[jira] [Commented] (RANGER-4178) NoClassDefFoundError: org/apache/hadoop/hive/ql/exec/vector/ColumnVector

2023-08-24 Thread Ramesh Mani (Jira) 


[ 
https://issues.apache.org/jira/browse/RANGER-4178?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17758772#comment-17758772
 ] 

Ramesh Mani commented on RANGER-4178:
-

[~bpatel]  This patch has been merged. Please close the Jira and review 
request. Thanks.

> NoClassDefFoundError: org/apache/hadoop/hive/ql/exec/vector/ColumnVector
> 
>
> Key: RANGER-4178
> URL: https://issues.apache.org/jira/browse/RANGER-4178
> Project: Ranger
>  Issue Type: Bug
>  Components: audit
>Affects Versions: 3.0.0, 2.2.0, 2.3.0
>Reporter: Bhavik Patel
>Assignee: Bhavik Patel
>Priority: Critical
> Attachments: 
> 0001-RANGER-4178-NoClassDefFoundError-org-apache-hadoop-h.patch, 
> 0001-RANGER-4178-Only-xasecure.audit.destination.hdfs.bat.patch
>
>
> Observed below error when enabled audit type as ORC format.
> NoClassDefFoundError: org/apache/hadoop/hive/ql/exec/vector/ColumnVector
> https://issues.apache.org/jira/browse/RANGER-1837
> https://issues.apache.org/jira/browse/RANGER-3235
> cc: [~rmani] 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (RANGER-4178) NoClassDefFoundError: org/apache/hadoop/hive/ql/exec/vector/ColumnVector

2023-08-24 Thread Fateh Singh (Jira) 


[ 
https://issues.apache.org/jira/browse/RANGER-4178?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17758729#comment-17758729
 ] 

Fateh Singh commented on RANGER-4178:
-

[~bpatel] 
The files are not cleared from the "spool/archive" folder if that is what you 
are talking about.
I see them getting cleared / moved from "spool" directory fine.

> NoClassDefFoundError: org/apache/hadoop/hive/ql/exec/vector/ColumnVector
> 
>
> Key: RANGER-4178
> URL: https://issues.apache.org/jira/browse/RANGER-4178
> Project: Ranger
>  Issue Type: Bug
>  Components: audit
>Affects Versions: 3.0.0, 2.2.0, 2.3.0
>Reporter: Bhavik Patel
>Assignee: Bhavik Patel
>Priority: Critical
> Attachments: 
> 0001-RANGER-4178-NoClassDefFoundError-org-apache-hadoop-h.patch, 
> 0001-RANGER-4178-Only-xasecure.audit.destination.hdfs.bat.patch
>
>
> Observed below error when enabled audit type as ORC format.
> NoClassDefFoundError: org/apache/hadoop/hive/ql/exec/vector/ColumnVector
> https://issues.apache.org/jira/browse/RANGER-1837
> https://issues.apache.org/jira/browse/RANGER-3235
> cc: [~rmani] 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (RANGER-4377) Fix to use "public/v2/api/zone-headers" api to get list of zones in Access Logs and Report pages

2023-08-24 Thread Mugdha Varadkar (Jira) 
Mugdha Varadkar created RANGER-4377:
---

 Summary: Fix to use "public/v2/api/zone-headers" api to get list 
of zones in Access Logs and Report pages
 Key: RANGER-4377
 URL: https://issues.apache.org/jira/browse/RANGER-4377
 Project: Ranger
  Issue Type: Bug
  Components: Ranger
Reporter: Mugdha Varadkar
Assignee: Mugdha Varadkar


Ranger Admin with React JS should use "public/v2/api/zone-headers" api to get 
list of zones.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (RANGER-4373) Deleting a role which is already present in policy is giving incorrect message.

2023-08-24 Thread Sanket Shelar (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-4373?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sanket Shelar updated RANGER-4373:
--
Attachment: 0001-RANGER-4373.patch

> Deleting a role which is already present in policy is giving incorrect 
> message.
> ---
>
> Key: RANGER-4373
> URL: https://issues.apache.org/jira/browse/RANGER-4373
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Sanket Shelar
>Assignee: Sanket Shelar
>Priority: Major
> Attachments: 0001-RANGER-4373.patch
>
>
> In case if a role is already present in policy and we try to delete the role 
> then we are getting message as "data not found" instead of "Role  can not be 
> deleted as it is referenced in one or more policies"



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Re: Review Request 74557: RANGER-4196- Tomcat runtime metrics collection

2023-08-24 Thread Ramachandran Krishnan 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74557/#review225682
---


Ship it!




Ship It!

- Ramachandran Krishnan


On Aug. 24, 2023, 11:30 a.m., Vikas Kumar wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/74557/
> ---
> 
> (Updated Aug. 24, 2023, 11:30 a.m.)
> 
> 
> Review request for ranger, Dhaval Shah, Abhay Kulkarni, Madhan Neethiraj, and 
> Sailaja Polavarapu.
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> RANGER-4196- Tomcat runtime metrics collection .
> 
> As part of RANGER-4196, developed the feature to collect runtime container 
> metrics that can help in debugging any performance issue. Although I have 
> tested it  for KMS only, but change has been made in a way that it will be 
> avilable for all ranger modules if registered with "ranger-metrics" module.
> 
> 
> Diffs
> -
> 
>   
> embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServer.java
>  cae9075a7 
>   
> embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServerMetricsCollector.java
>  PRE-CREATION 
>   ranger-metrics/pom.xml 44602c3b8 
>   
> ranger-metrics/src/main/java/org/apache/ranger/metrics/RangerMetricsSystemWrapper.java
>  cd806574d 
>   
> ranger-metrics/src/main/java/org/apache/ranger/metrics/source/RangerMetricsContainerSource.java
>  PRE-CREATION 
>   
> ranger-metrics/src/test/java/org/apache/ranger/metrics/source/TestRangerMetricsContainerSource.java
>  PRE-CREATION 
> 
> 
> Diff: https://reviews.apache.org/r/74557/diff/3/
> 
> 
> Testing
> ---
> 
> build is passed.
> Patched the new jar on existing cluster and tried to fetch the kms metrics. 
> Following is the output:
> 
> command: curl -ivk --negotiate -u : -H "Content-Type: application/json" -X 
> GET http://:9292/kms/metrics/json
> 
> Output:
> 
> {
>   "KMS": {
> "GET_CURRENT_KEY_COUNT": 0,
> "DELETE_KEY_ELAPSED_TIME": 0,
> "EEK_DECRYPT_ELAPSED_TIME": 0,
> "GET_KEYS_METADATA_ELAPSED_TIME": 0,
> "EEK_GENERATE_ELAPSED_TIME": 0,
> "GET_CURRENT_KEY_ELAPSED_TIME": 0,
> "EEK_REENCRYPT_ELAPSED_TIME": 0,
> "KEY_CREATE_COUNT": 0,
> "UNAUTHORIZED_CALLS_COUNT": 0,
> "KEY_CREATE_ELAPSED_TIME": 0,
> "GET_KEY_VERSION_COUNT": 0,
> "ROLL_NEW_VERSION_ELAPSED_TIME": 0,
> "REENCRYPT_EEK_BATCH_COUNT": 0,
> "REENCRYPT_EEK_BATCH_ELAPSED_TIME": 0,
> "GET_KEYS_METADATA_COUNT": 0,
> "GET_KEY_VERSIONS_COUNT": 0,
> "GET_KEY_VERSIONS_ELAPSED_TIME": 0,
> "GET_KEYS_COUNT": 0,
> "EEK_GENERATE_COUNT": 0,
> "INVALIDATE_CACHE_COUNT": 0,
> "GET_METADATA_COUNT": 0,
> "REENCRYPT_EEK_BATCH_KEYS_COUNT": 0,
> "EEK_REENCRYPT_COUNT": 0,
> "UNAUTHENTICATED_CALLS_COUNT": 3,
> "GET_KEY_VERSION_ELAPSED_TIME": 0,
> "INVALIDATE_CACHE_ELAPSED_TIME": 0,
> "ROLL_NEW_VERSION_COUNT": 0,
> "EEK_DECRYPT_COUNT": 0,
> "GET_KEYS_METADATA_KEYNAMES_COUNT": 0,
> "DELETE_KEY_COUNT": 0,
> "GET_KEYS_ELAPSED_TIME": 0,
> "GET_METADATA_ELAPSED_TIME": 0,
> "TOTAL_CALL_COUNT": 6
>   },
>   "RangerWebContainer": {
> "ActiveConnectionsCount": 2,
> "ConnectionTimeout": 6,
> "MaxWorkerThreadsCount": 200,
> "TotalWorkerThreadsCount": 10,
> "KeepAliveTimeout": 6,
> "ActiveWorkerThreadsCount": 0,
> "ConnectionAcceptCount": 100,
> "MinSpareWorkerThreadsCount": 10,
> "MaxConnectionsCount": 8192
>   },
>   "RangerJvm": {
> "GcTimeTotal": 595,
> "SystemLoadAvg": 10.21,
> "ThreadsBusy": 5,
> "GcCountTotal": 17,
> "MemoryMax": 967311360,
> "MemoryCurrent": 273806280,
> "ThreadsWaiting": 17,
> "ProcessorsAvailable": 4,
> "GcTimeMax": 595,
> "ThreadsBlocked": 0,
> "ThreadsRemaining": 16
>   }
> }
> 
> Knowing the Tomcat connector type is also useful, so logged following on 
> container startup.
> 
> 2023-08-22 12:43:45,080 INFO  org.apache.ranger.server.tomcat.EmbeddedServer: 
> [vktomcat-1.vktomcat.-startStop-1]: Selected Tomcat protocolHandler: 
> "http-nio-9292"
> 
> 
> File Attachments
> 
> 
> Updated with test case.
>   
> https://reviews.apache.org/media/uploaded/files/2023/08/24/959a2112-6186-414a-9d84-c41a0fc677ad__0001-RANGER-4196-Tomcat-metrics-collection-code.patch
> 
> 
> Thanks,
> 
> Vikas Kumar
> 
>

[jira] [Commented] (RANGER-4196) Tomcat metrics collection

2023-08-24 Thread Vikas Kumar (Jira) 


[ 
https://issues.apache.org/jira/browse/RANGER-4196?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17758531#comment-17758531
 ] 

Vikas Kumar commented on RANGER-4196:
-

As per review comment, unit test cases added for the new source

> Tomcat metrics collection 
> --
>
> Key: RANGER-4196
> URL: https://issues.apache.org/jira/browse/RANGER-4196
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Reporter: Vikas Kumar
>Assignee: Vikas Kumar
>Priority: Major
>
> Like "JVM mterics" and other application metrics, Tomcat related metrics 
> would be very useful for following use cases:
> In case client gets "SoketTimeout" or Connection refused errors, having such 
> metrics at server end will really help triaging the issue.
> It should contain following metrics:
>  # maxAllowedConnection
>  # currentActiveConnectionCount
>  # ConnectionTimeout
>  # acceptCount
>  # maxContainerThreadsCount
>  # activeContainerThreadsCount
>  # minSpareThreadsCount // corePoolSize
> And other useful metrics.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Re: Review Request 74557: RANGER-4196- Tomcat runtime metrics collection

2023-08-24 Thread Vikas Kumar 


> On Aug. 22, 2023, 2:36 p.m., Ramachandran Krishnan wrote:
> > ranger-metrics/src/main/java/org/apache/ranger/metrics/source/RangerMetricsContainerSource.java
> > Lines 78 (patched)
> > 
> >
> > Is it possible to write a UT for covering this

Test case added for the new source.


- Vikas


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74557/#review225671
---


On Aug. 24, 2023, 11:30 a.m., Vikas Kumar wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/74557/
> ---
> 
> (Updated Aug. 24, 2023, 11:30 a.m.)
> 
> 
> Review request for ranger, Dhaval Shah, Abhay Kulkarni, Madhan Neethiraj, and 
> Sailaja Polavarapu.
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> RANGER-4196- Tomcat runtime metrics collection .
> 
> As part of RANGER-4196, developed the feature to collect runtime container 
> metrics that can help in debugging any performance issue. Although I have 
> tested it  for KMS only, but change has been made in a way that it will be 
> avilable for all ranger modules if registered with "ranger-metrics" module.
> 
> 
> Diffs
> -
> 
>   
> embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServer.java
>  cae9075a7 
>   
> embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServerMetricsCollector.java
>  PRE-CREATION 
>   ranger-metrics/pom.xml 44602c3b8 
>   
> ranger-metrics/src/main/java/org/apache/ranger/metrics/RangerMetricsSystemWrapper.java
>  cd806574d 
>   
> ranger-metrics/src/main/java/org/apache/ranger/metrics/source/RangerMetricsContainerSource.java
>  PRE-CREATION 
>   
> ranger-metrics/src/test/java/org/apache/ranger/metrics/source/TestRangerMetricsContainerSource.java
>  PRE-CREATION 
> 
> 
> Diff: https://reviews.apache.org/r/74557/diff/3/
> 
> 
> Testing
> ---
> 
> build is passed.
> Patched the new jar on existing cluster and tried to fetch the kms metrics. 
> Following is the output:
> 
> command: curl -ivk --negotiate -u : -H "Content-Type: application/json" -X 
> GET http://:9292/kms/metrics/json
> 
> Output:
> 
> {
>   "KMS": {
> "GET_CURRENT_KEY_COUNT": 0,
> "DELETE_KEY_ELAPSED_TIME": 0,
> "EEK_DECRYPT_ELAPSED_TIME": 0,
> "GET_KEYS_METADATA_ELAPSED_TIME": 0,
> "EEK_GENERATE_ELAPSED_TIME": 0,
> "GET_CURRENT_KEY_ELAPSED_TIME": 0,
> "EEK_REENCRYPT_ELAPSED_TIME": 0,
> "KEY_CREATE_COUNT": 0,
> "UNAUTHORIZED_CALLS_COUNT": 0,
> "KEY_CREATE_ELAPSED_TIME": 0,
> "GET_KEY_VERSION_COUNT": 0,
> "ROLL_NEW_VERSION_ELAPSED_TIME": 0,
> "REENCRYPT_EEK_BATCH_COUNT": 0,
> "REENCRYPT_EEK_BATCH_ELAPSED_TIME": 0,
> "GET_KEYS_METADATA_COUNT": 0,
> "GET_KEY_VERSIONS_COUNT": 0,
> "GET_KEY_VERSIONS_ELAPSED_TIME": 0,
> "GET_KEYS_COUNT": 0,
> "EEK_GENERATE_COUNT": 0,
> "INVALIDATE_CACHE_COUNT": 0,
> "GET_METADATA_COUNT": 0,
> "REENCRYPT_EEK_BATCH_KEYS_COUNT": 0,
> "EEK_REENCRYPT_COUNT": 0,
> "UNAUTHENTICATED_CALLS_COUNT": 3,
> "GET_KEY_VERSION_ELAPSED_TIME": 0,
> "INVALIDATE_CACHE_ELAPSED_TIME": 0,
> "ROLL_NEW_VERSION_COUNT": 0,
> "EEK_DECRYPT_COUNT": 0,
> "GET_KEYS_METADATA_KEYNAMES_COUNT": 0,
> "DELETE_KEY_COUNT": 0,
> "GET_KEYS_ELAPSED_TIME": 0,
> "GET_METADATA_ELAPSED_TIME": 0,
> "TOTAL_CALL_COUNT": 6
>   },
>   "RangerWebContainer": {
> "ActiveConnectionsCount": 2,
> "ConnectionTimeout": 6,
> "MaxWorkerThreadsCount": 200,
> "TotalWorkerThreadsCount": 10,
> "KeepAliveTimeout": 6,
> "ActiveWorkerThreadsCount": 0,
> "ConnectionAcceptCount": 100,
> "MinSpareWorkerThreadsCount": 10,
> "MaxConnectionsCount": 8192
>   },
>   "RangerJvm": {
> "GcTimeTotal": 595,
> "SystemLoadAvg": 10.21,
> "ThreadsBusy": 5,
> "GcCountTotal": 17,
> "MemoryMax": 967311360,
> "MemoryCurrent": 273806280,
> "ThreadsWaiting": 17,
> "ProcessorsAvailable": 4,
> "GcTimeMax": 595,
> "ThreadsBlocked": 0,
> "ThreadsRemaining": 16
>   }
> }
> 
> Knowing the Tomcat connector type is also useful, so logged following on 
> container startup.
> 
> 2023-08-22 12:43:45,080 INFO  org.apache.ranger.server.tomcat.EmbeddedServer: 
> [vktomcat-1.vktomcat.-startStop-1]: Selected Tomcat protocolHandler: 
> "http-nio-9292"
> 
> 
> File Attachments
> 
> 
> Updated with test case.
>   
> https://reviews.apache.org/media/uploaded/files/2023/08/24/959a2112-6186-414a-9d84-c41a0fc677ad__0001-RANGER-4196-Tomcat-metrics-collection-code.patch
> 
> 
> Thanks,
> 
> Vikas Kumar
> 
>

Re: Review Request 74557: RANGER-4196- Tomcat runtime metrics collection

2023-08-24 Thread Vikas Kumar 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74557/
---

(Updated Aug. 24, 2023, 11:30 a.m.)


Review request for ranger, Dhaval Shah, Abhay Kulkarni, Madhan Neethiraj, and 
Sailaja Polavarapu.


Repository: ranger


Description
---

RANGER-4196- Tomcat runtime metrics collection .

As part of RANGER-4196, developed the feature to collect runtime container 
metrics that can help in debugging any performance issue. Although I have 
tested it  for KMS only, but change has been made in a way that it will be 
avilable for all ranger modules if registered with "ranger-metrics" module.


Diffs (updated)
-

  
embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServer.java
 cae9075a7 
  
embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServerMetricsCollector.java
 PRE-CREATION 
  ranger-metrics/pom.xml 44602c3b8 
  
ranger-metrics/src/main/java/org/apache/ranger/metrics/RangerMetricsSystemWrapper.java
 cd806574d 
  
ranger-metrics/src/main/java/org/apache/ranger/metrics/source/RangerMetricsContainerSource.java
 PRE-CREATION 
  
ranger-metrics/src/test/java/org/apache/ranger/metrics/source/TestRangerMetricsContainerSource.java
 PRE-CREATION 


Diff: https://reviews.apache.org/r/74557/diff/3/

Changes: https://reviews.apache.org/r/74557/diff/2-3/


Testing
---

build is passed.
Patched the new jar on existing cluster and tried to fetch the kms metrics. 
Following is the output:

command: curl -ivk --negotiate -u : -H "Content-Type: application/json" -X GET 
http://:9292/kms/metrics/json

Output:

{
  "KMS": {
"GET_CURRENT_KEY_COUNT": 0,
"DELETE_KEY_ELAPSED_TIME": 0,
"EEK_DECRYPT_ELAPSED_TIME": 0,
"GET_KEYS_METADATA_ELAPSED_TIME": 0,
"EEK_GENERATE_ELAPSED_TIME": 0,
"GET_CURRENT_KEY_ELAPSED_TIME": 0,
"EEK_REENCRYPT_ELAPSED_TIME": 0,
"KEY_CREATE_COUNT": 0,
"UNAUTHORIZED_CALLS_COUNT": 0,
"KEY_CREATE_ELAPSED_TIME": 0,
"GET_KEY_VERSION_COUNT": 0,
"ROLL_NEW_VERSION_ELAPSED_TIME": 0,
"REENCRYPT_EEK_BATCH_COUNT": 0,
"REENCRYPT_EEK_BATCH_ELAPSED_TIME": 0,
"GET_KEYS_METADATA_COUNT": 0,
"GET_KEY_VERSIONS_COUNT": 0,
"GET_KEY_VERSIONS_ELAPSED_TIME": 0,
"GET_KEYS_COUNT": 0,
"EEK_GENERATE_COUNT": 0,
"INVALIDATE_CACHE_COUNT": 0,
"GET_METADATA_COUNT": 0,
"REENCRYPT_EEK_BATCH_KEYS_COUNT": 0,
"EEK_REENCRYPT_COUNT": 0,
"UNAUTHENTICATED_CALLS_COUNT": 3,
"GET_KEY_VERSION_ELAPSED_TIME": 0,
"INVALIDATE_CACHE_ELAPSED_TIME": 0,
"ROLL_NEW_VERSION_COUNT": 0,
"EEK_DECRYPT_COUNT": 0,
"GET_KEYS_METADATA_KEYNAMES_COUNT": 0,
"DELETE_KEY_COUNT": 0,
"GET_KEYS_ELAPSED_TIME": 0,
"GET_METADATA_ELAPSED_TIME": 0,
"TOTAL_CALL_COUNT": 6
  },
  "RangerWebContainer": {
"ActiveConnectionsCount": 2,
"ConnectionTimeout": 6,
"MaxWorkerThreadsCount": 200,
"TotalWorkerThreadsCount": 10,
"KeepAliveTimeout": 6,
"ActiveWorkerThreadsCount": 0,
"ConnectionAcceptCount": 100,
"MinSpareWorkerThreadsCount": 10,
"MaxConnectionsCount": 8192
  },
  "RangerJvm": {
"GcTimeTotal": 595,
"SystemLoadAvg": 10.21,
"ThreadsBusy": 5,
"GcCountTotal": 17,
"MemoryMax": 967311360,
"MemoryCurrent": 273806280,
"ThreadsWaiting": 17,
"ProcessorsAvailable": 4,
"GcTimeMax": 595,
"ThreadsBlocked": 0,
"ThreadsRemaining": 16
  }
}

Knowing the Tomcat connector type is also useful, so logged following on 
container startup.

2023-08-22 12:43:45,080 INFO  org.apache.ranger.server.tomcat.EmbeddedServer: 
[vktomcat-1.vktomcat.-startStop-1]: Selected Tomcat protocolHandler: 
"http-nio-9292"


File Attachments


Updated with test case.
  
https://reviews.apache.org/media/uploaded/files/2023/08/24/959a2112-6186-414a-9d84-c41a0fc677ad__0001-RANGER-4196-Tomcat-metrics-collection-code.patch


Thanks,

Vikas Kumar

Re: Review Request 74557: RANGER-4196- Tomcat runtime metrics collection

2023-08-24 Thread Vikas Kumar 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74557/
---

(Updated Aug. 24, 2023, 11:28 a.m.)


Review request for ranger, Dhaval Shah, Abhay Kulkarni, Madhan Neethiraj, and 
Sailaja Polavarapu.


Repository: ranger


Description
---

RANGER-4196- Tomcat runtime metrics collection .

As part of RANGER-4196, developed the feature to collect runtime container 
metrics that can help in debugging any performance issue. Although I have 
tested it  for KMS only, but change has been made in a way that it will be 
avilable for all ranger modules if registered with "ranger-metrics" module.


Diffs (updated)
-

  
embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServer.java
 cae9075a7 
  
embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServerMetricsCollector.java
 PRE-CREATION 
  ranger-metrics/pom.xml 44602c3b8 
  
ranger-metrics/src/main/java/org/apache/ranger/metrics/RangerMetricsSystemWrapper.java
 cd806574d 
  
ranger-metrics/src/main/java/org/apache/ranger/metrics/source/RangerMetricsContainerSource.java
 PRE-CREATION 


Diff: https://reviews.apache.org/r/74557/diff/2/

Changes: https://reviews.apache.org/r/74557/diff/1-2/


Testing
---

build is passed.
Patched the new jar on existing cluster and tried to fetch the kms metrics. 
Following is the output:

command: curl -ivk --negotiate -u : -H "Content-Type: application/json" -X GET 
http://:9292/kms/metrics/json

Output:

{
  "KMS": {
"GET_CURRENT_KEY_COUNT": 0,
"DELETE_KEY_ELAPSED_TIME": 0,
"EEK_DECRYPT_ELAPSED_TIME": 0,
"GET_KEYS_METADATA_ELAPSED_TIME": 0,
"EEK_GENERATE_ELAPSED_TIME": 0,
"GET_CURRENT_KEY_ELAPSED_TIME": 0,
"EEK_REENCRYPT_ELAPSED_TIME": 0,
"KEY_CREATE_COUNT": 0,
"UNAUTHORIZED_CALLS_COUNT": 0,
"KEY_CREATE_ELAPSED_TIME": 0,
"GET_KEY_VERSION_COUNT": 0,
"ROLL_NEW_VERSION_ELAPSED_TIME": 0,
"REENCRYPT_EEK_BATCH_COUNT": 0,
"REENCRYPT_EEK_BATCH_ELAPSED_TIME": 0,
"GET_KEYS_METADATA_COUNT": 0,
"GET_KEY_VERSIONS_COUNT": 0,
"GET_KEY_VERSIONS_ELAPSED_TIME": 0,
"GET_KEYS_COUNT": 0,
"EEK_GENERATE_COUNT": 0,
"INVALIDATE_CACHE_COUNT": 0,
"GET_METADATA_COUNT": 0,
"REENCRYPT_EEK_BATCH_KEYS_COUNT": 0,
"EEK_REENCRYPT_COUNT": 0,
"UNAUTHENTICATED_CALLS_COUNT": 3,
"GET_KEY_VERSION_ELAPSED_TIME": 0,
"INVALIDATE_CACHE_ELAPSED_TIME": 0,
"ROLL_NEW_VERSION_COUNT": 0,
"EEK_DECRYPT_COUNT": 0,
"GET_KEYS_METADATA_KEYNAMES_COUNT": 0,
"DELETE_KEY_COUNT": 0,
"GET_KEYS_ELAPSED_TIME": 0,
"GET_METADATA_ELAPSED_TIME": 0,
"TOTAL_CALL_COUNT": 6
  },
  "RangerWebContainer": {
"ActiveConnectionsCount": 2,
"ConnectionTimeout": 6,
"MaxWorkerThreadsCount": 200,
"TotalWorkerThreadsCount": 10,
"KeepAliveTimeout": 6,
"ActiveWorkerThreadsCount": 0,
"ConnectionAcceptCount": 100,
"MinSpareWorkerThreadsCount": 10,
"MaxConnectionsCount": 8192
  },
  "RangerJvm": {
"GcTimeTotal": 595,
"SystemLoadAvg": 10.21,
"ThreadsBusy": 5,
"GcCountTotal": 17,
"MemoryMax": 967311360,
"MemoryCurrent": 273806280,
"ThreadsWaiting": 17,
"ProcessorsAvailable": 4,
"GcTimeMax": 595,
"ThreadsBlocked": 0,
"ThreadsRemaining": 16
  }
}

Knowing the Tomcat connector type is also useful, so logged following on 
container startup.

2023-08-22 12:43:45,080 INFO  org.apache.ranger.server.tomcat.EmbeddedServer: 
[vktomcat-1.vktomcat.-startStop-1]: Selected Tomcat protocolHandler: 
"http-nio-9292"


File Attachments


Updated with test case.
  
https://reviews.apache.org/media/uploaded/files/2023/08/24/959a2112-6186-414a-9d84-c41a0fc677ad__0001-RANGER-4196-Tomcat-metrics-collection-code.patch


Thanks,

Vikas Kumar

Re: Review Request 74557: RANGER-4196- Tomcat runtime metrics collection

2023-08-24 Thread Vikas Kumar 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74557/
---

(Updated Aug. 24, 2023, 11:25 a.m.)


Review request for ranger, Dhaval Shah, Abhay Kulkarni, Madhan Neethiraj, and 
Sailaja Polavarapu.


Changes
---

As per review comment, added unit test case for RangerMetricsContainerSource 
file.


Repository: ranger


Description
---

RANGER-4196- Tomcat runtime metrics collection .

As part of RANGER-4196, developed the feature to collect runtime container 
metrics that can help in debugging any performance issue. Although I have 
tested it  for KMS only, but change has been made in a way that it will be 
avilable for all ranger modules if registered with "ranger-metrics" module.


Diffs
-

  
embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServer.java
 cae9075a7 
  
embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServerMetricsCollector.java
 PRE-CREATION 
  ranger-metrics/pom.xml 44602c3b8 
  
ranger-metrics/src/main/java/org/apache/ranger/metrics/RangerMetricsSystemWrapper.java
 cd806574d 
  
ranger-metrics/src/main/java/org/apache/ranger/metrics/source/RangerMetricsContainerSource.java
 PRE-CREATION 


Diff: https://reviews.apache.org/r/74557/diff/1/


Testing
---

build is passed.
Patched the new jar on existing cluster and tried to fetch the kms metrics. 
Following is the output:

command: curl -ivk --negotiate -u : -H "Content-Type: application/json" -X GET 
http://:9292/kms/metrics/json

Output:

{
  "KMS": {
"GET_CURRENT_KEY_COUNT": 0,
"DELETE_KEY_ELAPSED_TIME": 0,
"EEK_DECRYPT_ELAPSED_TIME": 0,
"GET_KEYS_METADATA_ELAPSED_TIME": 0,
"EEK_GENERATE_ELAPSED_TIME": 0,
"GET_CURRENT_KEY_ELAPSED_TIME": 0,
"EEK_REENCRYPT_ELAPSED_TIME": 0,
"KEY_CREATE_COUNT": 0,
"UNAUTHORIZED_CALLS_COUNT": 0,
"KEY_CREATE_ELAPSED_TIME": 0,
"GET_KEY_VERSION_COUNT": 0,
"ROLL_NEW_VERSION_ELAPSED_TIME": 0,
"REENCRYPT_EEK_BATCH_COUNT": 0,
"REENCRYPT_EEK_BATCH_ELAPSED_TIME": 0,
"GET_KEYS_METADATA_COUNT": 0,
"GET_KEY_VERSIONS_COUNT": 0,
"GET_KEY_VERSIONS_ELAPSED_TIME": 0,
"GET_KEYS_COUNT": 0,
"EEK_GENERATE_COUNT": 0,
"INVALIDATE_CACHE_COUNT": 0,
"GET_METADATA_COUNT": 0,
"REENCRYPT_EEK_BATCH_KEYS_COUNT": 0,
"EEK_REENCRYPT_COUNT": 0,
"UNAUTHENTICATED_CALLS_COUNT": 3,
"GET_KEY_VERSION_ELAPSED_TIME": 0,
"INVALIDATE_CACHE_ELAPSED_TIME": 0,
"ROLL_NEW_VERSION_COUNT": 0,
"EEK_DECRYPT_COUNT": 0,
"GET_KEYS_METADATA_KEYNAMES_COUNT": 0,
"DELETE_KEY_COUNT": 0,
"GET_KEYS_ELAPSED_TIME": 0,
"GET_METADATA_ELAPSED_TIME": 0,
"TOTAL_CALL_COUNT": 6
  },
  "RangerWebContainer": {
"ActiveConnectionsCount": 2,
"ConnectionTimeout": 6,
"MaxWorkerThreadsCount": 200,
"TotalWorkerThreadsCount": 10,
"KeepAliveTimeout": 6,
"ActiveWorkerThreadsCount": 0,
"ConnectionAcceptCount": 100,
"MinSpareWorkerThreadsCount": 10,
"MaxConnectionsCount": 8192
  },
  "RangerJvm": {
"GcTimeTotal": 595,
"SystemLoadAvg": 10.21,
"ThreadsBusy": 5,
"GcCountTotal": 17,
"MemoryMax": 967311360,
"MemoryCurrent": 273806280,
"ThreadsWaiting": 17,
"ProcessorsAvailable": 4,
"GcTimeMax": 595,
"ThreadsBlocked": 0,
"ThreadsRemaining": 16
  }
}

Knowing the Tomcat connector type is also useful, so logged following on 
container startup.

2023-08-22 12:43:45,080 INFO  org.apache.ranger.server.tomcat.EmbeddedServer: 
[vktomcat-1.vktomcat.-startStop-1]: Selected Tomcat protocolHandler: 
"http-nio-9292"


File Attachments (updated)


Updated with test case.
  
https://reviews.apache.org/media/uploaded/files/2023/08/24/959a2112-6186-414a-9d84-c41a0fc677ad__0001-RANGER-4196-Tomcat-metrics-collection-code.patch


Thanks,

Vikas Kumar

RE: Update permission on trino service resource policy

2023-08-24 Thread Rotondi, Antonio (UBS Group) 
I checked the Trino RangerYstemAccessControl class and it shows:

enum TrinoAccessType {

CREATE, DROP, SELECT, INSERT, DELETE, USE, ALTER, ALL, GRANT, REVOKE, SHOW, 
IMPERSONATE, EXECUTE;

}

Why UPDATE is missing and why it is missing in the permission checkbox drop 
list?
[cid:image001.png@01D9D682.F7D0A940]
This is Ranger 2.,4.0


Many thanks,

Antonio Rotondi
IA Data Engineering

From: Rotondi, Antonio (RAGD 9)
Sent: 24 August 2023 11:26
To: dev@ranger.apache.org
Subject: Update permission on trino service resource policy

Hi team,
We use a ranger plugin in our trino cluster. We enabled all permissions on a 
trino resource and we can select and select records but update requests are 
denied. The update permission option is not even showing in the list of 
permission at all when creating a resource policy for Trino.
I cannot find any Jira specific to this issue.
Thanks for any pointer.

Antonio Rotondi
IA Data Engineering


This email is sent to you from Credit Suisse, a UBS Group company.

=
 
Please access the attached hyperlink for an important electronic communications 
disclaimer: 
http://www.credit-suisse.com/legal/en/disclaimer_email_ib.html 

California residents, click here 
https://www.credit-suisse.com/us/en/legal/privacy-statement.html 
for information on your privacy rights. For other regions, unless otherwise 
specified, locate the 
privacy policy at the bottom of your country page 
https://www.credit-suisse.com/global/en.html, 
where applicable. 
=

Update permission on trino service resource policy

2023-08-24 Thread Rotondi, Antonio (UBS Group) 
Hi team,
We use a ranger plugin in our trino cluster. We enabled all permissions on a 
trino resource and we can select and select records but update requests are 
denied. The update permission option is not even showing in the list of 
permission at all when creating a resource policy for Trino.
I cannot find any Jira specific to this issue.
Thanks for any pointer.

Antonio Rotondi
IA Data Engineering


This email is sent to you from Credit Suisse, a UBS Group company.

=
 
Please access the attached hyperlink for an important electronic communications 
disclaimer: 
http://www.credit-suisse.com/legal/en/disclaimer_email_ib.html 

California residents, click here 
https://www.credit-suisse.com/us/en/legal/privacy-statement.html 
for information on your privacy rights. For other regions, unless otherwise 
specified, locate the 
privacy policy at the bottom of your country page 
https://www.credit-suisse.com/global/en.html, 
where applicable. 
=

[jira] [Updated] (RANGER-4376) Need to show Tag Policies for user when it has permission in "Tag Based Policies" module

2023-08-24 Thread Brijesh Bhalala (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-4376?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Brijesh Bhalala updated RANGER-4376:

Fix Version/s: 3.0.0

> Need to show Tag Policies for user when it has permission in "Tag Based 
> Policies" module
> 
>
> Key: RANGER-4376
> URL: https://issues.apache.org/jira/browse/RANGER-4376
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 2.4.0
>Reporter: Brijesh Bhalala
>Assignee: Brijesh Bhalala
>Priority: Major
>  Labels: ranger-react
> Fix For: 3.0.0
>
>
> By default user with user-role doesn't have permission on Tag Based Policies 
> modules. 
> If in some case where user with user-role is given permission on Tag Based 
> Policies module and not on Resource Based Policies, then need to show tag 
> policies.
> Need to fix this corner case in Ranger Admin UI with react JS.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (RANGER-4376) Need to show Tag Policies for user when it has permission in "Tag Based Policies" module

2023-08-24 Thread Brijesh Bhalala (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-4376?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Brijesh Bhalala updated RANGER-4376:

Labels: ranger-react  (was: )

> Need to show Tag Policies for user when it has permission in "Tag Based 
> Policies" module
> 
>
> Key: RANGER-4376
> URL: https://issues.apache.org/jira/browse/RANGER-4376
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 2.4.0
>Reporter: Brijesh Bhalala
>Assignee: Brijesh Bhalala
>Priority: Major
>  Labels: ranger-react
>
> By default user with user-role doesn't have permission on Tag Based Policies 
> modules. 
> If in some case where user with user-role is given permission on Tag Based 
> Policies module and not on Resource Based Policies, then need to show tag 
> policies.
> Need to fix this corner case in Ranger Admin UI with react JS.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (RANGER-4376) Need to show Tag Policies for user when it has permission in "Tag Based Policies" module

2023-08-24 Thread Brijesh Bhalala (Jira) 
Brijesh Bhalala created RANGER-4376:
---

 Summary: Need to show Tag Policies for user when it has permission 
in "Tag Based Policies" module
 Key: RANGER-4376
 URL: https://issues.apache.org/jira/browse/RANGER-4376
 Project: Ranger
  Issue Type: Bug
  Components: Ranger
Affects Versions: 2.4.0
Reporter: Brijesh Bhalala
Assignee: Brijesh Bhalala


By default user with user-role doesn't have permission on Tag Based Policies 
modules. 

If in some case where user with user-role is given permission on Tag Based 
Policies module and not on Resource Based Policies, then need to show tag 
policies.

Need to fix this corner case in Ranger Admin UI with react JS.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (RANGER-4119) [UI] Syntax check button missing in policy level condition

2023-08-24 Thread Dhaval Rajpara (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-4119?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Dhaval Rajpara updated RANGER-4119:
---
Attachment: 0001-RANGER-4119-Improvement-in-policy-condition-on-Range.patch

> [UI] Syntax check button missing in policy level condition
> --
>
> Key: RANGER-4119
> URL: https://issues.apache.org/jira/browse/RANGER-4119
> Project: Ranger
>  Issue Type: Bug
>  Components: admin
>Affects Versions: 2.4.0
>Reporter: Madhan Neethiraj
>Assignee: Dhaval Rajpara
>Priority: Major
>  Labels: ranger-react
> Attachments: 
> 0001-RANGER-4119-Improvement-in-policy-condition-on-Range.patch, 
> image-2023-03-03-00-04-10-367.png, image-2023-03-03-00-04-45-845.png
>
>
> Ranger policy UI provides {{Syntax check}} button that allows policy authors 
> to check if condition expression entered is valid or not. This button is 
> available for condition in policy-item level, but its not available for 
> condition at policy level - as seen in following images:
>  
> Policy-item level:
> !image-2023-03-03-00-04-45-845.png|width=661,height=453!
>  
> Policy level:
> !image-2023-03-03-00-04-10-367.png|width=661,height=488!
>  
> CC: [~ni3galave], [~Dhaval.Rajpara] 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Re: Review Request 74564: RANGER-4367 User with access on Key manager tab not able to view the "Encryption" tab on the React UI

2023-08-24 Thread Brijesh Bhalala 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74564/#review225679
---


Ship it!




Ship It!

- Brijesh Bhalala


On Aug. 24, 2023, 9:12 a.m., Mugdha Varadkar wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/74564/
> ---
> 
> (Updated Aug. 24, 2023, 9:12 a.m.)
> 
> 
> Review request for ranger, Brijesh Bhalala, Dhaval Rajpara, Mehul Parikh, and 
> Nikunj Pansuriya.
> 
> 
> Bugs: RANGER-4367
> https://issues.apache.org/jira/browse/RANGER-4367
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> A user with access on keymanager module is not able to view the encryption 
> tab in react UI, but the same user can view the encryption tab in Backbone 
> classic/latest UI.
> 
> Steps to reproduce :-
> 1. Create a user with admin/user/auditor privileges
> 2. Remove permissions for the user on all other modules, and assign 
> permissions only on keymanager module
> 3. Login as the created user
> 4. The user cannot see the encryption tab in react ui, but can see it if the 
> UI is switched to backbone ui
> 
> 
> Apart for fixing the above issue, also added below changes in this fixes.
> Need to restrict below UI operations for user with role - ADMIN_AUDITOR or 
> KEY_ADMIN_AUDITOR.
> 
> Policy edit from Report page
> Export 'json' from Report Page
> Add Key button from Key Manager > Key listing page
> 
> However, If user try to perform these operations from UI, "403 Forbidden" 
> page is shown. But it is good to have restriction on Ranger Admin UI with 
> react JS.
> 
> 
> Diffs
> -
> 
>   
> security-admin/src/main/webapp/react-webapp/src/views/Encryption/KeyManager.jsx
>  d4f4a24b603a876fe87bf7a10f29e5c0373af071 
>   
> security-admin/src/main/webapp/react-webapp/src/views/Reports/SearchPolicyTable.jsx
>  0fd79851c43a188b17c93da57ac078b0aa139849 
>   
> security-admin/src/main/webapp/react-webapp/src/views/Reports/UserAccessLayout.jsx
>  fc4d50093dc96ca9a906f0aa157bc8e997def9b3 
>   security-admin/src/main/webapp/react-webapp/src/views/SideBar/SideBar.jsx 
> 4dad6cab99bfb8837d31ec425166168218a6becd 
> 
> 
> Diff: https://reviews.apache.org/r/74564/diff/1/
> 
> 
> Testing
> ---
> 
> Tested changes on a cluster setup with Ranger Admin build with React JS code 
> base.
> 
> Successful completion of build command :
> mvn clean compile package -Psecurity-admin-react
> 
> 
> Thanks,
> 
> Mugdha Varadkar
> 
>

Re: Review Request 74563: RANGER-4374 Getting page not found when wrong password is send in 'Old Password'

2023-08-24 Thread Dhaval Rajpara 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74563/#review225677
---


Ship it!




Ship It!

- Dhaval Rajpara


On Aug. 24, 2023, 8:49 a.m., Mugdha Varadkar wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/74563/
> ---
> 
> (Updated Aug. 24, 2023, 8:49 a.m.)
> 
> 
> Review request for ranger, Brijesh Bhalala, Dhaval Rajpara, Mehul Parikh, and 
> Nikunj Pansuriya.
> 
> 
> Bugs: RANGER-4374
> https://issues.apache.org/jira/browse/RANGER-4374
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Steps to reproduce :
> 
> 1.Create a user 'testuser1' and password 'Testuser1'
> 2.Login with 'testuser1'
> 3.Go to profile and then change password
> 4.Give some wrong password in 'old password'
> 5.And give some new password
> 6.Click on save
> 
> To handle the above issue, introduced a parameter skipNavigate which needs to 
> be passed to fetchApi() when we need to skip navigating to error page when 
> server side error occurs.
> 
> Also made code clean-up changes in the few existing files.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/webapp/react-webapp/src/components/Editable.jsx 
> 34eb8c5fad465e5a0cd1da9e617993fae87098b8 
>   security-admin/src/main/webapp/react-webapp/src/utils/XAMessages.js 
> 82eb8fe185c346c2b37bef006c3ab7ecb29ae21a 
>   security-admin/src/main/webapp/react-webapp/src/utils/XAUtils.js 
> 7edee019e3bc7dfd91691f3f40f2a5e563e76051 
>   security-admin/src/main/webapp/react-webapp/src/utils/appState.js 
> 6267de2b4326928f4f06181effd6dd56b2b83de1 
>   security-admin/src/main/webapp/react-webapp/src/utils/fetchAPI.js 
> ef32634bb480a364b4474c88185f9c3164fbf92d 
>   
> security-admin/src/main/webapp/react-webapp/src/views/AuditEvent/AccessLogDetail.jsx
>  af64aa87793338271b1d4f9dd2fde65b05bc31e3 
>   
> security-admin/src/main/webapp/react-webapp/src/views/AuditEvent/AccessLogsTable.jsx
>  cf92a9a99bc85db048d6624e60d8f1cc8c04b6f5 
>   
> security-admin/src/main/webapp/react-webapp/src/views/AuditEvent/AdminLogs/PolicyLogs.jsx
>  92a1aac47c9dd82c541d54da50a955575c20b1dc 
>   
> security-admin/src/main/webapp/react-webapp/src/views/AuditEvent/AdminLogs/UserLogs.jsx
>  0a94a3b8507aa0cfb225d2292a8e519855cc78aa 
>   
> security-admin/src/main/webapp/react-webapp/src/views/Encryption/KeyManager.jsx
>  d4f4a24b603a876fe87bf7a10f29e5c0373af071 
>   
> security-admin/src/main/webapp/react-webapp/src/views/SecurityZone/SecurityZoneForm.jsx
>  ea76fa82390877a70ee3c7ca04104649597ab5f1 
>   
> security-admin/src/main/webapp/react-webapp/src/views/ServiceManager/ServiceDefinition.jsx
>  af1903ec737e6a28d09b562cb4e0e27d3af0dc65 
>   
> security-admin/src/main/webapp/react-webapp/src/views/ServiceManager/ServiceViewDetails.jsx
>  c774504ecbf2276421dece9d1e28acf0f3db7da8 
>   
> security-admin/src/main/webapp/react-webapp/src/views/SideBar/SideBarBody.jsx 
> 4d8494fc4dd87c4e470b4f194c7d56d580bfd20f 
>   
> security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/users_details/EditUserView.jsx
>  73585458a99c18a180e38012887410afbbf70e89 
>   
> security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/users_details/UserFormComp.jsx
>  1b32993b7057881e38323a2db3b4bf0cfa4acec8 
>   
> security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/users_details/UserListing.jsx
>  c3150fd65e48f2a4763947bf2a3e30ddbb1c9c73 
>   security-admin/src/main/webapp/react-webapp/src/views/UserProfile.jsx 
> 452fe931ebc14961819730b0d4e7865fc416b3c6 
> 
> 
> Diff: https://reviews.apache.org/r/74563/diff/1/
> 
> 
> Testing
> ---
> 
> Tested changes on a cluster setup with Ranger Admin build with React JS code 
> base.
> 
> Successful completion of build command :
> mvn clean compile package -Psecurity-admin-react
> 
> 
> Thanks,
> 
> Mugdha Varadkar
> 
>

Re: Review Request 74563: RANGER-4374 Getting page not found when wrong password is send in 'Old Password'

2023-08-24 Thread Brijesh Bhalala 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74563/#review225676
---


Ship it!




Ship It!

- Brijesh Bhalala


On Aug. 24, 2023, 8:49 a.m., Mugdha Varadkar wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/74563/
> ---
> 
> (Updated Aug. 24, 2023, 8:49 a.m.)
> 
> 
> Review request for ranger, Brijesh Bhalala, Dhaval Rajpara, Mehul Parikh, and 
> Nikunj Pansuriya.
> 
> 
> Bugs: RANGER-4374
> https://issues.apache.org/jira/browse/RANGER-4374
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Steps to reproduce :
> 
> 1.Create a user 'testuser1' and password 'Testuser1'
> 2.Login with 'testuser1'
> 3.Go to profile and then change password
> 4.Give some wrong password in 'old password'
> 5.And give some new password
> 6.Click on save
> 
> To handle the above issue, introduced a parameter skipNavigate which needs to 
> be passed to fetchApi() when we need to skip navigating to error page when 
> server side error occurs.
> 
> Also made code clean-up changes in the few existing files.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/webapp/react-webapp/src/components/Editable.jsx 
> 34eb8c5fad465e5a0cd1da9e617993fae87098b8 
>   security-admin/src/main/webapp/react-webapp/src/utils/XAMessages.js 
> 82eb8fe185c346c2b37bef006c3ab7ecb29ae21a 
>   security-admin/src/main/webapp/react-webapp/src/utils/XAUtils.js 
> 7edee019e3bc7dfd91691f3f40f2a5e563e76051 
>   security-admin/src/main/webapp/react-webapp/src/utils/appState.js 
> 6267de2b4326928f4f06181effd6dd56b2b83de1 
>   security-admin/src/main/webapp/react-webapp/src/utils/fetchAPI.js 
> ef32634bb480a364b4474c88185f9c3164fbf92d 
>   
> security-admin/src/main/webapp/react-webapp/src/views/AuditEvent/AccessLogDetail.jsx
>  af64aa87793338271b1d4f9dd2fde65b05bc31e3 
>   
> security-admin/src/main/webapp/react-webapp/src/views/AuditEvent/AccessLogsTable.jsx
>  cf92a9a99bc85db048d6624e60d8f1cc8c04b6f5 
>   
> security-admin/src/main/webapp/react-webapp/src/views/AuditEvent/AdminLogs/PolicyLogs.jsx
>  92a1aac47c9dd82c541d54da50a955575c20b1dc 
>   
> security-admin/src/main/webapp/react-webapp/src/views/AuditEvent/AdminLogs/UserLogs.jsx
>  0a94a3b8507aa0cfb225d2292a8e519855cc78aa 
>   
> security-admin/src/main/webapp/react-webapp/src/views/Encryption/KeyManager.jsx
>  d4f4a24b603a876fe87bf7a10f29e5c0373af071 
>   
> security-admin/src/main/webapp/react-webapp/src/views/SecurityZone/SecurityZoneForm.jsx
>  ea76fa82390877a70ee3c7ca04104649597ab5f1 
>   
> security-admin/src/main/webapp/react-webapp/src/views/ServiceManager/ServiceDefinition.jsx
>  af1903ec737e6a28d09b562cb4e0e27d3af0dc65 
>   
> security-admin/src/main/webapp/react-webapp/src/views/ServiceManager/ServiceViewDetails.jsx
>  c774504ecbf2276421dece9d1e28acf0f3db7da8 
>   
> security-admin/src/main/webapp/react-webapp/src/views/SideBar/SideBarBody.jsx 
> 4d8494fc4dd87c4e470b4f194c7d56d580bfd20f 
>   
> security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/users_details/EditUserView.jsx
>  73585458a99c18a180e38012887410afbbf70e89 
>   
> security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/users_details/UserFormComp.jsx
>  1b32993b7057881e38323a2db3b4bf0cfa4acec8 
>   
> security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/users_details/UserListing.jsx
>  c3150fd65e48f2a4763947bf2a3e30ddbb1c9c73 
>   security-admin/src/main/webapp/react-webapp/src/views/UserProfile.jsx 
> 452fe931ebc14961819730b0d4e7865fc416b3c6 
> 
> 
> Diff: https://reviews.apache.org/r/74563/diff/1/
> 
> 
> Testing
> ---
> 
> Tested changes on a cluster setup with Ranger Admin build with React JS code 
> base.
> 
> Successful completion of build command :
> mvn clean compile package -Psecurity-admin-react
> 
> 
> Thanks,
> 
> Mugdha Varadkar
> 
>

Re: Review Request 74564: RANGER-4367 User with access on Key manager tab not able to view the "Encryption" tab on the React UI

2023-08-24 Thread Dhaval Rajpara 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74564/#review225678
---


Ship it!




Ship It!

- Dhaval Rajpara


On Aug. 24, 2023, 9:12 a.m., Mugdha Varadkar wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/74564/
> ---
> 
> (Updated Aug. 24, 2023, 9:12 a.m.)
> 
> 
> Review request for ranger, Brijesh Bhalala, Dhaval Rajpara, Mehul Parikh, and 
> Nikunj Pansuriya.
> 
> 
> Bugs: RANGER-4367
> https://issues.apache.org/jira/browse/RANGER-4367
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> A user with access on keymanager module is not able to view the encryption 
> tab in react UI, but the same user can view the encryption tab in Backbone 
> classic/latest UI.
> 
> Steps to reproduce :-
> 1. Create a user with admin/user/auditor privileges
> 2. Remove permissions for the user on all other modules, and assign 
> permissions only on keymanager module
> 3. Login as the created user
> 4. The user cannot see the encryption tab in react ui, but can see it if the 
> UI is switched to backbone ui
> 
> 
> Apart for fixing the above issue, also added below changes in this fixes.
> Need to restrict below UI operations for user with role - ADMIN_AUDITOR or 
> KEY_ADMIN_AUDITOR.
> 
> Policy edit from Report page
> Export 'json' from Report Page
> Add Key button from Key Manager > Key listing page
> 
> However, If user try to perform these operations from UI, "403 Forbidden" 
> page is shown. But it is good to have restriction on Ranger Admin UI with 
> react JS.
> 
> 
> Diffs
> -
> 
>   
> security-admin/src/main/webapp/react-webapp/src/views/Encryption/KeyManager.jsx
>  d4f4a24b603a876fe87bf7a10f29e5c0373af071 
>   
> security-admin/src/main/webapp/react-webapp/src/views/Reports/SearchPolicyTable.jsx
>  0fd79851c43a188b17c93da57ac078b0aa139849 
>   
> security-admin/src/main/webapp/react-webapp/src/views/Reports/UserAccessLayout.jsx
>  fc4d50093dc96ca9a906f0aa157bc8e997def9b3 
>   security-admin/src/main/webapp/react-webapp/src/views/SideBar/SideBar.jsx 
> 4dad6cab99bfb8837d31ec425166168218a6becd 
> 
> 
> Diff: https://reviews.apache.org/r/74564/diff/1/
> 
> 
> Testing
> ---
> 
> Tested changes on a cluster setup with Ranger Admin build with React JS code 
> base.
> 
> Successful completion of build command :
> mvn clean compile package -Psecurity-admin-react
> 
> 
> Thanks,
> 
> Mugdha Varadkar
> 
>

Review Request 74564: RANGER-4367 User with access on Key manager tab not able to view the "Encryption" tab on the React UI

2023-08-24 Thread Mugdha Varadkar 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74564/
---

Review request for ranger, Brijesh Bhalala, Dhaval Rajpara, Mehul Parikh, and 
Nikunj Pansuriya.


Bugs: RANGER-4367
https://issues.apache.org/jira/browse/RANGER-4367


Repository: ranger


Description
---

A user with access on keymanager module is not able to view the encryption tab 
in react UI, but the same user can view the encryption tab in Backbone 
classic/latest UI.

Steps to reproduce :-
1. Create a user with admin/user/auditor privileges
2. Remove permissions for the user on all other modules, and assign permissions 
only on keymanager module
3. Login as the created user
4. The user cannot see the encryption tab in react ui, but can see it if the UI 
is switched to backbone ui


Apart for fixing the above issue, also added below changes in this fixes.
Need to restrict below UI operations for user with role - ADMIN_AUDITOR or 
KEY_ADMIN_AUDITOR.

Policy edit from Report page
Export 'json' from Report Page
Add Key button from Key Manager > Key listing page

However, If user try to perform these operations from UI, "403 Forbidden" page 
is shown. But it is good to have restriction on Ranger Admin UI with react JS.


Diffs
-

  
security-admin/src/main/webapp/react-webapp/src/views/Encryption/KeyManager.jsx 
d4f4a24b603a876fe87bf7a10f29e5c0373af071 
  
security-admin/src/main/webapp/react-webapp/src/views/Reports/SearchPolicyTable.jsx
 0fd79851c43a188b17c93da57ac078b0aa139849 
  
security-admin/src/main/webapp/react-webapp/src/views/Reports/UserAccessLayout.jsx
 fc4d50093dc96ca9a906f0aa157bc8e997def9b3 
  security-admin/src/main/webapp/react-webapp/src/views/SideBar/SideBar.jsx 
4dad6cab99bfb8837d31ec425166168218a6becd 


Diff: https://reviews.apache.org/r/74564/diff/1/


Testing
---

Tested changes on a cluster setup with Ranger Admin build with React JS code 
base.

Successful completion of build command :
mvn clean compile package -Psecurity-admin-react


Thanks,

Mugdha Varadkar

Review Request 74563: RANGER-4374 Getting page not found when wrong password is send in 'Old Password'

2023-08-24 Thread Mugdha Varadkar 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74563/
---

Review request for ranger, Brijesh Bhalala, Dhaval Rajpara, Mehul Parikh, and 
Nikunj Pansuriya.


Bugs: RANGER-4374
https://issues.apache.org/jira/browse/RANGER-4374


Repository: ranger


Description
---

Steps to reproduce :

1.Create a user 'testuser1' and password 'Testuser1'
2.Login with 'testuser1'
3.Go to profile and then change password
4.Give some wrong password in 'old password'
5.And give some new password
6.Click on save

To handle the above issue, introduced a parameter skipNavigate which needs to 
be passed to fetchApi() when we need to skip navigating to error page when 
server side error occurs.

Also made code clean-up changes in the few existing files.


Diffs
-

  security-admin/src/main/webapp/react-webapp/src/components/Editable.jsx 
34eb8c5fad465e5a0cd1da9e617993fae87098b8 
  security-admin/src/main/webapp/react-webapp/src/utils/XAMessages.js 
82eb8fe185c346c2b37bef006c3ab7ecb29ae21a 
  security-admin/src/main/webapp/react-webapp/src/utils/XAUtils.js 
7edee019e3bc7dfd91691f3f40f2a5e563e76051 
  security-admin/src/main/webapp/react-webapp/src/utils/appState.js 
6267de2b4326928f4f06181effd6dd56b2b83de1 
  security-admin/src/main/webapp/react-webapp/src/utils/fetchAPI.js 
ef32634bb480a364b4474c88185f9c3164fbf92d 
  
security-admin/src/main/webapp/react-webapp/src/views/AuditEvent/AccessLogDetail.jsx
 af64aa87793338271b1d4f9dd2fde65b05bc31e3 
  
security-admin/src/main/webapp/react-webapp/src/views/AuditEvent/AccessLogsTable.jsx
 cf92a9a99bc85db048d6624e60d8f1cc8c04b6f5 
  
security-admin/src/main/webapp/react-webapp/src/views/AuditEvent/AdminLogs/PolicyLogs.jsx
 92a1aac47c9dd82c541d54da50a955575c20b1dc 
  
security-admin/src/main/webapp/react-webapp/src/views/AuditEvent/AdminLogs/UserLogs.jsx
 0a94a3b8507aa0cfb225d2292a8e519855cc78aa 
  
security-admin/src/main/webapp/react-webapp/src/views/Encryption/KeyManager.jsx 
d4f4a24b603a876fe87bf7a10f29e5c0373af071 
  
security-admin/src/main/webapp/react-webapp/src/views/SecurityZone/SecurityZoneForm.jsx
 ea76fa82390877a70ee3c7ca04104649597ab5f1 
  
security-admin/src/main/webapp/react-webapp/src/views/ServiceManager/ServiceDefinition.jsx
 af1903ec737e6a28d09b562cb4e0e27d3af0dc65 
  
security-admin/src/main/webapp/react-webapp/src/views/ServiceManager/ServiceViewDetails.jsx
 c774504ecbf2276421dece9d1e28acf0f3db7da8 
  security-admin/src/main/webapp/react-webapp/src/views/SideBar/SideBarBody.jsx 
4d8494fc4dd87c4e470b4f194c7d56d580bfd20f 
  
security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/users_details/EditUserView.jsx
 73585458a99c18a180e38012887410afbbf70e89 
  
security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/users_details/UserFormComp.jsx
 1b32993b7057881e38323a2db3b4bf0cfa4acec8 
  
security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/users_details/UserListing.jsx
 c3150fd65e48f2a4763947bf2a3e30ddbb1c9c73 
  security-admin/src/main/webapp/react-webapp/src/views/UserProfile.jsx 
452fe931ebc14961819730b0d4e7865fc416b3c6 


Diff: https://reviews.apache.org/r/74563/diff/1/


Testing
---

Tested changes on a cluster setup with Ranger Admin build with React JS code 
base.

Successful completion of build command :
mvn clean compile package -Psecurity-admin-react


Thanks,

Mugdha Varadkar

[jira] [Updated] (RANGER-4367) [Ranger React UI] User with access on Key manager tab not able to view the "Encryption" tab on the React UI

2023-08-24 Thread Mugdha Varadkar (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-4367?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Mugdha Varadkar updated RANGER-4367:

Attachment: 0001-RANGER-4367.patch

> [Ranger React UI] User with access on Key manager tab not able to view the 
> "Encryption" tab on the React UI
> ---
>
> Key: RANGER-4367
> URL: https://issues.apache.org/jira/browse/RANGER-4367
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Abhishek
>Assignee: Mugdha Varadkar
>Priority: Major
>  Labels: ranger-react
> Attachments: 0001-RANGER-4367.patch
>
>
> A user with access on keymanager module is not able to view the encryption 
> tab in react UI, but the same user can view the encryption tab in Backbone 
> classic/latest UI.
> Steps to reproduce :-
> 1. Create a user with admin/user/auditor privileges
> 2. Remove permissions for the user on all other modules, and assign 
> permissions only on keymanager module
> 3. Login as the created user
> 4. The user cannot see the encryption tab in react ui, but can see it if the 
> UI is switched to backbone ui



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (RANGER-4374) Getting page not found when wrong password is send in 'Old Password'

2023-08-24 Thread Mugdha Varadkar (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-4374?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Mugdha Varadkar updated RANGER-4374:

Attachment: 0001-RANGER-4374.patch

> Getting page not found when wrong password is send in 'Old Password'
> 
>
> Key: RANGER-4374
> URL: https://issues.apache.org/jira/browse/RANGER-4374
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Mugdha Varadkar
>Assignee: Mugdha Varadkar
>Priority: Major
>  Labels: ranger-react
> Attachments: 0001-RANGER-4374.patch
>
>
> Steps to reproduce :
> 1.Create a user 'testuser1' and password 'Testuser1'
> 2.Login with 'testuser1'
> 3.Go to profile and then change password
> 4.Give some wrong password in 'old password'
> 5.And give some new password
> 6.Click on save



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (RANGER-4119) [UI] Syntax check button missing in policy level condition

2023-08-24 Thread Dineshkumar Yadav (Jira) 


[ 
https://issues.apache.org/jira/browse/RANGER-4119?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17758415#comment-17758415
 ] 

Dineshkumar Yadav commented on RANGER-4119:
---

apache commit : 
https://github.com/apache/ranger/commit/34ab1057084e966c581ee785c7f34dbbb6180044

> [UI] Syntax check button missing in policy level condition
> --
>
> Key: RANGER-4119
> URL: https://issues.apache.org/jira/browse/RANGER-4119
> Project: Ranger
>  Issue Type: Bug
>  Components: admin
>Affects Versions: 2.4.0
>Reporter: Madhan Neethiraj
>Assignee: Dhaval Rajpara
>Priority: Major
>  Labels: ranger-react
> Attachments: image-2023-03-03-00-04-10-367.png, 
> image-2023-03-03-00-04-45-845.png
>
>
> Ranger policy UI provides {{Syntax check}} button that allows policy authors 
> to check if condition expression entered is valid or not. This button is 
> available for condition in policy-item level, but its not available for 
> condition at policy level - as seen in following images:
>  
> Policy-item level:
> !image-2023-03-03-00-04-45-845.png|width=661,height=453!
>  
> Policy level:
> !image-2023-03-03-00-04-10-367.png|width=661,height=488!
>  
> CC: [~ni3galave], [~Dhaval.Rajpara] 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (RANGER-4370) "Select All permissions for all components." checkbox missing in tag based policy permission popup

2023-08-24 Thread Mugdha Varadkar (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-4370?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Mugdha Varadkar updated RANGER-4370:

Priority: Minor  (was: Major)

> "Select All permissions for all components." checkbox missing in tag based 
> policy permission popup
> --
>
> Key: RANGER-4370
> URL: https://issues.apache.org/jira/browse/RANGER-4370
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Abhishek
>Assignee: Dhaval Rajpara
>Priority: Minor
>  Labels: ranger-react
>
> {color:#172b4d}In the permissions selector popup for tag based policies in 
> Backbone UI,{color}
> {color:#172b4d}there is a checkbox which allows users to select all 
> permissions for all components selected.{color}
> {color:#172b4d}But in React UI, this checkbox is missing.{color}
> {color:#172b4d}This is a minor bug.{color}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)