as *. This is not the right convention as cluster resource is not a 
> super set including topic resources.
> Cluster resource permissions:
> Alter
> AlterConfigs
> ClusterAction
> Create
> Describe
> DescribeConfigs
> IdempotentWrite
> Topic resource operations:
> Alter
> AlterConfigs
> Create
> Delete
> Describe
> DescribeConfigs
> Read
> Write
> Users should be able to define policies with cluster resource and topic 
> resource with respective permissions. Names of some of the permissions are 
> same in topic and cluster but they are meant for the different purpose.
> Example: AlterConfigs on the topic resource is about altering configs of a 
> topic only but AlterConfigs permission on Custer resource is meant for 
> altering configs on the broker.
> Upgrading cluster should upgrade existing policies in to topic and cluster 
> resource level policies with respective permissions. I believe that the 
> default policy that is getting created would address this.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (RANGER-2222) Apache RangerKafkaPlugin support to handle Kafka Cluster as a new resource

[Ramesh Mani (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-:

Attachment: (was: 
0001-RANGER--Apache-RangerKafkaPlugin-support-to-hand.patch)

> Apache RangerKafkaPlugin support to handle Kafka Cluster as a new resource
> --
>
> Key: RANGER-
> URL: https://issues.apache.org/jira/browse/RANGER-
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 2.0.0
>Reporter: Ramesh Mani
>Assignee: Ramesh Mani
>Priority: Major
> Attachments: 
> 0001-RANGER--Apache-RangerKafkaPlugin-support-to-hand.patch
>
>
> Currently, cluster resource permissions are exposed in Ranger with Topic 
> resource as *. This is not the right convention as cluster resource is not a 
> super set including topic resources.
> Cluster resource permissions:
> Alter
> AlterConfigs
> ClusterAction
> Create
> Describe
> DescribeConfigs
> IdempotentWrite
> Topic resource operations:
> Alter
> AlterConfigs
> Create
> Delete
> Describe
> DescribeConfigs
> Read
> Write
> Users should be able to define policies with cluster resource and topic 
> resource with respective permissions. Names of some of the permissions are 
> same in topic and cluster but they are meant for the different purpose.
> Example: AlterConfigs on the topic resource is about altering configs of a 
> topic only but AlterConfigs permission on Custer resource is meant for 
> altering configs on the broker.
> Upgrading cluster should upgrade existing policies in to topic and cluster 
> resource level policies with respective permissions. I believe that the 
> default policy that is getting created would address this.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Re: Review Request 65950: Add support to allow clients to access resource permissions stored in Ranger

[Ankit Singhal]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/65950/
---

(Updated Oct. 4, 2018, 11:38 p.m.)


Review request for ranger and Ramesh Mani.


Bugs: RANGER-1958
https://issues.apache.org/jira/browse/RANGER-1958


Repository: ranger


Description
---

RANGER-1958 [HBase] Implement getUserPermissions API of 
AccessControlService.Interface to allow clients to access HBase permissions 
stored in Ranger


Diffs (updated)
-

  
hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/AuthorizationSession.java
 cdaad00a4 
  
hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationCoprocessor.java
 d85339a09 
  
hbase-agent/src/test/java/org/apache/ranger/authorization/hbase/HBaseRangerAuthorizationTest.java
 38408855d 
  hbase-agent/src/test/resources/hbase-policies.json b7b44c9ea 


Diff: https://reviews.apache.org/r/65950/diff/4/

Changes: https://reviews.apache.org/r/65950/diff/3-4/


Testing
---

Unit testing is done


Thanks,

Ankit Singhal

Changes to Ranger policy and tag persistence schema

[Abhay Kulkarni]

Ranger developers,

 

In order to improve performance of policy CRUD operations, enhancements in
RANGER-2203   reorganize
persistence schema for policies. In the current design, various details of a
Ranger policy are stored in multiple tables with foreign-key references
between these tables ­ increasing the complexity of CRUD operations. The
goal of this enhancement is to persist Ranger policies in a single table,
thereby reducing the complexity and significantly improve the performance of
CRUD operations. Similar enhancements are done for tags as well.

 

This enhancement will be introduced in ranger-0.7 branch first, and will be
ported into master branch shortly after. The patch for ranger-0.7 branch is
available for review here  . The patch
includes scripts to update the schema and also handles migration of data
from earlier schema to new one.

 
Please note that once the schema is updated and data is migrated, earlier
version of Ranger Admin will not be able to read policies (and tags)
correctly. If you anticipate the need to use earlier version of Ranger
Admin, I would strongly suggest backing up Ranger database before updating
the schema.  Also, note that this enhancement doesn¹t introduce any REST API
changes; so existing plugins and other REST clients will continue to work.


Thanks!
-Abhay

Re: Review Request 68770: RANGER-2220 minify JavaScript files during packaging

[Csaba Koncz]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/68770/
---

(Updated Oct. 4, 2018, 7:50 p.m.)


Review request for ranger.


Changes
---

Moved npm-related files to src/main/webapp as per review comments. Changed 
maven-frontend-plugin working directory to security-admin/target.


Bugs: RANGER-2220
https://issues.apache.org/jira/browse/RANGER-2220


Repository: ranger


Description
---

Maven build modified so that the admin UI JavaScript resources are 
concatenated/compressed using the RequireJS Optimizer.
During the packaging phase index.html is rewritten so that it loads the 
compressed JS file instead of the JS source tree.


Diffs (updated)
-

  pom.xml d8e3a5da9 
  security-admin/pom.xml 84bbd6650 
  security-admin/src/main/webapp/index.html 60ef5a75b 
  security-admin/src/main/webapp/libs/bower/backbone-forms/js/bootstrap.js 
276175505 
  
security-admin/src/main/webapp/libs/bower/backbone.bootstrap-modal/js/backbone.bootstrap-modal.js
 6cd05b03d 
  security-admin/src/main/webapp/minify.build.js PRE-CREATION 
  security-admin/src/main/webapp/package-lock.json PRE-CREATION 
  security-admin/src/main/webapp/package.json PRE-CREATION 
  security-admin/src/main/webapp/scripts/Init.js 4493f62e0 
  security-admin/src/main/webapp/scripts/Main.js d518afbf2 


Diff: https://reviews.apache.org/r/68770/diff/4/

Changes: https://reviews.apache.org/r/68770/diff/3-4/


Testing
---

Performed:

mvn package -pl security-admin -am
cd security-admin/
cd security-admin/target/security-admin-web-2.0.0-SNAPSHOT
http-server
# opened http://localhost:8080 and inspected browser network tab and console:
# network tab lists only 26 requests
# console contains no packaging related errors (it contains 4 errors due to 
missing backend service)


Thanks,

Csaba Koncz

[jira] [Commented] (RANGER-2241) Fix release build scripts to conform to latest Apache release guidelines - Part 2 - Remove sha1 and mds

[Velmurugan Periasamy (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-2241?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16638739#comment-16638739
 ] 

Velmurugan Periasamy commented on RANGER-2241:
--

Review request available at - https://reviews.apache.org/r/68925

> Fix release build scripts to conform to latest Apache release guidelines - 
> Part 2 - Remove sha1 and mds
> ---
>
> Key: RANGER-2241
> URL: https://issues.apache.org/jira/browse/RANGER-2241
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Colm O hEigeartaigh
>Assignee: Velmurugan Periasamy
>Priority: Major
> Fix For: 1.0.1, 2.0.0, 1.1.1, 1.2.1
>
>
> Fix the release build scripts to conform to the Apache release guidelines 
> surrounding hashes:
> [http://www.apache.org/dev/release-distribution#sigs-and-sums]
> <<<
> For every artifact distributed to the public through Apache channels, the PMC
>  * MUST supply a 
> [valid|http://www.apache.org/dev/release-signing#verifying-signature] 
> [OpenPGP-compatible ASCII-armored detached 
> signature|http://www.apache.org/dev/release-signing#openpgp-ascii-detach-sig] 
> file
>  * MUST supply at least one checksum file
>  * SHOULD supply a [SHA-256 and/or 
> SHA-512|http://www.apache.org/dev/release-signing#sha-checksum] checksum file
>  * SHOULD NOT supply a MD5 or SHA-1 checksum file (because these are 
> deprecated)
>  >>>



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (RANGER-2241) Fix release build scripts to conform to latest Apache release guidelines - Part 2 - Remove sha1 and mds

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2241?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2241:
-
Summary: Fix release build scripts to conform to latest Apache release 
guidelines - Part 2 - Remove sha1 and mds  (was: Fix release build scripts to 
conform to latest Apache release guidelines - Part 2 - Remove sha1)

> Fix release build scripts to conform to latest Apache release guidelines - 
> Part 2 - Remove sha1 and mds
> ---
>
> Key: RANGER-2241
> URL: https://issues.apache.org/jira/browse/RANGER-2241
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Colm O hEigeartaigh
>Assignee: Velmurugan Periasamy
>Priority: Major
> Fix For: 1.0.1, 2.0.0, 1.1.1, 1.2.1
>
>
> Fix the release build scripts to conform to the Apache release guidelines 
> surrounding hashes:
> [http://www.apache.org/dev/release-distribution#sigs-and-sums]
> <<<
> For every artifact distributed to the public through Apache channels, the PMC
>  * MUST supply a 
> [valid|http://www.apache.org/dev/release-signing#verifying-signature] 
> [OpenPGP-compatible ASCII-armored detached 
> signature|http://www.apache.org/dev/release-signing#openpgp-ascii-detach-sig] 
> file
>  * MUST supply at least one checksum file
>  * SHOULD supply a [SHA-256 and/or 
> SHA-512|http://www.apache.org/dev/release-signing#sha-checksum] checksum file
>  * SHOULD NOT supply a MD5 or SHA-1 checksum file (because these are 
> deprecated)
>  >>>



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Comment Edited] (RANGER-2241) Fix release build scripts to conform to latest Apache release guidelines - Part 2 - Remove sha1

[Velmurugan Periasamy (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-2241?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16638716#comment-16638716
 ] 

Velmurugan Periasamy edited comment on RANGER-2241 at 10/4/18 7:25 PM:
---

SHA1 also needs to be removed (in addition to MD5).

MDS is also not necessary. 


was (Author: vperiasamy):
SHA1 also needs to be removed (in addition to MD5).

> Fix release build scripts to conform to latest Apache release guidelines - 
> Part 2 - Remove sha1
> ---
>
> Key: RANGER-2241
> URL: https://issues.apache.org/jira/browse/RANGER-2241
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Colm O hEigeartaigh
>Assignee: Velmurugan Periasamy
>Priority: Major
> Fix For: 1.0.1, 2.0.0, 1.1.1, 1.2.1
>
>
> Fix the release build scripts to conform to the Apache release guidelines 
> surrounding hashes:
> [http://www.apache.org/dev/release-distribution#sigs-and-sums]
> <<<
> For every artifact distributed to the public through Apache channels, the PMC
>  * MUST supply a 
> [valid|http://www.apache.org/dev/release-signing#verifying-signature] 
> [OpenPGP-compatible ASCII-armored detached 
> signature|http://www.apache.org/dev/release-signing#openpgp-ascii-detach-sig] 
> file
>  * MUST supply at least one checksum file
>  * SHOULD supply a [SHA-256 and/or 
> SHA-512|http://www.apache.org/dev/release-signing#sha-checksum] checksum file
>  * SHOULD NOT supply a MD5 or SHA-1 checksum file (because these are 
> deprecated)
>  >>>



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Review Request 68925: RANGER-2241: Fix release build scripts to conform to latest Apache release guidelines - Part 2 - Remove sha1 and mds

[Velmurugan Periasamy]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/68925/
---

Review request for ranger.


Bugs: RANGER-2241
https://issues.apache.org/jira/browse/RANGER-2241


Repository: ranger


Description
---

Sha1 is depracated, so should not be included in build artifacts


Diffs
-

  release-build.xml 752a57e 


Diff: https://reviews.apache.org/r/68925/diff/1/


Testing
---

Verified that release build does not include this file


Thanks,

Velmurugan Periasamy

[jira] [Updated] (RANGER-2241) Fix release build scripts to conform to latest Apache release guidelines - Part 2 - Remove sha1

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2241?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2241:
-
Fix Version/s: (was: 1.1.0)
   1.2.1
   1.1.1
   2.0.0

> Fix release build scripts to conform to latest Apache release guidelines - 
> Part 2 - Remove sha1
> ---
>
> Key: RANGER-2241
> URL: https://issues.apache.org/jira/browse/RANGER-2241
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Colm O hEigeartaigh
>Assignee: Velmurugan Periasamy
>Priority: Major
> Fix For: 1.0.1, 2.0.0, 1.1.1, 1.2.1
>
>
> Fix the release build scripts to conform to the Apache release guidelines 
> surrounding hashes:
> [http://www.apache.org/dev/release-distribution#sigs-and-sums]
> The names of signature and checksum files MUST be formed by adding to the
> name of the artifact the following suffixes:
>    - .asc for a (ASCII armored) PGP signature
>    - .sha1 for a SHA-1 checksum
>    - .sha256 for a SHA-256 checksum
>    - .sha512 for a SHA-512 checksum
>    - .md5 for a MD5 checksum
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (RANGER-2241) Fix release build scripts to conform to latest Apache release guidelines - Part 2 - Remove sha1

[Velmurugan Periasamy (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-2241?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16638716#comment-16638716
 ] 

Velmurugan Periasamy commented on RANGER-2241:
--

SHA1 also needs to be removed (in addition to MD5).

> Fix release build scripts to conform to latest Apache release guidelines - 
> Part 2 - Remove sha1
> ---
>
> Key: RANGER-2241
> URL: https://issues.apache.org/jira/browse/RANGER-2241
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Colm O hEigeartaigh
>Assignee: Velmurugan Periasamy
>Priority: Major
> Fix For: 1.0.1, 2.0.0, 1.1.1, 1.2.1
>
>
> Fix the release build scripts to conform to the Apache release guidelines 
> surrounding hashes:
> [http://www.apache.org/dev/release-distribution#sigs-and-sums]
> The names of signature and checksum files MUST be formed by adding to the
> name of the artifact the following suffixes:
>    - .asc for a (ASCII armored) PGP signature
>    - .sha1 for a SHA-1 checksum
>    - .sha256 for a SHA-256 checksum
>    - .sha512 for a SHA-512 checksum
>    - .md5 for a MD5 checksum
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (RANGER-2241) Fix release build scripts to conform to latest Apache release guidelines - Part 2 - Remove sha1

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2241?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2241:
-
Description: 
Fix the release build scripts to conform to the Apache release guidelines 
surrounding hashes:

[http://www.apache.org/dev/release-distribution#sigs-and-sums]

<<<

For every artifact distributed to the public through Apache channels, the PMC
 * MUST supply a 
[valid|http://www.apache.org/dev/release-signing#verifying-signature] 
[OpenPGP-compatible ASCII-armored detached 
signature|http://www.apache.org/dev/release-signing#openpgp-ascii-detach-sig] 
file
 * MUST supply at least one checksum file
 * SHOULD supply a [SHA-256 and/or 
SHA-512|http://www.apache.org/dev/release-signing#sha-checksum] checksum file
 * SHOULD NOT supply a MD5 or SHA-1 checksum file (because these are deprecated)

 >>>

  was:
Fix the release build scripts to conform to the Apache release guidelines 
surrounding hashes:

[http://www.apache.org/dev/release-distribution#sigs-and-sums]

The names of signature and checksum files MUST be formed by adding to the

name of the artifact the following suffixes:

   - .asc for a (ASCII armored) PGP signature

   - .sha1 for a SHA-1 checksum

   - .sha256 for a SHA-256 checksum

   - .sha512 for a SHA-512 checksum

   - .md5 for a MD5 checksum

 


> Fix release build scripts to conform to latest Apache release guidelines - 
> Part 2 - Remove sha1
> ---
>
> Key: RANGER-2241
> URL: https://issues.apache.org/jira/browse/RANGER-2241
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Colm O hEigeartaigh
>Assignee: Velmurugan Periasamy
>Priority: Major
> Fix For: 1.0.1, 2.0.0, 1.1.1, 1.2.1
>
>
> Fix the release build scripts to conform to the Apache release guidelines 
> surrounding hashes:
> [http://www.apache.org/dev/release-distribution#sigs-and-sums]
> <<<
> For every artifact distributed to the public through Apache channels, the PMC
>  * MUST supply a 
> [valid|http://www.apache.org/dev/release-signing#verifying-signature] 
> [OpenPGP-compatible ASCII-armored detached 
> signature|http://www.apache.org/dev/release-signing#openpgp-ascii-detach-sig] 
> file
>  * MUST supply at least one checksum file
>  * SHOULD supply a [SHA-256 and/or 
> SHA-512|http://www.apache.org/dev/release-signing#sha-checksum] checksum file
>  * SHOULD NOT supply a MD5 or SHA-1 checksum file (because these are 
> deprecated)
>  >>>



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Created] (RANGER-2241) Fix release build scripts to conform to latest Apache release guidelines - Part 2 - Remove sha1

[Velmurugan Periasamy (JIRA)]

Velmurugan Periasamy created RANGER-2241:


 Summary: Fix release build scripts to conform to latest Apache 
release guidelines - Part 2 - Remove sha1
 Key: RANGER-2241
 URL: https://issues.apache.org/jira/browse/RANGER-2241
 Project: Ranger
  Issue Type: Bug
  Components: Ranger
Reporter: Colm O hEigeartaigh
Assignee: Velmurugan Periasamy
 Fix For: 1.1.0, 1.0.1


Fix the release build scripts to conform to the Apache release guidelines 
surrounding hashes:

[http://www.apache.org/dev/release-distribution#sigs-and-sums]

The names of signature and checksum files MUST be formed by adding to the

name of the artifact the following suffixes:

   - .asc for a (ASCII armored) PGP signature

   - .sha1 for a SHA-1 checksum

   - .sha256 for a SHA-256 checksum

   - .sha512 for a SHA-512 checksum

   - .md5 for a MD5 checksum

 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Resolved] (RANGER-2228) Release Ranger 1.2.0

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2228?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy resolved RANGER-2228.
--
Resolution: Fixed

> Release Ranger 1.2.0
> 
>
> Key: RANGER-2228
> URL: https://issues.apache.org/jira/browse/RANGER-2228
> Project: Ranger
>  Issue Type: Task
>  Components: Ranger
>Reporter: Velmurugan Periasamy
>Assignee: Velmurugan Periasamy
>Priority: Major
> Fix For: 1.2.0
>
>
> Track release activities for Ranger 1.2.0



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Re: Request for adding me as contributor

[Madhan Neethiraj]

Akash,

Thanks for your interest in contributing to Apache Ranger. Can you please let 
me know your username in https://issues.apache.org?

Thanks,
Madhan




On 10/3/18, 10:45 PM, "Akash Pawale"  wrote:

Hi All,

I would like to contribute to Apache Ranger project, Can
you please add me as a contributor to the project?

Thanks,
Akash Pawale.

[jira] [Comment Edited] (RANGER-2218) Service-Definition update should not allow updates to names of resources, access-types, conditions or data-masks

[Velmurugan Periasamy (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-2218?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16630633#comment-16630633
 ] 

Velmurugan Periasamy edited comment on RANGER-2218 at 10/4/18 3:35 PM:
---

master - 
[https://git-wip-us.apache.org/repos/asf?p=ranger.git;a=commit;h=f2e148abbe473a5fa23419373897082a3bf63974]

ranger-1 - 
[https://git-wip-us.apache.org/repos/asf?p=ranger.git;a=commit;h=b7c84df7f792acd7ed8ec0654b6b969b3a407a67]

ranger-1.1 - 
[https://git-wip-us.apache.org/repos/asf?p=ranger.git;a=commit;h=4fe455699a8de3894c5bebc5d7b88d1fb93d97e3]
 

ranger-0.7 - 
https://git-wip-us.apache.org/repos/asf?p=ranger.git;a=commit;h=ac456e84c848cf3378ee97c95b4a381bbdd6f703


was (Author: vperiasamy):
master - 
[https://git-wip-us.apache.org/repos/asf?p=ranger.git;a=commit;h=f2e148abbe473a5fa23419373897082a3bf63974]

ranger-1 - 
[https://git-wip-us.apache.org/repos/asf?p=ranger.git;a=commit;h=b7c84df7f792acd7ed8ec0654b6b969b3a407a67]

ranger-1.1 - 
[https://git-wip-us.apache.org/repos/asf?p=ranger.git;a=commit;h=4fe455699a8de3894c5bebc5d7b88d1fb93d97e3]
 

ranger-0.7 - 
https://github.com/apache/ranger/commit/ac456e84c848cf3378ee97c95b4a381bbdd6f703

> Service-Definition update should not allow updates to names of resources, 
> access-types,  conditions or data-masks
> -
>
> Key: RANGER-2218
> URL: https://issues.apache.org/jira/browse/RANGER-2218
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: master
>Reporter: Abhay Kulkarni
>Assignee: Sailaja Polavarapu
>Priority: Major
> Fix For: 0.7.2, 2.0.0, 1.1.1, 1.2.0
>
> Attachments: 
> 0001-RANGER-2218-Added-validations-for-names-duing-servic.patch
>
>
> Updates to service definitions should not allow updating names of the 
> following components: 
>  * Resources
>  * Access types
>  * Policy conditions
>  * Data Masks
> In general, these updates are seldom needed and can be avoided by careful 
> design of service definition. Also, with a de-normalized database schema for 
> storing policies, it is expensive and inefficient to maintain and lookup 
> mapping from internal IDs to names for each of these components. By not 
> allowing updates to these names, there is no need to maintain ( or reference) 
> such mappings after updating (or reading) policy when using de-normalized 
> database schema.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (RANGER-2203) Review and update database schema for ranger policies to minimize database queries/updates

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2203?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2203:
-
Fix Version/s: (was: 0.7.0)
   2.0.0
   0.7.2

> Review and update database schema for ranger policies to minimize database 
> queries/updates
> --
>
> Key: RANGER-2203
> URL: https://issues.apache.org/jira/browse/RANGER-2203
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: 0.7.0, master
>Reporter: Abhay Kulkarni
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 0.7.2, 2.0.0
>
>
> Currently, ranger policies are fully normalized and stored in a multiple 
> Relational database tables. There is a performance overhead incurred when 
> retrieving a ranger policy, as multiple database accesses are required to 
> fully reconstruct it. This is significant when there are large ranger 
> policies (that is, the number of resources addressed by the policy is large), 
> and/or when there is a large number of ranger policies in an installation.
> This Jira tracks alternate design of database schema, where a policy is 
> stored in a de-normalized way, in its entirely, in one database table 
> (preferably as a JSON string).



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (RANGER-2219) De-normalize schema for storing tags and related objects

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2219?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2219:
-
Fix Version/s: (was: master)
   (was: 0.7.0)
   2.0.0
   0.7.2

> De-normalize schema for storing tags and related objects
> 
>
> Key: RANGER-2219
> URL: https://issues.apache.org/jira/browse/RANGER-2219
> Project: Ranger
>  Issue Type: Sub-task
>  Components: Ranger
>Affects Versions: 0.7.0, master
>Reporter: Abhay Kulkarni
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 0.7.2, 2.0.0
>
>
> Currently, tag-definitions, tags and service-resources are stored in database 
> using a normalized form. When constructing resource->tag mappings, this 
> schema design may lead to a large number of database accesses, thereby 
> causing a major performance bottleneck when the number of resource->tag 
> associations is large.
> Denormalized schema will reduce the number of database accesses, and improve 
> overall performance significantly.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Comment Edited] (RANGER-2218) Service-Definition update should not allow updates to names of resources, access-types, conditions or data-masks

[Velmurugan Periasamy (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-2218?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16630633#comment-16630633
 ] 

Velmurugan Periasamy edited comment on RANGER-2218 at 10/4/18 3:34 PM:
---

master - 
[https://git-wip-us.apache.org/repos/asf?p=ranger.git;a=commit;h=f2e148abbe473a5fa23419373897082a3bf63974]

ranger-1 - 
[https://git-wip-us.apache.org/repos/asf?p=ranger.git;a=commit;h=b7c84df7f792acd7ed8ec0654b6b969b3a407a67]

ranger-1.1 - 
[https://git-wip-us.apache.org/repos/asf?p=ranger.git;a=commit;h=4fe455699a8de3894c5bebc5d7b88d1fb93d97e3]
 

ranger-0.7 - 
https://github.com/apache/ranger/commit/ac456e84c848cf3378ee97c95b4a381bbdd6f703


was (Author: vperiasamy):
master - 
[https://git-wip-us.apache.org/repos/asf?p=ranger.git;a=commit;h=f2e148abbe473a5fa23419373897082a3bf63974]

ranger-1 - 
[https://git-wip-us.apache.org/repos/asf?p=ranger.git;a=commit;h=b7c84df7f792acd7ed8ec0654b6b969b3a407a67]

ranger-1.1 - 
[https://git-wip-us.apache.org/repos/asf?p=ranger.git;a=commit;h=4fe455699a8de3894c5bebc5d7b88d1fb93d97e3]
 

> Service-Definition update should not allow updates to names of resources, 
> access-types,  conditions or data-masks
> -
>
> Key: RANGER-2218
> URL: https://issues.apache.org/jira/browse/RANGER-2218
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: master
>Reporter: Abhay Kulkarni
>Assignee: Sailaja Polavarapu
>Priority: Major
> Fix For: 0.7.2, 2.0.0, 1.1.1, 1.2.0
>
> Attachments: 
> 0001-RANGER-2218-Added-validations-for-names-duing-servic.patch
>
>
> Updates to service definitions should not allow updating names of the 
> following components: 
>  * Resources
>  * Access types
>  * Policy conditions
>  * Data Masks
> In general, these updates are seldom needed and can be avoided by careful 
> design of service definition. Also, with a de-normalized database schema for 
> storing policies, it is expensive and inefficient to maintain and lookup 
> mapping from internal IDs to names for each of these components. By not 
> allowing updates to these names, there is no need to maintain ( or reference) 
> such mappings after updating (or reading) policy when using de-normalized 
> database schema.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (RANGER-2203) Review and update database schema for ranger policies to minimize database queries/updates

[Abhay Kulkarni (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2203?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Abhay Kulkarni updated RANGER-2203:
---
Fix Version/s: (was: 2.0.0)

> Review and update database schema for ranger policies to minimize database 
> queries/updates
> --
>
> Key: RANGER-2203
> URL: https://issues.apache.org/jira/browse/RANGER-2203
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: 0.7.0, master
>Reporter: Abhay Kulkarni
>Priority: Major
> Fix For: 0.7.0
>
>
> Currently, ranger policies are fully normalized and stored in a multiple 
> Relational database tables. There is a performance overhead incurred when 
> retrieving a ranger policy, as multiple database accesses are required to 
> fully reconstruct it. This is significant when there are large ranger 
> policies (that is, the number of resources addressed by the policy is large), 
> and/or when there is a large number of ranger policies in an installation.
> This Jira tracks alternate design of database schema, where a policy is 
> stored in a de-normalized way, in its entirely, in one database table 
> (preferably as a JSON string).



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Re: Review Request 68881: RANGER-2203: Review and update database schema for ranger policies to minimize database queries/updates

[Abhay Kulkarni]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/68881/
---

(Updated Oct. 4, 2018, 3:20 p.m.)


Review request for ranger, Madhan Neethiraj, Mehul Parikh, Nikhil P, Pradeep 
Agrawal, and Velmurugan Periasamy.


Summary (updated)
-

RANGER-2203: Review and update database schema for ranger policies to minimize 
database queries/updates


Bugs: RANGER-2186, RANGER-2195 and RANGER-2219
https://issues.apache.org/jira/browse/RANGER-2186
https://issues.apache.org/jira/browse/RANGER-2195
https://issues.apache.org/jira/browse/RANGER-2219


Repository: ranger


Description
---

Notes:

This is a composite patch for updating database schema for Ranger policy and 
tag related objects.

Notes:

This patch is more complete than the one posted earlier 
(https://reviews.apache.org/r/68876/). Database scripts to drop foreign-keys 
are missing for some database types. They need to be added.

This patch also subsumes back-ports of RANGER-2186 and RANGER-2195 from master 
to ranger-0.7 branch. Porting those JIRA separately involved fixing conflicts 
in many common files.

Description:

Currently, ranger policies are fully normalized and stored in a multiple 
Relational database tables. There is a performance overhead incurred when 
retrieving a ranger policy, as multiple database accesses are required to fully 
reconstruct it. This is significant when there are large ranger policies (that 
is, the number of resources addressed by the policy is large), and/or when 
there is a large number of ranger policies in an installation.

This Jira tracks alternate design of database schema, where a policy is stored 
in a de-normalized way, in its entirely, in one database table (preferably as a 
JSON string).


Diffs
-

  
agents-common/src/main/java/org/apache/ranger/authorization/utils/JsonUtils.java
 PRE-CREATION 
  agents-common/src/main/java/org/apache/ranger/plugin/model/RangerTag.java 
743b02825 
  
agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractServiceStore.java
 a75ca59e8 
  agents-common/src/main/java/org/apache/ranger/plugin/store/TagStore.java 
5918b1292 
  embeddedwebserver/scripts/ranger-admin-services.sh 19dab2a9d 
  security-admin/db/mysql/patches/035-update-schema-for-x-policy.sql 
PRE-CREATION 
  security-admin/db/mysql/patches/040-denormalize-tag-tables.sql PRE-CREATION 
  security-admin/db/oracle/patches/035-update-schema-for-x-policy.sql 
PRE-CREATION 
  security-admin/db/oracle/patches/040-denormalize-tag-tables.sql PRE-CREATION 
  security-admin/db/postgres/patches/035-update-schema-for-x-policy.sql 
PRE-CREATION 
  security-admin/db/postgres/patches/040-denormalize-tag-tables.sql 
PRE-CREATION 
  security-admin/db/sqlanywhere/patches/035-update-schema-for-x-policy.sql 
PRE-CREATION 
  security-admin/db/sqlanywhere/patches/040-denormalize-tag-tables.sql 
PRE-CREATION 
  security-admin/db/sqlserver/patches/035-update-schema-for-x-policy.sql 
PRE-CREATION 
  security-admin/db/sqlserver/patches/040-denormalize-tag-tables.sql 
PRE-CREATION 
  security-admin/scripts/db_setup.py d4f37ed6f 
  security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java 
PRE-CREATION 
  security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java 
354ab1cba 
  security-admin/src/main/java/org/apache/ranger/biz/RangerTagDBRetriever.java 
53683ec04 
  security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 
ceee8cef2 
  security-admin/src/main/java/org/apache/ranger/biz/TagDBStore.java 3234be6a2 
  
security-admin/src/main/java/org/apache/ranger/common/db/RangerTransactionSynchronizationAdapter.java
 2a62fb408 
  security-admin/src/main/java/org/apache/ranger/db/RangerDaoManager.java 
e3b878b3e 
  security-admin/src/main/java/org/apache/ranger/db/RangerDaoManagerBase.java 
d718441ee 
  security-admin/src/main/java/org/apache/ranger/db/XXAccessTypeDefDao.java 
8f3a50687 
  security-admin/src/main/java/org/apache/ranger/db/XXDataMaskTypeDefDao.java 
f6e1aff0b 
  security-admin/src/main/java/org/apache/ranger/db/XXGroupDao.java 19e2e11f3 
  
security-admin/src/main/java/org/apache/ranger/db/XXPolicyConditionDefDao.java 
21afcac89 
  security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemAccessDao.java 
de37e10cd 
  
security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemConditionDao.java 
11596ef4d 
  
security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemDataMaskInfoDao.java
 a8418c626 
  
security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemGroupPermDao.java 
8c05699b2 
  
security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemRowFilterInfoDao.java
 4618e7dc7 
  
security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemUserPermDao.java 
40a0da13b 
  
security-admin/src/main/java/org/apache/ranger/db/XXPolicyRefAccessTypeDao.java 
PRE-CREATION 
 

[jira] [Updated] (RANGER-2203) Review and update database schema for ranger policies to minimize database queries/updates

[Abhay Kulkarni (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2203?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Abhay Kulkarni updated RANGER-2203:
---
Fix Version/s: 0.7.0

> Review and update database schema for ranger policies to minimize database 
> queries/updates
> --
>
> Key: RANGER-2203
> URL: https://issues.apache.org/jira/browse/RANGER-2203
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: 0.7.0, master
>Reporter: Abhay Kulkarni
>Priority: Major
> Fix For: 0.7.0
>
>
> Currently, ranger policies are fully normalized and stored in a multiple 
> Relational database tables. There is a performance overhead incurred when 
> retrieving a ranger policy, as multiple database accesses are required to 
> fully reconstruct it. This is significant when there are large ranger 
> policies (that is, the number of resources addressed by the policy is large), 
> and/or when there is a large number of ranger policies in an installation.
> This Jira tracks alternate design of database schema, where a policy is 
> stored in a de-normalized way, in its entirely, in one database table 
> (preferably as a JSON string).



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (RANGER-2203) Review and update database schema for ranger policies to minimize database queries/updates

[Abhay Kulkarni (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2203?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Abhay Kulkarni updated RANGER-2203:
---
Affects Version/s: 0.7.0

> Review and update database schema for ranger policies to minimize database 
> queries/updates
> --
>
> Key: RANGER-2203
> URL: https://issues.apache.org/jira/browse/RANGER-2203
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: 0.7.0, master
>Reporter: Abhay Kulkarni
>Priority: Major
> Fix For: 0.7.0
>
>
> Currently, ranger policies are fully normalized and stored in a multiple 
> Relational database tables. There is a performance overhead incurred when 
> retrieving a ranger policy, as multiple database accesses are required to 
> fully reconstruct it. This is significant when there are large ranger 
> policies (that is, the number of resources addressed by the policy is large), 
> and/or when there is a large number of ranger policies in an installation.
> This Jira tracks alternate design of database schema, where a policy is 
> stored in a de-normalized way, in its entirely, in one database table 
> (preferably as a JSON string).



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Assigned] (RANGER-2203) Review and update database schema for ranger policies to minimize database queries/updates

[Abhay Kulkarni (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2203?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Abhay Kulkarni reassigned RANGER-2203:
--

Assignee: Abhay Kulkarni

> Review and update database schema for ranger policies to minimize database 
> queries/updates
> --
>
> Key: RANGER-2203
> URL: https://issues.apache.org/jira/browse/RANGER-2203
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: 0.7.0, master
>Reporter: Abhay Kulkarni
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 0.7.0
>
>
> Currently, ranger policies are fully normalized and stored in a multiple 
> Relational database tables. There is a performance overhead incurred when 
> retrieving a ranger policy, as multiple database accesses are required to 
> fully reconstruct it. This is significant when there are large ranger 
> policies (that is, the number of resources addressed by the policy is large), 
> and/or when there is a large number of ranger policies in an installation.
> This Jira tracks alternate design of database schema, where a policy is 
> stored in a de-normalized way, in its entirely, in one database table 
> (preferably as a JSON string).



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (RANGER-2219) De-normalize schema for storing tags and related objects

[Abhay Kulkarni (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2219?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Abhay Kulkarni updated RANGER-2219:
---
Affects Version/s: 0.7.0
Fix Version/s: 0.7.0
   Issue Type: Task  (was: Improvement)

> De-normalize schema for storing tags and related objects
> 
>
> Key: RANGER-2219
> URL: https://issues.apache.org/jira/browse/RANGER-2219
> Project: Ranger
>  Issue Type: Task
>  Components: Ranger
>Affects Versions: 0.7.0, master
>Reporter: Abhay Kulkarni
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 0.7.0, master
>
>
> Currently, tag-definitions, tags and service-resources are stored in database 
> using a normalized form. When constructing resource->tag mappings, this 
> schema design may lead to a large number of database accesses, thereby 
> causing a major performance bottleneck when the number of resource->tag 
> associations is large.
> Denormalized schema will reduce the number of database accesses, and improve 
> overall performance significantly.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (RANGER-2219) De-normalize schema for storing tags and related objects

[Abhay Kulkarni (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2219?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Abhay Kulkarni updated RANGER-2219:
---
Issue Type: Sub-task  (was: Task)
Parent: RANGER-2203

> De-normalize schema for storing tags and related objects
> 
>
> Key: RANGER-2219
> URL: https://issues.apache.org/jira/browse/RANGER-2219
> Project: Ranger
>  Issue Type: Sub-task
>  Components: Ranger
>Affects Versions: 0.7.0, master
>Reporter: Abhay Kulkarni
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 0.7.0, master
>
>
> Currently, tag-definitions, tags and service-resources are stored in database 
> using a normalized form. When constructing resource->tag mappings, this 
> schema design may lead to a large number of database accesses, thereby 
> causing a major performance bottleneck when the number of resource->tag 
> associations is large.
> Denormalized schema will reduce the number of database accesses, and improve 
> overall performance significantly.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (RANGER-2218) Service-Definition update should not allow updates to names of resources, access-types, conditions or data-masks

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2218?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2218:
-
Fix Version/s: 1.1.1

> Service-Definition update should not allow updates to names of resources, 
> access-types,  conditions or data-masks
> -
>
> Key: RANGER-2218
> URL: https://issues.apache.org/jira/browse/RANGER-2218
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: master
>Reporter: Abhay Kulkarni
>Assignee: Sailaja Polavarapu
>Priority: Major
> Fix For: 0.7.2, 2.0.0, 1.1.1, 1.2.0
>
> Attachments: 
> 0001-RANGER-2218-Added-validations-for-names-duing-servic.patch
>
>
> Updates to service definitions should not allow updating names of the 
> following components: 
>  * Resources
>  * Access types
>  * Policy conditions
>  * Data Masks
> In general, these updates are seldom needed and can be avoided by careful 
> design of service definition. Also, with a de-normalized database schema for 
> storing policies, it is expensive and inefficient to maintain and lookup 
> mapping from internal IDs to names for each of these components. By not 
> allowing updates to these names, there is no need to maintain ( or reference) 
> such mappings after updating (or reading) policy when using de-normalized 
> database schema.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (RANGER-2218) Service-Definition update should not allow updates to names of resources, access-types, conditions or data-masks

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2218?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2218:
-
Fix Version/s: 0.7.2

> Service-Definition update should not allow updates to names of resources, 
> access-types,  conditions or data-masks
> -
>
> Key: RANGER-2218
> URL: https://issues.apache.org/jira/browse/RANGER-2218
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: master
>Reporter: Abhay Kulkarni
>Assignee: Sailaja Polavarapu
>Priority: Major
> Fix For: 0.7.2, 2.0.0, 1.2.0
>
> Attachments: 
> 0001-RANGER-2218-Added-validations-for-names-duing-servic.patch
>
>
> Updates to service definitions should not allow updating names of the 
> following components: 
>  * Resources
>  * Access types
>  * Policy conditions
>  * Data Masks
> In general, these updates are seldom needed and can be avoided by careful 
> design of service definition. Also, with a de-normalized database schema for 
> storing policies, it is expensive and inefficient to maintain and lookup 
> mapping from internal IDs to names for each of these components. By not 
> allowing updates to these names, there is no need to maintain ( or reference) 
> such mappings after updating (or reading) policy when using de-normalized 
> database schema.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Re: Review Request 68770: RANGER-2220 minify JavaScript files during packaging

[Nitin Galave]

> On Sept. 24, 2018, 1:03 p.m., Nitin Galave wrote:
> > security-admin/package.json
> > Lines 1 (patched)
> > 
> >
> > To maintain consistency it is better if we move this file(npm code) to 
> > src/main/webapp directory as we have all UI related code.
> > 
> > Thanks for contribution!!

Please let me know if you are taking care of clean up thing.


- Nitin


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/68770/#review208940
---


On Sept. 26, 2018, 8:58 a.m., Csaba Koncz wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/68770/
> ---
> 
> (Updated Sept. 26, 2018, 8:58 a.m.)
> 
> 
> Review request for ranger.
> 
> 
> Bugs: RANGER-2220
> https://issues.apache.org/jira/browse/RANGER-2220
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Maven build modified so that the admin UI JavaScript resources are 
> concatenated/compressed using the RequireJS Optimizer.
> During the packaging phase index.html is rewritten so that it loads the 
> compressed JS file instead of the JS source tree.
> 
> 
> Diffs
> -
> 
>   pom.xml d8e3a5da9 
>   security-admin/.gitignore 5a3a67338 
>   security-admin/package-lock.json PRE-CREATION 
>   security-admin/package.json PRE-CREATION 
>   security-admin/pom.xml 84bbd6650 
>   security-admin/src/main/webapp/index.html 60ef5a75b 
>   security-admin/src/main/webapp/libs/bower/backbone-forms/js/bootstrap.js 
> 276175505 
>   
> security-admin/src/main/webapp/libs/bower/backbone.bootstrap-modal/js/backbone.bootstrap-modal.js
>  6cd05b03d 
>   security-admin/src/main/webapp/minify.build.js PRE-CREATION 
>   security-admin/src/main/webapp/scripts/Init.js 4493f62e0 
>   security-admin/src/main/webapp/scripts/Main.js d518afbf2 
> 
> 
> Diff: https://reviews.apache.org/r/68770/diff/3/
> 
> 
> Testing
> ---
> 
> Performed:
> 
> mvn package -pl security-admin -am
> cd security-admin/
> cd security-admin/target/security-admin-web-2.0.0-SNAPSHOT
> http-server
> # opened http://localhost:8080 and inspected browser network tab and console:
> # network tab lists only 26 requests
> # console contains no packaging related errors (it contains 4 errors due to 
> missing backend service)
> 
> 
> Thanks,
> 
> Csaba Koncz
> 
>