[jira] [Created] (RANGER-3095) not able to list the keys with a user whose id contains non latin character
Deepak Sharma created RANGER-3095: - Summary: not able to list the keys with a user whose id contains non latin character Key: RANGER-3095 URL: https://issues.apache.org/jira/browse/RANGER-3095 Project: Ranger Issue Type: Bug Components: Ranger Reporter: Deepak Sharma not able to list the keys with a user whose id contains non latin character -- This message was sent by Atlassian Jira (v8.3.4#803005)
Re: [VOTE] Apache Ranger 2.1.0 rc0
+1 Build Succeeded basic sanity on ranger admin looks good -Deepak On Wed, Sep 2, 2020 at 8:09 AM Don Bosco Durai wrote: > +1 > > - Build successfully > > Amazing work everyone. Madhan, thanks for driving this > > Regards > > Bosco > > > On 9/1/20, 12:25 PM, "Selvamohan Neethiraj" wrote: > > +1 > > Thanks Madhan for driving the release of Apache Ranger 2.1.0 > * Downloaded source and build successfully. > > Thanks, > Selva- > > On 8/30/20 5:37 PM, Madhan Neethiraj wrote: > > Rangers, > > > > Apache Ranger 2.1.0 release candidate #0 is now available for a vote > within dev community. Links to the release artifacts are given below. > Please review and vote. > > > > The vote will be open for at least 72 hours or until necessary votes > are reached. > > [ ] +1 approve > > [ ] +0 no opinion > > [ ] -1 disapprove (and reason why) > > > > Regards, > > Madhan > > > > List of all issues addressed in this release: > https://issues.apache.org/jira/issues/?jql=project=RANGER AND > status=Resolved AND fixVersion=2.1.0 ORDER BY key DESC > > > > Git tag for the release: > https://github.com/apache/ranger/tree/release-2.1.0-rc0 > > Sources for the release: > https://dist.apache.org/repos/dist/dev/ranger/2.1.0-rc0/apache-ranger-2.1.0.tar.gz > > > > Source release verification: > > PGP Signature: > https://dist.apache.org/repos/dist/dev/ranger/2.1.0-rc0/apache-ranger-2.1.0.tar.gz.asc > > SHA256 Hash: > https://dist.apache.org/repos/dist/dev/ranger/2.1.0-rc0/apache-ranger-2.1.0.tar.gz.sha256 > > SHA512 Hash: > https://dist.apache.org/repos/dist/dev/ranger/2.1.0-rc0/apache-ranger-2.1.0.tar.gz.sha512 > > > > Keys to verify the signature of the release artifacts are available > at: https://dist.apache.org/repos/dist/release/ranger/KEYS > > > > New features/enhancements: > > - Hive plugin enhancement to authorize based on database/table > owners > > - Solr plugin enhancement to support document level authorization > > - Kafka plugin enhancement to support authorization on > consumer-groups > > - Presto plugin enhancements to support row-filtering and > column-masking > > - Atlas plugin enhancements to support authorization for new > operations and resources > > - Plugins enhancement to support Ranger HA without requiring a > load-balancer > > - Plugins enhancements to support incremental tag updates > > - Plugins enhancements to support super-users and super-groups > > - Plugins enhancements to support audit excluded-users > > - Added support for Elastic Search as audit store > > - Ranger Admin UI improvements > > - Performance improvement in bulk create/update of policies > > - Ranger KMS enhancement to support Azure Key Vault > > - Java client library to access Ranger REST APIs > > - Python client library to access Ranger REST APIs > > - Added docker setup to build, deploy Apache Ranger along with > Ranger authorization enabled HDFS/YARN/HBase/Kafka services > > - updated versions of dependent libraries/components > > > > > > > > >
[jira] [Resolved] (RANGER-2963) resource values is showed as empty while editing the policy
[ https://issues.apache.org/jira/browse/RANGER-2963?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Deepak Sharma resolved RANGER-2963. --- Resolution: Duplicate > resource values is showed as empty while editing the policy > --- > > Key: RANGER-2963 > URL: https://issues.apache.org/jira/browse/RANGER-2963 > Project: Ranger > Issue Type: Bug > Components: admin >Affects Versions: ranger-2.0 > Reporter: Deepak Sharma >Priority: Major > > Ui seems to have issue, while editing the policy in ranger some of the > resources are showed as empty, > eg: in hive - Database. > in atlas - type-category -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (RANGER-2965) issue with admin audit
Deepak Sharma created RANGER-2965: - Summary: issue with admin audit Key: RANGER-2965 URL: https://issues.apache.org/jira/browse/RANGER-2965 Project: Ranger Issue Type: Bug Components: Ranger Reporter: Deepak Sharma *scenario:* 1) create a policy with backend ranger api and provide any user in payload which is actually not present in ranger Check Admin audit log entry for this operation. User detail and session is missing from audit log -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (RANGER-2964) creating policy with passing serviceType as id is failing
Deepak Sharma created RANGER-2964:
-
Summary: creating policy with passing serviceType as id is failing
Key: RANGER-2964
URL: https://issues.apache.org/jira/browse/RANGER-2964
Project: Ranger
Issue Type: Bug
Components: Ranger
Affects Versions: ranger-2.0
Reporter: Deepak Sharma
we are creating ranger policies with "serviceType": "3", but it is failing due
to following error:
curl -i -k -u admin:admin123 -H "Accept: application/json" -H "Content-Type:
multipart/form-data" -X POST -F 'file=@test.json'
"https://:6182/service/plugins/policies/importPoliciesFromFile?isOverride=true=hive"
{code}
HTTP/1.1 100 Continue
HTTP/1.1 400 Bad Request
Set-Cookie: RANGERADMINSESSIONID=777A04534D04521931753508FB7681B5; Path=/;
Secure; HttpOnly
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline'
'unsafe-eval'; connect-src 'self'; img-src 'self'; style-src 'self'
'unsafe-inline';font-src 'self'
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Content-Type-Options: nosniff
Content-Type: application/json
Transfer-Encoding: chunked
Date: Mon, 24 Aug 2020 06:24:34 GMT
Connection: close
Server: Apache Ranger
{"statusCode":1,"msgDesc":"(0) Validation failure: error code[4009], reason[
Invalid service type [3] provided for service [cm_hive]], field[service type],
subfield[null], type[semantically incorrect] "}
{code}
*Policy content:*
{code}
{
"service": "cm_hive",
"name": "policy for db create",
"policyType": 0,
"policyPriority": 0,
"description": "",
"resourceSignature":
"053c490e396ce264ff786bfe7e305c391cdee05b8a9e42e4fc969643119bdbb3",
"isAuditEnabled": true,
"resources": {
"database": {
"values": [
"org"
],
"isExcludes": false,
"isRecursive": false
}
},
"policyItems": [
{
"accesses": [
{
"type": "select",
"isAllowed": true
},
{
"type": "update",
"isAllowed": true
},
{
"type": "create",
"isAllowed": true
},
{
"type": "drop",
"isAllowed": true
},
{
"type": "alter",
"isAllowed": true
},
{
"type": "index",
"isAllowed": true
},
{
"type": "lock",
"isAllowed": true
},
{
"type": "all",
"isAllowed": true
},
{
"type": "read",
"isAllowed": true
},
{
"type": "write",
"isAllowed": true
},
{
"type": "repladmin",
"isAllowed": true
},
{
"type": "serviceadmin",
"isAllowed": true
},
{
"type": "tempudfadmin",
"isAllowed": true
},
{
"type": "refresh",
"isAllowed": true
}
],
"users": [
"hrt_21"
],
"groups": [],
"roles": [],
"conditions": [],
"delegateAdmin": false
}
],
"denyPolicyItems": [],
"allowExceptions": [],
"denyExceptions": [],
"dataMaskPolicyItems": [],
"rowFilterPolicyItems": [],
"serviceType": "3",
"options": {},
"validitySchedules": [],
"policyLabels": [],
"zoneName": "",
"isDenyAllElse": false,
"id": 416,
"guid": "d551b570-d81b-4df2-9b5e-0c405164e3ae",
"isEnabled": true,
"createdBy": "Admin",
"updatedBy": "Admin",
"version": 1
}
{code}
though after specifying serviceType as "hive" policy creation goes through.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Updated] (RANGER-2963) resource values is showed as empty while editing the policy
[ https://issues.apache.org/jira/browse/RANGER-2963?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Deepak Sharma updated RANGER-2963: -- Issue Type: Bug (was: Task) > resource values is showed as empty while editing the policy > --- > > Key: RANGER-2963 > URL: https://issues.apache.org/jira/browse/RANGER-2963 > Project: Ranger > Issue Type: Bug > Components: admin >Affects Versions: ranger-2.0 > Reporter: Deepak Sharma >Priority: Major > > Ui seems to have issue, while editing the policy in ranger some of the > resources are showed as empty, > eg: in hive - Database. > in atlas - type-category -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (RANGER-2963) resource values is showed as empty while editing the policy
Deepak Sharma created RANGER-2963: - Summary: resource values is showed as empty while editing the policy Key: RANGER-2963 URL: https://issues.apache.org/jira/browse/RANGER-2963 Project: Ranger Issue Type: Task Components: admin Affects Versions: ranger-2.0 Reporter: Deepak Sharma Ui seems to have issue, while editing the policy in ranger some of the resources are showed as empty, eg: in hive - Database. in atlas - type-category -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (RANGER-2673) Build Python based Rest Api client for Ranger
[ https://issues.apache.org/jira/browse/RANGER-2673?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16993764#comment-16993764 ] Deepak Sharma commented on RANGER-2673: --- [~vel] still there are many automation framework that uses python2.7. so I am yet to decide whether to consider them or not. ideally we should just go ahead with python3, because python2 is going to sunset very soon. https://www.python.org/doc/sunset-python-2/ > Build Python based Rest Api client for Ranger > - > > Key: RANGER-2673 > URL: https://issues.apache.org/jira/browse/RANGER-2673 > Project: Ranger > Issue Type: Task > Components: Ranger >Affects Versions: master > Reporter: Deepak Sharma > Assignee: Deepak Sharma >Priority: Major > Fix For: master > > > It is good to have Python based API client for Ranger. > Decision to be made before starting on this work: > 1) whether to support python2 or python3 or both. > 2) Scope: > CRUD operations on Policy/Service/Zones > User/group operation -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (RANGER-2673) Build Python Rest Api client for Ranger
Deepak Sharma created RANGER-2673: - Summary: Build Python Rest Api client for Ranger Key: RANGER-2673 URL: https://issues.apache.org/jira/browse/RANGER-2673 Project: Ranger Issue Type: Task Components: Ranger Affects Versions: master Reporter: Deepak Sharma Assignee: Deepak Sharma Fix For: master It is good to have Python based API client for Ranger. Decision to be made before starting on this work: 1) whether to support python2 or python3 or both. 2) Scope: CRUD operations on Policy/Service/Zones User/group operation -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (RANGER-2673) Build Python based Rest Api client for Ranger
[ https://issues.apache.org/jira/browse/RANGER-2673?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Deepak Sharma updated RANGER-2673: -- Summary: Build Python based Rest Api client for Ranger (was: Build Python Rest Api client for Ranger) > Build Python based Rest Api client for Ranger > - > > Key: RANGER-2673 > URL: https://issues.apache.org/jira/browse/RANGER-2673 > Project: Ranger > Issue Type: Task > Components: Ranger >Affects Versions: master > Reporter: Deepak Sharma > Assignee: Deepak Sharma >Priority: Major > Fix For: master > > > It is good to have Python based API client for Ranger. > Decision to be made before starting on this work: > 1) whether to support python2 or python3 or both. > 2) Scope: > CRUD operations on Policy/Service/Zones > User/group operation -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (RANGER-2511) default tag based service is getting created for the tag based service
Deepak Sharma created RANGER-2511: - Summary: default tag based service is getting created for the tag based service Key: RANGER-2511 URL: https://issues.apache.org/jira/browse/RANGER-2511 Project: Ranger Issue Type: Bug Components: Ranger Affects Versions: master Reporter: Deepak Sharma Fix For: master as part of RANER-2481 feature implementation if there is any resource based service created then one tag based service is created and gets associated with the resource based service, where tag based service name is string before underscore + _tag. eg: cm_hive then tag service name is cm_tag. but problem here is even if we create tag based service then another tag based service getting created for it. cc [~abhayk] -- This message was sent by Atlassian JIRA (v7.6.14#76016)
[jira] [Created] (RANGER-2449) if service part of zone is not present then null pointer exception is thrown
Deepak Sharma created RANGER-2449: - Summary: if service part of zone is not present then null pointer exception is thrown Key: RANGER-2449 URL: https://issues.apache.org/jira/browse/RANGER-2449 Project: Ranger Issue Type: Bug Components: admin Affects Versions: master Reporter: Deepak Sharma Fix For: master if service part of zone is not present then null pointer exception is thrown -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (RANGER-2403) proper error should be thrown when service part of zone being deleted
Deepak Sharma created RANGER-2403: - Summary: proper error should be thrown when service part of zone being deleted Key: RANGER-2403 URL: https://issues.apache.org/jira/browse/RANGER-2403 Project: Ranger Issue Type: Bug Components: Ranger Affects Versions: master Reporter: Deepak Sharma Fix For: master currently when service part of zone being deleted ERROR XXService can't be deleted is thrown, we can handle it eg: Service is associated with and can not be deleted. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (RANGER-2387) add public api v2 for security zones
Deepak Sharma created RANGER-2387: - Summary: add public api v2 for security zones Key: RANGER-2387 URL: https://issues.apache.org/jira/browse/RANGER-2387 Project: Ranger Issue Type: Bug Components: Ranger Affects Versions: master Reporter: Deepak Sharma Fix For: master add public api v2 for security zones -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (RANGER-2069) group id below than 500 is not getting syncd
Deepak Sharma created RANGER-2069: - Summary: group id below than 500 is not getting syncd Key: RANGER-2069 URL: https://issues.apache.org/jira/browse/RANGER-2069 Project: Ranger Issue Type: Bug Components: Ranger Affects Versions: master Reporter: Deepak Sharma Fix For: master change the default value for min group ID to 0 instead of 500 -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (RANGER-1852) some groups missed to be sync if they are syncd from openldap If deltasync is enabled
Deepak Sharma created RANGER-1852: - Summary: some groups missed to be sync if they are syncd from openldap If deltasync is enabled Key: RANGER-1852 URL: https://issues.apache.org/jira/browse/RANGER-1852 Project: Ranger Issue Type: Bug Components: Ranger Affects Versions: 0.7.2 Reporter: Deepak Sharma some groups missed to be sync if they are syncd from openldap in a scenario when users are added to the ldap at the time when usersync is happening or if it is in progress or within a minute of usersync cycle. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Created] (RANGER-1779) last resource gets duplicated during update policy if policy is created through public api rest call
Deepak Sharma created RANGER-1779: - Summary: last resource gets duplicated during update policy if policy is created through public api rest call Key: RANGER-1779 URL: https://issues.apache.org/jira/browse/RANGER-1779 Project: Ranger Issue Type: Bug Components: admin Affects Versions: master Reporter: Deepak Sharma scenario: 1) create a policy with multiple resource *,default using public api 2) go to ranger admin ui and update the policy without any change 3) again view the policy. Issue: default gets duplicated as resource in the policy. and even new entry is added in resource map table for the last resource. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Assigned] (RANGER-1779) last resource gets duplicated during update policy if policy is created through public api rest call
[ https://issues.apache.org/jira/browse/RANGER-1779?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Deepak Sharma reassigned RANGER-1779: - Assignee: Nikhil Purbhe > last resource gets duplicated during update policy if policy is created > through public api rest call > > > Key: RANGER-1779 > URL: https://issues.apache.org/jira/browse/RANGER-1779 > Project: Ranger > Issue Type: Bug > Components: admin >Affects Versions: master > Reporter: Deepak Sharma >Assignee: Nikhil Purbhe > > scenario: > 1) create a policy with multiple resource *,default using public api > 2) go to ranger admin ui and update the policy without any change > 3) again view the policy. > Issue: > default gets duplicated as resource in the policy. > and even new entry is added in resource map table for the last resource. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Assigned] (RANGER-1687) Atlas Resource based policy lists the 'Atlas types' JSON irrespective of the resource selected
[
https://issues.apache.org/jira/browse/RANGER-1687?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Deepak Sharma reassigned RANGER-1687:
-
Assignee: Deepak Sharma
> Atlas Resource based policy lists the 'Atlas types' JSON irrespective of the
> resource selected
> --
>
> Key: RANGER-1687
> URL: https://issues.apache.org/jira/browse/RANGER-1687
> Project: Ranger
> Issue Type: Bug
> Components: Ranger
>Reporter: Sharmadha Sainath
> Assignee: Deepak Sharma
>
> Following are present in resource list for Atlas policy :
> 1.entity
> 2.type
> 3.taxonomy
> 4.term
> 5.operation
> For any resource selected and lookup made , following POST request is made :
> {code}
> http://rangerhost:6080/service/plugins/services/lookupResource/cl1_atlas
> {code}
> Response is the list of types in Atlas as JSON :
> {code}
> ["{\"results\":[\"hive_principal_type\",\"file_action\",\"hive_serde\",\"hive_order\",\"fs_permissions\",\"TaxonomyTerm\",\"falcon_process\",\"falcon_feed_replication\",\"DataSet\",\"falcon_feed_creation\",\"Process\",\"hive_table\",\"sqoop_dbdatastore\",\"hive_db\",\"storm_node\",\"hive_process\",\"hbase_column\",\"Referenceable\",\"falcon_feed\",\"hbase_table\",\"jms_topic\",\"storm_topology\",\"Infrastructure\",\"hbase_column_family\",\"storm_spout\",\"Asset\",\"hive_column\",\"kafka_topic\",\"hive_storagedesc\",\"hdfs_path\",\"sqoop_process\",\"hive_column_lineage\",\"storm_bolt\",\"falcon_cluster\",\"fs_path\"],\"count\":35,\"requestId\":\"pool-2-thread-9
> - dbf4e4ea-bfd3-49a7-86a2-b381c905f7fd\"}"]
> {code}
> No other results are shown other than the above JSON.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Updated] (RANGER-1760) test_resourcematcher_default.json is invalid
[
https://issues.apache.org/jira/browse/RANGER-1760?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Deepak Sharma updated RANGER-1760:
--
Attachment: 0001-RANGER-1760-fixing-the-issue-in-test_resourcematcher.patch
> test_resourcematcher_default.json is invalid
>
>
> Key: RANGER-1760
> URL: https://issues.apache.org/jira/browse/RANGER-1760
> Project: Ranger
> Issue Type: Improvement
> Components: Ranger
>Affects Versions: master
> Reporter: Deepak Sharma
> Assignee: Deepak Sharma
> Fix For: master
>
> Attachments:
> 0001-RANGER-1760-fixing-the-issue-in-test_resourcematcher.patch
>
>
> test_resourcematcher_default.json is invalid
> there are many such instance in that
> {code}
> Error: Parse error on line 133:
> ...t": false }, ]
> }, { "name"
> -^
> Expecting 'STRING', 'NUMBER', 'NULL', 'TRUE', 'FALSE', '{', '[', got ']'
> {code}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
Review Request 62052: issues with test_resourcematcher_default.json
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/62052/ --- Review request for ranger. Bugs: RANGER-1760 https://issues.apache.org/jira/browse/RANGER-1760 Repository: ranger Description --- issues with test_resourcematcher_default.json Diffs - agents-common/src/test/resources/resourcematcher/test_resourcematcher_default.json 50b4cc3 Diff: https://reviews.apache.org/r/62052/diff/1/ Testing --- tested the json after the fix and run the tests TestResourceMatcher also where it is used: Thanks, deepak sharma
[jira] [Created] (RANGER-1760) test_resourcematcher_default.json is invalid
Deepak Sharma created RANGER-1760:
-
Summary: test_resourcematcher_default.json is invalid
Key: RANGER-1760
URL: https://issues.apache.org/jira/browse/RANGER-1760
Project: Ranger
Issue Type: Improvement
Components: Ranger
Affects Versions: master
Reporter: Deepak Sharma
Assignee: Deepak Sharma
Fix For: master
test_resourcematcher_default.json is invalid
there are many such instance in that
{code}
Error: Parse error on line 133:
...t": false}, ]
}, { "name"
-^
Expecting 'STRING', 'NUMBER', 'NULL', 'TRUE', 'FALSE', '{', '[', got ']'
{code}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Updated] (RANGER-1754) group deletion message is wrong , it give User deleted successfully instead of group
[ https://issues.apache.org/jira/browse/RANGER-1754?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Deepak Sharma updated RANGER-1754: -- Attachment: 0001-RANGER-1754-correcting-group-deletion-message .patch > group deletion message is wrong , it give User deleted successfully instead > of group > > > Key: RANGER-1754 > URL: https://issues.apache.org/jira/browse/RANGER-1754 > Project: Ranger > Issue Type: Bug > Components: admin >Affects Versions: 0.7.2 > Reporter: Deepak Sharma >Assignee: Deepak Sharma > Fix For: master > > Attachments: 0001-RANGER-1754-correcting-group-deletion-message .patch > > > group deletion message is wrong , it give User deleted successfully instead > of group -- This message was sent by Atlassian JIRA (v6.4.14#64029)
Re: Review Request 61990: RANGER-1754: correcting group deletion message
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/61990/ --- (Updated Aug. 30, 2017, 11:28 a.m.) Review request for ranger, Mehul Parikh and Nikhil P. Bugs: RANGER-1754 https://issues.apache.org/jira/browse/RANGER-1754 Repository: ranger Description (updated) --- group deletion message shows , "User deleted successfully" correcting it to "Group deleted successfully" Diffs - security-admin/src/main/webapp/scripts/views/users/UserTableLayout.js 17bde37 Diff: https://reviews.apache.org/r/61990/diff/1/ Testing --- Tested , after making the changes Thanks, deepak sharma
Review Request 61990: RANGER-1754: correcting group deletion message
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/61990/ --- Review request for ranger, Mehul Parikh and Nikhil P. Bugs: RANGER-1754 https://issues.apache.org/jira/browse/RANGER-1754 Repository: ranger Description --- grou deletion message shows , "User deleted successfully" correcting it to "Group deleted successfully" Diffs - security-admin/src/main/webapp/scripts/views/users/UserTableLayout.js 17bde37 Diff: https://reviews.apache.org/r/61990/diff/1/ Testing --- Tested , after making the changes Thanks, deepak sharma
[jira] [Created] (RANGER-1754) group deletion message is wrong , it give User deleted successfully instead of group
Deepak Sharma created RANGER-1754: - Summary: group deletion message is wrong , it give User deleted successfully instead of group Key: RANGER-1754 URL: https://issues.apache.org/jira/browse/RANGER-1754 Project: Ranger Issue Type: Bug Components: admin Affects Versions: 0.7.2 Reporter: Deepak Sharma Assignee: Deepak Sharma Fix For: master group deletion message is wrong , it give User deleted successfully instead of group -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Created] (RANGER-1674) IMPORT START audit is not appearing on audit page
Deepak Sharma created RANGER-1674:
-
Summary: IMPORT START audit is not appearing on audit page
Key: RANGER-1674
URL: https://issues.apache.org/jira/browse/RANGER-1674
Project: Ranger
Issue Type: Bug
Components: Ranger
Affects Versions: 0.7.2
Reporter: Deepak Sharma
Fix For: 0.7.2
IMPORT START audit is not appearing on audit page
IMPORT START audit is not appearing on audit page
https://:6182/service/assets/report?action=IMPORT+START
{code}
200
0
0
10
{code}
{code}
MariaDB [ranger]> select * from x_trx_log where action='IMPORT START';
+--+-+-+-+---++---+--+--++-+---+--+-+--+--+-+--+--+
| id | create_time | update_time | added_by_id | upd_by_id |
class_type | object_id | parent_object_id | parent_object_class_type |
parent_object_name | object_name | attr_name | prev_val | new_val | trx_id
| action | sess_id | req_id | sess_type
|
+--+-+-+-+---++---+--+--++-+---+--+-+--+--+-+--+--+
| 3476 | 2017-07-04 14:04:23 | 2017-07-04 14:04:23 | 1 | 1 |
1020 | NULL | NULL |0 | NULL
| NULL| NULL | NULL | NULL| 4046595386478510685
| IMPORT START | 513 | 4046595386478510685 | Spring Authenticated Session |
{code}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Created] (RANGER-1633) populate ranger.plugin.hive.urlauth.filesystem.schemes default value to hdfs:,file:,wasb:,adl:
Deepak Sharma created RANGER-1633: - Summary: populate ranger.plugin.hive.urlauth.filesystem.schemes default value to hdfs:,file:,wasb:,adl: Key: RANGER-1633 URL: https://issues.apache.org/jira/browse/RANGER-1633 Project: Ranger Issue Type: Bug Components: Ranger Affects Versions: 0.7.1 Reporter: Deepak Sharma Fix For: 0.7.1 populate ranger.plugin.hive.urlauth.filesystem.schemes default value to hdfs:,file:,wasb:,adl: 1) it will be better if we keep default value of ranger.plugin.hive.urlauth.filesystem.schemes=hdfs:,file:,wasb:,adl:, if it does not harm to have all of the fs values in this properly it will be good to add them. 2) it will be good to add this properly in advanced-ranger-hive-security -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Resolved] (RANGER-1475) some users missed to be sync if they are syncd from openldap If deltasync is enabled
[
https://issues.apache.org/jira/browse/RANGER-1475?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Deepak Sharma resolved RANGER-1475.
---
Resolution: Fixed
> some users missed to be sync if they are syncd from openldap If deltasync is
> enabled
>
>
> Key: RANGER-1475
> URL: https://issues.apache.org/jira/browse/RANGER-1475
> Project: Ranger
> Issue Type: Bug
> Components: Ranger
>Affects Versions: 0.7.1
> Reporter: Deepak Sharma
>Assignee: Deepak Sharma
> Fix For: 1.0.0, 0.7.1
>
>
> some users missed to be sync if they are syncd from openldap in a scenario
> when users are added to the ldap at the time when usersync is happening or if
> it is in progress or within a minute of usersync cycle.
> {code}
> if (deltaSyncUserTime < highestdeltaSyncUserTime) {
> // Incrementing highestdeltaSyncUserTime (for
> AD) in order to avoid search record repetition for next sync cycle.
> deltaSyncUserTime = highestdeltaSyncUserTime+1;
> // Incrementing the highest timestamp value
> (for Openldap) with 1min in order to avoid search record repetition for next
> sync cycle.
> deltaSyncUserTimeStamp = dateFormat.format(new
> Date(highestdeltaSyncUserTime + 6l));
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
Review Request 58961: reducing the highest time stamp value to pick all the users syncd during sync cycle
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/58961/ --- Review request for ranger and Sailaja Polavarapu. Bugs: RANGER-1475 https://issues.apache.org/jira/browse/RANGER-1475 Repository: ranger Description --- currently we increase the deltaSyncUserTimeStamp by 1 minute, in order to avoid search record repetition for next sync cycle, but if there is a new user added within a minute of last sync cycle then it does not sync, so reducing the increament time from 1min to 1sec to avoid this issue. Diffs - ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapDeltaUserGroupBuilder.java d65ba52 Diff: https://reviews.apache.org/r/58961/diff/1/ Testing --- Thanks, deepak sharma
Review Request 58958: reducing the highest time stamp value to pick all the users syncd during sync cycle
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/58958/ --- Review request for ranger and Sailaja Polavarapu. Bugs: RANGER-1475 https://issues.apache.org/jira/browse/RANGER-1475 Repository: ranger Description --- reducing the highest time stamp value to pick all the users syncd during sync cycle Diffs - ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapDeltaUserGroupBuilder.java d65ba52 Diff: https://reviews.apache.org/r/58958/diff/1/ Testing --- currently we increase the deltaSyncUserTimeStamp by 1 minute, in order to avoid search record repetition for next sync cycle, but if there is a new user added within a minute of last sync cycle then it does not sync, so reducing the increament time from 1min to 1sec to avoid this issue. Thanks, deepak sharma
Re: Review Request 58184: [RANGER-1497]Improvement of unit test coverage for ranger
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/58184/ --- (Updated April 6, 2017, 9:09 a.m.) Review request for ranger, Ankita Sinha and Mehul Parikh. Bugs: RANGER-1497 https://issues.apache.org/jira/browse/RANGER-1497 Repository: ranger Description --- [RANGER-1497]Improvement of unit test coverage for ranger by adding the unit tests for org.apache.ranger.rest.AssetREST Diffs (updated) - security-admin/src/test/java/org/apache/ranger/rest/TestAssetREST.java PRE-CREATION Diff: https://reviews.apache.org/r/58184/diff/3/ Changes: https://reviews.apache.org/r/58184/diff/2-3/ Testing --- tested the Junit tests added locally. Thanks, deepak sharma
Re: Review Request 58184: [RANGER-1497]Improvement of unit test coverage for ranger
> On April 5, 2017, 4:01 a.m., Ayub Pathan wrote: > > security-admin/src/test/java/org/apache/ranger/rest/TestAssetREST.java > > Lines 110 (patched) > > <https://reviews.apache.org/r/58184/diff/1/?file=1684530#file1684530line110> > > > > All the below Mock injection is not used in the code. > > > > vXAsset > > searchFilter > > xAssetService > > xResourceService > > xCredentialStoreService > > request > > servicePolicies > > xTrxLogService > > xPolicyExportAudits > > xAccessAuditService > > xxServiceDefDao > > restErrorUtil Thanks for the review Ayub, i removed some of the unused mock injection, but following are used actually, and if you remove them then test will fail: xAssetService: https://github.com/hortonworks/ranger/blob/HDP-2.3.1.1/security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java#L255 same way below mentioned are also used: xResourceService: xCredentialStoreService: XTrxLogService: xPolicyExportAudits xAccessAuditService but rest rest of them i have removed. - deepak --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/58184/#review171084 --- On April 5, 2017, 9:08 a.m., deepak sharma wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/58184/ > --- > > (Updated April 5, 2017, 9:08 a.m.) > > > Review request for ranger, Ankita Sinha and Mehul Parikh. > > > Bugs: RANGER-1497 > https://issues.apache.org/jira/browse/RANGER-1497 > > > Repository: ranger > > > Description > --- > > [RANGER-1497]Improvement of unit test coverage for ranger by adding the unit > tests for org.apache.ranger.rest.AssetREST > > > Diffs > - > > security-admin/src/test/java/org/apache/ranger/rest/TestAssetREST.java > PRE-CREATION > > > Diff: https://reviews.apache.org/r/58184/diff/2/ > > > Testing > --- > > tested the Junit tests added locally. > > > Thanks, > > deepak sharma > >
Re: Review Request 58184: [RANGER-1497]Improvement of unit test coverage for ranger
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/58184/ --- (Updated April 5, 2017, 9:08 a.m.) Review request for ranger, Ankita Sinha and Mehul Parikh. Bugs: RANGER-1497 https://issues.apache.org/jira/browse/RANGER-1497 Repository: ranger Description --- [RANGER-1497]Improvement of unit test coverage for ranger by adding the unit tests for org.apache.ranger.rest.AssetREST Diffs (updated) - security-admin/src/test/java/org/apache/ranger/rest/TestAssetREST.java PRE-CREATION Diff: https://reviews.apache.org/r/58184/diff/2/ Changes: https://reviews.apache.org/r/58184/diff/1-2/ Testing --- tested the Junit tests added locally. Thanks, deepak sharma
Review Request 58184: [RANGER-1497]Improvement of unit test coverage for ranger
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/58184/ --- Review request for ranger, Ankita Sinha and Mehul Parikh. Bugs: RANGER-1497 https://issues.apache.org/jira/browse/RANGER-1497 Repository: ranger Description --- [RANGER-1497]Improvement of unit test coverage for ranger by adding the unit tests for org.apache.ranger.rest.AssetREST Diffs - security-admin/src/test/java/org/apache/ranger/rest/TestAssetREST.java PRE-CREATION Diff: https://reviews.apache.org/r/58184/diff/1/ Testing --- tested the Junit tests added locally. Thanks, deepak sharma
[jira] [Created] (RANGER-1497) Improvement of unit test coverage for ranger
Deepak Sharma created RANGER-1497: - Summary: Improvement of unit test coverage for ranger Key: RANGER-1497 URL: https://issues.apache.org/jira/browse/RANGER-1497 Project: Ranger Issue Type: Improvement Components: Ranger Reporter: Deepak Sharma Fix For: master, 0.7.1 Improvement of unit test coverage for ranger by adding the unit tests for org.apache.ranger.rest.AssetREST. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Assigned] (RANGER-1497) Improvement of unit test coverage for ranger
[ https://issues.apache.org/jira/browse/RANGER-1497?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Deepak Sharma reassigned RANGER-1497: - Assignee: Deepak Sharma > Improvement of unit test coverage for ranger > - > > Key: RANGER-1497 > URL: https://issues.apache.org/jira/browse/RANGER-1497 > Project: Ranger > Issue Type: Improvement > Components: Ranger > Reporter: Deepak Sharma > Assignee: Deepak Sharma > Fix For: master, 0.7.1 > > > Improvement of unit test coverage for ranger by adding the unit tests for > org.apache.ranger.rest.AssetREST. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (RANGER-1475) some users missed to be sync if they are syncd from openldap If deltasync is enabled
[
https://issues.apache.org/jira/browse/RANGER-1475?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Deepak Sharma updated RANGER-1475:
--
Summary: some users missed to be sync if they are syncd from openldap If
deltasync is enabled (was: some users missed to be sync if they are syncd from
openldap)
> some users missed to be sync if they are syncd from openldap If deltasync is
> enabled
>
>
> Key: RANGER-1475
> URL: https://issues.apache.org/jira/browse/RANGER-1475
> Project: Ranger
> Issue Type: Bug
> Components: Ranger
>Affects Versions: 0.7.1
> Reporter: Deepak Sharma
>Assignee: Deepak Sharma
> Fix For: 0.7.1
>
>
> some users missed to be sync if they are syncd from openldap in a scenario
> when users are added to the ldap at the time when usersync is happening or if
> it is in progress or within a minute of usersync cycle.
> {code}
> if (deltaSyncUserTime < highestdeltaSyncUserTime) {
> // Incrementing highestdeltaSyncUserTime (for
> AD) in order to avoid search record repetition for next sync cycle.
> deltaSyncUserTime = highestdeltaSyncUserTime+1;
> // Incrementing the highest timestamp value
> (for Openldap) with 1min in order to avoid search record repetition for next
> sync cycle.
> deltaSyncUserTimeStamp = dateFormat.format(new
> Date(highestdeltaSyncUserTime + 6l));
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
[jira] [Assigned] (RANGER-1475) some users missed to be sync if they are syncd from openldap
[
https://issues.apache.org/jira/browse/RANGER-1475?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Deepak Sharma reassigned RANGER-1475:
-
Assignee: Deepak Sharma
> some users missed to be sync if they are syncd from openldap
>
>
> Key: RANGER-1475
> URL: https://issues.apache.org/jira/browse/RANGER-1475
> Project: Ranger
> Issue Type: Bug
> Components: Ranger
>Affects Versions: 0.7.1
> Reporter: Deepak Sharma
> Assignee: Deepak Sharma
> Fix For: 0.7.1
>
>
> some users missed to be sync if they are syncd from openldap in a scenario
> when users are added to the ldap at the time when usersync is happening or if
> it is in progress or within a minute of usersync cycle.
> {code}
> if (deltaSyncUserTime < highestdeltaSyncUserTime) {
> // Incrementing highestdeltaSyncUserTime (for
> AD) in order to avoid search record repetition for next sync cycle.
> deltaSyncUserTime = highestdeltaSyncUserTime+1;
> // Incrementing the highest timestamp value
> (for Openldap) with 1min in order to avoid search record repetition for next
> sync cycle.
> deltaSyncUserTimeStamp = dateFormat.format(new
> Date(highestdeltaSyncUserTime + 6l));
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
[jira] [Created] (RANGER-1475) some users missed to be sync if they are syncd from openldap
Deepak Sharma created RANGER-1475:
-
Summary: some users missed to be sync if they are syncd from
openldap
Key: RANGER-1475
URL: https://issues.apache.org/jira/browse/RANGER-1475
Project: Ranger
Issue Type: Bug
Components: Ranger
Affects Versions: 0.7.1
Reporter: Deepak Sharma
Fix For: 0.7.1
some users missed to be sync if they are syncd from openldap in a scenario when
users are added to the ldap at the time when usersync is happening or if it is
in progress or within a minute of usersync cycle.
{code}
if (deltaSyncUserTime < highestdeltaSyncUserTime) {
// Incrementing highestdeltaSyncUserTime (for
AD) in order to avoid search record repetition for next sync cycle.
deltaSyncUserTime = highestdeltaSyncUserTime+1;
// Incrementing the highest timestamp value
(for Openldap) with 1min in order to avoid search record repetition for next
sync cycle.
deltaSyncUserTimeStamp = dateFormat.format(new
Date(highestdeltaSyncUserTime + 6l));
{code}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
[jira] [Created] (RANGER-1405) groups are not shown if exact user name is passed in search filter
Deepak Sharma created RANGER-1405: - Summary: groups are not shown if exact user name is passed in search filter Key: RANGER-1405 URL: https://issues.apache.org/jira/browse/RANGER-1405 Project: Ranger Issue Type: Bug Components: Ranger Affects Versions: 0.7.0 Reporter: Deepak Sharma Assignee: Mehul Parikh groups are not shown if exact user name is passed in search filter scenario: 1) user abc is mapped with "abc","users", "newgroup" 2) make rest call to fetch all the users or go to UI and see all the users and look for abc https://:6182/service/xusers/users?pageSize=500 mapping is shown properly through both rest call and UI 3) now filter the users with username filter "abc" or try same with following rest call https://:6182/service/xusers/users?pageSize=500=abc ER: group should be shown associated with user abc AR: no group association is shown for user abc after applying filter -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Created] (RANGER-1380) not able to delete group that is having special character from ranger admin
Deepak Sharma created RANGER-1380:
-
Summary: not able to delete group that is having special character
from ranger admin
Key: RANGER-1380
URL: https://issues.apache.org/jira/browse/RANGER-1380
Project: Ranger
Issue Type: Bug
Components: admin, Ranger
Affects Versions: 0.7.0
Reporter: Deepak Sharma
Priority: Critical
Fix For: 0.7.0
not able to delete group that is having special character from ranger admin
{code}org.apache.ranger.common.RESTErrorUtil (RESTErrorUtil.java:63) - Request
failed. loginId=admin, logMessage=groupspecial#$@ is Not Found
javax.ws.rs.WebApplicationException
at
org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:56)
at
org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:325)
at
org.apache.ranger.service.XGroupService.getGroupByGroupName(XGroupService.java:104)
at
org.apache.ranger.rest.XUserREST.deleteGroupsByGroupName(XUserREST.java:1064)
at
org.apache.ranger.rest.XUserREST$$FastClassByCGLIB$$b2a65360.invoke()
at net.sf.cglib.proxy.MethodProxy.invoke(MethodProxy.java:191)
at
org.springframework.aop.framework.Cglib2AopProxy$CglibMethodInvocation.invokeJoinpoint(Cglib2AopProxy.java:689)
{code}
problem is the input sent for special character is appended with amp after the
& which is causing the issue.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
[jira] [Created] (RANGER-1352) few cases where even if JSON is invalid then also message appears IMPORTED SUCCSSFULLY
Deepak Sharma created RANGER-1352: - Summary: few cases where even if JSON is invalid then also message appears IMPORTED SUCCSSFULLY Key: RANGER-1352 URL: https://issues.apache.org/jira/browse/RANGER-1352 Project: Ranger Issue Type: Bug Components: Ranger Affects Versions: 0.7.0 Reporter: Deepak Sharma Fix For: 0.7.0 few cases where even if JSON is invalid then also message appears IMPORTED SUCCSSFULLY. case 1: Json is correct but there is small mistake of case sensitivity instead true its True. so ideally this json is considered as invalid from jsonlint. but Ranger import pass in this case, but it does not import any policy. Case 2: if json file is empty , then also it says import successful, ideally it should failed saying invalid json or something appropriate. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Created] (RANGER-1336) audit based policy that has no policy item are not exported in CSV file
Deepak Sharma created RANGER-1336: - Summary: audit based policy that has no policy item are not exported in CSV file Key: RANGER-1336 URL: https://issues.apache.org/jira/browse/RANGER-1336 Project: Ranger Issue Type: Bug Components: admin Affects Versions: 0.7.0 Reporter: Deepak Sharma Fix For: 0.7.0 audit based policy that has no policy item are not exported in CSV file scenario: 1) create a yarn policy without any policy item 2) go to report page 3) export as csv file ER: CSV file should have audit based yarn policy AR: CSV file does not have audit based yarn policy -- This message was sent by Atlassian JIRA (v6.3.4#6332)
