[jira] [Created] (RANGER-3575) Ranger Admin : Remove log4j 1.x dependencies.

[Mateen N Mansoori (Jira)]

Mateen N Mansoori created RANGER-3575:
-

 Summary: Ranger Admin : Remove log4j 1.x dependencies.
 Key: RANGER-3575
 URL: https://issues.apache.org/jira/browse/RANGER-3575
 Project: Ranger
  Issue Type: Task
  Components: Ranger
Reporter: Mateen N Mansoori


Ranger Admin : Remove log4j 1.x dependencies.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Created] (RANGER-3574) Group-role mapping in Ranger Admin doesn't work

[Andre Araujo (Jira)]

Andre Araujo created RANGER-3574:


 Summary: Group-role mapping in Ranger Admin doesn't work
 Key: RANGER-3574
 URL: https://issues.apache.org/jira/browse/RANGER-3574
 Project: Ranger
  Issue Type: Bug
  Components: admin
Reporter: Andre Araujo


The intent of the Ranger Admin properties {{{}ranger.ldap.group.searchbase{}}}, 
{{ranger.ldap.group.searchfilter}} and {{ranger.ldap.group.roleattribute}} is 
to provide a mechanism to map the user's LDAP groups to Ranger roles 
dynamically. For example, if the user belongs to the LDAP group 
{{{}sys_admin{}}}, it will automatically be assigned to the {{ROLE_SYS_ADMIN}} 
role in Ranger.

The 
[{{RangerAuthenticationProvider.getLdapAuthentication()}}|https://github.com/apache/ranger/blob/e9b1e1d5f2009e90c6bbf912d5039bdafe319a5c/security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java#L185]
 and 
[{{RangerAuthenticationProvider.getLdapBindAuthentication()}}|https://github.com/apache/ranger/blob/e9b1e1d5f2009e90c6bbf912d5039bdafe319a5c/security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java#L512]
 methods define the parameters above and use them to correctly configure a 
{{{}DefaultLdapAuthoritiesPopulator{}}}.

The configured populator, though, is never used to fetch the 
{{GrantedAuthorities}} from LDAP. The [{{getAuthorities()}} 
method|https://github.com/apache/ranger/blob/e9b1e1d5f2009e90c6bbf912d5039bdafe319a5c/security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java#L639-L646]
 simply returns the roles assigned in Ranger and completely ignores the 
populator configured previously.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

Re: Review Request 73755: RANGER-3539: Add jacoco-maven-plugin for code coverage

[Pradeep Agrawal]

> On Jan. 4, 2022, 12:17 p.m., bhavik patel wrote:
> > pom.xml
> > Line 857 (original), 867 (patched)
> > 
> >
> > double check this changes

Without this it will not work. you can check at your end too with and without 
this change.


- Pradeep


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73755/#review223928
---


On Dec. 10, 2021, 5:26 p.m., Pradeep Agrawal wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73755/
> ---
> 
> (Updated Dec. 10, 2021, 5:26 p.m.)
> 
> 
> Review request for ranger, Dineshkumar Yadav, Abhay Kulkarni, Madhan 
> Neethiraj, Mehul Parikh, Ramesh Mani, Sailaja Polavarapu, and Velmurugan 
> Periasamy.
> 
> 
> Bugs: RANGER-3539
> https://issues.apache.org/jira/browse/RANGER-3539
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> **Problem Statement:** Currently there is no way to figure out Which part of 
> the Ranger code has test coverage. 
> 
> 
> **Proposed Solution:** Proposing jacoco-maven-plugin as part of build process 
> to improve test coverage.
> 
> 
> Diffs
> -
> 
>   pom.xml f9c46f669 
> 
> 
> Diff: https://reviews.apache.org/r/73755/diff/3/
> 
> 
> Testing
> ---
> 
> **Commands to generate test coverage report:**
> 
> 1) Build ranger using command: mvn clean install
> 2) Install jacoco server either at local or remote and run it
> 3) Run command to generate report:
> sample:
> mvn clean install -Dsonar.host.url=http://1.2.3.4:1234 -DskipTests -Psonar 
> -Dsonar.coverage.jacoco.xmlReportPaths=/path/to/xmlreport.xml 
> -Dsonar.projectKey=ranger_public -Dsonar.projectName=Ranger_AdminServer
> 
> 
> References:
> 
> https://www.baeldung.com/jacoco
> https://www.baeldung.com/sonarqube-jacoco-code-coverage
> https://mkyong.com/maven/maven-jacoco-code-coverage-example/
> https://medium.com/backend-habit/generate-codecoverage-report-with-jacoco-and-sonarqube-ed15c4045885
> 
> 
> Thanks,
> 
> Pradeep Agrawal
> 
>

Re: Review Request 73785: RANGER-3573: Add vim in ranger base image

[Abhay Kulkarni]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73785/#review223934
---


Ship it!




Ship It!

- Abhay Kulkarni


On Jan. 4, 2022, 10:06 p.m., Abhishek  Kumar wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73785/
> ---
> 
> (Updated Jan. 4, 2022, 10:06 p.m.)
> 
> 
> Review request for ranger, Abhay Kulkarni and Madhan Neethiraj.
> 
> 
> Bugs: RANGER-3573
> https://issues.apache.org/jira/browse/RANGER-3573
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Vim utility in ranger base image.
> 
> 
> Diffs
> -
> 
>   dev-support/ranger-docker/Dockerfile.ranger-base 688eed440 
> 
> 
> Diff: https://reviews.apache.org/r/73785/diff/1/
> 
> 
> Testing
> ---
> 
> Tested the functionality in running container.
> 
> 
> Thanks,
> 
> Abhishek  Kumar
> 
>

[jira] [Commented] (RANGER-3573) Add vim in docker base image

[Abhishek Kumar (Jira)]

[ 
https://issues.apache.org/jira/browse/RANGER-3573?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=1746#comment-1746
 ] 

Abhishek Kumar commented on RANGER-3573:


RR: [https://reviews.apache.org/r/73785/]

 

> Add vim in docker base image
> 
>
> Key: RANGER-3573
> URL: https://issues.apache.org/jira/browse/RANGER-3573
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Reporter: Abhishek Kumar
>Assignee: Abhishek Kumar
>Priority: Minor
>
> add vim in base image.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

Re: Review Request 73782: RANGER-3567: support policy resources to contain request expressions - like ${{USER.dept}}

[Abhay Kulkarni]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73782/#review223933
---


Ship it!




Ship It!

- Abhay Kulkarni


On Jan. 4, 2022, 8:29 p.m., Madhan Neethiraj wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73782/
> ---
> 
> (Updated Jan. 4, 2022, 8:29 p.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Kishor Gollapalliwar, Abhay 
> Kulkarni, Mehul Parikh, Ramesh Mani, Sailaja Polavarapu, and Velmurugan 
> Periasamy.
> 
> 
> Bugs: RANGER-3567
> https://issues.apache.org/jira/browse/RANGER-3567
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> - updated policy resource matchers to support expressions that refer to 
> request attributes
> - request expressions are enabled by default; can be disabled in a 
> resource-def by setting matcherOption replaceReqExpressions=false
> 
> 
> Diffs
> -
> 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java
>  8bfc16136 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerRequestScriptEvaluator.java
>  d99a7d57c 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerResourceTrie.java
>  80ed569f4 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/resourcematcher/RangerAbstractResourceMatcher.java
>  7841838af 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/resourcematcher/RangerPathResourceMatcher.java
>  43297d66f 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/resourcematcher/RangerURLResourceMatcher.java
>  e21d9079d 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/resourcematcher/ResourceMatcher.java
>  6d8e293a6 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/util/RangerAccessRequestUtil.java
>  474005570 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRequestExprResolver.java
>  d70430b70 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/util/StringTokenReplacer.java
>  2d09d44e6 
>   
> agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngine.java
>  81c374400 
>   
> agents-common/src/test/resources/policyengine/test_policyengine_resource_with_req_expressions.json
>  PRE-CREATION 
> 
> 
> Diff: https://reviews.apache.org/r/73782/diff/4/
> 
> 
> Testing
> ---
> 
> - added test cases to validate resource names that include request expressions
> 
> 
> Thanks,
> 
> Madhan Neethiraj
> 
>

Re: Review Request 73785: RANGER-3573: Add vim in ranger base image

[Madhan Neethiraj]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73785/#review223932
---


Ship it!




Ship It!

- Madhan Neethiraj


On Jan. 4, 2022, 10:06 p.m., Abhishek  Kumar wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73785/
> ---
> 
> (Updated Jan. 4, 2022, 10:06 p.m.)
> 
> 
> Review request for ranger, Abhay Kulkarni and Madhan Neethiraj.
> 
> 
> Bugs: RANGER-3573
> https://issues.apache.org/jira/browse/RANGER-3573
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Vim utility in ranger base image.
> 
> 
> Diffs
> -
> 
>   dev-support/ranger-docker/Dockerfile.ranger-base 688eed440 
> 
> 
> Diff: https://reviews.apache.org/r/73785/diff/1/
> 
> 
> Testing
> ---
> 
> Tested the functionality in running container.
> 
> 
> Thanks,
> 
> Abhishek  Kumar
> 
>

Review Request 73785: RANGER-3573: Add vim in ranger base image

[Abhishek Kumar]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73785/
---

Review request for ranger, Abhay Kulkarni and Madhan Neethiraj.


Bugs: RANGER-3573
https://issues.apache.org/jira/browse/RANGER-3573


Repository: ranger


Description
---

Vim utility in ranger base image.


Diffs
-

  dev-support/ranger-docker/Dockerfile.ranger-base 688eed440 


Diff: https://reviews.apache.org/r/73785/diff/1/


Testing
---

Tested the functionality in running container.


Thanks,

Abhishek  Kumar

[jira] [Created] (RANGER-3573) Add vim in docker base image

[Abhishek Kumar (Jira)]

Abhishek Kumar created RANGER-3573:
--

 Summary: Add vim in docker base image
 Key: RANGER-3573
 URL: https://issues.apache.org/jira/browse/RANGER-3573
 Project: Ranger
  Issue Type: Improvement
  Components: Ranger
Reporter: Abhishek Kumar
Assignee: Abhishek Kumar


add vim in base image.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

Re: Review Request 73782: RANGER-3567: support policy resources to contain request expressions - like ${{USER.dept}}

[Madhan Neethiraj]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73782/
---

(Updated Jan. 4, 2022, 8:29 p.m.)


Review request for ranger, Ankita Sinha, Kishor Gollapalliwar, Abhay Kulkarni, 
Mehul Parikh, Ramesh Mani, Sailaja Polavarapu, and Velmurugan Periasamy.


Changes
---

- updated JIRA description to clarify use of expressions and tokens in policy 
resource
- updated tests to cover additional use cases


Bugs: RANGER-3567
https://issues.apache.org/jira/browse/RANGER-3567


Repository: ranger


Description
---

- updated policy resource matchers to support expressions that refer to request 
attributes
- request expressions are enabled by default; can be disabled in a resource-def 
by setting matcherOption replaceReqExpressions=false


Diffs (updated)
-

  
agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java
 8bfc16136 
  
agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerRequestScriptEvaluator.java
 d99a7d57c 
  
agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerResourceTrie.java
 80ed569f4 
  
agents-common/src/main/java/org/apache/ranger/plugin/resourcematcher/RangerAbstractResourceMatcher.java
 7841838af 
  
agents-common/src/main/java/org/apache/ranger/plugin/resourcematcher/RangerPathResourceMatcher.java
 43297d66f 
  
agents-common/src/main/java/org/apache/ranger/plugin/resourcematcher/RangerURLResourceMatcher.java
 e21d9079d 
  
agents-common/src/main/java/org/apache/ranger/plugin/resourcematcher/ResourceMatcher.java
 6d8e293a6 
  
agents-common/src/main/java/org/apache/ranger/plugin/util/RangerAccessRequestUtil.java
 474005570 
  
agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRequestExprResolver.java
 d70430b70 
  
agents-common/src/main/java/org/apache/ranger/plugin/util/StringTokenReplacer.java
 2d09d44e6 
  
agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngine.java
 81c374400 
  
agents-common/src/test/resources/policyengine/test_policyengine_resource_with_req_expressions.json
 PRE-CREATION 


Diff: https://reviews.apache.org/r/73782/diff/4/

Changes: https://reviews.apache.org/r/73782/diff/3-4/


Testing
---

- added test cases to validate resource names that include request expressions


Thanks,

Madhan Neethiraj

[jira] [Updated] (RANGER-3567) support for use of user attributes in policy resources

[Madhan Neethiraj (Jira)]

 [ 
https://issues.apache.org/jira/browse/RANGER-3567?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Madhan Neethiraj updated RANGER-3567:
-
Description: 
It will be useful to be able to specify policy resources using user attributes 
- like
 * path=/data/{{{}$\{{USER.dept{}/*
 ** matches path /data/sales for users with attribute dept=sales
 ** matches path /data/mktg for user with attribute dept=mktg
 * database=test_{{{}$\{{USER.dept{}, table={{{}$\{{USER._name{}
 ** matches database _test_sales_ and table _scot_ for user scot with attribute 
dept=sales
 ** matches database _test_mktg_ and table _emily_ for user emily with 
attribute dept=mktg

 

Note that Ranger already supports {{tokens}} in policy resources - like
 * database=test_}USER{
 * database=test_}OWNER{
 * path=/data/sales/}FILENAME{

Policy resources should be able to include these tokens, in addition to 
references to user attributes - like:
 * database=test_{{{}$\{{USER.dept{}_}USER{
 * path=/data/{{{}$\{{USER.dept{}/users/}USER{

 

When a policy resource has both user-attribute expressions and tokens, Ranger 
policy engine should perform the following in the given order:
 # replace user-attribute expressions with its value
example:  test_{{{}$\{{USER.dept{}_}USER{ will be replaced with  
test_sales_}USER{
 # then replace token
example:  test_sales_}USER{ will be replaced with test_sales_user1

A special case to note: when the value user-attribute expression evaluates to 
contains token(s), for example to user_}USER{, this token will also be 
replaced by step #2 above. 

  was:
It will be useful to be able to specify policy resources using user attributes 
- like
 * path=/data/{{${{USER.dept/*
 ** matches path /data/sales for users with attribute dept=sales
 ** matches path /data/mktg for user with attribute dept=mktg
 * database=test_{{${{USER.dept, table={{${{USER._name
 ** matches database _test_sales_ and table _scot_ for user scot with attribute 
dept=sales
 ** matches database _test_mktg_ and table _emily_ for user emily with 
attribute dept=mktg


> support for use of user attributes in policy resources
> --
>
> Key: RANGER-3567
> URL: https://issues.apache.org/jira/browse/RANGER-3567
> Project: Ranger
>  Issue Type: Improvement
>  Components: plugins
>Reporter: Madhan Neethiraj
>Assignee: Madhan Neethiraj
>Priority: Major
> Fix For: 3.0.0, 2.3.0
>
> Attachments: RANGER-3567.patch
>
>
> It will be useful to be able to specify policy resources using user 
> attributes - like
>  * path=/data/{{{}$\{{USER.dept{}/*
>  ** matches path /data/sales for users with attribute dept=sales
>  ** matches path /data/mktg for user with attribute dept=mktg
>  * database=test_{{{}$\{{USER.dept{}, table={{{}$\{{USER._name{}
>  ** matches database _test_sales_ and table _scot_ for user scot with 
> attribute dept=sales
>  ** matches database _test_mktg_ and table _emily_ for user emily with 
> attribute dept=mktg
>  
> Note that Ranger already supports {{tokens}} in policy resources - like
>  * database=test_}USER{
>  * database=test_}OWNER{
>  * path=/data/sales/}FILENAME{
> Policy resources should be able to include these tokens, in addition to 
> references to user attributes - like:
>  * database=test_{{{}$\{{USER.dept{}_}USER{
>  * path=/data/{{{}$\{{USER.dept{}/users/}USER{
>  
> When a policy resource has both user-attribute expressions and tokens, Ranger 
> policy engine should perform the following in the given order:
>  # replace user-attribute expressions with its value
> example:  test_{{{}$\{{USER.dept{}_}USER{ will be replaced with  
> test_sales_}USER{
>  # then replace token
> example:  test_sales_}USER{ will be replaced with test_sales_user1
> A special case to note: when the value user-attribute expression evaluates to 
> contains token(s), for example to user_}USER{, this token will also 
> be replaced by step #2 above. 



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

Re: Review Request 73782: RANGER-3567: support policy resources to contain request expressions - like ${{USER.dept}}

[Abhay Kulkarni]

> On Jan. 4, 2022, 2:35 a.m., Abhay Kulkarni wrote:
> > agents-common/src/main/java/org/apache/ranger/plugin/resourcematcher/ResourceMatcher.java
> > Lines 107 (patched)
> > 
> >
> > Is it possible to have token which resolves to a expression? It may be 
> > required to impose certain restrictions so that the evaluation process is 
> > not expected to repeatedly expand tokens and expressions until there is 
> > nothing left to resolve/substitute.
> 
> Madhan Neethiraj wrote:
> It is possible, but unless there are compelling usecases to allow such 
> resource names, I would suggest to start with the following:
>  1. evaluate request expressions, if any, in policy-resource value
>  2. then replace tokens, if any, in policy-resource value obtained after 
> #1 above

That sounds reasonable. However, this needs to be documented with this feature 
as a restriction/limitation (perhaps at least in the description of the JIRA).


- Abhay


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73782/#review223922
---


On Jan. 4, 2022, 12:32 a.m., Madhan Neethiraj wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73782/
> ---
> 
> (Updated Jan. 4, 2022, 12:32 a.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Kishor Gollapalliwar, Abhay 
> Kulkarni, Mehul Parikh, Ramesh Mani, Sailaja Polavarapu, and Velmurugan 
> Periasamy.
> 
> 
> Bugs: RANGER-3567
> https://issues.apache.org/jira/browse/RANGER-3567
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> - updated policy resource matchers to support expressions that refer to 
> request attributes
> - request expressions are enabled by default; can be disabled in a 
> resource-def by setting matcherOption replaceReqExpressions=false
> 
> 
> Diffs
> -
> 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java
>  8bfc16136 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerRequestScriptEvaluator.java
>  d99a7d57c 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerResourceTrie.java
>  80ed569f4 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/resourcematcher/RangerAbstractResourceMatcher.java
>  7841838af 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/resourcematcher/RangerPathResourceMatcher.java
>  43297d66f 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/resourcematcher/RangerURLResourceMatcher.java
>  e21d9079d 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/resourcematcher/ResourceMatcher.java
>  6d8e293a6 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/util/RangerAccessRequestUtil.java
>  474005570 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRequestExprResolver.java
>  d70430b70 
>   
> agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngine.java
>  81c374400 
>   
> agents-common/src/test/resources/policyengine/test_policyengine_resource_with_req_expressions.json
>  PRE-CREATION 
> 
> 
> Diff: https://reviews.apache.org/r/73782/diff/3/
> 
> 
> Testing
> ---
> 
> - added test cases to validate resource names that include request expressions
> 
> 
> Thanks,
> 
> Madhan Neethiraj
> 
>

Re: Review Request 73745: RANGER-3487 : Update underscorejs with latest version.

[Dhaval Shah]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73745/#review223930
---


Ship it!




Ship It!

- Dhaval Shah


On Dec. 7, 2021, 1:36 p.m., Nitin Galave wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73745/
> ---
> 
> (Updated Dec. 7, 2021, 1:36 p.m.)
> 
> 
> Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Jayendra Parab, 
> Kishor Gollapalliwar, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-3487
> https://issues.apache.org/jira/browse/RANGER-3487
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> For more functionality update underscorejs with the latest version is 1.13.1.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/webapp/libs/bower/underscore/js/underscore-min.js 
> 898bd44a1 
>   security-admin/src/main/webapp/libs/bower/underscore/js/underscore.js 
> 5cdf62ea6 
> 
> 
> Diff: https://reviews.apache.org/r/73745/diff/1/
> 
> 
> Testing
> ---
> 
> Tested 
> 1.CRUD of service
> 2.Policy CRUD
> 3.User, group and role crud
> 4.Audit tab to check popup and also is all the data is coming in audit
> 5.Permission tab CRUD
> 6.Import and export of csv, xml and json
> 7.Enforcement
> 8.sync details in user page
> 
> 
> Thanks,
> 
> Nitin Galave
> 
>

Re: Review Request 73745: RANGER-3487 : Update underscorejs with latest version.

[Mehul Parikh]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73745/#review223929
---


Ship it!




Ship It!

- Mehul Parikh


On Dec. 7, 2021, 1:36 p.m., Nitin Galave wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73745/
> ---
> 
> (Updated Dec. 7, 2021, 1:36 p.m.)
> 
> 
> Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Jayendra Parab, 
> Kishor Gollapalliwar, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-3487
> https://issues.apache.org/jira/browse/RANGER-3487
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> For more functionality update underscorejs with the latest version is 1.13.1.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/webapp/libs/bower/underscore/js/underscore-min.js 
> 898bd44a1 
>   security-admin/src/main/webapp/libs/bower/underscore/js/underscore.js 
> 5cdf62ea6 
> 
> 
> Diff: https://reviews.apache.org/r/73745/diff/1/
> 
> 
> Testing
> ---
> 
> Tested 
> 1.CRUD of service
> 2.Policy CRUD
> 3.User, group and role crud
> 4.Audit tab to check popup and also is all the data is coming in audit
> 5.Permission tab CRUD
> 6.Import and export of csv, xml and json
> 7.Enforcement
> 8.sync details in user page
> 
> 
> Thanks,
> 
> Nitin Galave
> 
>

[jira] [Commented] (RANGER-3373) Ranger Hbase plugin not compatible with Hbase 2.3.4

[Bhavik Patel (Jira)]

[ 
https://issues.apache.org/jira/browse/RANGER-3373?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17468604#comment-17468604
 ] 

Bhavik Patel commented on RANGER-3373:
--

[~abhay] [~rmani] [~pradeep]  can we merge this changes?

> Ranger Hbase plugin not compatible with Hbase 2.3.4
> ---
>
> Key: RANGER-3373
> URL: https://issues.apache.org/jira/browse/RANGER-3373
> Project: Ranger
>  Issue Type: Bug
>  Components: plugins
>Affects Versions: 2.1.0, 3.0.0, 2.1.1
>Reporter: Shivam Garg
>Priority: Major
>  Labels: patch
> Fix For: 3.0.0, 2.1.1
>
> Attachments: RANGER-3373-001-branch-2.1.patch, RANGER-3373-001.patch
>
>
> Ranger is incompatible with Hbase 2.3.4 because AccessControlLists class has 
> been changed to PermissionStorage
> https://issues.apache.org/jira/browse/HBASE-22084



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

Re: Review Request 73755: RANGER-3539: Add jacoco-maven-plugin for code coverage

[bhavik patel]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73755/#review223928
---




pom.xml
Line 857 (original), 867 (patched)


double check this changes


- bhavik patel


On Dec. 10, 2021, 5:26 p.m., Pradeep Agrawal wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73755/
> ---
> 
> (Updated Dec. 10, 2021, 5:26 p.m.)
> 
> 
> Review request for ranger, Dineshkumar Yadav, Abhay Kulkarni, Madhan 
> Neethiraj, Mehul Parikh, Ramesh Mani, Sailaja Polavarapu, and Velmurugan 
> Periasamy.
> 
> 
> Bugs: RANGER-3539
> https://issues.apache.org/jira/browse/RANGER-3539
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> **Problem Statement:** Currently there is no way to figure out Which part of 
> the Ranger code has test coverage. 
> 
> 
> **Proposed Solution:** Proposing jacoco-maven-plugin as part of build process 
> to improve test coverage.
> 
> 
> Diffs
> -
> 
>   pom.xml f9c46f669 
> 
> 
> Diff: https://reviews.apache.org/r/73755/diff/3/
> 
> 
> Testing
> ---
> 
> **Commands to generate test coverage report:**
> 
> 1) Build ranger using command: mvn clean install
> 2) Install jacoco server either at local or remote and run it
> 3) Run command to generate report:
> sample:
> mvn clean install -Dsonar.host.url=http://1.2.3.4:1234 -DskipTests -Psonar 
> -Dsonar.coverage.jacoco.xmlReportPaths=/path/to/xmlreport.xml 
> -Dsonar.projectKey=ranger_public -Dsonar.projectName=Ranger_AdminServer
> 
> 
> References:
> 
> https://www.baeldung.com/jacoco
> https://www.baeldung.com/sonarqube-jacoco-code-coverage
> https://mkyong.com/maven/maven-jacoco-code-coverage-example/
> https://medium.com/backend-habit/generate-codecoverage-report-with-jacoco-and-sonarqube-ed15c4045885
> 
> 
> Thanks,
> 
> Pradeep Agrawal
> 
>

Re: Review Request 73783: RANGER-3569 : Support Ranger KMS integration with Google cloud HSM

[bhavik patel]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73783/#review223927
---




kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java
Line 231 (original), 234 (patched)


redundant check: here conf never be null


- bhavik patel


On Jan. 4, 2022, 11:20 a.m., Mateen Mansoori wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73783/
> ---
> 
> (Updated Jan. 4, 2022, 11:20 a.m.)
> 
> 
> Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad, 
> Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni, Mehul Parikh, Pradeep 
> Agrawal, VaradreawiZTV VaradreawiZTV, Vishal Suvagia, and Velmurugan 
> Periasamy.
> 
> 
> Bugs: RANGER-3569
> https://issues.apache.org/jira/browse/RANGER-3569
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Ranger KMS integration with Google cloud HSM
> - This task is to integrate the RANGER KMS Service with Google Cloud HSM.
> - To Configure RANGER KMS Service with Google Cloud HSM below configurations 
> need to be added in install.properties file bfore running the setup.sh
> 
> IS_GCP_ENABLED=true
> GCP_KEYRING_ID=YourKeyRingId
> GCP_CRED_JSON_FILE=/full/path/to/downloadedCredfile.json
> GCP_PROJECT_ID=YourProjectId
> GCP_LOCATION_ID=LocationId
> GCP_MASTER_KEY_NAME=MyMasterKeyNameChangeIt
> 
> - Run the setup.sh, It will add the below configs in dbks-site.xml
> 
> 
>   ranger.kms.gcp.enabled
>   false
>   
>   
>   
>   ranger.kms.gcp.keyring.id
>   
>   
>   
>   
>   ranger.kms.gcp.cred.file
>   
>   
>   
>   
>   ranger.kms.gcp.project.id
>   
>   
>   
>   
>   ranger.kms.gcp.location.id
>   
>   
>   
>   
>   ranger.kms.gcp.masterkey.name
>   
>   
>   
> 
> - Start the kms service, On start Master Key should be created in Google 
> Cloud HSM.
> 
> 
> Diffs
> -
> 
>   distro/src/main/assembly/kms.xml aacdcf103 
>   kms/config/kms-webapp/dbks-site.xml 75f21c80e 
>   kms/pom.xml b940e75c0 
>   kms/scripts/MigrateMKeyStorageDbToGCP.sh PRE-CREATION 
>   kms/scripts/install.properties 4cf79080f 
>   kms/scripts/setup.sh 60c026b80 
>   kms/src/main/java/org/apache/hadoop/crypto/key/MigrateDBMKeyToGCP.java 
> PRE-CREATION 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/RangerGoogleCloudHSMProvider.java
>  PRE-CREATION 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKMSMKI.java 75e70fffa 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java 
> b9e7cb2fd 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
> db8fa69e0 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyVaultKeyGenerator.java
>  854d7f0b6 
>   kms/src/main/resources/META-INF/context.xml PRE-CREATION 
>   pom.xml 5c621a5b4 
> 
> 
> Diff: https://reviews.apache.org/r/73783/diff/2/
> 
> 
> Testing
> ---
> 
> Build Succeeded - mvn clean compile test verify install
> Testing : Verified fresh and upgrade scenarios.
> 
> 
> Thanks,
> 
> Mateen Mansoori
> 
>

Re: Review Request 73783: RANGER-3569 : Support Ranger KMS integration with Google cloud HSM

[bhavik patel]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73783/#review223926
---




kms/config/kms-webapp/dbks-site.xml
Lines 301 (patched)


can you please add description of each Properties



kms/src/main/java/org/apache/hadoop/crypto/key/MigrateDBMKeyToGCP.java
Lines 64 (patched)


this boolean flag can be directly initialized



kms/src/main/java/org/apache/hadoop/crypto/key/MigrateDBMKeyToGCP.java
Lines 65 (patched)


please add couple of logger Statements



kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java
Line 96 (original), 97 (patched)


please make sure we are not breaking the existing functionality as you 
removed RangerKeyVaultKeyGenerator object.



kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java
Line 966 (original), 973 (patched)


RangerKMSMKI rangerKVKeyGenerator ==> update argument name



pom.xml
Lines 182 (patched)


can we update the version of existing variable?(at above line)


- bhavik patel


On Jan. 4, 2022, 11:20 a.m., Mateen Mansoori wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73783/
> ---
> 
> (Updated Jan. 4, 2022, 11:20 a.m.)
> 
> 
> Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad, 
> Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni, Mehul Parikh, Pradeep 
> Agrawal, VaradreawiZTV VaradreawiZTV, Vishal Suvagia, and Velmurugan 
> Periasamy.
> 
> 
> Bugs: RANGER-3569
> https://issues.apache.org/jira/browse/RANGER-3569
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Ranger KMS integration with Google cloud HSM
> - This task is to integrate the RANGER KMS Service with Google Cloud HSM.
> - To Configure RANGER KMS Service with Google Cloud HSM below configurations 
> need to be added in install.properties file bfore running the setup.sh
> 
> IS_GCP_ENABLED=true
> GCP_KEYRING_ID=YourKeyRingId
> GCP_CRED_JSON_FILE=/full/path/to/downloadedCredfile.json
> GCP_PROJECT_ID=YourProjectId
> GCP_LOCATION_ID=LocationId
> GCP_MASTER_KEY_NAME=MyMasterKeyNameChangeIt
> 
> - Run the setup.sh, It will add the below configs in dbks-site.xml
> 
> 
>   ranger.kms.gcp.enabled
>   false
>   
>   
>   
>   ranger.kms.gcp.keyring.id
>   
>   
>   
>   
>   ranger.kms.gcp.cred.file
>   
>   
>   
>   
>   ranger.kms.gcp.project.id
>   
>   
>   
>   
>   ranger.kms.gcp.location.id
>   
>   
>   
>   
>   ranger.kms.gcp.masterkey.name
>   
>   
>   
> 
> - Start the kms service, On start Master Key should be created in Google 
> Cloud HSM.
> 
> 
> Diffs
> -
> 
>   distro/src/main/assembly/kms.xml aacdcf103 
>   kms/config/kms-webapp/dbks-site.xml 75f21c80e 
>   kms/pom.xml b940e75c0 
>   kms/scripts/MigrateMKeyStorageDbToGCP.sh PRE-CREATION 
>   kms/scripts/install.properties 4cf79080f 
>   kms/scripts/setup.sh 60c026b80 
>   kms/src/main/java/org/apache/hadoop/crypto/key/MigrateDBMKeyToGCP.java 
> PRE-CREATION 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/RangerGoogleCloudHSMProvider.java
>  PRE-CREATION 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKMSMKI.java 75e70fffa 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java 
> b9e7cb2fd 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
> db8fa69e0 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyVaultKeyGenerator.java
>  854d7f0b6 
>   kms/src/main/resources/META-INF/context.xml PRE-CREATION 
>   pom.xml 5c621a5b4 
> 
> 
> Diff: https://reviews.apache.org/r/73783/diff/2/
> 
> 
> Testing
> ---
> 
> Build Succeeded - mvn clean compile test verify install
> Testing : Verified fresh and upgrade scenarios.
> 
> 
> Thanks,
> 
> Mateen Mansoori
> 
>

Re: Review Request 73783: RANGER-3569 : Support Ranger KMS integration with Google cloud HSM

[Mateen Mansoori]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73783/
---

(Updated Jan. 4, 2022, 11:20 a.m.)


Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad, 
Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni, Mehul Parikh, Pradeep 
Agrawal, VaradreawiZTV VaradreawiZTV, Vishal Suvagia, and Velmurugan Periasamy.


Bugs: RANGER-3569
https://issues.apache.org/jira/browse/RANGER-3569


Repository: ranger


Description
---

Ranger KMS integration with Google cloud HSM
- This task is to integrate the RANGER KMS Service with Google Cloud HSM.
- To Configure RANGER KMS Service with Google Cloud HSM below configurations 
need to be added in install.properties file bfore running the setup.sh

IS_GCP_ENABLED=true
GCP_KEYRING_ID=YourKeyRingId
GCP_CRED_JSON_FILE=/full/path/to/downloadedCredfile.json
GCP_PROJECT_ID=YourProjectId
GCP_LOCATION_ID=LocationId
GCP_MASTER_KEY_NAME=MyMasterKeyNameChangeIt

- Run the setup.sh, It will add the below configs in dbks-site.xml


ranger.kms.gcp.enabled
false



ranger.kms.gcp.keyring.id




ranger.kms.gcp.cred.file




ranger.kms.gcp.project.id




ranger.kms.gcp.location.id




ranger.kms.gcp.masterkey.name




- Start the kms service, On start Master Key should be created in Google Cloud 
HSM.


Diffs (updated)
-

  distro/src/main/assembly/kms.xml aacdcf103 
  kms/config/kms-webapp/dbks-site.xml 75f21c80e 
  kms/pom.xml b940e75c0 
  kms/scripts/MigrateMKeyStorageDbToGCP.sh PRE-CREATION 
  kms/scripts/install.properties 4cf79080f 
  kms/scripts/setup.sh 60c026b80 
  kms/src/main/java/org/apache/hadoop/crypto/key/MigrateDBMKeyToGCP.java 
PRE-CREATION 
  
kms/src/main/java/org/apache/hadoop/crypto/key/RangerGoogleCloudHSMProvider.java
 PRE-CREATION 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerKMSMKI.java 75e70fffa 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java b9e7cb2fd 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
db8fa69e0 
  
kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyVaultKeyGenerator.java 
854d7f0b6 
  kms/src/main/resources/META-INF/context.xml PRE-CREATION 
  pom.xml 5c621a5b4 


Diff: https://reviews.apache.org/r/73783/diff/2/

Changes: https://reviews.apache.org/r/73783/diff/1-2/


Testing
---

Build Succeeded - mvn clean compile test verify install
Testing : Verified fresh and upgrade scenarios.


Thanks,

Mateen Mansoori

[jira] [Created] (RANGER-3572) There is no ranger plugin for prestodb

[du.jl (Jira)]

du.jl created RANGER-3572:
-

 Summary: There is no ranger plugin for prestodb
 Key: RANGER-3572
 URL: https://issues.apache.org/jira/browse/RANGER-3572
 Project: Ranger
  Issue Type: New Feature
  Components: plugins
Reporter: du.jl






--
This message was sent by Atlassian Jira
(v8.20.1#820001)