[jira] [Updated] (RANGER-3361) Ranger Admin : Improve error message while deleting users and groups associated with role.
[ https://issues.apache.org/jira/browse/RANGER-3361?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Mateen N Mansoori updated RANGER-3361: -- Fix Version/s: 2.2.0 3.0.0 Merged in master : https://github.com/apache/ranger/commit/8f177b03b22875ba46537371136d3bd6a330fa48 & 2.2 : https://github.com/apache/ranger/commit/bc42f47d65090cef2ab69af51d3dff511ea30565 > Ranger Admin : Improve error message while deleting users and groups > associated with role. > -- > > Key: RANGER-3361 > URL: https://issues.apache.org/jira/browse/RANGER-3361 > Project: Ranger > Issue Type: Task > Components: Ranger >Reporter: Mateen N Mansoori >Priority: Major > Fix For: 3.0.0, 2.2.0 > > Attachments: > 0001-RANGER-3361-Ranger-Admin-Improve-error-message-while.patch > > > Currently there is 404 response from API when we try to delete user or > groups which are associated with any role(s). -- This message was sent by Atlassian Jira (v8.3.4#803005)
Re: Review Request 73486: RANGER-3350: Ranger HivePluginAuthorizer SHOW CURRENT ROLES not fetching the role set in current hive beeline session
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73486/ --- (Updated Aug. 18, 2021, 5 a.m.) Review request for ranger, Don Bosco Durai, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, Selvamohan Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy. Changes --- Fixed an issue when set current role is done and show roles is done in a session Bugs: RANGER-3350 https://issues.apache.org/jira/browse/RANGER-3350 Repository: ranger Description --- RANGER-3350: Ranger HivePluginAuthorizer SHOW CURRENT ROLES not fetching the role set in current hive beeline session Diffs (updated) - hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java 8621f73e2 Diff: https://reviews.apache.org/r/73486/diff/2/ Changes: https://reviews.apache.org/r/73486/diff/1-2/ Testing --- - Verified set current roles command - Verified get current roles command Thanks, Ramesh Mani
Re: Review Request 73451: RANGER-3334:Enhance Ranger admin REST Client to use cookie for policy, tag and role download
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73451/#review223348 --- Ship it! Ship It! - Abhay Kulkarni On July 24, 2021, 8:41 a.m., Ramesh Mani wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/73451/ > --- > > (Updated July 24, 2021, 8:41 a.m.) > > > Review request for ranger, Don Bosco Durai, Abhay Kulkarni, Madhan Neethiraj, > Mehul Parikh, Selvamohan Neethiraj, Sailaja Polavarapu, and Velmurugan > Periasamy. > > > Bugs: RANGER-3334 > https://issues.apache.org/jira/browse/RANGER-3334 > > > Repository: ranger > > > Description > --- > > RANGER-3334:Enhance Ranger admin REST Client to use cookie for policy, tag > and role download > > > Diffs > - > > > agents-common/src/main/java/org/apache/ranger/admin/client/RangerAdminRESTClient.java > e0d7a9b71 > > agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerAbstractContextEnricher.java > f838f842b > > agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerAdminTagRetriever.java > 7b49a9906 > > agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerAdminUserStoreRetriever.java > ed963363d > > agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerTagEnricher.java > a78b4842c > > agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerTagRetriever.java > 0f09b64d2 > > agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerUserStoreEnricher.java > 10616334c > > agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerUserStoreRetriever.java > 1addbc49d > > agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPluginContext.java > a8e76009e > > agents-common/src/main/java/org/apache/ranger/plugin/service/RangerBasePlugin.java > 82b048194 > > agents-common/src/main/java/org/apache/ranger/plugin/util/PolicyRefresher.java > dcba36338 > > agents-common/src/main/java/org/apache/ranger/plugin/util/RangerCommonConstants.java > 570eb6e36 > > agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRESTClient.java > 216b6b2a9 > > knox-agent/src/main/java/org/apache/ranger/admin/client/RangerAdminJersey2RESTClient.java > fa17f5d4b > > > Diff: https://reviews.apache.org/r/73451/diff/2/ > > > Testing > --- > > - Testing done in local vm for policy, tag and role download. > - Access log in ranger admin will show the 401 for authentication call for > the first download and if there are no changes only 304 response will be > there. There won't be any 401 kerberos authentication call each time when > downloads are happening. > - Avoid instanciation of RangerAdminClient for each tag download, so that > cookie is preserved and used for subsequent calls. > > > Thanks, > > Ramesh Mani > >
Re: Review Request 73486: RANGER-3350: Ranger HivePluginAuthorizer SHOW CURRENT ROLES not fetching the role set in current hive beeline session
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73486/#review223347 --- Ship it! Ship It! - Abhay Kulkarni On July 26, 2021, 10:51 p.m., Ramesh Mani wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/73486/ > --- > > (Updated July 26, 2021, 10:51 p.m.) > > > Review request for ranger, Don Bosco Durai, Abhay Kulkarni, Madhan Neethiraj, > Mehul Parikh, Pradeep Agrawal, Selvamohan Neethiraj, Sailaja Polavarapu, and > Velmurugan Periasamy. > > > Bugs: RANGER-3350 > https://issues.apache.org/jira/browse/RANGER-3350 > > > Repository: ranger > > > Description > --- > > RANGER-3350: Ranger HivePluginAuthorizer SHOW CURRENT ROLES not fetching the > role set in current hive beeline session > > > Diffs > - > > > hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java > 6df0bed1c > > > Diff: https://reviews.apache.org/r/73486/diff/1/ > > > Testing > --- > > - Verified set current roles command > - Verified get current roles command > > > Thanks, > > Ramesh Mani > >
Review Request 73523: RANGER-3339 : Make Ranger Solr audit collection config-set configurable.
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73523/ --- Review request for ranger, Dhaval Shah, Abhay Kulkarni, Mehul Parikh, Pradeep Agrawal, Vishal Suvagia, and Velmurugan Periasamy. Bugs: RANGER-3339 https://issues.apache.org/jira/browse/RANGER-3339 Repository: ranger Description --- Currently ranger admin using a fixed config-set zip to create config, So this changes are to make it configurable. Diffs - embeddedwebserver/scripts/ranger-admin-services.sh d7cabbcde embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/SolrCollectionBootstrapper.java d04d1c897 security-admin/scripts/install.properties ae7a00d3f security-admin/scripts/setup.sh f6f6f564c security-admin/src/main/resources/conf.dist/ranger-admin-site.xml 793c479bd Diff: https://reviews.apache.org/r/73523/diff/1/ Testing --- Tested on local VM by providing custom config-set zip location and it was able to create config-set and collection. Thanks, Mateen Mansoori
Review Request 73522: RANGER-3372 : ISSUE IN POLICIES SEARCH ON REPORT PAGE WITH USER HAVING MORE THAN ONE UNIX GROUPS
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73522/ --- Review request for ranger, Dhaval Rajpara, Dhaval Shah, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, and Velmurugan Periasamy. Bugs: RANGER-3372 https://issues.apache.org/jira/browse/RANGER-3372 Repository: ranger Description --- PROBLEM STATEMENT : We have a user called "A" User A belongs to 2 Groups [Group 1 and Group 2 ] Group 1 is assigned to Hive Policy [Test 1 ] Group 2 is assigned to Hive Policy [Test 2 ] Now while searching user "A" in Ranger Reports , We can only see 1 of the Policy is listing , Expected behaviour should be : Both policy should be displayed in reports. Diffs - security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java c5add3aa2 Diff: https://reviews.apache.org/r/73522/diff/1/ Testing --- Ran - mvn clean compile test verify install Testing - Tested on local VM. Thanks, Mateen Mansoori
[jira] [Updated] (RANGER-3052) Can not search by object name in page /reports/audit/admin
[ https://issues.apache.org/jira/browse/RANGER-3052?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] fengxianjing updated RANGER-3052: - Attachment: 0001-RANGER-3052-support-search-by-object-name-in-admin-a.patch > Can not search by object name in page /reports/audit/admin > -- > > Key: RANGER-3052 > URL: https://issues.apache.org/jira/browse/RANGER-3052 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Affects Versions: 2.2.0 >Reporter: fengxianjing >Assignee: fengxianjing >Priority: Major > Attachments: > 0001-RANGER-3052-support-search-by-object-name-in-admin-a.patch > > > We have thousands operation per day, and we usually search by policy name for > find out who modified a specified policy. At present, we can only query the > database -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (RANGER-3052) Can not search by object name in page /reports/audit/admin
[ https://issues.apache.org/jira/browse/RANGER-3052?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] fengxianjing updated RANGER-3052: - External issue URL: https://reviews.apache.org/r/73519/ > Can not search by object name in page /reports/audit/admin > -- > > Key: RANGER-3052 > URL: https://issues.apache.org/jira/browse/RANGER-3052 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Affects Versions: 2.2.0 >Reporter: fengxianjing >Assignee: fengxianjing >Priority: Major > > We have thousands operation per day, and we usually search by policy name for > find out who modified a specified policy. At present, we can only query the > database -- This message was sent by Atlassian Jira (v8.3.4#803005)
Re: Review Request 73500: RANGER-3361 : Improve error message while deleting users and groups associated with role.
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73500/#review223343 --- Ship it! Ship It! - Mehul Parikh On Aug. 16, 2021, 6:10 a.m., Mateen Mansoori wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/73500/ > --- > > (Updated Aug. 16, 2021, 6:10 a.m.) > > > Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Abhay Kulkarni, > Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, Vishal Suvagia, > and Velmurugan Periasamy. > > > Bugs: RANGER-3361 > https://issues.apache.org/jira/browse/RANGER-3361 > > > Repository: ranger > > > Description > --- > > Currently getting 404 response from user/group API when we try to delete > user or groups which are associated with any role(s). > > > Diffs > - > > security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java 38b06d1b2 > security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java > cfd66b13f > > > Diff: https://reviews.apache.org/r/73500/diff/2/ > > > Testing > --- > > Ran : mvn clean compile test verify install > Test : Tested on local VM. > > > Thanks, > > Mateen Mansoori > >
[jira] [Created] (RANGER-3372) ISSUE IN POLICIES SEARCH ON REPORT PAGE WITH USER HAVING MORE THAN ONE UNIX GROUPS
Mateen N Mansoori created RANGER-3372: - Summary: ISSUE IN POLICIES SEARCH ON REPORT PAGE WITH USER HAVING MORE THAN ONE UNIX GROUPS Key: RANGER-3372 URL: https://issues.apache.org/jira/browse/RANGER-3372 Project: Ranger Issue Type: Bug Components: Ranger Reporter: Mateen N Mansoori PROBLEM STATEMENT Below is the scenario : We have a user called "A" User A belongs to 2 Groups [Group 1 and Group 2 ] Group 1 is assigned to Hive Policy [Test 1 ] Group 2 is assigned to Hive Policy [Test 2 ] Now while searching user "A" in Ranger Reports , We can only see 1 of the Policy is listing , Expected behaviour should be : Both policy should be displayed in reports . -- This message was sent by Atlassian Jira (v8.3.4#803005)
Re: Review Request 73500: RANGER-3361 : Improve error message while deleting users and groups associated with role.
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73500/#review223342 --- Ship it! Ship It! - Dhaval Shah On Aug. 16, 2021, 6:10 a.m., Mateen Mansoori wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/73500/ > --- > > (Updated Aug. 16, 2021, 6:10 a.m.) > > > Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Abhay Kulkarni, > Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, Vishal Suvagia, > and Velmurugan Periasamy. > > > Bugs: RANGER-3361 > https://issues.apache.org/jira/browse/RANGER-3361 > > > Repository: ranger > > > Description > --- > > Currently getting 404 response from user/group API when we try to delete > user or groups which are associated with any role(s). > > > Diffs > - > > security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java 38b06d1b2 > security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java > cfd66b13f > > > Diff: https://reviews.apache.org/r/73500/diff/2/ > > > Testing > --- > > Ran : mvn clean compile test verify install > Test : Tested on local VM. > > > Thanks, > > Mateen Mansoori > >