Review Request 74860: RANGER-4684 : Need to update createdBy , updatedBy field for gds objects in case the creator is deleted
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74860/ --- Review request for ranger, Anand Nadar, Ankita Sinha, Madhan Neethiraj, Monika Kachhadiya, Siddhesh Phatak, Subhrat Chaudhary, and Vanita Ubale. Bugs: RANGER-4684 https://issues.apache.org/jira/browse/RANGER-4684 Repository: ranger Description --- Currently when the creator of dataset or any gds Object is deleted from ranger we get Error as cannot Delete the user because the mapping exist for the Gds objects for the column addedById, so when the delete operation will be performed the values for fields createdBy and updatedBy should be changed from the creator to the Ranger Admin (the seeded Ranger Admin having Id 1) Diffs - security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java a0ff18948 security-admin/src/main/java/org/apache/ranger/service/XPortalUserService.java 85e457efa Diff: https://reviews.apache.org/r/74860/diff/1/ Testing --- Steps to check 1) Create user User1 2) create a dataset by the User1 account so the createdBy,updatedBy field will have login Id of user1 3) delete this User1 from ranger 4) Now the values for field createdBy,updatedBy for dataset will change to "Admin" Thanks, Prashant Satam
[jira] [Updated] (RANGER-4684) Need to update createdBy ,updatedBy field for gds objects in case the creator is deleted
[ https://issues.apache.org/jira/browse/RANGER-4684?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Prashant Satam updated RANGER-4684: --- Description: Currently when the creator of dataset or any gds Object is deleted from ranger we get Error as cannot Delete the user because the mapping exist for the Gds objects for the column addedById, so when the delete operation will be performed the values for fields createdBy and updatedBy should be changed from the creator to the Ranger Admin (the seeded Ranger Admin having Id 1) > Need to update createdBy ,updatedBy field for gds objects in case the creator > is deleted > > > Key: RANGER-4684 > URL: https://issues.apache.org/jira/browse/RANGER-4684 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Reporter: Prashant Satam >Priority: Major > > Currently when the creator of dataset or any gds Object is deleted from > ranger we get Error as cannot Delete the user because the mapping exist for > the Gds objects for the column addedById, so when the delete operation will > be performed the values for fields createdBy and updatedBy should be changed > from the creator to the Ranger Admin (the seeded Ranger Admin having Id 1) -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (RANGER-4684) Need to update createdBy ,updatedBy field for gds objects in case the creator is deleted
Prashant Satam created RANGER-4684: -- Summary: Need to update createdBy ,updatedBy field for gds objects in case the creator is deleted Key: RANGER-4684 URL: https://issues.apache.org/jira/browse/RANGER-4684 Project: Ranger Issue Type: Improvement Components: Ranger Reporter: Prashant Satam -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (RANGER-4683) Trino Schema Creation Permission
Semetey Coskun created RANGER-4683:
--
Summary: Trino Schema Creation Permission
Key: RANGER-4683
URL: https://issues.apache.org/jira/browse/RANGER-4683
Project: Ranger
Issue Type: Bug
Components: plugins
Reporter: Semetey Coskun
Hi,
I'm running Trino in docker (trinodb/trino:423) and this environment is
integrated to Apache Ranger (2.4.0) for authz policies. Every permissions seem
OK but "Create Schema" in a catalog. I've tried various configurations;
specifying catalog names with "*" or exact name of the catalog which I'm trying
to create schema in it but every time same error.
{{io.cloudbeaver.DBWebException: Error executing query: SQL Error [4]: Query
failed (#20240129_203356_00589_c9776): Access Denied: Cannot create schema
delta.trino_poc at
io.cloudbeaver.service.sql.WebSQLProcessor.processQuery(WebSQLProcessor.java:264)
at io.cloudbeaver.service.sql.impl.WebServiceSQL$1.run(WebServiceSQL.java:377)
at io.cloudbeaver.model.session.WebSession$1.run(WebSession.java:692) at
org.jkiss.dbeaver.model.runtime.AbstractJob.run(AbstractJob.java:105) at
org.eclipse.core.internal.jobs.Worker.run(Worker.java:63) Caused by:
org.jkiss.dbeaver.model.sql.DBSQLException: SQL Error [4]: Query failed
(#20240129_203356_00589_c9776): Access Denied: Cannot create schema
delta.trino_poc at
org.jkiss.dbeaver.model.impl.jdbc.exec.JDBCStatementImpl.executeStatement(JDBCStatementImpl.java:133)
at
io.cloudbeaver.service.sql.WebSQLProcessor.lambda$1(WebSQLProcessor.java:250)
at
org.jkiss.dbeaver.model.exec.DBExecUtils.tryExecuteRecover(DBExecUtils.java:190)
at
io.cloudbeaver.service.sql.WebSQLProcessor.processQuery(WebSQLProcessor.java:207)
... 4 more Caused by: java.sql.SQLException: Query failed
(#20240129_203356_00589_c9776): Access Denied: Cannot create schema
delta.trino_poc at
io.trino.jdbc.AbstractTrinoResultSet.resultsException(AbstractTrinoResultSet.java:1937)
at io.trino.jdbc.TrinoResultSet.getColumns(TrinoResultSet.java:318) at
io.trino.jdbc.TrinoResultSet.create(TrinoResultSet.java:61) at
io.trino.jdbc.TrinoStatement.internalExecute(TrinoStatement.java:262) at
io.trino.jdbc.TrinoStatement.execute(TrinoStatement.java:240) at
org.jkiss.dbeaver.model.impl.jdbc.exec.JDBCStatementImpl.execute(JDBCStatementImpl.java:330)
at
org.jkiss.dbeaver.model.impl.jdbc.exec.JDBCStatementImpl.executeStatement(JDBCStatementImpl.java:131)
... 7 more Caused by: io.trino.spi.security.AccessDeniedException: Access
Denied: Cannot create schema delta.trino_poc at
io.trino.spi.security.AccessDeniedException.denyCreateSchema(AccessDeniedException.java:150)
at
io.trino.spi.security.AccessDeniedException.denyCreateSchema(AccessDeniedException.java:145)
at
io.trino.spi.security.SystemAccessControl.checkCanCreateSchema(SystemAccessControl.java:286)
at
io.trino.security.AccessControlManager.lambda$checkCanCreateSchema$11(AccessControlManager.java:340)
at
io.trino.security.AccessControlManager.systemAuthorizationCheck(AccessControlManager.java:1363)
at
io.trino.security.AccessControlManager.checkCanCreateSchema(AccessControlManager.java:340)
at
io.trino.security.ForwardingAccessControl.checkCanCreateSchema(ForwardingAccessControl.java:125)
at
io.trino.tracing.TracingAccessControl.checkCanCreateSchema(TracingAccessControl.java:166)
at
io.trino.execution.CreateSchemaTask.internalExecute(CreateSchemaTask.java:117)
at io.trino.execution.CreateSchemaTask.execute(CreateSchemaTask.java:82) at
io.trino.execution.CreateSchemaTask.execute(CreateSchemaTask.java:54) at
io.trino.execution.DataDefinitionExecution.start(DataDefinitionExecution.java:145)
at io.trino.execution.SqlQueryManager.createQuery(SqlQueryManager.java:256) at
io.trino.dispatcher.LocalDispatchQuery.startExecution(LocalDispatchQuery.java:145)
at
io.trino.dispatcher.LocalDispatchQuery.lambda$waitForMinimumWorkers$2(LocalDispatchQuery.java:129)
at
io.airlift.concurrent.MoreFutures.lambda$addSuccessCallback$12(MoreFutures.java:568)
at io.airlift.concurrent.MoreFutures$3.onSuccess(MoreFutures.java:543) at
com.google.common.util.concurrent.Futures$CallbackListener.run(Futures.java:1133)
at io.trino.$gen.Trino_42320240129_094308_2.run(Unknown Source) at
java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
at
java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
at java.base/java.lang.Thread.run(Thread.java:833)}}
{{When I grep the coordinator logs the only policy id I can see in the logs is
27;}}
2024-01-29T20:02:57.087Z INFO Query-20240129_200257_00416_c9776-2066 stdout
20:02:57.087 [Query-20240129_200257_00416_c9776-2066] DEBUG
org.apache.ranger.plugin.policyevaluator.RangerDefaultPolicyEvaluator - ==>
RangerDefaultPolicyEvaluator.evaluate(policyId=27,
Re: Review Request 74812: RANGER-4632: Security Zone policies version increases by +2 when we update its policy
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74812/#review226192 --- Ship it! Ship It! - Kishor Gollapalliwar On Jan. 30, 2024, 12:49 p.m., Rakesh Gupta wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/74812/ > --- > > (Updated Jan. 30, 2024, 12:49 p.m.) > > > Review request for ranger, Dineshkumar Yadav, Kishor Gollapalliwar, Abhay > Kulkarni, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, > sanket shelar, Sailaja Polavarapu, and Velmurugan Periasamy. > > > Bugs: RANGER-4632 > https://issues.apache.org/jira/browse/RANGER-4632 > > > Repository: ranger > > > Description > --- > > Security Zone policies version increases by +2 when we update its policy. > > STEPS TO REPRODUCE: > Create a security zone with any service. > Now edit the policy(policy name or description or resources) of above zone > created, so its policy get updated. > Check policy version of above policy, its increases by +2 version. > > CURRENT BEHAVIOUR: > Security Zone policies version increases by +2, when we update its policy. > > EXPECTED BEHAVIOUR: > Security Zone policies version increases by +1, when we update its policy. > > > Diffs > - > > > security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java > 9f3b11042 > > > Diff: https://reviews.apache.org/r/74812/diff/1/ > > > Testing > --- > > Verified when Security zone policy get updated its version increases by +1. > > > Thanks, > > Rakesh Gupta > >
[jira] [Updated] (RANGER-4653) [Ranger React UI] Add inline assertions for displayName length in service creation / update form
[ https://issues.apache.org/jira/browse/RANGER-4653?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Abhishek updated RANGER-4653: - Fix Version/s: 3.0.0 > [Ranger React UI] Add inline assertions for displayName length in service > creation / update form > > > Key: RANGER-4653 > URL: https://issues.apache.org/jira/browse/RANGER-4653 > Project: Ranger > Issue Type: Bug > Components: admin >Reporter: Abhishek >Assignee: Abhishek >Priority: Major > Labels: ranger-react > Fix For: 3.0.0 > > > In the service create / update form, an inline assertion has to be added for > displayName validation (length and preventing use of special characters). -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (RANGER-4653) [Ranger React UI] Add inline assertions for displayName length in service creation / update form
[ https://issues.apache.org/jira/browse/RANGER-4653?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17812347#comment-17812347 ] Abhishek commented on RANGER-4653: -- The fix has been committed to the Apache Ranger master branch :- [https://github.com/apache/ranger/commit/9513ecbc22f9a6a996b4fe095328c7829131f88b.] > [Ranger React UI] Add inline assertions for displayName length in service > creation / update form > > > Key: RANGER-4653 > URL: https://issues.apache.org/jira/browse/RANGER-4653 > Project: Ranger > Issue Type: Bug > Components: admin >Reporter: Abhishek >Assignee: Abhishek >Priority: Major > Labels: ranger-react > > In the service create / update form, an inline assertion has to be added for > displayName validation (length and preventing use of special characters). -- This message was sent by Atlassian Jira (v8.20.10#820010)
Re: [PR] RANGER-4640: Trino ranger plugin for 433 snapshot [ranger]
tarekabouzeid commented on PR #291: URL: https://github.com/apache/ranger/pull/291#issuecomment-1916909057 Hi, Thanks so much for this contribution, It helped me a lot. I have tested it with Trino 433 and Trino server is up and running and there seems to be an issue in Trino ranger raudits initialization when using Elastic search, so audits are not sent to ranger. I am going to look more into this issue and will report my findings. Elastic search version used : **7.16.2** Trino version: **433** Ranger: **2.4.0** Below is the error I am getting: ``` 024-01-30T13:32:13.562ZINFOmainstdout INFO - Connecting to ElasticSearch: User:ranger, http://es-internal.infra:80/ranger_audits 2024-01-30T13:32:13.895ZINFOmainstdout WARN - request [POST http://es-internal.infra:80/ranger_audits/_open?master_timeout=30s_throttled=false_unavailable=false_wildcards=closed_no_indices=true=30s] returned 1 warnings: [299 Elasticsearch-7.17.16-2b23fa076334f8d4651aeebe458a955a2ae23218 "[ignore_throttled] parameter is deprecated because frozen indices have been deprecated. Consider cold or frozen tiers in place of frozen indices."] 2024-01-30T13:32:13.899ZINFOmainstdout ERROR - Can't connect to ElasticSearch server: User:ranger, http://es-internal.infra:80/ranger_auditsjava.lang.BootstrapMethodError: bootstrap method initialization exception at java.base/java.lang.invoke.BootstrapMethodInvoker.invoke(BootstrapMethodInvoker.java:188) at java.base/java.lang.invoke.CallSite.makeSite(CallSite.java:316) at java.base/java.lang.invoke.MethodHandleNatives.linkCallSiteImpl(MethodHandleNatives.java:274) at java.base/java.lang.invoke.MethodHandleNatives.linkCallSite(MethodHandleNatives.java:264) at org.elasticsearch.client.RestClient.convertResponse(RestClient.java:312) at org.elasticsearch.client.RestClient.performRequest(RestClient.java:296) at org.elasticsearch.client.RestClient.performRequest(RestClient.java:270) at org.elasticsearch.client.RestHighLevelClient.internalPerformRequest(RestHighLevelClient.java:1632) at org.elasticsearch.client.RestHighLevelClient.performRequest(RestHighLevelClient.java:1602) at org.elasticsearch.client.RestHighLevelClient.performRequestAndParseEntity(RestHighLevelClient.java:1572) at org.elasticsearch.client.IndicesClient.open(IndicesClient.java:614) at org.apache.ranger.audit.destination.ElasticSearchAuditDestination.newClient(ElasticSearchAuditDestination.java:267) at org.apache.ranger.audit.destination.ElasticSearchAuditDestination.getClient(ElasticSearchAuditDestination.java:187) at org.apache.ranger.audit.destination.ElasticSearchAuditDestination.init(ElasticSearchAuditDestination.java:101) at org.apache.ranger.audit.provider.AuditProviderFactory.init(AuditProviderFactory.java:183) at org.apache.ranger.plugin.service.RangerBasePlugin.init(RangerBasePlugin.java:234) at org.apache.ranger.authorization.trino.authorizer.RangerSystemAccessControl.(RangerSystemAccessControl.java:120) at java.base/jdk.internal.reflect.DirectConstructorHandleAccessor.newInstance(DirectConstructorHandleAccessor.java:62) at java.base/java.lang.reflect.Constructor.newInstanceWithCaller(Constructor.java:502) at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:486) at org.apache.ranger.authorization.trino.authorizer.RangerSystemAccessControl.(RangerSystemAccessControl.java:69) at org.apache.ranger.authorization.trino.authorizer.RangerSystemAccessControl$$FastClassByGuice$$1345336.GUICE$TRAMPOLINE() at org.apache.ranger.authorization.trino.authorizer.RangerSystemAccessControl$$FastClassByGuice$$1345336.apply() at com.google.inject.internal.DefaultConstructionProxyFactory$FastClassProxy.newInstance(DefaultConstructionProxyFactory.java:82) at com.google.inject.internal.ConstructorInjector.provision(ConstructorInjector.java:114) at com.google.inject.internal.ConstructorInjector.access$000(ConstructorInjector.java:33) at com.google.inject.internal.ConstructorInjector$1.call(ConstructorInjector.java:98) at com.google.inject.internal.ProvisionListenerStackCallback$Provision.provision(ProvisionListenerStackCallback.java:109) at io.airlift.bootstrap.LifeCycleModule.provision(LifeCycleModule.java:54) at com.google.inject.internal.ProvisionListenerStackCallback$Provision.provision(ProvisionListenerStackCallback.java:117) at com.google.inject.internal.ProvisionListenerStackCallback.provision(ProvisionListenerStackCallback.java:66) at com.google.inject.internal.ConstructorInjector.construct(ConstructorInjector.java:93) at com.google.inject.internal.ConstructorBindingImpl$Factory.get(ConstructorBindingImpl.java:300) at
[jira] [Commented] (RANGER-4656) Filtering the resources in the search filter options on the policy listing page based on policy type.
[ https://issues.apache.org/jira/browse/RANGER-4656?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17812286#comment-17812286 ] Brijesh Bhalala commented on RANGER-4656: - commited to [Apache master|https://github.com/apache/ranger/commit/9dcb210d4d04e12574b2368de15b9738ea1c650b] branch > Filtering the resources in the search filter options on the policy listing > page based on policy type. > - > > Key: RANGER-4656 > URL: https://issues.apache.org/jira/browse/RANGER-4656 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Reporter: Brijesh Bhalala >Assignee: Brijesh Bhalala >Priority: Major > Labels: ranger-react > Fix For: 3.0.0 > > Attachments: 0001-RANGER-4656.patch > > > Filtering the resources in the search filter options on the policy listing > page based on policy type. > *Current Behaviour* :- > * All the resources are displayed in search filter options on policy listing > page, > * For masking and row level all resources are there in search filter option, > there is no filteration of resources on the basis of policy type. > The resources should be filter on the basis of policy type in search filter > options in policy listing page. -- This message was sent by Atlassian Jira (v8.20.10#820010)
Re: Review Request 74811: RANGER-4630:Need to add pagination support and searchFilters for tag related APIs
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74811/ --- (Updated Jan. 30, 2024, 12:30 p.m.) Review request for ranger, Anand Nadar, Ankita Sinha, Madhan Neethiraj, Monika Kachhadiya, and Subhrat Chaudhary. Bugs: RANGER-4630 https://issues.apache.org/jira/browse/RANGER-4630 Repository: ranger Description --- Currently for Tag related GET-APIs i.e for (RangerTags,RangerTagDefs,RangerServiceResource) we dont support pagination,and also we need additional searchFilters for them Diffs (updated) - agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java ad304f88f security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java 59b57370b security-admin/src/main/java/org/apache/ranger/rest/TagREST.java 6d0019f70 security-admin/src/main/java/org/apache/ranger/rest/TagRESTConstants.java 9e78cf0e8 security-admin/src/main/java/org/apache/ranger/service/RangerServiceResourceService.java 3a4ccf83d security-admin/src/main/java/org/apache/ranger/service/RangerServiceResourceServiceBase.java 329d3eeec security-admin/src/main/java/org/apache/ranger/service/RangerTagDefService.java 8f677995b security-admin/src/main/java/org/apache/ranger/service/RangerTagDefServiceBase.java 929a4b06b security-admin/src/main/java/org/apache/ranger/service/RangerTagService.java 3a90bd8a9 security-admin/src/main/java/org/apache/ranger/service/RangerTagServiceBase.java 2e2c04f47 security-admin/src/test/java/org/apache/ranger/rest/TestTagREST.java 570ce874b Diff: https://reviews.apache.org/r/74811/diff/2/ Changes: https://reviews.apache.org/r/74811/diff/1-2/ Testing --- 1)Tags Request > /service/tags/tags? Supported Query Params Search Fields tagId,tagDefId,tagType,tagTypePartial Sort Fields tagId,tagDefId,createTime,updateTime Supports Pagination 2)TagDefs Request > /service/tags/tagdefs? Supported Query Params Search Fields tagDefId,tagDefGuid,tagType,tagTypePartial,tagSource, tagSourcePartial Sort Fields tagDefId,tagType,createTime,updateTime Supports Pagination 3)ServiceResource Request > /service/tags/resources? Supported Query Params Search Fields resourceId,tagServiceId,tagServiceName,tagServiceNamePartial,resourceGuid,resourceSignature Sort Fields resourceId,tagServiceId,createTime,updateTime Supports Pagination Thanks, Prashant Satam
Re: Review Request 74811: RANGER-4630:Need to add pagination support and searchFilters for tag related APIs
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74811/#review226191 --- Ship it! Ship It! - Anand Nadar On Jan. 3, 2024, 10:01 a.m., Prashant Satam wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/74811/ > --- > > (Updated Jan. 3, 2024, 10:01 a.m.) > > > Review request for ranger, Anand Nadar, Ankita Sinha, Madhan Neethiraj, > Monika Kachhadiya, and Subhrat Chaudhary. > > > Bugs: RANGER-4630 > https://issues.apache.org/jira/browse/RANGER-4630 > > > Repository: ranger > > > Description > --- > > Currently for Tag related GET-APIs i.e for > (RangerTags,RangerTagDefs,RangerServiceResource) we dont support > pagination,and also we need additional searchFilters for them > > > Diffs > - > > agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java > 0f6611f45 > security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java > de72ff140 > security-admin/src/main/java/org/apache/ranger/rest/TagREST.java 6d0019f70 > security-admin/src/main/java/org/apache/ranger/rest/TagRESTConstants.java > 9e78cf0e8 > > security-admin/src/main/java/org/apache/ranger/service/RangerServiceResourceService.java > 3a4ccf83d > > security-admin/src/main/java/org/apache/ranger/service/RangerServiceResourceServiceBase.java > 329d3eeec > > security-admin/src/main/java/org/apache/ranger/service/RangerTagDefService.java > 8f677995b > > security-admin/src/main/java/org/apache/ranger/service/RangerTagDefServiceBase.java > 929a4b06b > > security-admin/src/main/java/org/apache/ranger/service/RangerTagService.java > 3a90bd8a9 > > security-admin/src/main/java/org/apache/ranger/service/RangerTagServiceBase.java > 2e2c04f47 > > > Diff: https://reviews.apache.org/r/74811/diff/1/ > > > Testing > --- > > 1)Tags > Request > /service/tags/tags? > Supported Query Params > Search Fields > tagId,tagDefId,tagType,tagTypePartial > Sort Fields > tagId,tagDefId,createTime,updateTime > Supports Pagination > > 2)TagDefs > Request > /service/tags/tagdefs? > Supported Query Params > Search Fields > tagDefId,tagDefGuid,tagType,tagTypePartial,tagSource, > tagSourcePartial > Sort Fields > tagDefId,tagType,createTime,updateTime > Supports Pagination > > 3)ServiceResource > Request > /service/tags/resources? > Supported Query Params > Search Fields > resourceId,tagServiceId,tagServiceName,tagServiceNamePartial,resourceGuid,resourceSignature > Sort Fields > resourceId,tagServiceId,createTime,updateTime > Supports Pagination > > > Thanks, > > Prashant Satam > >
Review Request 74859: RANGER-4682 : Need a Export API for tagResourceMaps
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74859/ --- Review request for ranger, Anand Nadar, Ankita Sinha, Madhan Neethiraj, Monika Kachhadiya, Siddhesh Phatak, and Subhrat Chaudhary. Bugs: RANGER-4682 https://issues.apache.org/jira/browse/RANGER-4682 Repository: ranger Description --- Currently we dont have a Export api for tagResourceMaps it will be helpful if we have a export API in format (csv,excel,json) Diffs - security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 00a3d9c47 security-admin/src/main/java/org/apache/ranger/rest/TagREST.java 6d0019f70 security-admin/src/main/java/org/apache/ranger/rest/TagRESTConstants.java 9e78cf0e8 security-admin/src/main/java/org/apache/ranger/service/RangerTagResourceMapServiceBase.java 97b8150d3 security-admin/src/main/java/org/apache/ranger/view/RangerExportTagResourceMapList.java PRE-CREATION security-admin/src/main/java/org/apache/ranger/view/RangerTagResourceMapList.java PRE-CREATION Diff: https://reviews.apache.org/r/74859/diff/1/ Testing --- Done testing using GET-APIs 1)For JSON => /service/tags/export/json/tagresourcemaps 2)For CSV => /service/tags/export/csv/tagresourcemaps 3)For EXCEL => /service/tags/export/excel/tagresourcemaps Thanks, Prashant Satam
[jira] [Commented] (RANGER-4544) Implement best coding practices for policy resources
[ https://issues.apache.org/jira/browse/RANGER-4544?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17812254#comment-17812254 ] Dhaval Rajpara commented on RANGER-4544: Patch Committed to [Apache master|https://github.com/apache/ranger/commit/4a621c2a0e450790a43248f04d1ca68028530a3e] branch. > Implement best coding practices for policy resources > > > Key: RANGER-4544 > URL: https://issues.apache.org/jira/browse/RANGER-4544 > Project: Ranger > Issue Type: Bug > Components: Ranger >Reporter: Dhaval Rajpara >Assignee: Dhaval Rajpara >Priority: Major > Labels: ranger-react > Attachments: > 0001-RANGER-4544-Implement-best-coding-practices-for-poli.patch > > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (RANGER-4544) Implement best coding practices for policy resources
[ https://issues.apache.org/jira/browse/RANGER-4544?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dhaval Rajpara updated RANGER-4544: --- Fix Version/s: 3.0.0 > Implement best coding practices for policy resources > > > Key: RANGER-4544 > URL: https://issues.apache.org/jira/browse/RANGER-4544 > Project: Ranger > Issue Type: Bug > Components: Ranger >Reporter: Dhaval Rajpara >Assignee: Dhaval Rajpara >Priority: Major > Labels: ranger-react > Fix For: 3.0.0 > > Attachments: > 0001-RANGER-4544-Implement-best-coding-practices-for-poli.patch > > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (RANGER-4682) Need a Export API for tagResourceMaps
[ https://issues.apache.org/jira/browse/RANGER-4682?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Prashant Satam updated RANGER-4682: --- Description: Currently we dont have a Export api for tagResourceMaps it will be helpful if we have a export API in format (csv,excel,json) > Need a Export API for tagResourceMaps > - > > Key: RANGER-4682 > URL: https://issues.apache.org/jira/browse/RANGER-4682 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Reporter: Prashant Satam >Assignee: Prashant Satam >Priority: Major > > Currently we dont have a Export api for tagResourceMaps it will be helpful if > we have a export API in format (csv,excel,json) -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Assigned] (RANGER-4682) Need a Export API for tagResourceMaps
[ https://issues.apache.org/jira/browse/RANGER-4682?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Prashant Satam reassigned RANGER-4682: -- Assignee: Prashant Satam > Need a Export API for tagResourceMaps > - > > Key: RANGER-4682 > URL: https://issues.apache.org/jira/browse/RANGER-4682 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Reporter: Prashant Satam >Assignee: Prashant Satam >Priority: Major > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (RANGER-4682) Need a Export API for tagResourceMaps
Prashant Satam created RANGER-4682: -- Summary: Need a Export API for tagResourceMaps Key: RANGER-4682 URL: https://issues.apache.org/jira/browse/RANGER-4682 Project: Ranger Issue Type: Improvement Components: Ranger Reporter: Prashant Satam -- This message was sent by Atlassian Jira (v8.20.10#820010)
Re: Review Request 74797: RANGER-4610: API calls for zones and services on initial landing in ZoneListing page is being called twice
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74797/ --- (Updated Jan. 30, 2024, 9:38 a.m.) Review request for ranger, Dhaval Rajpara, Dineshkumar Yadav, Madhan Neethiraj, Mehul Parikh, Mugdha Varadkar, Nikunj Pansuriya, and Nitin Galave. Bugs: RANGER-4610 https://issues.apache.org/jira/browse/RANGER-4610 Repository: ranger Description --- API calls for zones and services on initial landing in ZoneListing page is being called twice. Actual :- On initial landing in ZoneListing page, the API calls for zones & services are being called twice. Expected :- On initial landing in ZoneListing page, the API calls for zones & services should get called only once. Diffs - security-admin/src/main/webapp/react-webapp/src/views/SecurityZone/ZoneListing.jsx e9c7ec8ae Diff: https://reviews.apache.org/r/74797/diff/2/ Testing --- Tested changes on a cluster setup with Ranger Admin build with React JS code base. Verified the ZoneListing page. Thanks, Brijesh Bhalala
[jira] [Updated] (RANGER-4610) API calls for zones and services on initial landing in ZoneListing page is being called twice
[ https://issues.apache.org/jira/browse/RANGER-4610?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Brijesh Bhalala updated RANGER-4610: Fix Version/s: 3.0.0 > API calls for zones and services on initial landing in ZoneListing page is > being called twice > - > > Key: RANGER-4610 > URL: https://issues.apache.org/jira/browse/RANGER-4610 > Project: Ranger > Issue Type: Bug > Components: Ranger >Reporter: Brijesh Bhalala >Assignee: Brijesh Bhalala >Priority: Major > Labels: ranger-react > Fix For: 3.0.0 > > Attachments: 0001-RANGER-4610.patch, 0002-RANGER-4610.patch > > > API calls for zones and services on initial landing in ZoneListing page is > being called twice. > *Actual :-* > * On initial landing in ZoneListing page, the API calls for zones & services > are being called twice. > *Expected :-* > * On initial landing in ZoneListing page, the API calls for zones & services > should get called only once. > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (RANGER-4610) API calls for zones and services on initial landing in ZoneListing page is being called twice
[ https://issues.apache.org/jira/browse/RANGER-4610?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17812241#comment-17812241 ] Brijesh Bhalala commented on RANGER-4610: - commited to [Apache master|https://github.com/apache/ranger/commit/8351b3271b2d6a0fe7cf93cb0571da5339c2e872] branch > API calls for zones and services on initial landing in ZoneListing page is > being called twice > - > > Key: RANGER-4610 > URL: https://issues.apache.org/jira/browse/RANGER-4610 > Project: Ranger > Issue Type: Bug > Components: Ranger >Reporter: Brijesh Bhalala >Assignee: Brijesh Bhalala >Priority: Major > Labels: ranger-react > Attachments: 0001-RANGER-4610.patch, 0002-RANGER-4610.patch > > > API calls for zones and services on initial landing in ZoneListing page is > being called twice. > *Actual :-* > * On initial landing in ZoneListing page, the API calls for zones & services > are being called twice. > *Expected :-* > * On initial landing in ZoneListing page, the API calls for zones & services > should get called only once. > -- This message was sent by Atlassian Jira (v8.20.10#820010)
Re: Review Request 74848: RANGER-4544 : Implement best coding practices for policy resources
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74848/#review226188 --- Ship it! Ship It! - Mehul Parikh On Jan. 30, 2024, 7 a.m., Dhaval Rajpara wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/74848/ > --- > > (Updated Jan. 30, 2024, 7 a.m.) > > > Review request for ranger, Brijesh Bhalala, Dhaval Shah, Dineshkumar Yadav, > Mehul Parikh, Mugdha Varadkar, Pradeep Agrawal, and Velmurugan Periasamy. > > > Bugs: RANGER-4544 > https://issues.apache.org/jira/browse/RANGER-4544 > > > Repository: ranger > > > Description > --- > > Implement best coding practices for policy resources > > > Diffs > - > > > security-admin/src/main/webapp/react-webapp/src/views/AuditEvent/AdminLogs/PolicyViewDetails.jsx > aa541bf72 > > security-admin/src/main/webapp/react-webapp/src/views/PolicyListing/AddUpdatePolicyForm.jsx > dafbc7371 > > > Diff: https://reviews.apache.org/r/74848/diff/1/ > > > Testing > --- > > Tested that Resources in masking policy and row level policy populate > properly. > Tested CRUD opration on Hive, Atlas, Tag, HDFS service policy. > > > Thanks, > > Dhaval Rajpara > >
Re: Review Request 74817: RANGER-4612 Fix to use correct service for resource lookup API in security zone
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74817/#review226186 --- Ship it! Ship It! - Mehul Parikh On Jan. 4, 2024, 12:07 p.m., Mugdha Varadkar wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/74817/ > --- > > (Updated Jan. 4, 2024, 12:07 p.m.) > > > Review request for ranger, Brijesh Bhalala and Dhaval Rajpara. > > > Bugs: RANGER-4612 > https://issues.apache.org/jira/browse/RANGER-4612 > > > Repository: ranger > > > Description > --- > > Actual - > > Found a issue in security zone when a resource lookup for a particular > service is executed. It is not using the current service in case of multiple > services present with same service-def type. > > Expected - > > Need to use the correct service to trigger a resource lookup API in > security zone. > > > Diffs > - > > > security-admin/src/main/webapp/react-webapp/src/views/SecurityZone/SecurityZoneForm.jsx > 90a257ae682a5be613f10810ae7b97bb35c1e286 > > > Diff: https://reviews.apache.org/r/74817/diff/1/ > > > Testing > --- > > Tested changes on a cluster setup with Ranger Admin build with React JS code > base. > Verified the current selected service is used for resource lookup in security > zone form while adding resources. > > > Successful completion of build command : > mvn clean compile package > > > Thanks, > > Mugdha Varadkar > >
[jira] [Commented] (RANGER-4659) Add eye icon for password visibility in Ranger Login Page
[
https://issues.apache.org/jira/browse/RANGER-4659?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17812242#comment-17812242
]
Brijesh Bhalala commented on RANGER-4659:
-
commited to [Apache master
|https://github.com/apache/ranger/commit/43cb907a0841c178d7e663a3e12bf695e3dd6eb4]
branch
> Add eye icon for password visibility in Ranger Login Page
> -
>
> Key: RANGER-4659
> URL: https://issues.apache.org/jira/browse/RANGER-4659
> Project: Ranger
> Issue Type: Improvement
> Components: Ranger
>Reporter: Brijesh Bhalala
>Assignee: Brijesh Bhalala
>Priority: Major
> Labels: ranger-react
> Fix For: 3.0.0
>
> Attachments: 0001-RANGER-4659.patch, 0002-RANGER-4659.patch,
> 0003-RANGER-4659.patch
>
>
> Add eye icon for password visibility in Ranger Login Page
> {*}Current Behaviour{*}:-
> * The Ranger login page doesn't have the password visibility functionality.
> * Users can't check the entered password, in case of wrong password.
> User should able to view the entered password by clicking on eye icon on
> password field in Ranger Login page.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
Re: Review Request 74838: RANGER-4656 Filtering the resources in the search filter options on the policy listing page based on policy type.
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74838/#review226190 --- Ship it! Ship It! - Mehul Parikh On Jan. 29, 2024, 12:57 p.m., Brijesh Bhalala wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/74838/ > --- > > (Updated Jan. 29, 2024, 12:57 p.m.) > > > Review request for ranger, Dhaval Rajpara, Dineshkumar Yadav, Madhan > Neethiraj, Mehul Parikh, Mugdha Varadkar, Nikunj Pansuriya, and Nitin Galave. > > > Bugs: RANGER-4656 > https://issues.apache.org/jira/browse/RANGER-4656 > > > Repository: ranger > > > Description > --- > > Filtering the resources in the search filter options on the policy listing > page based on policy type. > > Current Behaviour :- > > All the resources are displayed in search filter options on policy listing > page, > For masking and row level all resources are there in search filter option, > there is no filteration of resources on the basis of policy type. > > The resources should be filter on the basis of policy type in search filter > options in policy listing page. > > > Diffs > - > > > security-admin/src/main/webapp/react-webapp/src/views/PolicyListing/PolicyListing.jsx > e7e38d38c > > > Diff: https://reviews.apache.org/r/74838/diff/1/ > > > Testing > --- > > Applied the patch on a cluster and tested the following UI scenarios :- > 1)Crud operation on policies. > 2)Search policies by entering resources in search filter of policy listing > table. > > > Thanks, > > Brijesh Bhalala > >
Re: Review Request 74843: RANGER-4659: Add eye icon for password visibility in Ranger Login Page
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74843/#review226189 --- Ship it! Ship It! - Mehul Parikh On Jan. 29, 2024, 12:59 p.m., Brijesh Bhalala wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/74843/ > --- > > (Updated Jan. 29, 2024, 12:59 p.m.) > > > Review request for ranger, Dhaval Rajpara, Dineshkumar Yadav, Madhan > Neethiraj, Mehul Parikh, Mugdha Varadkar, Nikunj Pansuriya, and Nitin Galave. > > > Bugs: RANGER-4659 > https://issues.apache.org/jira/browse/RANGER-4659 > > > Repository: ranger > > > Description > --- > > Add eye icon for password visibility in Ranger Login Page > > Current Behaviour:- > 1)The Ranger login page doesn't have the password visibility functionality. > 2)Users can't check the entered password, in case of wrong password. > > User should able to view the entered password by clicking on eye icon on > password field in Ranger Login page. > > > Diffs > - > > security-admin/src/main/webapp/login.jsp ad82ea9eb > security-admin/src/main/webapp/scripts/prelogin/XAPrelogin.js a2eeccab6 > security-admin/src/main/webapp/styles/xa.css de8101174 > > > Diff: https://reviews.apache.org/r/74843/diff/3/ > > > Testing > --- > > Applied the patch on a cluster and tested the following UI scenarios :- > 1)Username and Password fields in Login Page. > 2)Hide and show functionality in password field. > > > Thanks, > > Brijesh Bhalala > >
Re: Review Request 74837: RANGER-4653: Add inline assertions for displayName length in service creation / update form
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74837/#review226187 --- Ship it! Ship It! - Mehul Parikh On Jan. 13, 2024, 5:06 p.m., Abhishek Patil wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/74837/ > --- > > (Updated Jan. 13, 2024, 5:06 p.m.) > > > Review request for ranger, Brijesh Bhalala, Dhaval Rajpara, Madhan Neethiraj, > Mehul Parikh, Mugdha Varadkar, and Ramesh Mani. > > > Bugs: RANGER-4653 > https://issues.apache.org/jira/browse/RANGER-4653 > > > Repository: ranger > > > Description > --- > > In the service create / update form, an inline assertion has to be added for > displayName validation (length and preventing use of special characters). > > > Diffs > - > > > security-admin/src/main/webapp/react-webapp/src/views/ServiceManager/ServiceForm.jsx > abb98954f > > > Diff: https://reviews.apache.org/r/74837/diff/1/ > > > Testing > --- > > Applied the patch on a cluster and tested the following UI scenarios :- > 1. Creation of a service with empty displayName, creation succeeded (expected > as displayName is not a mandatory field). > 2. Creation of a service with displayName that adheres to the valid regex (no > invalid special characters and length less than 256 characters), service > creation succeeded. > 3. Creation of a service with displayName with invalid special characters, > form submission failed (as expected). > 4. Creation of a service with displayName length greater than 256 characters, > form submission failed (as expected). > 5. Edit a service by modifying the displayName with valid name, edit > succeeded. > 6. Edit a service by modifying the displayName with invalid special > characters, form submission failed (as expected). > 7. Edit a service by modifying the displayName with length greater than 256 > characters, form submission failed (as expected). > > > Thanks, > > Abhishek Patil > >
Re: Review Request 74817: RANGER-4612 Fix to use correct service for resource lookup API in security zone
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74817/#review226184 --- Ship it! Ship It! - Dhaval Rajpara On Jan. 4, 2024, 12:07 p.m., Mugdha Varadkar wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/74817/ > --- > > (Updated Jan. 4, 2024, 12:07 p.m.) > > > Review request for ranger, Brijesh Bhalala and Dhaval Rajpara. > > > Bugs: RANGER-4612 > https://issues.apache.org/jira/browse/RANGER-4612 > > > Repository: ranger > > > Description > --- > > Actual - > > Found a issue in security zone when a resource lookup for a particular > service is executed. It is not using the current service in case of multiple > services present with same service-def type. > > Expected - > > Need to use the correct service to trigger a resource lookup API in > security zone. > > > Diffs > - > > > security-admin/src/main/webapp/react-webapp/src/views/SecurityZone/SecurityZoneForm.jsx > 90a257ae682a5be613f10810ae7b97bb35c1e286 > > > Diff: https://reviews.apache.org/r/74817/diff/1/ > > > Testing > --- > > Tested changes on a cluster setup with Ranger Admin build with React JS code > base. > Verified the current selected service is used for resource lookup in security > zone form while adding resources. > > > Successful completion of build command : > mvn clean compile package > > > Thanks, > > Mugdha Varadkar > >
Re: Review Request 74838: RANGER-4656 Filtering the resources in the search filter options on the policy listing page based on policy type.
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74838/#review226183 --- Ship it! Ship It! - Dhaval Rajpara On Jan. 29, 2024, 12:57 p.m., Brijesh Bhalala wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/74838/ > --- > > (Updated Jan. 29, 2024, 12:57 p.m.) > > > Review request for ranger, Dhaval Rajpara, Dineshkumar Yadav, Madhan > Neethiraj, Mehul Parikh, Mugdha Varadkar, Nikunj Pansuriya, and Nitin Galave. > > > Bugs: RANGER-4656 > https://issues.apache.org/jira/browse/RANGER-4656 > > > Repository: ranger > > > Description > --- > > Filtering the resources in the search filter options on the policy listing > page based on policy type. > > Current Behaviour :- > > All the resources are displayed in search filter options on policy listing > page, > For masking and row level all resources are there in search filter option, > there is no filteration of resources on the basis of policy type. > > The resources should be filter on the basis of policy type in search filter > options in policy listing page. > > > Diffs > - > > > security-admin/src/main/webapp/react-webapp/src/views/PolicyListing/PolicyListing.jsx > e7e38d38c > > > Diff: https://reviews.apache.org/r/74838/diff/1/ > > > Testing > --- > > Applied the patch on a cluster and tested the following UI scenarios :- > 1)Crud operation on policies. > 2)Search policies by entering resources in search filter of policy listing > table. > > > Thanks, > > Brijesh Bhalala > >
