Re: Review Request 71800: RANGER-2649 : Unix user doesn't get 'Admin' role when set through assignment rules

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71800/#review218757
---


Ship it!




Ship It!

- Gautam Borad


On Nov. 22, 2019, 8:52 a.m., Dhaval Shah wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/71800/
> ---
> 
> (Updated Nov. 22, 2019, 8:52 a.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Gautam Borad, Mehul Parikh, Nikhil 
> P, Pradeep Agrawal, Sailaja Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2649
> https://issues.apache.org/jira/browse/RANGER-2649
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Preconditions : 
> User sync source is set to Unix (ranger.usersync.source.impl.class set to 
> org.apache.ranger.unixusersync.process.UnixUserGroupBuilder)
> user2 is a unix user, and user2 is deleted in Ranger
> 
> Steps : 
> 1.) Set ranger.usersync.group.based.role.assignment.rules to 
> ROLE_SYS_ADMIN:u:user2
> 2.) Restart Ranger
> 3.) In ranger admin page go to Settings -> Users/Groups. Look for user2, and 
> observe it has the role 'User'
> 4.) Restart Ranger again
> 5.) Repeat step 3. but this time observe that user2 has the role 'Admin'
> 
> 
> Expected behaviour : 
> user2 should get 'Admin' role right after the first restart.
> 
> 
> Diffs
> -
> 
>   
> ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java
>  c113ece 
> 
> 
> Diff: https://reviews.apache.org/r/71800/diff/1/
> 
> 
> Testing
> ---
> 
> 1.Successfully tested the role is getting set for username which is assigned 
> in ranger.usersync.group.based.role.assignment.rules in first sync itself.
> 2.Successfully tested the role is getting set for groupname which is assigned 
> in ranger.usersync.group.based.role.assignment.rules in first sync itself.
> 3.Tested roles are getting changed when users are already synced.
> 4.Successfully tested, user with admin role when removed from group then user 
> is getting set to USER_ROLE.
> 
> 
> Thanks,
> 
> Dhaval Shah
> 
>

Re: Review Request 71757: RANGER-2641 : Upgrade scenario fails in MYSQL DB

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71757/#review218644
---


Ship it!




Ship It!

- Gautam Borad


On Nov. 14, 2019, 1:43 p.m., Kishor Gollapalliwar wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/71757/
> ---
> 
> (Updated Nov. 14, 2019, 1:43 p.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Gautam Borad, Abhay Kulkarni, Madhan 
> Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, and Velmurugan 
> Periasamy.
> 
> 
> Bugs: RANGER-2641
> https://issues.apache.org/jira/browse/RANGER-2641
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Ranger upgrade fails giving following error.
> 
> Error executing: drop procedure if exists 
> add-role-version-in-serviceVersionInfo; 
> com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error 
> in your SQL syntax; check the manual that corresponds to your MySQL server 
> version for the right syntax to use near 
> 'add-role-version-in-serviceVersionInfo' at line 1
> SQLException : SQL state: 42000 
> com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error 
> in your SQL syntax; check the manual that corresponds to your MySQL server 
> version for the right syntax to use near 
> 'add-role-version-in-serviceVersionInfo' at line 1 ErrorCode: 1064
> 2019-11-07 07:26:17,379  [JISQL] /root/jdk1.8.0_112/bin/java  -cp 
> /usr/share/java/mysql-connector-java.jar:/root/0711finaltar25902632/ranger-2.1.0-SNAPSHOT-admin/jisql/lib/*
>  org.apache.util.sql.Jisql -driver mysqlconj -cstring 
> jdbc:mysql://172.22.86.187/ranger -u 'rangeradmin' -p '' -noheader 
> -trim -c \;  -query "select version from x_db_version_h where version = '043' 
> and active = 'Y';"
> 2019-11-07 07:26:17,846  [JISQL] /root/jdk1.8.0_112/bin/java  -cp 
> /usr/share/java/mysql-connector-java.jar:/root/0711finaltar25902632/ranger-2.1.0-SNAPSHOT-admin/jisql/lib/*
>  org.apache.util.sql.Jisql -driver mysqlconj -cstring 
> jdbc:mysql://172.22.86.187/ranger -u 'rangeradmin' -p '' -noheader 
> -trim -c \;  -query "delete from x_db_version_h where version = '043' and 
> active = 'N' and updated_by='pt-test2590-1.openstacklocal';"
> 2019-11-07 07:26:18,293  [E] 043-add-role-version-in-serviceVersionInfo.sql 
> import failed!
> 
> 
> Diffs
> -
> 
>   
> security-admin/db/mysql/patches/043-add-role-version-in-serviceVersionInfo.sql
>  def5678b0 
>   
> security-admin/db/mysql/patches/044-add-displayName-col-in-x_service_def_and_x_service.sql
>  b552c422c 
>   
> security-admin/db/mysql/patches/045-add-otherAttributes-col-in-x_user-x_portal_user-x_group.sql
>  fa9bd1af9 
>   
> security-admin/db/oracle/patches/043-add-role-version-in-serviceVersionInfo.sql
>   
>   
> security-admin/db/oracle/patches/044-add-displayName-col-in-x_service_def_and_x_service.sql
>  0d634c66d 
>   
> security-admin/db/oracle/patches/045-add-otherAttributes-col-in-x_user-x_portal_user-x_group.sql
>  01ad18790 
>   
> security-admin/db/postgres/patches/043-add-role-version-in-serviceVersionInfo.sql
>  4801ec334 
>   
> security-admin/db/postgres/patches/044-add-displayName-col-in-x_service_def_and_x_service.sql
>  2f316853f 
>   
> security-admin/db/postgres/patches/045-add-otherAttributes-col-in-x_user-x_portal_user-x_group.sql
>  49628911f 
>   
> security-admin/db/sqlanywhere/patches/043-add-role-version-in-serviceVersionInfo.sql
>   
>   
> security-admin/db/sqlanywhere/patches/044-add-displayName-col-in-x_service_def_and_x_service.sql
>  76bb78083 
>   
> security-admin/db/sqlanywhere/patches/045-add-otherAttributes-col-in-x_user-x_portal_user-x_group.sql
>  a70bf9db9 
>   
> security-admin/db/sqlserver/patches/042-add-role-version-in-serviceVersionInfo.sql
>  4f9b3790a 
>   
> security-admin/db/sqlserver/patches/044-add-displayName-col-in-x_service_def_and_x_service.sql
>  2d47927a6 
>   
> security-admin/db/sqlserver/patches/045-add-otherAttributes-col-in-x_user-x_portal_user-x_group.sql
>  6bd0ff99b 
> 
> 
> Diff: https://reviews.apache.org/r/71757/diff/5/
> 
> 
> Testing
> ---
> 
> Verified fresh install.
> Also varified upgrade scenario
> 
> 
> Thanks,
> 
> Kishor Gollapalliwar
> 
>

Re: Review Request 71713: RANGER-2616: Add reencryptEncryptedKey, batch reencryption interface to KMS and improve logs

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71713/#review218498
---


Ship it!




Ship It!

- Gautam Borad


On Nov. 5, 2019, 6:53 a.m., Fatima Khan wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/71713/
> ---
> 
> (Updated Nov. 5, 2019, 6:53 a.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Gautam Borad, Madhan Neethiraj, 
> Mehul Parikh, Nikhil P, Pradeep Agrawal, Selvamohan Neethiraj, and Velmurugan 
> Periasamy.
> 
> 
> Bugs: RANGER-2616
> https://issues.apache.org/jira/browse/RANGER-2616
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Currently when an encryption zone (EZ) key is rotated, it only takes effect 
> on new EDEKs. We should provide a way to re-encrypt EDEKs after the EZ key 
> rotation, for improved security.
> 
> 
> Diffs
> -
> 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/EagerKeyGeneratorKeyProviderCryptoExtension.java
>  854c831 
>   kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMS.java 04cc984 
>   kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSAudit.java 
> 56d25d2 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSExceptionsProvider.java
>  cdca8e1 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSJSONReader.java 
> 2b85276 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSServerJSONUtils.java
>  24af81b 
>   kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSWebApp.java 
> 501ee30 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KeyAuthorizationKeyProvider.java
>  bd35a6b 
>   kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMSAudit.java 
> 04daeee 
> 
> 
> Diff: https://reviews.apache.org/r/71713/diff/1/
> 
> 
> Testing
> ---
> 
> Tested the CRUD operations related to keys and re-encrypt EDEKs after the EZ 
> key rotation works fine.
> 
> 
> Thanks,
> 
> Fatima Khan
> 
>

Re: Review Request 70500: RANGER-2402: Best Practices: Make db schema script idempotent

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/70500/#review214746
---


Ship it!




Ship It!

- Gautam Borad


On April 18, 2019, 3:30 a.m., Pradeep Agrawal wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/70500/
> ---
> 
> (Updated April 18, 2019, 3:30 a.m.)
> 
> 
> Review request for ranger, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, 
> Mehul Parikh, Nikhil P, Ramesh Mani, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2402
> https://issues.apache.org/jira/browse/RANGER-2402
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Problem Statement: Currently Ranger core db schema is not idempotent for all 
> db flavors. Ranger core DB schema for Oracle and SQL anywhere flavor may fail 
> to execute if we execute them again for the same DB flavor.
> 
> 
> Proposed Solution: I have added if statements before the insert statements.
> 
> 
> Diffs
> -
> 
>   security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 
> 2cdd8fbb6 
>   security-admin/db/mysql/patches/037-create-security-zone-schema.sql 
> b2b69f0dc 
>   security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql 
> 88fa98a99 
>   security-admin/db/oracle/patches/037-create-security-zone-schema.sql 
> 9b6931451 
>   security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql 
> 0ae714753 
>   security-admin/db/postgres/patches/037-create-security-zone-schema.sql 
> 812133077 
>   
> security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql
>  ea0ff2b9c 
>   security-admin/db/sqlanywhere/patches/037-create-security-zone-schema.sql 
> e4bfb78e4 
>   security-admin/db/sqlserver/optimized/0.7.0/ranger_core_db_sqlserver.sql 
> 13be7daa9 
>   security-admin/db/sqlserver/optimized/1.0.0/ranger_core_db_sqlserver.sql 
> 68d3a05bf 
>   security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql 
> d45170957 
>   security-admin/db/sqlserver/patches/037-create-security-zone-schema.sql 
> be0287cf4 
> 
> 
> Diff: https://reviews.apache.org/r/70500/diff/1/
> 
> 
> Testing
> ---
> 
> Tested the upgrade case for all the db flavor after RANGER-2400 commit.
> 
> 
> Thanks,
> 
> Pradeep Agrawal
> 
>

Re: Review Request 70432: RANGER-2387 : add public api v2 for security zones

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/70432/#review214621
---


Ship it!




Ship It!

- Gautam Borad


On April 11, 2019, 12:54 p.m., Nikhil P wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/70432/
> ---
> 
> (Updated April 11, 2019, 12:54 p.m.)
> 
> 
> Review request for ranger, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, 
> Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja Polavarapu, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2387
> https://issues.apache.org/jira/browse/RANGER-2387
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> add public api v2 for security zones
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java 
> 073404e 
> 
> 
> Diff: https://reviews.apache.org/r/70432/diff/2/
> 
> 
> Testing
> ---
> 
> 1.Tested Curl response of Public api v2 are correct.
> 2.validated response result for public API matches with SecurityZoneREST
> 
> 
> File Attachments
> 
> 
> RANGER-2387-add-public-api-v2-for-security-zones.patch
>   
> https://reviews.apache.org/media/uploaded/files/2019/04/11/76ef5743-38ad-4ee1-959b-27431e4ddd89__RANGER-2387-add-public-api-v2-for-security-zones.patch
> 
> 
> Thanks,
> 
> Nikhil P
> 
>

[jira] [Commented] (RANGER-2331) Ranger-KMS - KeySecure HSM Integration

[Gautam Borad (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-2331?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16776884#comment-16776884
 ] 

Gautam Borad commented on RANGER-2331:
--

Patch committed for  master branch
Link: 
https://github.com/apache/ranger/commit/fc4289222718d0c02ba65a994299d45ea1f4d97b

> Ranger-KMS - KeySecure HSM Integration
> --
>
> Key: RANGER-2331
> URL: https://issues.apache.org/jira/browse/RANGER-2331
> Project: Ranger
>  Issue Type: New Feature
>  Components: kms, Ranger
>Reporter: Velmurugan Periasamy
>Assignee: Gautam Borad
>Priority: Major
> Fix For: 0.7.2, 2.0.0
>
> Attachments: RANGER-2331-01.patch, RANGER-2331-02.patch, 
> RANGER-2331-ranger-0.7-01.patch, RANGER-2331-ranger-0.7.patch, 
> RANGER-2331.patch
>
>
> This JIRA is to support Ranger KMS integration with Gemalto KeySecure HSM to 
> manage master keys.
> Similar to Luna integration - https://issues.apache.org/jira/browse/RANGER-868
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (RANGER-2331) Ranger-KMS - KeySecure HSM Integration

[Gautam Borad (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-2331?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16776873#comment-16776873
 ] 

Gautam Borad commented on RANGER-2331:
--

Patch committed for  ranger-0.7 branch
Link: 
https://github.com/apache/ranger/commit/df1eb588465b4a8d31cfb04f5a62d8f9444e9cec

> Ranger-KMS - KeySecure HSM Integration
> --
>
> Key: RANGER-2331
> URL: https://issues.apache.org/jira/browse/RANGER-2331
> Project: Ranger
>  Issue Type: New Feature
>  Components: kms, Ranger
>Reporter: Velmurugan Periasamy
>Assignee: Gautam Borad
>Priority: Major
> Fix For: 0.7.2, 2.0.0
>
> Attachments: RANGER-2331-01.patch, RANGER-2331-ranger-0.7-01.patch, 
> RANGER-2331-ranger-0.7.patch, RANGER-2331.patch
>
>
> This JIRA is to support Ranger KMS integration with Gemalto KeySecure HSM to 
> manage master keys.
> Similar to Luna integration - https://issues.apache.org/jira/browse/RANGER-868
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (RANGER-2331) Ranger-KMS - KeySecure HSM Integration

[Gautam Borad (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2331?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Gautam Borad updated RANGER-2331:
-
Attachment: RANGER-2331-02.patch

> Ranger-KMS - KeySecure HSM Integration
> --
>
> Key: RANGER-2331
> URL: https://issues.apache.org/jira/browse/RANGER-2331
> Project: Ranger
>  Issue Type: New Feature
>  Components: kms, Ranger
>Reporter: Velmurugan Periasamy
>Assignee: Gautam Borad
>Priority: Major
> Fix For: 0.7.2, 2.0.0
>
> Attachments: RANGER-2331-01.patch, RANGER-2331-02.patch, 
> RANGER-2331-ranger-0.7-01.patch, RANGER-2331-ranger-0.7.patch, 
> RANGER-2331.patch
>
>
> This JIRA is to support Ranger KMS integration with Gemalto KeySecure HSM to 
> manage master keys.
> Similar to Luna integration - https://issues.apache.org/jira/browse/RANGER-868
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Re: Review Request 69984: RANGER-2331 : Ranger-KMS - KeySecure HSM Integration

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/69984/
---

(Updated Feb. 25, 2019, 12:59 p.m.)


Review request for ranger, Ankita Sinha, Don Bosco Durai, Abhay Kulkarni, 
Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
Polavarapu, and Velmurugan Periasamy.


Changes
---

Fix the review comment for same patch against ranger-0.7 branch 
(https://reviews.apache.org/r/69985)


Bugs: RANGER-2331
https://issues.apache.org/jira/browse/RANGER-2331


Repository: ranger


Description
---

User story: As a security admin, I want to manage encryption keys for securing 
my Hadoop cluster files in Ranger KMS service with Safenet KeySecure crypto 
platform.

For Safenet KeySecure overview refer to: 
https://safenet.gemalto.com/data-encryption/enterprise-key-management/key-secure/

Acceptance Criteria:

1) Ranger KMS has ability to configure Safenet KeySecure platform to be used 
for key offload

2) Ranger KMS provides ability to provide key management functions (create 
keys, manage keys, retrieve keys, rollover) using Safenet KeySecure platform

3) Ranger KMS UI panel on Ambari can be used to configure Safenet KeySecure 
platform


Diffs (updated)
-

  kms/config/kms-webapp/dbks-site.xml ec649a7 
  kms/scripts/DBMKTOKEYSECURE.sh PRE-CREATION 
  kms/scripts/KEYSECUREMKTOKMSDB.sh PRE-CREATION 
  kms/scripts/install.properties aea0bb8 
  kms/scripts/setup.sh c695e74 
  kms/src/main/java/org/apache/hadoop/crypto/key/DBToKeySecure.java 
PRE-CREATION 
  kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java dd4408f 
  kms/src/main/java/org/apache/hadoop/crypto/key/KeySecureToRangerDBMKUtil.java 
PRE-CREATION 
  kms/src/main/java/org/apache/hadoop/crypto/key/Ranger2JKSUtil.java 4f337bb 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
88a545e 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerMasterKey.java eb4f75a 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerSafenetKeySecure.java 
PRE-CREATION 
  src/main/assembly/kms.xml 3adc55c 


Diff: https://reviews.apache.org/r/69984/diff/2/

Changes: https://reviews.apache.org/r/69984/diff/1-2/


Testing
---

Verified below scenario:

1) Fresh Installation Of Ranger KMS with Safenet Key Secure (NAE-XML Protocol)
2) DB to Key Secure (NAE-XML) master key Migration utility
3) Key Secure (NAE-XML) to DB master key Migration utility


Thanks,

Gautam Borad

Re: Review Request 69985: RANGER-2331 : Ranger-KMS - KeySecure HSM Integration

[Gautam Borad]

> On Feb. 20, 2019, 12:08 p.m., Zsombor Gegesy wrote:
> > kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java
> > Lines 130 (patched)
> > <https://reviews.apache.org/r/69985/diff/2/?file=2125808#file2125808line130>
> >
> > masterKey is never null, because if rangerMasterKey.getMasterKey(...) 
> > would return null, the toCharArray call would cause an NPE

Surrounded it with Try ... Catch


> On Feb. 20, 2019, 12:08 p.m., Zsombor Gegesy wrote:
> > kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java
> > Lines 140 (patched)
> > <https://reviews.apache.org/r/69985/diff/2/?file=2125808#file2125808line140>
> >
> > masterKey is never null, because if rangerMasterKey.getMasterKey(...) 
> > would return null, the toCharArray call would cause an NPE

Surrounded it with Try ... Catch


> On Feb. 20, 2019, 12:08 p.m., Zsombor Gegesy wrote:
> > kms/src/main/java/org/apache/hadoop/crypto/key/RangerSafenetKeySecure.java
> > Lines 72 (patched)
> > <https://reviews.apache.org/r/69985/diff/2/?file=2125810#file2125810line72>
> >
> > myStore is never null here - even if KeyStore.getInstance would return 
> > a null (but it wont do), the myStore.load would trigger an NPE before.

Added null before myStore.load


- Gautam


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/69985/#review212953
---


On Feb. 21, 2019, 6:30 a.m., Gautam Borad wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/69985/
> ---
> 
> (Updated Feb. 21, 2019, 6:30 a.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Don Bosco Durai, Abhay Kulkarni, 
> Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
> Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2331
> https://issues.apache.org/jira/browse/RANGER-2331
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> User story: As a security admin, I want to manage encryption keys for 
> securing my Hadoop cluster files in Ranger KMS service with Safenet KeySecure 
> crypto platform.
> 
> 
> For Safenet KeySecure overview refer to: 
> https://safenet.gemalto.com/data-encryption/enterprise-key-management/key-secure/
> 
> 
> Acceptance Criteria:
> 
> 
> 1) Ranger KMS has ability to configure Safenet KeySecure platform to be used 
> for key offload
> 
> 
> 2) Ranger KMS provides ability to provide key management functions (create 
> keys, manage keys, retrieve keys, rollover) using Safenet KeySecure platform
> 
> 
> 3) Ranger KMS UI panel on Ambari can be used to configure Safenet KeySecure 
> platform
> 
> 
> Diffs
> -
> 
>   kms/config/kms-webapp/dbks-site.xml 0e0f2ec 
>   kms/scripts/DBMKTOKEYSECURE.sh PRE-CREATION 
>   kms/scripts/KEYSECUREMKTOKMSDB.sh PRE-CREATION 
>   kms/scripts/install.properties ddc779d 
>   kms/scripts/setup.sh 2db05b8 
>   kms/src/main/java/org/apache/hadoop/crypto/key/DBToKeySecure.java 
> PRE-CREATION 
>   kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java 22dce0f 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/KeySecureToRangerDBMKUtil.java 
> PRE-CREATION 
>   kms/src/main/java/org/apache/hadoop/crypto/key/Ranger2JKSUtil.java 1abbf8e 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
> 267fcf0 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerMasterKey.java 5614c16 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerSafenetKeySecure.java 
> PRE-CREATION 
>   src/main/assembly/kms.xml fca6a32 
> 
> 
> Diff: https://reviews.apache.org/r/69985/diff/3/
> 
> 
> Testing
> ---
> 
> Verified below scenario:
> 
> 
> 1) Fresh Installation Of Ranger KMS with Safenet Key Secure (NAE-XML Protocol)
> 2) DB to Key Secure (NAE-XML) master key Migration utility
> 3) Key Secure (NAE-XML) to DB master key Migration utility
> 
> 
> Thanks,
> 
> Gautam Borad
> 
>

Re: Review Request 69985: RANGER-2331 : Ranger-KMS - KeySecure HSM Integration

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/69985/
---

(Updated Feb. 21, 2019, 6:30 a.m.)


Review request for ranger, Ankita Sinha, Don Bosco Durai, Abhay Kulkarni, 
Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
Polavarapu, and Velmurugan Periasamy.


Bugs: RANGER-2331
https://issues.apache.org/jira/browse/RANGER-2331


Repository: ranger


Description
---

User story: As a security admin, I want to manage encryption keys for securing 
my Hadoop cluster files in Ranger KMS service with Safenet KeySecure crypto 
platform.


For Safenet KeySecure overview refer to: 
https://safenet.gemalto.com/data-encryption/enterprise-key-management/key-secure/


Acceptance Criteria:


1) Ranger KMS has ability to configure Safenet KeySecure platform to be used 
for key offload


2) Ranger KMS provides ability to provide key management functions (create 
keys, manage keys, retrieve keys, rollover) using Safenet KeySecure platform


3) Ranger KMS UI panel on Ambari can be used to configure Safenet KeySecure 
platform


Diffs (updated)
-

  kms/config/kms-webapp/dbks-site.xml 0e0f2ec 
  kms/scripts/DBMKTOKEYSECURE.sh PRE-CREATION 
  kms/scripts/KEYSECUREMKTOKMSDB.sh PRE-CREATION 
  kms/scripts/install.properties ddc779d 
  kms/scripts/setup.sh 2db05b8 
  kms/src/main/java/org/apache/hadoop/crypto/key/DBToKeySecure.java 
PRE-CREATION 
  kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java 22dce0f 
  kms/src/main/java/org/apache/hadoop/crypto/key/KeySecureToRangerDBMKUtil.java 
PRE-CREATION 
  kms/src/main/java/org/apache/hadoop/crypto/key/Ranger2JKSUtil.java 1abbf8e 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
267fcf0 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerMasterKey.java 5614c16 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerSafenetKeySecure.java 
PRE-CREATION 
  src/main/assembly/kms.xml fca6a32 


Diff: https://reviews.apache.org/r/69985/diff/3/

Changes: https://reviews.apache.org/r/69985/diff/2-3/


Testing
---

Verified below scenario:


1) Fresh Installation Of Ranger KMS with Safenet Key Secure (NAE-XML Protocol)
2) DB to Key Secure (NAE-XML) master key Migration utility
3) Key Secure (NAE-XML) to DB master key Migration utility


Thanks,

Gautam Borad

Re: Review Request 69985: RANGER-2331 : Ranger-KMS - KeySecure HSM Integration

[Gautam Borad]

> On Feb. 14, 2019, 12:02 p.m., Zsombor Gegesy wrote:
> > kms/src/main/java/org/apache/hadoop/crypto/key/RangerSafenetKeySecure.java
> > Lines 50 (patched)
> > <https://reviews.apache.org/r/69985/diff/1/?file=2125358#file2125358line50>
> >
> > You can mark all variable as final

I am initializing non final variables in constructor.


- Gautam


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/69985/#review212827
---


On Feb. 19, 2019, 1:58 p.m., Gautam Borad wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/69985/
> ---
> 
> (Updated Feb. 19, 2019, 1:58 p.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Don Bosco Durai, Abhay Kulkarni, 
> Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
> Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2331
> https://issues.apache.org/jira/browse/RANGER-2331
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> User story: As a security admin, I want to manage encryption keys for 
> securing my Hadoop cluster files in Ranger KMS service with Safenet KeySecure 
> crypto platform.
> 
> 
> For Safenet KeySecure overview refer to: 
> https://safenet.gemalto.com/data-encryption/enterprise-key-management/key-secure/
> 
> 
> Acceptance Criteria:
> 
> 
> 1) Ranger KMS has ability to configure Safenet KeySecure platform to be used 
> for key offload
> 
> 
> 2) Ranger KMS provides ability to provide key management functions (create 
> keys, manage keys, retrieve keys, rollover) using Safenet KeySecure platform
> 
> 
> 3) Ranger KMS UI panel on Ambari can be used to configure Safenet KeySecure 
> platform
> 
> 
> Diffs
> -
> 
>   kms/config/kms-webapp/dbks-site.xml 0e0f2ec 
>   kms/scripts/DBMKTOKEYSECURE.sh PRE-CREATION 
>   kms/scripts/KEYSECUREMKTOKMSDB.sh PRE-CREATION 
>   kms/scripts/install.properties ddc779d 
>   kms/scripts/setup.sh 2db05b8 
>   kms/src/main/java/org/apache/hadoop/crypto/key/DBToKeySecure.java 
> PRE-CREATION 
>   kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java 22dce0f 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/KeySecureToRangerDBMKUtil.java 
> PRE-CREATION 
>   kms/src/main/java/org/apache/hadoop/crypto/key/Ranger2JKSUtil.java 1abbf8e 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
> 267fcf0 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerMasterKey.java 5614c16 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerSafenetKeySecure.java 
> PRE-CREATION 
>   src/main/assembly/kms.xml fca6a32 
> 
> 
> Diff: https://reviews.apache.org/r/69985/diff/2/
> 
> 
> Testing
> ---
> 
> Verified below scenario:
> 
> 
> 1) Fresh Installation Of Ranger KMS with Safenet Key Secure (NAE-XML Protocol)
> 2) DB to Key Secure (NAE-XML) master key Migration utility
> 3) Key Secure (NAE-XML) to DB master key Migration utility
> 
> 
> Thanks,
> 
> Gautam Borad
> 
>

Re: Review Request 69985: RANGER-2331 : Ranger-KMS - KeySecure HSM Integration

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/69985/
---

(Updated Feb. 19, 2019, 1:58 p.m.)


Review request for ranger, Ankita Sinha, Don Bosco Durai, Abhay Kulkarni, 
Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
Polavarapu, and Velmurugan Periasamy.


Bugs: RANGER-2331
https://issues.apache.org/jira/browse/RANGER-2331


Repository: ranger


Description
---

User story: As a security admin, I want to manage encryption keys for securing 
my Hadoop cluster files in Ranger KMS service with Safenet KeySecure crypto 
platform.


For Safenet KeySecure overview refer to: 
https://safenet.gemalto.com/data-encryption/enterprise-key-management/key-secure/


Acceptance Criteria:


1) Ranger KMS has ability to configure Safenet KeySecure platform to be used 
for key offload


2) Ranger KMS provides ability to provide key management functions (create 
keys, manage keys, retrieve keys, rollover) using Safenet KeySecure platform


3) Ranger KMS UI panel on Ambari can be used to configure Safenet KeySecure 
platform


Diffs (updated)
-

  kms/config/kms-webapp/dbks-site.xml 0e0f2ec 
  kms/scripts/DBMKTOKEYSECURE.sh PRE-CREATION 
  kms/scripts/KEYSECUREMKTOKMSDB.sh PRE-CREATION 
  kms/scripts/install.properties ddc779d 
  kms/scripts/setup.sh 2db05b8 
  kms/src/main/java/org/apache/hadoop/crypto/key/DBToKeySecure.java 
PRE-CREATION 
  kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java 22dce0f 
  kms/src/main/java/org/apache/hadoop/crypto/key/KeySecureToRangerDBMKUtil.java 
PRE-CREATION 
  kms/src/main/java/org/apache/hadoop/crypto/key/Ranger2JKSUtil.java 1abbf8e 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
267fcf0 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerMasterKey.java 5614c16 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerSafenetKeySecure.java 
PRE-CREATION 
  src/main/assembly/kms.xml fca6a32 


Diff: https://reviews.apache.org/r/69985/diff/2/

Changes: https://reviews.apache.org/r/69985/diff/1-2/


Testing
---

Verified below scenario:


1) Fresh Installation Of Ranger KMS with Safenet Key Secure (NAE-XML Protocol)
2) DB to Key Secure (NAE-XML) master key Migration utility
3) Key Secure (NAE-XML) to DB master key Migration utility


Thanks,

Gautam Borad

Re: Review Request 69984: RANGER-2331 : Ranger-KMS - KeySecure HSM Integration

[Gautam Borad]

> On Feb. 14, 2019, 10:28 a.m., Zsombor Gegesy wrote:
> > I see two review request, I guess, one of it is duplicate, could you please 
> > close one of it?

Its for the master branch. The other one is for ranger-0.7 branch


- Gautam


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/69984/#review212825
---


On Feb. 14, 2019, 9:55 a.m., Gautam Borad wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/69984/
> ---
> 
> (Updated Feb. 14, 2019, 9:55 a.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Don Bosco Durai, Abhay Kulkarni, 
> Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
> Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2331
> https://issues.apache.org/jira/browse/RANGER-2331
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> User story: As a security admin, I want to manage encryption keys for 
> securing my Hadoop cluster files in Ranger KMS service with Safenet KeySecure 
> crypto platform.
> 
> For Safenet KeySecure overview refer to: 
> https://safenet.gemalto.com/data-encryption/enterprise-key-management/key-secure/
> 
> Acceptance Criteria:
> 
> 1) Ranger KMS has ability to configure Safenet KeySecure platform to be used 
> for key offload
> 
> 2) Ranger KMS provides ability to provide key management functions (create 
> keys, manage keys, retrieve keys, rollover) using Safenet KeySecure platform
> 
> 3) Ranger KMS UI panel on Ambari can be used to configure Safenet KeySecure 
> platform
> 
> 
> Diffs
> -
> 
>   kms/config/kms-webapp/dbks-site.xml ec649a7 
>   kms/scripts/DBMKTOKEYSECURE.sh PRE-CREATION 
>   kms/scripts/KEYSECUREMKTOKMSDB.sh PRE-CREATION 
>   kms/scripts/install.properties aea0bb8 
>   kms/scripts/setup.sh c695e74 
>   kms/src/main/java/org/apache/hadoop/crypto/key/DBToKeySecure.java 
> PRE-CREATION 
>   kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java dd4408f 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/KeySecureToRangerDBMKUtil.java 
> PRE-CREATION 
>   kms/src/main/java/org/apache/hadoop/crypto/key/Ranger2JKSUtil.java 4f337bb 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
> 88a545e 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerMasterKey.java eb4f75a 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerSafenetKeySecure.java 
> PRE-CREATION 
>   src/main/assembly/kms.xml 3adc55c 
> 
> 
> Diff: https://reviews.apache.org/r/69984/diff/1/
> 
> 
> Testing
> ---
> 
> Verified below scenario:
> 
> 1) Fresh Installation Of Ranger KMS with Safenet Key Secure (NAE-XML Protocol)
> 2) DB to Key Secure (NAE-XML) master key Migration utility
> 3) Key Secure (NAE-XML) to DB master key Migration utility
> 
> 
> Thanks,
> 
> Gautam Borad
> 
>

[jira] [Commented] (RANGER-2331) Ranger-KMS - KeySecure HSM Integration

[Gautam Borad (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-2331?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16768046#comment-16768046
 ] 

Gautam Borad commented on RANGER-2331:
--

Review Request for master branch : [https://reviews.apache.org/r/69984/]

Review Request for ranger-0.7 branch : https://reviews.apache.org/r/69985/

> Ranger-KMS - KeySecure HSM Integration
> --
>
> Key: RANGER-2331
> URL: https://issues.apache.org/jira/browse/RANGER-2331
> Project: Ranger
>  Issue Type: New Feature
>  Components: kms, Ranger
>Reporter: Velmurugan Periasamy
>Assignee: Gautam Borad
>Priority: Major
> Fix For: 0.7.2, 2.0.0
>
> Attachments: RANGER-2331-01.patch, RANGER-2331-ranger-0.7.patch, 
> RANGER-2331.patch
>
>
> This JIRA is to support Ranger KMS integration with Gemalto KeySecure HSM to 
> manage master keys.
> Similar to Luna integration - https://issues.apache.org/jira/browse/RANGER-868
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Review Request 69985: RANGER-2331 : Ranger-KMS - KeySecure HSM Integration

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/69985/
---

Review request for ranger, Ankita Sinha, Don Bosco Durai, Abhay Kulkarni, 
Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
Polavarapu, and Velmurugan Periasamy.


Bugs: RANGER-2331
https://issues.apache.org/jira/browse/RANGER-2331


Repository: ranger


Description
---

User story: As a security admin, I want to manage encryption keys for securing 
my Hadoop cluster files in Ranger KMS service with Safenet KeySecure crypto 
platform.


For Safenet KeySecure overview refer to: 
https://safenet.gemalto.com/data-encryption/enterprise-key-management/key-secure/


Acceptance Criteria:


1) Ranger KMS has ability to configure Safenet KeySecure platform to be used 
for key offload


2) Ranger KMS provides ability to provide key management functions (create 
keys, manage keys, retrieve keys, rollover) using Safenet KeySecure platform


3) Ranger KMS UI panel on Ambari can be used to configure Safenet KeySecure 
platform


Diffs
-

  kms/config/kms-webapp/dbks-site.xml 0e0f2ec 
  kms/scripts/DBMKTOKEYSECURE.sh PRE-CREATION 
  kms/scripts/KEYSECUREMKTOKMSDB.sh PRE-CREATION 
  kms/scripts/install.properties ddc779d 
  kms/scripts/setup.sh 2db05b8 
  kms/src/main/java/org/apache/hadoop/crypto/key/DBToKeySecure.java 
PRE-CREATION 
  kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java 22dce0f 
  kms/src/main/java/org/apache/hadoop/crypto/key/KeySecureToRangerDBMKUtil.java 
PRE-CREATION 
  kms/src/main/java/org/apache/hadoop/crypto/key/Ranger2JKSUtil.java 1abbf8e 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
267fcf0 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerMasterKey.java 5614c16 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerSafenetKeySecure.java 
PRE-CREATION 
  src/main/assembly/kms.xml fca6a32 


Diff: https://reviews.apache.org/r/69985/diff/1/


Testing
---

Verified below scenario:


1) Fresh Installation Of Ranger KMS with Safenet Key Secure (NAE-XML Protocol)
2) DB to Key Secure (NAE-XML) master key Migration utility
3) Key Secure (NAE-XML) to DB master key Migration utility


Thanks,

Gautam Borad

Review Request 69984: RANGER-2331 : Ranger-KMS - KeySecure HSM Integration

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/69984/
---

Review request for ranger, Ankita Sinha, Don Bosco Durai, Abhay Kulkarni, 
Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
Polavarapu, and Velmurugan Periasamy.


Bugs: RANGER-2331
https://issues.apache.org/jira/browse/RANGER-2331


Repository: ranger


Description
---

User story: As a security admin, I want to manage encryption keys for securing 
my Hadoop cluster files in Ranger KMS service with Safenet KeySecure crypto 
platform.

For Safenet KeySecure overview refer to: 
https://safenet.gemalto.com/data-encryption/enterprise-key-management/key-secure/

Acceptance Criteria:

1) Ranger KMS has ability to configure Safenet KeySecure platform to be used 
for key offload

2) Ranger KMS provides ability to provide key management functions (create 
keys, manage keys, retrieve keys, rollover) using Safenet KeySecure platform

3) Ranger KMS UI panel on Ambari can be used to configure Safenet KeySecure 
platform


Diffs
-

  kms/config/kms-webapp/dbks-site.xml ec649a7 
  kms/scripts/DBMKTOKEYSECURE.sh PRE-CREATION 
  kms/scripts/KEYSECUREMKTOKMSDB.sh PRE-CREATION 
  kms/scripts/install.properties aea0bb8 
  kms/scripts/setup.sh c695e74 
  kms/src/main/java/org/apache/hadoop/crypto/key/DBToKeySecure.java 
PRE-CREATION 
  kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java dd4408f 
  kms/src/main/java/org/apache/hadoop/crypto/key/KeySecureToRangerDBMKUtil.java 
PRE-CREATION 
  kms/src/main/java/org/apache/hadoop/crypto/key/Ranger2JKSUtil.java 4f337bb 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
88a545e 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerMasterKey.java eb4f75a 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerSafenetKeySecure.java 
PRE-CREATION 
  src/main/assembly/kms.xml 3adc55c 


Diff: https://reviews.apache.org/r/69984/diff/1/


Testing
---

Verified below scenario:

1) Fresh Installation Of Ranger KMS with Safenet Key Secure (NAE-XML Protocol)
2) DB to Key Secure (NAE-XML) master key Migration utility
3) Key Secure (NAE-XML) to DB master key Migration utility


Thanks,

Gautam Borad

[jira] [Updated] (RANGER-2331) Ranger-KMS - KeySecure HSM Integration

[Gautam Borad (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2331?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Gautam Borad updated RANGER-2331:
-
Attachment: (was: RANGER-2331-01.path)

> Ranger-KMS - KeySecure HSM Integration
> --
>
> Key: RANGER-2331
> URL: https://issues.apache.org/jira/browse/RANGER-2331
> Project: Ranger
>  Issue Type: New Feature
>  Components: kms, Ranger
>Reporter: Velmurugan Periasamy
>Assignee: Gautam Borad
>Priority: Major
> Fix For: 0.7.2, 2.0.0
>
> Attachments: RANGER-2331-01.patch, RANGER-2331-ranger-0.7.patch, 
> RANGER-2331.patch
>
>
> This JIRA is to support Ranger KMS integration with Gemalto KeySecure HSM to 
> manage master keys.
> Similar to Luna integration - https://issues.apache.org/jira/browse/RANGER-868
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (RANGER-2331) Ranger-KMS - KeySecure HSM Integration

[Gautam Borad (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2331?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Gautam Borad updated RANGER-2331:
-
Attachment: RANGER-2331-01.patch

> Ranger-KMS - KeySecure HSM Integration
> --
>
> Key: RANGER-2331
> URL: https://issues.apache.org/jira/browse/RANGER-2331
> Project: Ranger
>  Issue Type: New Feature
>  Components: kms, Ranger
>Reporter: Velmurugan Periasamy
>Assignee: Gautam Borad
>Priority: Major
> Fix For: 0.7.2, 2.0.0
>
> Attachments: RANGER-2331-01.patch, RANGER-2331-ranger-0.7.patch, 
> RANGER-2331.patch
>
>
> This JIRA is to support Ranger KMS integration with Gemalto KeySecure HSM to 
> manage master keys.
> Similar to Luna integration - https://issues.apache.org/jira/browse/RANGER-868
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (RANGER-2331) Ranger-KMS - KeySecure HSM Integration

[Gautam Borad (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2331?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Gautam Borad updated RANGER-2331:
-
Attachment: RANGER-2331-01.path

> Ranger-KMS - KeySecure HSM Integration
> --
>
> Key: RANGER-2331
> URL: https://issues.apache.org/jira/browse/RANGER-2331
> Project: Ranger
>  Issue Type: New Feature
>  Components: kms, Ranger
>Reporter: Velmurugan Periasamy
>Assignee: Gautam Borad
>Priority: Major
> Fix For: 0.7.2, 2.0.0
>
> Attachments: RANGER-2331-01.path, RANGER-2331-ranger-0.7.patch, 
> RANGER-2331.patch
>
>
> This JIRA is to support Ranger KMS integration with Gemalto KeySecure HSM to 
> manage master keys.
> Similar to Luna integration - https://issues.apache.org/jira/browse/RANGER-868
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Re: Subject: [NOTICE] Mandatory relocation of Apache git repositories on git-wip-us.apache.org

[Gautam Borad]

+1

On Wed, Dec 12, 2018 at 2:45 AM Zs.  wrote:

> +1
>
> Regards,
>  Zsombor
>
> On Tue, Dec 11, 2018 at 7:28 PM Sailaja Polavarapu <
> spolavar...@hortonworks.com> wrote:
>
> > +1
> >
> > On 12/10/18, 1:22 PM, "Abhay Kulkarni" 
> wrote:
> >
> > +1
> >
> > On 12/10/18, 12:06 PM, "Velmurugan Periasamy" 
> wrote:
> >
> > >Rangers:
> > >
> > >Please see below. I propose to move ranger repos over to gitbox
> (from
> > >git-wip-us.apache.org ) during the
> > first
> > >phase (voluntary coordination). Please share your thoughts.
> > >
> > >Once there is agreement in dev list, I can open INFRA ticket to
> > complete
> > >the move. Tentative target next week (week of Dec 17).
> > >
> > >Here¹s my +1.
> > >
> > >Thank you,
> > >Vel
> > >
> > >
> > >From: Daniel Gruno 
> > >Sent: Friday, December 7, 2018 11:52 AM
> > >To: us...@infra.apache.org
> > >Subject: [NOTICE] Mandatory relocation of Apache git repositories on
> > >git-wip-us.apache.org
> > >
> > >[IF YOUR PROJECT DOES NOT HAVE GIT REPOSITORIES ON GIT-WIP-US PLEASE
> > >  DISREGARD THIS EMAIL; IT WAS MASS-MAILED TO ALL APACHE PROJECTS]
> > >
> > >Hello Apache projects,
> > >
> > >I am writing to you because you may have git repositories on the
> > >git-wip-us server, which is slated to be decommissioned in the
> coming
> > >months. All repositories will be moved to the new gitbox service
> which
> > >includes direct write access on github as well as the standard ASF
> > >commit access via gitbox.apache.org.
> > >
> > >## Why this move? ##
> > >The move comes as a result of retiring the git-wip service, as the
> > >hardware it runs on is longing for retirement. In lieu of this, we
> > >have decided to consolidate the two services (git-wip and gitbox),
> to
> > >ease the management of our repository systems and future-proof the
> > >underlying hardware. The move is fully automated, and ideally,
> nothing
> > >will change in your workflow other than added features and access to
> > >GitHub.
> > >
> > >## Timeframe for relocation ##
> > >Initially, we are asking that projects voluntarily request to move
> > >their repositories to gitbox, hence this email. The voluntary
> > >timeframe is between now and January 9th 2019, during which projects
> > >are free to either move over to gitbox or stay put on git-wip. After
> > >this phase, we will be requiring the remaining projects to move
> within
> > >one month, after which we will move the remaining projects over.
> > >
> > >To have your project moved in this initial phase, you will need:
> > >
> > >- Consensus in the project (documented via the mailing list)
> > >- File a JIRA ticket with INFRA to voluntarily move your project
> repos
> > >   over to gitbox (as stated, this is highly automated and will take
> > >   between a minute and an hour, depending on the size and number of
> > >   your repositories)
> > >
> > >To sum up the preliminary timeline;
> > >
> > >- December 9th 2018 -> January 9th 2019: Voluntary (coordinated)
> > >   relocation
> > >- January 9th -> February 6th: Mandated (coordinated) relocation
> > >- February 7th: All remaining repositories are mass migrated.
> > >
> > >This timeline may change to accommodate various scenarios.
> > >
> > >## Using GitHub with ASF repositories ##
> > >When your project has moved, you are free to use either the ASF
> > >repository system (gitbox.apache.org) OR GitHub for your
> development
> > >and code pushes. To be able to use GitHub, please follow the primer
> > >at: https://reference.apache.org/committer/github
> > >
> > >
> > >We appreciate your understanding of this issue, and hope that your
> > >project can coordinate voluntarily moving your repositories in a
> > >timely manner.
> > >
> > >All settings, such as commit mail targets, issue linking, PR
> > >notification schemes etc will automatically be migrated to gitbox as
> > >well.
> > >
> > >With regards, Daniel on behalf of ASF Infra.
> > >
> > >PS:For inquiries, please reply to us...@infra.apache.org, not your
> > >project's dev list :-).
> > >
> > >
> >
> >
> >
> >
>

Re: ranger-admin web does not show data( release-ranger-1.1.0 )

[Gautam Borad]

Hi,
   Have you done any changes in the backend API? Because I can see there
are minor changes in the properties of response object. For e.g: the `list`
property, it should be `vXGroups` instead of `list`.

The row was not rendered because the UI code looks for `vXGroups` key for
getting list of groups from the response object.


On Thu, Sep 13, 2018 at 8:15 AM szh...@163.com  wrote:

> Hi Gautam,
> When I install the  release-ranger-1.1.0  ranger-admin,  the web does
> not show data.  The following img:
>
> The result is as  audit->plugins .
>
> Would you please tell me why?  Thanks very much .
>
>Best Wishes!
>Haihui  Xu
>
>

-- 
Regards,
Gautam.

Re: Review Request 68684: RANGER-2215: Can't copy and paste multiple paths into Ranger Admin UI for HDFS create policy

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/68684/#review208746
---


Ship it!




Ship It!

- Gautam Borad


On Sept. 11, 2018, 1:26 p.m., Nitin Galave wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/68684/
> ---
> 
> (Updated Sept. 11, 2018, 1:26 p.m.)
> 
> 
> Review request for ranger, Gautam Borad, Mehul Parikh, and Velmurugan 
> Periasamy.
> 
> 
> Bugs: RANGER-2215
> https://issues.apache.org/jira/browse/RANGER-2215
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> We have noticed an interesting issue with the Ranger Admin web UI. If you are 
> using a Hive policy, you can paste in multiple lines from the clipboard, and 
> each line will become a database, table, or column as desired. But for HDFS 
> policies, multiple HDFS paths cannot be pasted in from the clipboard 
> properly. They will just be treated as a single path.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js 
> e3d9635 
> 
> 
> Diff: https://reviews.apache.org/r/68684/diff/1/
> 
> 
> Testing
> ---
> 
> Verified that multiple resource Paths can be copy-paste in HDFS Policy 
> separated by comma/space
> 
> 
> Thanks,
> 
> Nitin Galave
> 
>

Re: Review Request 68293: RANGER-2114 : Internal Exception: com.mysql.jdbc.MysqlDataTruncation: Data truncation: Data too long for column 'content' at row 1

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/68293/#review207230
---


Ship it!




Ship It!

- Gautam Borad


On Aug. 10, 2018, 1:22 p.m., Fatima Khan wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/68293/
> ---
> 
> (Updated Aug. 10, 2018, 1:22 p.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay 
> Kulkarni, Madhan Neethiraj, Mehul Parikh, Ramesh Mani, Selvamohan Neethiraj, 
> Sailaja Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2114
> https://issues.apache.org/jira/browse/RANGER-2114
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> An attempt to delete a service definition ends with:
>  
> // Internal Exception: com.mysql.jdbc.MysqlDataTruncation: Data truncation: 
> Data too long for column 'content' at row 1
> Error Code: 1406
> Call: INSERT INTO x_data_hist (action, content, CREATE_TIME, from_time, 
> obj_class_type, obj_guid, obj_id, obj_name, to_time, UPDATE_TIME, version) 
> VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
> bind = [11 parameters bound]
> 
> 
> Diffs
> -
> 
>   security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 9d200ba 
>   security-admin/db/mysql/patches/034-x_data_histContentSize.sql PRE-CREATION 
> 
> 
> Diff: https://reviews.apache.org/r/68293/diff/1/
> 
> 
> Testing
> ---
> 
> Tested the following
> 1.In fresh install and upgrade scenario.
> 2.Checked the data type of x_data_hist is changed from text to mediumtext.
> 
> 
> Thanks,
> 
> Fatima Khan
> 
>

Re: Review Request 68269: RANGER-2184 : Update RangerAtlas authorization to authorize add/update/remove of relationships

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/68269/#review207070
---


Ship it!




Ship It!

- Gautam Borad


On Aug. 8, 2018, 4:47 p.m., Nixon Rodrigues wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/68269/
> ---
> 
> (Updated Aug. 8, 2018, 4:47 p.m.)
> 
> 
> Review request for ranger, Madhan Neethiraj, Mehul Parikh, and Velmurugan 
> Periasamy.
> 
> 
> Bugs: RANGER-2184
> https://issues.apache.org/jira/browse/RANGER-2184
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> This patch includes update to RangerAtlas authorization to provide 
> authorization for Relationship with 
> 
> Actions : add-relationship, update-relationship, remove-relationship
> 
> 
> Diffs
> -
> 
>   
> plugin-atlas/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasAuthorizer.java
>  aa815b266 
>   
> plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java
>  0ee262796 
>   
> ranger-atlas-plugin-shim/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasAuthorizer.java
>  609dddb24 
> 
> 
> Diff: https://reviews.apache.org/r/68269/diff/2/
> 
> 
> Testing
> ---
> 
> Tested authorization with policies on end1 & end2 of entity-type and 
> classification.
> 
> 
> Thanks,
> 
> Nixon Rodrigues
> 
>

Re: Review Request 68228: Unit Test cases to cover policy operations from service admin user

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/68228/#review206935
---


Ship it!




Ship It!

- Gautam Borad


On Aug. 7, 2018, 7:26 a.m., Nikhil P wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/68228/
> ---
> 
> (Updated Aug. 7, 2018, 7:26 a.m.)
> 
> 
> Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, 
> Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
> Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2171
> https://issues.apache.org/jira/browse/RANGER-2171
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Unit Test cases to cover policy operations from service admin 
> user(RANGER-2168)
> 
> 
> Diffs
> -
> 
>   security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java 
> b0b0110 
>   security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java 
> e669c03 
> 
> 
> Diff: https://reviews.apache.org/r/68228/diff/2/
> 
> 
> Testing
> ---
> 
> Tested if unit test cases are running fine on local.
> 
> 
> File Attachments
> 
> 
> RANGER-2171_2.patch
>   
> https://reviews.apache.org/media/uploaded/files/2018/08/07/a83485c8-19f4-428c-b145-d271a16916f8__RANGER-2171_2.patch
> RANGER-2171_2.patch
>   
> https://reviews.apache.org/media/uploaded/files/2018/08/07/4897e7a7-d3c0-46c0-b223-92c26eda5060__RANGER-2171_2.patch
> RANGER-2171_2.patch
>   
> https://reviews.apache.org/media/uploaded/files/2018/08/07/81cec758-8870-4ebf-89f0-3f621a862dc9__RANGER-2171_2.patch
> 
> 
> Thanks,
> 
> Nikhil P
> 
>

Re: Review Request 68133: RANGER-2169: Create unique index on service and name column of x_policy table

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/68133/#review206720
---


Ship it!




Ship It!

- Gautam Borad


On July 31, 2018, 4:40 p.m., Pradeep Agrawal wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/68133/
> ---
> 
> (Updated July 31, 2018, 4:40 p.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Gautam Borad, Abhay Kulkarni, Madhan 
> Neethiraj, Mehul Parikh, Ramesh Mani, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2169
> https://issues.apache.org/jira/browse/RANGER-2169
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> **Problem Statement:** Currently `name` column of x_policy table does not 
> have unique constraint and validation is done only at Ranger admin code. 
> Concurrent create policy request might create same name policies within the 
> same service.
> 
> **Proposed Solution:**
> We can't create unique index in a table columns if there are duplicate 
> entries in it so first we need to rename/remove the duplicate entries. 
> 1. SQL Patch 033 shall Update the policy name if there are duplicate policies 
> in a service. New policy name shall be '-duplicate-'. 
> Example : if there are two policy having same name say 'hivepolicy' with id 
> 10 and 11 then the new name of the policies shall be 
> 'hivepolicy-duplicate-10' and 'hivepolicy-duplicate-11'
> 2. Add Unique key/constraint on 'name' and 'service' columns of x_policy 
> table.
> 
> 
> Diffs
> -
> 
>   security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 
> 174204eb3 
>   
> security-admin/db/mysql/patches/033-add-unique-constraint-on-table-x_policy.sql
>  PRE-CREATION 
>   security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql 
> 2d18b5082 
>   
> security-admin/db/oracle/patches/033-add-unique-constraint-on-table-x_policy.sql
>  PRE-CREATION 
>   security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql 
> 0e0344d9b 
>   
> security-admin/db/postgres/patches/033-add-unique-constraint-on-table-x_policy.sql
>  PRE-CREATION 
>   
> security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql
>  4cf295c81 
>   
> security-admin/db/sqlanywhere/patches/033-add-unique-constraint-on-table-x_policy.sql
>  PRE-CREATION 
>   security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql 
> 09701e2b8 
>   
> security-admin/db/sqlserver/patches/033-add-unique-constraint-on-table-x_policy.sql
>  PRE-CREATION 
> 
> 
> Diff: https://reviews.apache.org/r/68133/diff/1/
> 
> 
> Testing
> ---
> 
> **Steps Performed (without patch) :**
> Steps (without patch) is to reproduce the case so that when we with patch 
> ranger installation is done then it can update the duplicate policies name.
> 1. After Build untar the Ranger module and updated install.properties for 
> MySQL DB flavor.
> 2. Called setup.sh to install Ranger.
> 3. Started Ranger admin and created hive service and hive policies 
> 'hivepolicy1', 'hivepolicy2' and 'hivepolicy3'
> 4. Logged into ranger db and updated all three policy name to 'hivepolicy' by 
> using SQL statement:
>  UPDATE x_policy set name='hivepolicy' where id in(4,5,6);
> 5. Restarted Ranger and Ranger UI was showing 3 hive policies with same name 
> 'hivepolicy'.
> 
> 
> **Steps Performed (with patch) :**
> 1. After Build untar the Ranger module and updated install.properties for 
> MySQL DB flavor with the same configuration used earlier.
> 2. Called setup.sh to install Ranger.
> 3. Restarted Ranger and Logged into Ranger admin to check names of 3 
> duplicate policies. 
> 
> 
> **Expected Behavior :**
> 1. Ranger UI should show different policy names and there should not be any 
> duplicate policies.
> 2. Unique constraint should get created in x_policy(name,service).
> 3. Attempt to create same name policies with in the same service should fail. 
> For example below given SQL statement execution should fail: "UPDATE x_policy 
> set name='hivepolicy' where id in(4,5,6)"
> 
> **Actual Behavior :**
> 1. Ranger UI was showing three default policies and 3 hive policies which was 
> having name 'hivepolicy' was appearing with name
> 'hivepolicy-duplicate-4'
> 'hivepolicy-duplicate-5'
> 'hivepolicy-duplicate-6'
> where 4,5 and 6 are the ID's of hivepolicy.
> 
> 2. Unique key got created on name and service column of x_policy table. 
> 3. Execution of SQL statement "UPDATE x_policy set name='hivepolicy' where id 
> in(4,5,6)" failed due to unique key constraint violation attempt.
> 
> 
> Note: I have tested above steps for all other DB Flavors.
> 
> 
> Thanks,
> 
> Pradeep Agrawal
> 
>

Re: Review Request 67230: RANGER-2110: 'copy hive query to clipboard' button in audits tab is not working

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/67230/#review203472
---


Ship it!




Ship It!

- Gautam Borad


On May 19, 2018, 8:36 a.m., Nitin Galave wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/67230/
> ---
> 
> (Updated May 19, 2018, 8:36 a.m.)
> 
> 
> Review request for ranger, Gautam Borad, Mehul Parikh, Pradeep Agrawal, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2110
> https://issues.apache.org/jira/browse/RANGER-2110
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> In Ranger UI : (Audit -> access tab) 'copy hive query to clipboard' button in 
> audits tab is not working.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/webapp/scripts/utils/XAUtils.js 7bc2914 
> 
> 
> Diff: https://reviews.apache.org/r/67230/diff/1/
> 
> 
> Testing
> ---
> 
> 1.(Audit Menu-> Access tab) Able to copy hive query to clipboard using copy 
> button.
> 2.(Users/groups Menu->groups tab) Also tested that we are able to copy users 
> that are members of group.
> 
> 
> Thanks,
> 
> Nitin Galave
> 
>

Re: Review Request 67111: RANGER-2101 : Testcases Improvement to follow best practices

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/67111/#review202997
---


Ship it!




Ship It!

- Gautam Borad


On May 14, 2018, 9:31 a.m., Mehul Parikh wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/67111/
> ---
> 
> (Updated May 14, 2018, 9:31 a.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Don Bosco Durai, Colm O 
> hEigeartaigh, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Pradeep 
> Agrawal, Ramesh Mani, Selvamohan Neethiraj, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2101
> https://issues.apache.org/jira/browse/RANGER-2101
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Testcases Improvement to follow best practices
> 
> 
> Diffs
> -
> 
>   security-admin/src/test/java/org/apache/ranger/biz/TestRangerBizUtil.java 
> 81bc548 
>   security-admin/src/test/java/org/apache/ranger/rest/TestAssetREST.java 
> ce6971d 
> 
> 
> Diff: https://reviews.apache.org/r/67111/diff/1/
> 
> 
> Testing
> ---
> 
> Verified successful build for Ranger.
> 
> 
> Thanks,
> 
> Mehul Parikh
> 
>

Re: Review Request 66945: RANGER-2094 : Handle Export Policy feature for different browsers

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/66945/#review202422
---


Ship it!




Ship It!

- Gautam Borad


On May 4, 2018, 7:03 a.m., Mehul Parikh wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/66945/
> ---
> 
> (Updated May 4, 2018, 7:03 a.m.)
> 
> 
> Review request for ranger, Colm O hEigeartaigh, Gautam Borad, Abhay Kulkarni, 
> Madhan Neethiraj, Nitin Galave, Pradeep Agrawal, Ramesh Mani, Sailaja 
> Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2094
> https://issues.apache.org/jira/browse/RANGER-2094
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Policies are not getting exported in Firefox 59.
> "Add validity period" button is not working in Internet Explore 11.
> 
> 
> Diffs
> -
> 
>   
> security-admin/src/main/webapp/libs/bower/moment/js/moment-timezone-with-data.min.js
>  PRE-CREATION 
>   
> security-admin/src/main/webapp/libs/bower/moment/js/moment-with-langs.min.js 
> 15a339c 
>   
> security-admin/src/main/webapp/libs/bower/moment/js/moment-with-locales.min.js
>  PRE-CREATION 
>   security-admin/src/main/webapp/scripts/Init.js 4de6b6d 
>   security-admin/src/main/webapp/scripts/utils/XATemplateHelpers.js b64f911 
>   security-admin/src/main/webapp/scripts/utils/XAUtils.js ed83669 
>   security-admin/src/main/webapp/scripts/views/DownloadServicePolicy.js 
> fc8edbb 
>   security-admin/src/main/webapp/scripts/views/policies/PermissionList.js 
> 0a6b16c 
>   security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js cb13908 
>   
> security-admin/src/main/webapp/templates/common/downloadservicepolicy_tmpl.html
>  e608a0f 
>   security-admin/src/main/webapp/templates/helpers/XAHelpers.js e58bece 
> 
> 
> Diff: https://reviews.apache.org/r/66945/diff/1/
> 
> 
> Testing
> ---
> 
> Verified Import Export feature on firefox as well as IE and chrome.
> Also verified Add validaity feature on all 3 browsers. 
> 
> Did sanity testing on Firefox, Chrome and IE 11.
> 
> 
> Thanks,
> 
> Mehul Parikh
> 
>

Re: Review Request 66681: RANGER-2071 : Correct log file permissions for Tagsync and usersync

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/66681/#review201508
---


Ship it!




Ship It!

- Gautam Borad


On April 18, 2018, 9:47 a.m., Mehul Parikh wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/66681/
> ---
> 
> (Updated April 18, 2018, 9:47 a.m.)
> 
> 
> Review request for ranger, Colm O hEigeartaigh, Gautam Borad, Madhan 
> Neethiraj, Pradeep Agrawal, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2071
> https://issues.apache.org/jira/browse/RANGER-2071
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Tagsync and usersync log file directory is having umask 0077, which doesn't 
> allow group members to read files. Need to correct that.
> 
> 
> Diffs
> -
> 
>   tagsync/scripts/ranger-tagsync-services.sh 9b21a8f 
>   unixauthservice/scripts/ranger-usersync-services.sh 89c4acd 
> 
> 
> Diff: https://reviews.apache.org/r/66681/diff/1/
> 
> 
> Testing
> ---
> 
> Verified installation and start of Tagsync and Usersync services and also 
> checked if appropriate read permission is provided to group and others.
> 
> 
> Thanks,
> 
> Mehul Parikh
> 
>

Re: Review Request 66584: Ranger Usersync should use cookie based authentication for subsequent requests to Ranger admin

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/66584/#review201506
---


Ship it!




Ship It!

- Gautam Borad


On April 18, 2018, 2:53 p.m., Nikhil P wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/66584/
> ---
> 
> (Updated April 18, 2018, 2:53 p.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay 
> Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan 
> Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2021 and RANGER-2064
> https://issues.apache.org/jira/browse/RANGER-2021
> https://issues.apache.org/jira/browse/RANGER-2064
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Ranger Usersync should use cookie based authentication for subsequent 
> requests to Ranger admin.
> 
> 
> Diffs
> -
> 
>   
> ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java
>  e9e356a 
>   
> ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java
>  b30b051 
>   unixauthservice/conf.dist/ranger-ugsync-default.xml cf4ab80 
> 
> 
> Diff: https://reviews.apache.org/r/66584/diff/4/
> 
> 
> Testing
> ---
> 
> 1)Validated rangerusersync is not flooding table.
> 2)Validated if cookie is used by usersync client for subsequent requests to 
> ranger-admin.
> 
> 
> Thanks,
> 
> Nikhil P
> 
>

Re: Review Request 66499: RANGER-2062: Update jQuery version

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/66499/#review200990
---


Ship it!




Ship It!

- Gautam Borad


On April 9, 2018, 6:07 a.m., Nitin Galave wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/66499/
> ---
> 
> (Updated April 9, 2018, 6:07 a.m.)
> 
> 
> Review request for ranger, Gautam Borad, Mehul Parikh, Pradeep Agrawal, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2062
> https://issues.apache.org/jira/browse/RANGER-2062
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Currently, we are using v1.10.2 jQuery version. We can update to v3.3.1 
> jQuery's latest stable version and their dependencies.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/webapp/index.html 909dbeb 
>   
> security-admin/src/main/webapp/libs/bower/jquery-ui/css/images/animated-overlay.gif
>  d441f75ebfbdf26a265dfccd670120d25c0a341c 
>   
> security-admin/src/main/webapp/libs/bower/jquery-ui/css/images/ui-bg_flat_0_aa_40x100.png
>  4743d097e113d529cde4bf0d631f58628f9efd06 
>   
> security-admin/src/main/webapp/libs/bower/jquery-ui/css/images/ui-bg_flat_75_ff_40x100.png
>  ca779e35d80700d99e6bb5b54d9dbabf46827fce 
>   
> security-admin/src/main/webapp/libs/bower/jquery-ui/css/images/ui-bg_glass_55_fbf9ee_1x400.png
>  664038172ae06863108ee1731aac596863b44933 
>   
> security-admin/src/main/webapp/libs/bower/jquery-ui/css/images/ui-bg_glass_65_ff_1x400.png
>  d3277b5e96a47e3e8364682d3ea30abb3cb1d7fc 
>   
> security-admin/src/main/webapp/libs/bower/jquery-ui/css/images/ui-bg_glass_75_dadada_1x400.png
>  7eda20a5976a72088b0706f05ed49f5a5e04ca53 
>   
> security-admin/src/main/webapp/libs/bower/jquery-ui/css/images/ui-bg_glass_75_e6e6e6_1x400.png
>  f4d86b963e90b5663fd2c3e9f88f4641a06928ba 
>   
> security-admin/src/main/webapp/libs/bower/jquery-ui/css/images/ui-bg_glass_95_fef1ec_1x400.png
>  8500938dc41e87842f06c8f93b5836033feff799 
>   
> security-admin/src/main/webapp/libs/bower/jquery-ui/css/images/ui-bg_highlight-soft_75_cc_1x100.png
>  4795f6973736b7afc605ea3fed919b0d8a3f7f8f 
>   
> security-admin/src/main/webapp/libs/bower/jquery-ui/css/images/ui-icons_22_256x240.png
>  c7dab3120628e3bbddb13c20d5bd8de65453ec9d 
>   
> security-admin/src/main/webapp/libs/bower/jquery-ui/css/images/ui-icons_2e83ff_256x240.png
>  e04e87a76bffb4c17567ba3644110e6bcaf6c05d 
>   
> security-admin/src/main/webapp/libs/bower/jquery-ui/css/images/ui-icons_454545_256x240.png
>  825ce7bf07b540a90293f33df26df989a7de0194 
>   
> security-admin/src/main/webapp/libs/bower/jquery-ui/css/images/ui-icons_88_256x240.png
>  e2d9f906b767f43a1617ac3c9e7efbbb027f98c8 
>   
> security-admin/src/main/webapp/libs/bower/jquery-ui/css/images/ui-icons_cd0a0a_256x240.png
>  b13299903c2de9d0bcc91d4dcaa81a7258ae4d92 
>   security-admin/src/main/webapp/libs/bower/jquery-ui/css/jquery-ui.css 
> 572ed8a 
>   security-admin/src/main/webapp/libs/bower/jquery-ui/css/jquery-ui.min.css 
> b8b6f0a 
>   security-admin/src/main/webapp/libs/bower/jquery-ui/css/jquery.ui.theme.css 
> 19e5839 
>   security-admin/src/main/webapp/libs/bower/jquery-ui/js/jquery-ui.min.js 
> 82bbb67 
>   security-admin/src/main/webapp/libs/bower/jquery/js/jquery-1.10.2.js 
> c5c6482 
>   security-admin/src/main/webapp/libs/bower/jquery/js/jquery-3.3.1.js 
> PRE-CREATION 
>   security-admin/src/main/webapp/libs/bower/jquery/js/jquery-3.3.1.min.js 
> PRE-CREATION 
>   security-admin/src/main/webapp/libs/bower/jquery/js/jquery-migrate.js 
> 942cb8b 
>   security-admin/src/main/webapp/libs/bower/jquery/js/jquery-migrate.min.js 
> eb3ecb1 
>   security-admin/src/main/webapp/libs/bower/jquery/js/jquery.js c5c6482 
>   security-admin/src/main/webapp/libs/bower/jquery/js/jquery.min.js 29b3a2c 
>   security-admin/src/main/webapp/libs/bower/jquery/js/jquery.min.map 7dc9c7d 
>   security-admin/src/main/webapp/libs/bower/tag-it/js/tag-it.js 3adcf4c 
>   security-admin/src/main/webapp/libs/bower/tag-it/js/tag-it.min.js fd6140c 
>   
> security-admin/src/main/webapp/libs/bower/x-editable/js/bootstrap-editable.min.js
>  a994677 
>   
> security-admin/src/main/webapp/libs/other/jquery-ui/css/images/ui-icons_44_256x240.png
>  PRE-CREATION 
>   
> security-admin/src/main/webapp/libs/other/jquery-ui/css/images/ui-icons_55_256x240.png
>  PRE-CREATION 
>   
> security-admin/src/main/webapp/libs/other/jquery-ui/css/images/ui

Re: Review Request 66135: RANGER-2030: UI updates to accommodate policy effective dates

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/66135/#review199537
---


Ship it!




Ship It!

- Gautam Borad


On March 20, 2018, 10:51 a.m., Nitin Galave wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/66135/
> ---
> 
> (Updated March 20, 2018, 10:51 a.m.)
> 
> 
> Review request for ranger, Gautam Borad, Abhay Kulkarni, Mehul Parikh, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2030
> https://issues.apache.org/jira/browse/RANGER-2030
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Policy screens should support effective dates(i.e policy start time, end time 
> and timezone).
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/webapp/index.html d8a5d98 
>   
> security-admin/src/main/webapp/libs/other/bootstrap-datetimepicker/css/bootstrap-datetimepicker.min.css
>  PRE-CREATION 
>   
> security-admin/src/main/webapp/libs/other/bootstrap-datetimepicker/js/bootstrap-datetimepicker.min.js
>  PRE-CREATION 
>   security-admin/src/main/webapp/scripts/Init.js c388a79 
>   security-admin/src/main/webapp/scripts/models/RangerPolicy.js b1fb143 
>   security-admin/src/main/webapp/scripts/modules/globalize/message/en.js 
> 8afc2e6 
>   security-admin/src/main/webapp/scripts/utils/XAGlobals.js d55ab4a 
>   security-admin/src/main/webapp/scripts/utils/XAUtils.js c1e6ef5 
>   security-admin/src/main/webapp/scripts/views/policies/PolicyTimeList.js 
> PRE-CREATION 
>   security-admin/src/main/webapp/scripts/views/policies/RangerPolicyCreate.js 
> 4b15ab7 
>   security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js 
> 04dad2e 
>   security-admin/src/main/webapp/scripts/views/policies/RangerPolicyRO.js 
> fa7f191 
>   
> security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js
>  f23d18c 
>   security-admin/src/main/webapp/styles/xa.css 9eb99d9 
>   security-admin/src/main/webapp/templates/helpers/XAHelpers.js 946b6a3 
>   security-admin/src/main/webapp/templates/policies/PolicyTimeItem_tmpl.html 
> PRE-CREATION 
>   security-admin/src/main/webapp/templates/policies/PolicyTimeList_tmpl.html 
> PRE-CREATION 
>   
> security-admin/src/main/webapp/templates/policies/RangerPolicyCreate_tmpl.html
>  78a56c6 
>   
> security-admin/src/main/webapp/templates/policies/RangerPolicyForm_tmpl.html 
> 859aced 
>   security-admin/src/main/webapp/templates/policies/RangerPolicyRO_tmpl.html 
> 6d2eb3f 
> 
> 
> Diff: https://reviews.apache.org/r/66135/diff/3/
> 
> 
> Testing
> ---
> 
> 1.Able to create policy by adding start date, end date and timezone.
> 2.Able to create a policy with multiple validity time
> 3.Also tested Policy CRUD.
> 4.Checked policy enforcement for time-based /normal policy.
> 
> 
> Thanks,
> 
> Nitin Galave
> 
>

Re: Review Request 66080: RANGER-2015: In view policy we are able to see 'Deny Policy' & 'Except Conditions' even if 'enableDenyAndExceptionsInPolicies : false'

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/66080/#review199249
---


Ship it!




Ship It!

- Gautam Borad


On March 15, 2018, 7:21 a.m., Nitin Galave wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/66080/
> ---
> 
> (Updated March 15, 2018, 7:21 a.m.)
> 
> 
> Review request for ranger, Gautam Borad, Mehul Parikh, Pradeep Agrawal, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2015
> https://issues.apache.org/jira/browse/RANGER-2015
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> 1. In view policy we are able to see 'Deny Policy' & 'Except Conditions' even 
> if 'enableDenyAndExceptionsInPolicies : False' (Deny Policy and Except 
> Conditions are hidden in policy create/edit screen)
> 
> 2. Improvement in policy view mode popup.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/webapp/scripts/modules/globalize/message/en.js 
> d10c6a7 
>   
> security-admin/src/main/webapp/scripts/views/policies/RangerPolicyConditions.js
>  96d9c8b 
>   security-admin/src/main/webapp/scripts/views/policies/RangerPolicyDetail.js 
> 80ef1f1 
>   security-admin/src/main/webapp/scripts/views/policies/RangerPolicyRO.js 
> 998a0a9 
>   
> security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js
>  b4006ce 
>   security-admin/src/main/webapp/styles/xa.css 4ba75fb 
>   
> security-admin/src/main/webapp/templates/policies/RangerPolicyConditions_tmpl.html
>  6a46bbd 
>   
> security-admin/src/main/webapp/templates/policies/RangerPolicyDetail_tmpl.html
>  fae698d 
>   security-admin/src/main/webapp/templates/policies/RangerPolicyRO_tmpl.html 
> 801681b 
> 
> 
> Diff: https://reviews.apache.org/r/66080/diff/2/
> 
> 
> Testing
> ---
> 
> 1. Unable to see 'Deny Policy' & 'Except Conditions' when 
> enableDenyAndExceptionsInPolicies is set to false  and vice versa working as 
> expected.
> 2. Also checked newly added policy view mode popup in various places (policy 
> listing view, Audit->access tab policy view etc.)
> 
> 
> Thanks,
> 
> Nitin Galave
> 
>

Re: Review Request 65920: Ranger Tagsync should use cookie based authentication for subsequent requests to Ranger admin

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/65920/#review199005
---


Ship it!




Ship It!

- Gautam Borad


On March 9, 2018, 4:35 p.m., Nikhil P wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/65920/
> ---
> 
> (Updated March 9, 2018, 4:35 p.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay 
> Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan 
> Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2010
> https://issues.apache.org/jira/browse/RANGER-2010
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Ranger Tagsync should use cookie based authentication for subsequent requests 
> to Ranger admin.
> 
> 
> Diffs
> -
> 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRESTClient.java
>  0d94edc 
>   tagsync/src/main/java/org/apache/ranger/tagsync/process/TagSyncConfig.java 
> 697c7cc 
>   
> tagsync/src/main/java/org/apache/ranger/tagsync/sink/tagadmin/TagAdminRESTSink.java
>  a1dc8f5 
>   tagsync/src/main/resources/ranger-tagsync-site.xml 3542ae2 
> 
> 
> Diff: https://reviews.apache.org/r/65920/diff/2/
> 
> 
> Testing
> ---
> 
> 1)verified if ranger tagsync works as expected.
> 2)verified if tagsync is not re-login for every notification if 
> "ranger.tagsync.cookie.enabled" is set as true.
> 
> 
> Thanks,
> 
> Nikhil P
> 
>

Re: Review Request 65984: RANGER-1985: Auditing for Ranger Usersync operations

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/65984/#review198931
---


Ship it!




Ship It!

- Gautam Borad


On March 8, 2018, 2:40 p.m., Nitin Galave wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/65984/
> ---
> 
> (Updated March 8, 2018, 2:40 p.m.)
> 
> 
> Review request for ranger, Gautam Borad, Mehul Parikh, Pradeep Agrawal, 
> Sailaja Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1985
> https://issues.apache.org/jira/browse/RANGER-1985
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Add a new tab for Usersync audits in Ranger Admin UI
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/webapp/scripts/modules/globalize/message/en.js 
> c3b41c1 
>   security-admin/src/main/webapp/scripts/utils/XAEnums.js 4aa21c1 
>   security-admin/src/main/webapp/scripts/utils/XAViewUtils.js 11a0624 
>   security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js d2703c0 
>   security-admin/src/main/webapp/styles/xa.css 1f04aa2 
>   security-admin/src/main/webapp/templates/kms/KmsKeyCreate_tmpl.html b4b7f03 
>   
> security-admin/src/main/webapp/templates/policies/RangerPolicyCreate_tmpl.html
>  eb844ff 
>   security-admin/src/main/webapp/templates/reports/AuditLayout_tmpl.html 
> b977d3d 
>   security-admin/src/main/webapp/templates/reports/UserSyncInfo_tmpl.html 
> PRE-CREATION 
>   security-admin/src/main/webapp/templates/service/ServiceCreate_tmpl.html 
> 7464f83 
>   security-admin/src/main/webapp/templates/users/GroupCreate_tmpl.html 
> ffc29bf 
>   security-admin/src/main/webapp/templates/users/UserCreate_tmpl.html 13ce8cc 
> 
> 
> Diff: https://reviews.apache.org/r/65984/diff/1/
> 
> 
> Testing
> ---
> 
> 1. Able see usersync tab under Audit tab.
> 2. Usersync search filter working as expected. 
> 3. Tested with different types of sync sources (Unix, File, and LDAP/AD)
> 
> 
> Thanks,
> 
> Nitin Galave
> 
>

[jira] [Commented] (RANGER-1326) Fix remaining licensing issues

[Gautam Borad (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-1326?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16391047#comment-16391047
 ] 

Gautam Borad commented on RANGER-1326:
--

+1

> Fix remaining licensing issues
> --
>
> Key: RANGER-1326
> URL: https://issues.apache.org/jira/browse/RANGER-1326
> Project: Ranger
>  Issue Type: Bug
>Affects Versions: 0.6.2
>Reporter: Colm O hEigeartaigh
>Assignee: Velmurugan Periasamy
>Priority: Major
> Fix For: 1.0.0
>
> Attachments: 
> 0001-RANGER-1326-Removed-dependency-from-NOTICE-as-it-is-.patch
>
>
> We need to fix the remaining licensing issues as raised by Jusin:
> For items not fixed please see [1][2][3].
> Also note that with json2.js license it seems a little unclear to me and may 
> be under the JSON license. It does have “public domain” in the code so it may 
> be OK, it still however needs to be added to LICENSE. Just be careful as the 
> JSON license no longer allowed in Apache software and it is considered 
> category X. [4] In this case you do have a few months grace to remove this 
> [5] but you need to call it out in NOTICE and it still needs to be removed by 
> end of April. [5]
> 1. 
> https://lists.apache.org/thread.html/6949e2f048b07478c861a675ad8e98d750e0f786b272a6afc69df78e@%3Cgeneral.incubator.apache.org%3E
> 2. 
> https://lists.apache.org/thread.html/9552c63b71a38ed75cd252463e788408aa4a9a05abeba36168df5a12@%3Cgeneral.incubator.apache.org%3E
> 3. 
> https://lists.apache.org/thread.html/de169a09f7527fbc3549518f0227ba40ee8524c6e60ba8105d82479b@%3Cgeneral.incubator.apache.org%3E
> 4. https://www.apache.org/legal/resolved#category-x
> 5. 
> https://lists.apache.org/thread.html/bb18f942ce7eb83c11438303c818b885810fb76385979490366720d5@%3Clegal-discuss.apache.org%3E



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Fwd: Found Issue In Ranger

[Gautam Borad]

+ dev@ranger.apache.org


-- Forwarded message --
From: parveen Bhandari 
Date: Tue, Mar 6, 2018 at 8:07 PM
Subject: Found Issue In Ranger
To: gbo...@gmail.com




Hello

I have setup hadoop cluster and storm cluster with kerbeos enabled. I try
to enable Ranger in Storm but facing issue when ranger plugin download the
policy from policy server.

Getting Following error in logs of storm


cache file does not exist or not readable '/etc/ranger/stormacl/policyca
che/storm_stormacl.json'
2018-03-06 20:54:31.241 o.a.r.a.c.RangerAdminRESTClient Thread-4 [WARN]
Error getting policies. secureMode=true, user=storm/myserverhostn...@abc.com
(auth:KERBEROS),
response={"httpStatusCode":401,"statusCode":401,"msgDesc":"Authentication
Failed"}, serviceName=stormacl



Please Help me..i'm struggling  on this from last 3 weeks.

Thanks

Re: Review Request 65901: RANGER-1948: Support for Read-only Ranger Admin users (Ranger UI changes)

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/65901/#review198684
---


Ship it!




Ship It!

- Gautam Borad


On March 6, 2018, 6:34 a.m., Nitin Galave wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/65901/
> ---
> 
> (Updated March 6, 2018, 6:34 a.m.)
> 
> 
> Review request for ranger, Fatima Khan, Gautam Borad, Mehul Parikh, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1948
> https://issues.apache.org/jira/browse/RANGER-1948
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> This JIRA is to cater to need of Auditor roles in Ranger Admin.
> 
> We can introduce Auditor Roles for both the Administrator Roles in Ranger 
> Admin.
> 
> Auditor (Readonly privileges from current Admin role user )
> KMS Auditor (Readonly privileges from current Keydmin role user )
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/webapp/scripts/controllers/Controller.js 2be915f 
>   security-admin/src/main/webapp/scripts/mgrs/SessionMgr.js e7a3856 
>   security-admin/src/main/webapp/scripts/modules/globalize/message/en.js 
> ef75e36 
>   security-admin/src/main/webapp/scripts/utils/XAEnums.js 0e0958d 
>   security-admin/src/main/webapp/scripts/utils/XAUtils.js 4fe7263 
>   security-admin/src/main/webapp/scripts/views/common/TopNav.js aba71ef 
>   security-admin/src/main/webapp/scripts/views/kms/KMSTableLayout.js 2749cea 
>   
> security-admin/src/main/webapp/scripts/views/permissions/ModulePermissionForm.js
>  d9c522c 
>   
> security-admin/src/main/webapp/scripts/views/permissions/ModulePermsTableLayout.js
>  b46d526 
>   
> security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js
>  618207d 
>   security-admin/src/main/webapp/scripts/views/policymanager/ServiceLayout.js 
> 7aab1e2 
>   security-admin/src/main/webapp/scripts/views/reports/OperationDiffDetail.js 
> c8fc050 
>   security-admin/src/main/webapp/scripts/views/reports/UserAccessLayout.js 
> e0470cf 
>   
> security-admin/src/main/webapp/scripts/views/service/RangerServiceViewDetail.js
>  PRE-CREATION 
>   security-admin/src/main/webapp/scripts/views/user/UserProfileForm.js 
> d545a05 
>   security-admin/src/main/webapp/scripts/views/users/GroupCreate.js b73f755 
>   security-admin/src/main/webapp/scripts/views/users/UserCreate.js b8c5894 
>   security-admin/src/main/webapp/scripts/views/users/UserForm.js bd3730b 
>   security-admin/src/main/webapp/scripts/views/users/UserTableLayout.js 
> 9febd99 
>   security-admin/src/main/webapp/styles/xa.css 919e825 
>   security-admin/src/main/webapp/templates/common/TopNav_tmpl.html d2ff968 
>   security-admin/src/main/webapp/templates/helpers/XAHelpers.js f8479e4 
>   security-admin/src/main/webapp/templates/kms/KmsTableLayout_tmpl.html 
> 8107148 
>   
> security-admin/src/main/webapp/templates/permissions/ModulePermsTableLayout_tmpl.html
>  52b36a1 
>   
> security-admin/src/main/webapp/templates/policies/RangerPolicyTableLayout_tmpl.html
>  c49dc32 
>   security-admin/src/main/webapp/templates/reports/UserAccessLayout_tmpl.html 
> e185742 
>   
> security-admin/src/main/webapp/templates/service/RangerServiceViewDetail_tmpl.html
>  PRE-CREATION 
>   security-admin/src/main/webapp/templates/users/UserTableLayout_tmpl.html 
> b7d4967 
> 
> 
> Diff: https://reviews.apache.org/r/65901/diff/1/
> 
> 
> Testing
> ---
> 
> Tested scenario's:
> 1.Admin user is able to create User role user.
> 2.Admin user is able to create Auditor role user.
> 3.Admin user is not able to create kms auditor role user.
> 4.Keyadmin user is able to create kms auditor.
> 5.Auditor is able to only view policies, users, services and audits.
> 6.Kms auditor is able to only view policies, users, services, audits and keys.
> 7.Auditor is able to see permission tab but kms auditor should not see 
> permission tab.
> 
> 
> Thanks,
> 
> Nitin Galave
> 
>

Re: Review Request 65829: Improvement on permission module for listing modules

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/65829/#review198385
---


Ship it!




Ship It!

- Gautam Borad


On Feb. 28, 2018, 7:35 a.m., Fatima Khan wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/65829/
> ---
> 
> (Updated Feb. 28, 2018, 7:35 a.m.)
> 
> 
> Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, 
> Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and 
> Sailaja Polavarapu.
> 
> 
> Bugs: RANGER-1993
> https://issues.apache.org/jira/browse/RANGER-1993
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> 1.On permission listing page, if there are many users/group added in modules 
> and we do partial search then it gives pagination even when number of modules 
> are 7.
> 2.On Policy Listing Page, we don't have partial search for users and groups.
> 
> 
> Diffs
> -
> 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractPredicateUtil.java
>  7583864 
>   
> security-admin/src/main/java/org/apache/ranger/service/XModuleDefServiceBase.java
>  57cc694 
> 
> 
> Diff: https://reviews.apache.org/r/65829/diff/1/
> 
> 
> Testing
> ---
> 
> 1.Tested on permission listing module: to show proper results even after 
> applying filters.
> 2.Tested for all allowed filters on policy listing page, verified results 
> after applying filters for user's name and group name  .
> 
> 
> Thanks,
> 
> Fatima Khan
> 
>

Re: Review Request 65747: RANGER-1981: Error in constructing base path for UI API when accessing Atlas via knox proxy without "/" at the end

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/65747/#review198098
---


Ship it!




Ship It!

- Gautam Borad


On Feb. 22, 2018, 5:44 a.m., Nitin Galave wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/65747/
> ---
> 
> (Updated Feb. 22, 2018, 5:44 a.m.)
> 
> 
> Review request for ranger, Gautam Borad, Mehul Parikh, Pradeep Agrawal, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1981
> https://issues.apache.org/jira/browse/RANGER-1981
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> 1.Enabled knox proxy for ranger.
> 2.Accessed ranger UI via proxy using 
> https://knox_gateway:8443/gateway/ui/ranger
> 3.Provided admin username and password and logged into ranger
> 4.Now, opened another tab in browser with URL
> 
> UI is loaded without data because API path is not formed properly.
> 
> If the URL is accessed with "/" at the end, logs in as admin user and all 
> operations work fine.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/webapp/scripts/modules/RestCsrf.js c201c72 
> 
> 
> Diff: https://reviews.apache.org/r/65747/diff/1/
> 
> 
> Testing
> ---
> 
> Covered test cases :
> 1.By removing '/' in front of ranger 
> (https://:8443/gateway/ui/ranger)
> 2.By keeping '/' in front of ranger 
> (https://:8443/gateway/ui/ranger/)
> 3.Tested with KNOX SSO url.
> 4.Tested that when we hit KNOX proxy URL we get redirected to KNOX SSO.
> 5.By removing '/' in front of ranger after navigating to the different page.
> 
> 
> Thanks,
> 
> Nitin Galave
> 
>

Re: Review Request 65651: RANGER-1889: List Users belonging to Group in Group tab

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/65651/#review197744
---


Ship it!




Ship It!

- Gautam Borad


On Feb. 14, 2018, 11:25 a.m., Nitin Galave wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/65651/
> ---
> 
> (Updated Feb. 14, 2018, 11:25 a.m.)
> 
> 
> Review request for ranger, Gautam Borad, Mehul Parikh, Pradeep Agrawal, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1889
> https://issues.apache.org/jira/browse/RANGER-1889
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Request to add the list of users inside each group page on the Settings -> 
> Users/Groups page.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/webapp/scripts/modules/globalize/message/en.js 
> b71427c 
>   security-admin/src/main/webapp/scripts/views/users/UserTableLayout.js 
> 9febd99 
> 
> 
> Diff: https://reviews.apache.org/r/65651/diff/1/
> 
> 
> Testing
> ---
> 
> 1. Able to see users which are present inside each group.(Added user list 
> column on group listing page)
> 2. User search filter is also working on thoses users.
> 3. Also tested with internal and external groups/users.
> 
> 
> Thanks,
> 
> Nitin Galave
> 
>

Re: Review Request 64862: RANGER-1944: Action filter for Admin Audit is not working

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/64862/#review194746
---


Ship it!




Ship It!

- Gautam Borad


On Jan. 2, 2018, 5:35 a.m., Nitin Galave wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/64862/
> ---
> 
> (Updated Jan. 2, 2018, 5:35 a.m.)
> 
> 
> Review request for ranger, Gautam Borad, Mehul Parikh, and Velmurugan 
> Periasamy.
> 
> 
> Bugs: RANGER-1944
> https://issues.apache.org/jira/browse/RANGER-1944
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Action filter for Admin Audit is not working for Oracle database.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/webapp/scripts/utils/XAGlobals.js d16e5de 
>   security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js 76a8aa5 
> 
> 
> Diff: https://reviews.apache.org/r/64862/diff/2/
> 
> 
> Testing
> ---
> 
> Action filter is working fine for all database flavour (mysql/oracle) and 
> also revisited other filter options.
> 
> 
> Thanks,
> 
> Nitin Galave
> 
>

Re: Review Request 64740: RANGER-1938: Solr for Audit setup doesn't use DocValues effectively

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/64740/#review194575
---


Ship it!




Ship It!

- Gautam Borad


On Dec. 20, 2017, 1:22 a.m., Kevin Risden wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/64740/
> ---
> 
> (Updated Dec. 20, 2017, 1:22 a.m.)
> 
> 
> Review request for ranger.
> 
> 
> Bugs: RANGER-1938
> https://issues.apache.org/jira/browse/RANGER-1938
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> RANGER-1938: Solr for Audit setup doesn't use DocValues effectively
> 
> This requires Solr 5.5.x or later for DocValues to be used in this way.
> 
> 
> Diffs
> -
> 
>   security-admin/contrib/solr_for_audit_setup/conf/managed-schema 4d032f55 
> 
> 
> Diff: https://reviews.apache.org/r/64740/diff/1/
> 
> 
> Testing
> ---
> 
> See details here: 
> https://risdenk.github.io/2017/12/18/ambari-infra-solr-ranger.html
> 
> This has been running for about 2 months for us on Ambari Infra Solr 5.5. It 
> dropped heap usage from 22GB+ to  less than 4GB for the _version_ field. This 
> did not change the behavior of Ranger Admin when querying Solr.
> 
> 
> Thanks,
> 
> Kevin Risden
> 
>

Re: Review Request 64705: RANGER-1781: RangerUI :Policy create/edit form should display only relevant accesses based on the user-selected resource.

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/64705/#review194215
---


Ship it!




Ship It!

- Gautam Borad


On Dec. 19, 2017, 9:34 a.m., Nitin Galave wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/64705/
> ---
> 
> (Updated Dec. 19, 2017, 9:34 a.m.)
> 
> 
> Review request for ranger, Gautam Borad, Abhay Kulkarni, Mehul Parikh, 
> Pradeep Agrawal, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1781
> https://issues.apache.org/jira/browse/RANGER-1781
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Policy create/edit form should display only applicable set of access 
> permissions based on the policy resource (excludedAccesses property) and not 
> the entire set of permissions defined for the service definition.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/webapp/scripts/models/BackboneFormDataType.js 
> c4911af 
>   security-admin/src/main/webapp/scripts/modules/XAOverrides.js f340bee 
>   security-admin/src/main/webapp/scripts/utils/XAUtils.js 90b41d8 
>   security-admin/src/main/webapp/scripts/views/policies/PermissionList.js 
> df6a2be 
>   security-admin/src/main/webapp/scripts/views/policies/RangerPolicyCreate.js 
> 1475dd9 
>   security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js 
> 443ecc8 
>   security-admin/src/main/webapp/styles/xa.css 22eedf6 
> 
> 
> Diff: https://reviews.apache.org/r/64705/diff/1/
> 
> 
> Testing
> ---
> 
> 1. Policy CRUD working fine with existing service definition.
> 2. Verified policy CRUD after modifying resources and access types by 
> updating service definiton.
> 
> 
> Thanks,
> 
> Nitin Galave
> 
>

Re: Review Request 63405: RANGER-1864: Resources are not rendering correctly in policy create/edit page.

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/63405/#review189690
---


Ship it!




Ship It!

- Gautam Borad


On Oct. 30, 2017, 12:56 p.m., Nitin Galave wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/63405/
> ---
> 
> (Updated Oct. 30, 2017, 12:56 p.m.)
> 
> 
> Review request for ranger, Gautam Borad, Madhan Neethiraj, Mehul Parikh, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1864
> https://issues.apache.org/jira/browse/RANGER-1864
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> UI not rendering correctly if we provide resources at the same level with 
> different parent resources in the service definitions.
> Looks like Ranger UI uses only levels in the service definitions' resource 
> property. It should use level as well as parent check to render resources 
> level hierarchies.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/webapp/scripts/models/BackboneFormDataType.js 
> 3f8697e 
> 
> 
> Diff: https://reviews.apache.org/r/63405/diff/1/
> 
> 
> Testing
> ---
> 
> Tested above scenario and also visited exisitng policy pages.
> 
> 
> Thanks,
> 
> Nitin Galave
> 
>

Re: Review Request 62969: RANGER-1832: Export REST API should return exact matching results if polResource param is provided

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62969/#review187950
---


Ship it!




Ship It!

- Gautam Borad


On Oct. 13, 2017, 9:49 a.m., Pradeep Agrawal wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62969/
> ---
> 
> (Updated Oct. 13, 2017, 9:49 a.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Don Bosco Durai, bhavik patel, 
> Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Ramesh Mani, 
> Selvamohan Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1832
> https://issues.apache.org/jira/browse/RANGER-1832
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> **Problem Statement:** Currently, Export REST API returns partial matching 
> results also even if polResource param is provided.
> Use Case : 
> 1) Create a ranger hdfs policy with resource path /tmp/abcdefg
> 2) Call REST API to export policy for resource path: /tmp/abcd
> http://localhost:6080/service/plugins/policies/exportJson?serviceName=source_hadoop=/tmp/abcd:path=/tmp/abcd=hdfs=self_or_ancestor;
> 
> Expected Result: REST call should not return policy for resource /tmp/abcdefg
> Actual Result: REST call is returning policy for resource /tmp/abcdefg
> 
> **Proposed Solution:**
> Added a method in ServiceUtil.getMatchingPoliciesForResource() which shall 
> filter out partial matching resource policies according to given resource. 
> 
> ** Note :** Proposed solution is having support of only HDFS and Hive 
> service/resource type; support for other services can be added later.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/java/org/apache/ranger/common/ServiceUtil.java 
> 6864c5a 
>   security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 
> 9330edd 
> 
> 
> Diff: https://reviews.apache.org/r/62969/diff/1/
> 
> 
> Testing
> ---
> 
> **Steps Performed (with patch):**
> 1. After mvn Build; untar the Ranger module and updated install.properties 
> for MySQL DB flavor. 
> 2. Called setup.sh to execute Ranger setup script. 
> 3. Started Ranger admin.
> 
> **Steps for HDFS service:**
> 1. Created a hdfs service 'source_hadoop'.
> 2. Created a ranger hdfs policy(hdfs_policy1) with resource path /tmp/abcdefg
> 3. Created a ranger hdfs policy(hdfs_policy2) with resource path: /tmp/abcd
> 4. Created a ranger hdfs policy(hdfs_policy3) with resource path: 
> /tmp/abcd/file.txt
> 5. Called below given REST API to export policies for resource path: /tmp/abcd
> http://localhost:6080/service/plugins/policies/exportJson?serviceName=source_hadoop=/tmp/abcd:path=/tmp/abcd=hdfs=self_or_ancestor;
> 
> **Expected Behavior:**
> Above REST should return two policies(hdfs_policy2 and hdfs_policy3) which 
> are having resource /tmp/abcd and /tmp/abcd/file.txt respectively.
> 
> **Actual Behavior:**
> Returned JSON response was having only two policies(hdfs_policy2 and 
> hdfs_policy3).
> 
> ---
> 
> **Steps for HIVE service:**
> 1. Created a hive service 'source_hive'.
> 2. Created a ranger hive policy(hive_policy1) with 
> resource:database=default123,table=*,column=*
> 3. Created a ranger hive policy(hive_policy2) with 
> resource:database=default,table=*,column=*
> 4. Created a ranger hive datamask policy(hive_policy3) with 
> resource:database=default,table=table1,column=column1
> 5. Created a ranger hive rowlevel filter policy(hive_policy4) with 
> resource:database=default,table=table2
> 6. Called below given REST API to export policies for 
> resource:database=default
> http://localhost:6080/service/plugins/policies/exportJson?serviceName=source_hive=default:database=default=hive=self_or_ancestor;
> 
> **Expected Behavior:**
> Above REST should return three policies(hive_policy2, hive_policy3 and 
> hive_policy4).
> 
> **Actual Behavior:**
> Returned JSON response was having only three policies(hive_policy2, 
> hive_policy3 and hive_policy4).
> 
> 
> Thanks,
> 
> Pradeep Agrawal
> 
>

Re: Review Request 62881: RANGER-1176: Ranger admin does not allow to create / update a policy with only delegate admin permission.

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62881/#review187647
---


Ship it!




Ship It!

- Gautam Borad


On Oct. 11, 2017, 8:17 a.m., Nitin Galave wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62881/
> ---
> 
> (Updated Oct. 11, 2017, 8:17 a.m.)
> 
> 
> Review request for ranger, Gautam Borad, Mehul Parikh, Pradeep Agrawal, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1176
> https://issues.apache.org/jira/browse/RANGER-1176
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> A policy with empty access list is valid if delegated admin is true.But the 
> Ranger Admin UI doesn't allow user to create / update a policy with only the 
> 'delegate admin' permission for a user / group.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java 0b97da9 
>   security-admin/src/main/webapp/scripts/modules/globalize/message/en.js 
> 73b4cd3 
>   security-admin/src/main/webapp/scripts/views/policies/RangerPolicyCreate.js 
> df13b7c 
>   security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js 
> 9a8d82d 
>   security-admin/src/main/webapp/templates/helpers/XAHelpers.js 1766880 
>   
> security-admin/src/main/webapp/templates/reports/PlugableServicePolicyUpdateDiff_tmpl.html
>  524b18f 
> 
> 
> Diff: https://reviews.apache.org/r/62881/diff/1/
> 
> 
> Testing
> ---
> 
> 1.Tested with all components.
> 2.Tested policy getting created by adding both permission and selecting 
> delegate admin in allow/deny policy item.
> 3.Tested old and new value in the logs (Audit -> Admin tab) is getting 
> correctly displayed.
> 
> 
> Thanks,
> 
> Nitin Galave
> 
>

[jira] [Commented] (RANGER-1651) Improve Ranger and Ranger KMS REST Api documentation

[Gautam Borad (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-1651?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16167795#comment-16167795
 ] 

Gautam Borad commented on RANGER-1651:
--

+1 for new patch.

> Improve Ranger and Ranger KMS REST Api documentation
> 
>
> Key: RANGER-1651
> URL: https://issues.apache.org/jira/browse/RANGER-1651
> Project: Ranger
>  Issue Type: Bug
>  Components: admin
>Affects Versions: 0.7.1
>Reporter: Mehul Parikh
>Assignee: Mehul Parikh
> Fix For: 1.0.0, 0.7.2
>
> Attachments: RANGER-1651.2.patch, RANGER-1651.patch, 
> RANGER-1651-ranger-0.7.patch
>
>
> Improve the existing Ranger and Ranger KMS API documentation that is 
> published on the Apache Ranger website (http://ranger.apache.org/)
> This can be automated using some tool like Enunciate. 



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Re: Review Request 62080: Update NiFi service def and handle upgrade scenario.

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62080/#review185075
---


Ship it!




Ship It!

- Gautam Borad


On Sept. 8, 2017, 8:28 a.m., Nikhil P wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62080/
> ---
> 
> (Updated Sept. 8, 2017, 8:28 a.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay 
> Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan 
> Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1697
> https://issues.apache.org/jira/browse/RANGER-1697
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Apache NiFi would like to update the service def file to ensure more 
> consistent policy support between NiFi and Ranger. NiFi is in the process of 
> introducing an improved Ranger authorizer that allows the policies to be 
> viewed in NiFi UI for easier, in app, understanding of the policies 
> configured in Ranger UI. This effort is being tracked with this JIRA.
> 
> 
> Diffs
> -
> 
>   agents-common/src/main/resources/service-defs/ranger-servicedef-nifi.json 
> b81785d 
>   
> security-admin/src/main/java/org/apache/ranger/patch/PatchForNifiResourceUpdateExclude_J10008.java
>  PRE-CREATION 
>   security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 
> 6687e60 
>   security-admin/src/main/java/org/apache/ranger/service/XTrxLogService.java 
> 6c3034f 
> 
> 
> Diff: https://reviews.apache.org/r/62080/diff/1/
> 
> 
> Testing
> ---
> 
> 1)Tested on fresh install to check that exclude toggle is not visible on 
> create/update policy page.
> 2)Tested on upgrade case for Mysql to check that exclude toggle is not 
> visible on create/update policy page.
> 3)In ugrade scenario,checked if existing exclude polcies gets read only after 
> upgrade.
> 
> 
> Thanks,
> 
> Nikhil P
> 
>

Re: Review Request 62078: Update NiFi service def and handle upgrade scenario.

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62078/#review185074
---


Ship it!




Ship It!

- Gautam Borad


On Sept. 8, 2017, 8:28 a.m., Nikhil P wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62078/
> ---
> 
> (Updated Sept. 8, 2017, 8:28 a.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay 
> Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan 
> Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1697
> https://issues.apache.org/jira/browse/RANGER-1697
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Apache NiFi would like to update the service def file to ensure more 
> consistent policy support between NiFi and Ranger. NiFi is in the process of 
> introducing an improved Ranger authorizer that allows the policies to be 
> viewed in NiFi UI for easier, in app, understanding of the policies 
> configured in Ranger UI. This effort is being tracked with this JIRA.
> 
> 
> Diffs
> -
> 
>   agents-common/src/main/resources/service-defs/ranger-servicedef-nifi.json 
> b81785d 
>   
> security-admin/src/main/java/org/apache/ranger/patch/PatchForNifiResourceUpdateExclude_J10008.java
>  PRE-CREATION 
>   security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 
> 6de8a14 
>   security-admin/src/main/java/org/apache/ranger/service/XTrxLogService.java 
> 6736c56 
> 
> 
> Diff: https://reviews.apache.org/r/62078/diff/1/
> 
> 
> Testing
> ---
> 
> 1)Tested on fresh install to check that exclude toggle is not visible on 
> create/update policy page.
> 2)Tested on upgrade case for Mysql to check that exclude toggle is not 
> visible on create/update policy page.
> 3)In ugrade scenario,checked if existing exclude polcies gets read only after 
> upgrade.
> 
> 
> Thanks,
> 
> Nikhil P
> 
>

Re: Review Request 62029: In Nifi default policy is getting created with policyitem without any user/group but permission is set for the same

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62029/#review185073
---


Ship it!




Ship It!

- Gautam Borad


On Sept. 11, 2017, 6:05 a.m., Nikhil P wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62029/
> ---
> 
> (Updated Sept. 11, 2017, 6:05 a.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay 
> Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan 
> Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1750
> https://issues.apache.org/jira/browse/RANGER-1750
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> In Nifi default policy are getting created with policyitem without any 
> user/group but permission is set for the same. In ideal case this is not a 
> valid policyitem.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 
> 9742265 
> 
> 
> Diff: https://reviews.apache.org/r/62029/diff/2/
> 
> 
> Testing
> ---
> 
> 1)tested that during service creation if default policy does not have valid 
> policyItem then policy wont be created.
> 2)tested Nifi policy and service CRUD works properly.
> 
> 
> Thanks,
> 
> Nikhil P
> 
>

[jira] [Commented] (RANGER-1638) Improve the password validation from Ranger API

[Gautam Borad (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-1638?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16081936#comment-16081936
 ] 

Gautam Borad commented on RANGER-1638:
--

Committed to Master : 
https://github.com/apache/ranger/commit/8d32649f935fc0ade400db94c20d909fa1f767e1
Committed to ranger-0.7 : 
https://github.com/apache/ranger/commit/98da92207ba78a640d4ddce8f02cb2de8657040f

> Improve the password validation from Ranger API
> ---
>
> Key: RANGER-1638
> URL: https://issues.apache.org/jira/browse/RANGER-1638
> Project: Ranger
>  Issue Type: Bug
>  Components: admin
>Affects Versions: 0.7.0
>Reporter: Mehul Parikh
>    Assignee: Gautam Borad
> Fix For: 1.0.0, 0.7.2
>
> Attachments: RANGER-1638.1.patch, RANGER-1638.patch
>
>
> Ranger API should apply password validation in sync with what UI is applying 
> for all users. 



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Re: Review Request 60188: RANGER-1651 : Improve Ranger and Ranger KMS REST Api documentation

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/60188/#review178882
---


Ship it!




Ship It!

- Gautam Borad


On June 19, 2017, 12:10 p.m., Mehul Parikh wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/60188/
> ---
> 
> (Updated June 19, 2017, 12:10 p.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, 
> Pradeep Agrawal, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1651
> https://issues.apache.org/jira/browse/RANGER-1651
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Patch is for improving Ranger and Ranger KMS API documentation by adding 
> enunciate plugin and providing swagger UI for running the curl commands. 
> 
> Note: Once this patch gets committed, we can push the documentation on 
> http://ranger.apache.org/ as a doc entry.
> 
> 
> Diffs
> -
> 
>   docs/src/site/site.xml 77dda96 
>   enunciate.xml PRE-CREATION 
>   kms/pom.xml 8e847bc 
>   pom.xml d619f62 
>   security-admin/pom.xml 2f99e3e 
> 
> 
> Diff: https://reviews.apache.org/r/60188/diff/1/
> 
> 
> Testing
> ---
> 
> Verified : 
> 
> Verified all the APIs of Ranger admin and Ranger KMS being added to the 
> document.
> 
> 
> Thanks,
> 
> Mehul Parikh
> 
>

Re: Review Request 60238: RANGER-1651 : Improve Ranger and Ranger KMS REST Api documentation

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/60238/#review178881
---


Ship it!




Ship It!

- Gautam Borad


On June 20, 2017, 12:30 p.m., Mehul Parikh wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/60238/
> ---
> 
> (Updated June 20, 2017, 12:30 p.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, 
> Pradeep Agrawal, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1651
> https://issues.apache.org/jira/browse/RANGER-1651
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Patch is for improving Ranger and Ranger KMS API documentation by adding 
> enunciate plugin and providing swagger UI for running the curl commands. 
> 
> Note: Once this patch gets committed, we can push the documentation on 
> http://ranger.apache.org/ as a doc entry.
> 
> 
> Diffs
> -
> 
>   docs/src/site/site.xml fc4b037 
>   enunciate.xml PRE-CREATION 
>   kms/pom.xml dd3f0c5 
>   pom.xml 91e4434 
>   security-admin/pom.xml 90b8cab 
> 
> 
> Diff: https://reviews.apache.org/r/60238/diff/1/
> 
> 
> Testing
> ---
> 
> Verified : 
> 
> Verified all the APIs of Ranger admin and Ranger KMS being added to the 
> document.
> 
> 
> Thanks,
> 
> Mehul Parikh
> 
>

[jira] [Commented] (RANGER-1667) Range Audit Access Logs is struck

[Gautam Borad (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-1667?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16062872#comment-16062872
 ] 

Gautam Borad commented on RANGER-1667:
--

Audit to DB has been deprecated since release 0.6. Please consider Audit to 
Solr as an option. More information here : 
https://cwiki.apache.org/confluence/display/RANGER/DB+Audit+Removal

> Range Audit Access Logs is struck
> -
>
> Key: RANGER-1667
> URL: https://issues.apache.org/jira/browse/RANGER-1667
> Project: Ranger
>  Issue Type: Bug
>  Components: admin, audit
>Affects Versions: 0.7.1
> Environment: Centos 7.0
> 16 GB Memory
> 8 CPU
>Reporter: Joseph Aliase
> Attachments: screenshot-1.png
>
>
> I'm using Apache Ranger to authorize access to Kafka Topic. Kafka Plugin and 
> Admin are in sync and are working fine.
> I'm using mysql for storing Audit logs. Access Log tab is frozen and it 
> doesnt show any rows. Other Tab's are working and I'm able to filter records. 
> PFA Access log frozen screen



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (RANGER-1638) Improve the password validation from Ranger API

[Gautam Borad (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1638?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Gautam Borad updated RANGER-1638:
-
Attachment: RANGER-1638.1.patch

> Improve the password validation from Ranger API
> ---
>
> Key: RANGER-1638
> URL: https://issues.apache.org/jira/browse/RANGER-1638
> Project: Ranger
>  Issue Type: Bug
>  Components: admin
>Affects Versions: 0.7.0
>Reporter: Mehul Parikh
>    Assignee: Gautam Borad
> Fix For: 1.0.0, 0.7.2
>
> Attachments: RANGER-1638.1.patch, RANGER-1638.patch
>
>
> Ranger API should apply password validation in sync with what UI is applying 
> for all users. 



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Re: Review Request 60144: RANGER-1638. Improve the password validation from Ranger API

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/60144/
---

(Updated June 23, 2017, 9:43 a.m.)


Review request for ranger, Ankita Sinha, Don Bosco Durai, Abhay Kulkarni, 
Madhan Neethiraj, Ramesh Mani, Selvamohan Neethiraj, and Velmurugan Periasamy.


Changes
---

Handle Colm's comments


Bugs: RANGER-1638
https://issues.apache.org/jira/browse/RANGER-1638


Repository: ranger


Description
---

Validation for password is done as per validation rules on the Ranger UI side. 
Initially on Ranger API we didnt have validation for password length, non-us 
character, alphabet and number compulsion. This patch handles that.


Diffs (updated)
-

  security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java cd1de9f 
  security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java 30525b3 


Diff: https://reviews.apache.org/r/60144/diff/2/

Changes: https://reviews.apache.org/r/60144/diff/1-2/


Testing
---

Tested the validations from both UI and backend in a CentOS node with Ranger.


Thanks,

Gautam Borad

[jira] [Updated] (RANGER-1638) Improve the password validation from Ranger API

[Gautam Borad (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1638?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Gautam Borad updated RANGER-1638:
-
Fix Version/s: 1.0.0

> Improve the password validation from Ranger API
> ---
>
> Key: RANGER-1638
> URL: https://issues.apache.org/jira/browse/RANGER-1638
> Project: Ranger
>  Issue Type: Bug
>  Components: admin
>Affects Versions: 0.7.0
>Reporter: Mehul Parikh
>    Assignee: Gautam Borad
> Fix For: 1.0.0, 0.7.1
>
>
> Ranger API should apply password validation in sync with what UI is applying 
> for all users. 



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Review Request 60144: RANGER-1638. Improve the password validation from Ranger API

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/60144/
---

Review request for ranger, Ankita Sinha, Don Bosco Durai, Abhay Kulkarni, 
Madhan Neethiraj, Ramesh Mani, Selvamohan Neethiraj, and Velmurugan Periasamy.


Bugs: RANGER-1638
https://issues.apache.org/jira/browse/RANGER-1638


Repository: ranger


Description
---

Validation for password is done as per validation rules on the Ranger UI side. 
Initially on Ranger API we didnt have validation for password length, non-us 
character, alphabet and number compulsion. This patch handles that.


Diffs
-

  security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java 
cd1de9ffdd4e697af04e120c844fe3de040c 
  security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java 
30525b3b1902dab3936bb8c8a2333555fe258ecc 


Diff: https://reviews.apache.org/r/60144/diff/1/


Testing
---

Tested the validations from both UI and backend in a CentOS node with Ranger.


Thanks,

Gautam Borad

Re: Review Request 58946: Ranger UI : Audit Menu-> Admin tab diff view pop-up does not come up.

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58946/#review177888
---


Ship it!




Ship It!

- Gautam Borad


On June 9, 2017, 3 p.m., Nitin Galave wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58946/
> ---
> 
> (Updated June 9, 2017, 3 p.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Gautam Borad, Mehul Parikh, Pradeep 
> Agrawal, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1555
> https://issues.apache.org/jira/browse/RANGER-1555
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> In Ranger UI Audit Menu-> admin tab: diff view popup does not comp up for 
> following scenario's 
> 1. Service delete operation (delete any service and check diff view log for 
> the same).
> 2. Hive policy update operation for access policy.
> Steps to reproduce:
> a.Create hive policy by selecting resource as a table.
> b.Then, update the policy by changing resource table to UDF. 
> c.Check diff view log in Audit Menu-> admin tab
> And also fixed following cases:
> - Diff view popup doesn’t show deny exception policy Items: when taged policy 
> is created.
> - Diff view popup doesn’t show row level filter policy items: when policy is 
> deleted(the same case happening for masking policy item).
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/java/org/apache/ranger/biz/AssetMgr.java d4ab8d7 
>   
> security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java
>  8d9776a 
>   security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js 
> ff62bb2 
>   
> security-admin/src/main/webapp/scripts/views/reports/PlugableServiceDiffDetail.js
>  9ec7e91 
>   security-admin/src/main/webapp/styles/xa.css 6279f8f 
>   
> security-admin/src/main/webapp/templates/reports/KnoxPolicyDeleteOperationDiff_tmpl.html
>  31cd974 
>   
> security-admin/src/main/webapp/templates/reports/KnoxPolicyOperationDiff_tmpl.html
>  3afe134 
>   
> security-admin/src/main/webapp/templates/reports/KnoxPolicyUpdateOperationDiff_tmpl.html
>  07758dd 
>   
> security-admin/src/main/webapp/templates/reports/PlugableServicePolicyDeleteDiff_tmpl.html
>  0325c42 
>   
> security-admin/src/main/webapp/templates/reports/PlugableServicePolicyDiff_tmpl.html
>  3018c84 
>   
> security-admin/src/main/webapp/templates/reports/PlugableServicePolicyUpdateDiff_tmpl.html
>  c2d6c2d 
>   
> security-admin/src/main/webapp/templates/reports/PolicyDeleteOperationDiff_tmpl.html
>  1449b04 
>   
> security-admin/src/main/webapp/templates/reports/PolicyOperationDiff_tmpl.html
>  54248f0 
>   
> security-admin/src/main/webapp/templates/reports/PolicyUpdateOperationDiff_tmpl.html
>  38de921 
> 
> 
> Diff: https://reviews.apache.org/r/58946/diff/2/
> 
> 
> Testing
> ---
> 
> Testing Done:
> 
> 1. Verified diff view for CRUD operation for following modules: Service, 
> Policy (Access, Masking, Row level filter), User/Group.
> 2. Verified diff view popup for existing policies (for eg. Customers existing 
> policies) for CRUD operation logs.
> 
> 
> Thanks,
> 
> Nitin Galave
> 
>

Re: Review Request 58947: Ranger UI : Audit Menu-> Admin tab diff view pop-up does not come up.

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58947/#review177887
---


Ship it!




Ship It!

- Gautam Borad


On June 9, 2017, 2:59 p.m., Nitin Galave wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58947/
> ---
> 
> (Updated June 9, 2017, 2:59 p.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Gautam Borad, Mehul Parikh, Pradeep 
> Agrawal, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1555
> https://issues.apache.org/jira/browse/RANGER-1555
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> In Ranger UI Audit Menu-> admin tab: diff view popup does not comp up for 
> following scenario's 
> 1. Service delete operation (delete any service and check diff view log for 
> the same).
> 2. Hive policy update operation for access policy.
>   Steps to reproduce:
>   a.Create hive policy by selecting resource as a table.
>   b.Then, update the policy by changing resource table to UDF. 
>   c.Check diff view log in Audit Menu-> admin tab
> And also fixed following cases:
> - Diff view popup doesn’t show deny exception policy Items: when taged policy 
> is created.
> - Diff view popup doesn’t show row level filter policy items: when policy is 
> deleted(the same case happening for masking policy item).
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/java/org/apache/ranger/biz/AssetMgr.java 01062de 
>   
> security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java
>  ede73bf 
>   security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js 
> ff62bb2 
>   
> security-admin/src/main/webapp/scripts/views/reports/PlugableServiceDiffDetail.js
>  9ec7e91 
>   security-admin/src/main/webapp/styles/xa.css c70c0bc 
>   
> security-admin/src/main/webapp/templates/reports/KnoxPolicyDeleteOperationDiff_tmpl.html
>  31cd974 
>   
> security-admin/src/main/webapp/templates/reports/KnoxPolicyOperationDiff_tmpl.html
>  3afe134 
>   
> security-admin/src/main/webapp/templates/reports/KnoxPolicyUpdateOperationDiff_tmpl.html
>  07758dd 
>   
> security-admin/src/main/webapp/templates/reports/PlugableServicePolicyDeleteDiff_tmpl.html
>  0325c42 
>   
> security-admin/src/main/webapp/templates/reports/PlugableServicePolicyDiff_tmpl.html
>  3018c84 
>   
> security-admin/src/main/webapp/templates/reports/PlugableServicePolicyUpdateDiff_tmpl.html
>  c2d6c2d 
>   
> security-admin/src/main/webapp/templates/reports/PolicyDeleteOperationDiff_tmpl.html
>  1449b04 
>   
> security-admin/src/main/webapp/templates/reports/PolicyOperationDiff_tmpl.html
>  54248f0 
>   
> security-admin/src/main/webapp/templates/reports/PolicyUpdateOperationDiff_tmpl.html
>  38de921 
> 
> 
> Diff: https://reviews.apache.org/r/58947/diff/3/
> 
> 
> Testing
> ---
> 
> Testing Done:
> 
> 1. Verified diff view for CRUD operation for following modules: Service, 
> Policy (Access, Masking, Row level filter), User/Group.
> 2. Verified diff view popup for existing policies (for eg. Customers existing 
> policies) for CRUD operation logs.
> 
> 
> Thanks,
> 
> Nitin Galave
> 
>

Re: [VOTE] Release Apache Ranger 0.7.1 - release candidate 1 (dev group vote)

[Gautam Borad]

+1

Downloaded apache-ranger-0.7.1.tar.gz, apache-ranger-0.7.1.tar.gz.asc and
apache-ranger-0.7.1.tar.gz.mds
Verified PGP Signature and MD5/SHA hash
Did mvn build successfully

On Fri, Jun 2, 2017 at 11:32 PM, Abhay Kulkarni 
wrote:

> +1
>
> - Extracted and built clean with rat plugin
>
> Thanks,
> -Abhay
>
> On 6/2/17, 10:41 AM, "Sailaja Polavarapu" 
> wrote:
>
> >+1
> >- Successfully extracted tar file
> >- Able to clean and build successfully with rat plugin.
> >
> >Thanks,
> >Sailaja
> >
> >
> >
> >
> >
> >
> >On 6/2/17, 10:32 AM, "Ramesh Mani"  wrote:
> >
> >>+1
> >>
> >>- Did successful build of apache-ranger-0.7.1.tar.gz  with rat plugin.
> >>- Verified some source files.
> >>- Verified PGP signature, MD5/SHA hash.
> >>
> >>Thanks,
> >>Ramesh
> >>
> >>
> >>
> >>
> >>
> >>On 6/1/17, 8:08 AM, "Velmurugan Periasamy"  wrote:
> >>
> >>>Hello Rangers:
> >>>
> >>>Apache Ranger 0.7.1 release candidate #1 is now available for a vote
> >>>within dev community. Links to release artifacts are given below. Could
> >>>you please review and vote?
> >>>
> >>>The vote will be open for at least 72 hours or until necessary number of
> >>>votes are reached.
> >>>[ ] +1  approve
> >>>[ ] +0  no opinion
> >>>[ ] -1  disapprove (and reason why)
> >>>
> >>>Here is my +1 (binding)
> >>>
> >>>Thank you,
> >>>Vel
> >>>
> >>>Git tag for the release:
> >>>  https://github.com/apache/ranger/tree/ranger-0.7.1-rc1  (last commit
> >>>id
> >>>:  098865edd9174ab5bb17bf5c7caa54128fdf04d2)
> >>>Sources for the release:
> >>>
> >>>https://dist.apache.org/repos/dist/dev/ranger/0.7.1-rc1/apache-ranger-0
> .
> >>>7.
> >>>1.tar.gz
> >>>
> >>>Source release verification:
> >>>PGP Signature:
> >>>
> >>>https://dist.apache.org/repos/dist/dev/ranger/0.7.1-rc1/apache-ranger-0
> .
> >>>7.
> >>>1.tar.gz.asc
> >>>MD5/SHA  Hash:
> >>>
> >>>https://dist.apache.org/repos/dist/dev/ranger/0.7.1-rc1/apache-ranger-0
> .
> >>>7.
> >>>1.tar.gz.mds
> >>>
> >>>Keys to verify the signature of the release artifact are available at:
> >>>  https://people.apache.org/keys/group/ranger.asc
> >>>
> >>>
> >>
> >>
>
>


-- 
Regards,
Gautam.

[jira] [Updated] (RANGER-1620) Fix kafka-ranger-env.sh script to not throw error when it is sourced from bash

[Gautam Borad (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1620?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Gautam Borad updated RANGER-1620:
-
Attachment: RANGER-1620.patch

> Fix kafka-ranger-env.sh script to not throw error when it is sourced from bash
> --
>
> Key: RANGER-1620
> URL: https://issues.apache.org/jira/browse/RANGER-1620
> Project: Ranger
>  Issue Type: Bug
>  Components: plugins
>    Reporter: Gautam Borad
>Assignee: Gautam Borad
>Priority: Critical
> Fix For: 0.7.0, 1.0.0
>
> Attachments: RANGER-1620.patch
>
>
> Current implementation of kafka-ranger-env.sh relies on the $0 bash variable, 
> However, when the script is sourced using the {{source}} or the {{.}} 
> command, the {{$0}} variable expands to text {{-bash}} which gives an error.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Re: Review Request 59618: RANGER-1620. Fix kafka-ranger-env.sh script to not throw error when it is sourced from bash

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59618/
---

(Updated May 28, 2017, 5:28 a.m.)


Review request for ranger, Ankita Sinha, Don Bosco Durai, Abhay Kulkarni, 
Madhan Neethiraj, Ramesh Mani, Selvamohan Neethiraj, and Velmurugan Periasamy.


Bugs: RANGER-1620
https://issues.apache.org/jira/browse/RANGER-1620


Repository: ranger


Description
---

Fixed the kafka-ranger-env.sh script by not relying on the $0 variable.


Diffs
-

  plugin-kafka/conf/kafka-ranger-env.sh 
232e31c0a68a38a2bcfc345bb987cf3dfdde4479 


Diff: https://reviews.apache.org/r/59618/diff/1/


Testing
---

Tested on a cluster with Ranger and Kafka and ensured that when the script is 
sourced it does not give any error.

Manual testing of script:

1. With no CLASSPATH set:

[root@instance-5 ~]# echo $CLASSPATH

[root@instance-5 ~]# . /etc/kafka/conf/kafka-ranger-env.sh
[root@instance-5 ~]# echo $CLASSPATH
:/etc/kafka/conf:/usr/hdp/current/hadoop-hdfs-client/*:/usr/hdp/current/hadoop-hdfs-client/lib/*:/etc/hadoop/conf


2. With CLASSPATH already set to some value:

[root@instance-5 ~]# export CLASSPATH="a"
[root@instance-5 ~]# echo $CLASSPATH
a
[root@instance-5 ~]# . /etc/kafka/conf/kafka-ranger-env.sh
[root@instance-5 ~]# echo $CLASSPATH
a:/etc/kafka/conf:/usr/hdp/current/hadoop-hdfs-client/*:/usr/hdp/current/hadoop-hdfs-client/lib/*:/etc/hadoop/conf


Thanks,

Gautam Borad

[jira] [Updated] (RANGER-1620) Fix kafka-ranger-env.sh script to not throw error when it is sourced from bash

[Gautam Borad (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1620?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Gautam Borad updated RANGER-1620:
-
Priority: Critical  (was: Major)

> Fix kafka-ranger-env.sh script to not throw error when it is sourced from bash
> --
>
> Key: RANGER-1620
> URL: https://issues.apache.org/jira/browse/RANGER-1620
> Project: Ranger
>  Issue Type: Bug
>  Components: plugins
>    Reporter: Gautam Borad
>Assignee: Gautam Borad
>Priority: Critical
> Fix For: 0.7.0, 1.0.0
>
>
> Current implementation of kafka-ranger-env.sh relies on the $0 bash variable, 
> However, when the script is sourced using the {{source}} or the {{.}} 
> command, the {{$0}} variable expands to text {{-bash}} which gives an error.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Created] (RANGER-1620) Fix kafka-ranger-env.sh script to not throw error when it is sourced from bash

[Gautam Borad (JIRA)]

Gautam Borad created RANGER-1620:


 Summary: Fix kafka-ranger-env.sh script to not throw error when it 
is sourced from bash
 Key: RANGER-1620
 URL: https://issues.apache.org/jira/browse/RANGER-1620
 Project: Ranger
  Issue Type: Bug
  Components: plugins
Reporter: Gautam Borad
Assignee: Gautam Borad
 Fix For: 1.0.0, 0.7.0


Current implementation of kafka-ranger-env.sh relies on the $0 bash variable, 
However, when the script is sourced using the {{source}} or the {{.}} command, 
the {{$0}} variable expands to text {{-bash}} which gives an error.





--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Re: Patches with trivial changes

[Gautam Borad]

+1 for Madhan's recommendations,

Colm, I agree that we should not discourage new contributions. However, I
think, we should also not encourage such single line/whitespace
contributions. We want contributors who can do more functionals/feature
changes and while doing that they can also fix the trivial issues
(whitespace etc)

Since each contribution to Ranger requires creating Jira/RR, if we start
having lot of such trivial contributions, the community will be overwhelmed
with activities(mails etc) like this and that can lead to ignoring of a
real functional change, when it comes.

In fact, the Apache page on Contributors itself says :

"Being a contributor simply means that you take an interest in the project
and contribute in some way, ranging from asking sensible questions (which
documents the project and provides feedback to developers) through to
providing *new features* as patches."


So yes, we should encourage contributors, but encourage them to try and
understand Ranger and add more features/functionalities and eventually
"earn" the title of a committer. Thanks.



On Wed, May 24, 2017 at 2:19 PM, Colm O hEigeartaigh 
wrote:

> Hi Madhan,
>
> Trivial commits provide a path to get new contributors on board to the
> project - something that the project needs IMO. Yes it may make backporting
> fixes a little more difficult, but it's hardly an intractable problem to
> figure out some whitespace changes between branches - it's not as if Ranger
> is a particularly large project.
>
> Having said that I agree that some of the very trivial patches could maybe
> be consolidated a bit more. I will encourage future review requests that
> have a very trivial spelling fix to hold on to the fix for a while, so that
> we can fix multiple spelling fixes etc. at the same time.
>
> Colm.
>
> On Wed, May 24, 2017 at 7:27 AM, Madhan Neethiraj 
> wrote:
>
> > All,
> >
> >
> >
> > I notice a number of recent patches address trivial issues like white
> > space, spelling mistakes (one patch just changed a single letter in a
> > label). And few other patches update a large number of files for
> > trivial/non-functional changes – like whitespaces. I strongly suggest we
> > refrain from authoring/encouraging such patches – for many reasons. One
> of
> > the main reasons is the overhead such updates add in backporting
> > real/critical fixes (that would come later) to other branches, as these
> > changes might force dealing with merge conflicts.
> >
> >
> >
> > Since the changes introduced in such patches are not essential, I would
> > suggest to take these up when these source files are updated for other
> > functional fixes. I would greatly appreciate if the patches focus on
> > fixing/enhancing Ranger functionality; this would be benefit the
> community
> > immensely.
> >
> >
> >
> > Thanks,
> >
> > Madhan
> >
> >
> >
>
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
>



-- 
Regards,
Gautam.

[jira] [Commented] (RANGER-1602) Include / Exclude toggle not working for same level resources

[Gautam Borad (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-1602?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16020976#comment-16020976
 ] 

Gautam Borad commented on RANGER-1602:
--

Committed to master : 56e28489607eb7e7da68a76edf98c5f8ca78eb6c
Committed to ranger-0.7 : 69bb80df27bc49e1544a3b3bbe87c3d00cd921da

> Include / Exclude toggle not working for same level resources
> -
>
> Key: RANGER-1602
> URL: https://issues.apache.org/jira/browse/RANGER-1602
> Project: Ranger
>  Issue Type: Bug
>  Components: admin, Ranger
>Affects Versions: 0.7.0, 1.0.0
>Reporter: Gautam Borad
>Assignee: Nitin Galave
> Fix For: 1.0.0, 0.7.1
>
> Attachments: RANGER-1602.patch
>
>
> Include / Exclude toggle is shown on the UI even if one of the resource at 
> the same level contains excludesSupported flag as true in service def.
> Ideally, it should honor the flag and show the toggle only if its set to true.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Created] (RANGER-1602) Include / Exclude toggle not working for same level resources

[Gautam Borad (JIRA)]

Gautam Borad created RANGER-1602:


 Summary: Include / Exclude toggle not working for same level 
resources
 Key: RANGER-1602
 URL: https://issues.apache.org/jira/browse/RANGER-1602
 Project: Ranger
  Issue Type: Bug
  Components: admin, Ranger
Affects Versions: 0.7.0, 1.0.0
Reporter: Gautam Borad
Assignee: Gautam Borad


Include / Exclude toggle is shown on the UI even if one of the resource at the 
same level contains isExclude as true.

Ideally, it should honor the flag and shoe the toggle only if its set to true.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (RANGER-1583) Test connections are failing for plugins after upgrade

[Gautam Borad (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-1583?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16017648#comment-16017648
 ] 

Gautam Borad commented on RANGER-1583:
--

Committed to master : 69204867d4bba0d7094ea5963971baf403af2fe4
Committed to ranger-0.7 : 0765c215d6fa1a70734a32e6f37f6fc77dc718d5

> Test connections are failing for plugins after upgrade
> --
>
> Key: RANGER-1583
> URL: https://issues.apache.org/jira/browse/RANGER-1583
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: bhavik patel
>Assignee: bhavik patel
> Fix For: 1.0.0, 0.7.1
>
> Attachments: RANGER-1583-07-01.patch, RANGER-1583-07.patch, 
> RANGER-1583-master-01.patch, RANGER-1583-master.patch
>
>
> After upgrade from ranger-0.6 to ranger-0.7 all test connections are failing 
> for plugins. 
> Below error is shown in xa_portal.log:
> ERROR org.apache.ranger.plugin.util.PasswordUtils (PasswordUtils.java:129) - 
> Unable to decrypt password due to error



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Re: Review Request 59335: RANGER-1583 : Test connections are failing for plugins after upgrade

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59335/#review175525
---


Ship it!




Ship It!

- Gautam Borad


On May 19, 2017, 1:33 p.m., bhavik patel wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/59335/
> ---
> 
> (Updated May 19, 2017, 1:33 p.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Gautam Borad, Abhay Kulkarni, Madhan 
> Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, 
> and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1583
> https://issues.apache.org/jira/browse/RANGER-1583
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> After upgrade from ranger-0.6 to ranger-0.7 all test connections are failing 
> for plugins.
> Below error is shown in xa_portal.log:
> ERROR org.apache.ranger.plugin.util.PasswordUtils (PasswordUtils.java:129) - 
> Unable to decrypt password due to error
> 
> 
> Diffs
> -
> 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/util/PasswordUtils.java 
> 3759b8d 
>   security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 
> a44aa46 
>   
> security-admin/src/main/java/org/apache/ranger/service/RangerServiceService.java
>  256d42e 
>   security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml 
> 4f5f1d3 
> 
> 
> Diff: https://reviews.apache.org/r/59335/diff/2/
> 
> 
> Testing
> ---
> 
> 1. After upgrade from ranger-0.6 to ranger-0.7 verified plugins 
> test-connections & resource-lookup.
> 
> 
> Thanks,
> 
> bhavik patel
> 
>

Re: Review Request 59255: Some users hope that the pid file of the Ranger Admin can be unified management when they integrate Ranger into the big data platform or business systems to uniform install a

[Gautam Borad]

> On May 13, 2017, 1:46 p.m., Velmurugan Periasamy wrote:
> > embeddedwebserver/scripts/ranger-admin-services.sh
> > Lines 71 (patched)
> > <https://reviews.apache.org/r/59255/diff/1/?file=1717758#file1717758line71>
> >
> > Users can set RANGER_PID_DIR_PATH if they don't want to use default 
> > path. So what is the need for an additional variable?
> 
> pengjianhua wrote:
> This function is perfect if user independently use our ranger. 
> There is defect for ranger when they integrate Ranger into the big data 
> platform or business systems to uniform install and run Ranger. These systems 
> require services to support multiple instances, that is, the same service can 
> been run multiple instances in the same node. These systems need to 
> dynamically change the pid file path to avoid conflicts when they run 
> service. They hope that ranger also has the ability to dynamically change the 
> pid path at startup. 
> We should meet this need by minor modifications without affecting the 
> current function and logic.
> 
> Colm O hEigeartaigh wrote:
> I think it would be better if we kept the functionality of 
> RANGER_PID_DIR_PATH as it is, but instead used RANGER_ADMIN_PID_NAME or 
> something which would default to "rangeradmin.pid". So if you want to 
> customise it you can change the path via RANGER_PID_DIR_PATH and the filename 
> via RANGER_ADMIN_PID_NAME.

+1 for Colm's suggestions.


- Gautam


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59255/#review174894
---


On May 13, 2017, 7:14 a.m., pengjianhua wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/59255/
> ---
> 
> (Updated May 13, 2017, 7:14 a.m.)
> 
> 
> Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O 
> hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan 
> Neethiraj, Velmurugan Periasamy, and Qiang Zhang.
> 
> 
> Bugs: RANGER-1575
> https://issues.apache.org/jira/browse/RANGER-1575
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Some users hope that the pid file of the Ranger Admin can be unified 
> management when they integrate Ranger into the big data platform or business 
> systems to uniform install and run Ranger.
> We should support the need in the case of compatibility with existing logic. 
> When running ranger, users can set the pid file to meet their own needs.
> 
> We will explicitly document this change in the next release.
> 
> 
> Diffs
> -
> 
>   embeddedwebserver/scripts/ranger-admin-services.sh a81219b 
> 
> 
> Diff: https://reviews.apache.org/r/59255/diff/1/
> 
> 
> Testing
> ---
> 
> 
> Thanks,
> 
> pengjianhua
> 
>

[jira] [Commented] (RANGER-1579) WASB policy edit page is not opening

[Gautam Borad (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-1579?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16010643#comment-16010643
 ] 

Gautam Borad commented on RANGER-1579:
--

Committed to master : e05276f05a615590f7bb737bd6bcc8e4763822f1
Committed to ranger-0.7 : e281a2e50d1def8e1773c5463709be03921aa94a

> WASB policy edit page is not opening
> 
>
> Key: RANGER-1579
> URL: https://issues.apache.org/jira/browse/RANGER-1579
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: master
>Reporter: Deepak Sharma
>Assignee: Nitin Galave
> Fix For: 1.0.0, 0.7.1
>
> Attachments: RANGER-1579.patch
>
>
>  Policy Edit page is not opening for wasb(works for other repos), it keeps on 
> loading for long time but does not open.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Review Request 59227: RANGER-1576: Show attribute values to tags column in audit log

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59227/
---

Review request for ranger, Ankita Sinha, Don Bosco Durai, Abhay Kulkarni, 
Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and 
Velmurugan Periasamy.


Bugs: RANGER-1576
https://issues.apache.org/jira/browse/RANGER-1576


Repository: ranger


Description
---

Currently in the access audit log record (Audit Menu-> admin tab), the tags 
column is populated when the accessed resource has any tags associated with it. 
However, if the tag has any attributes, their values are not shown in the audit 
log record. As authorization decision may be based on the attribute-value(s) as 
well as tag-type (such as in the case of expiry_date attribute’s value for 
EXPIRES_ON tag-type), they too need to be populated and displayed on audit log 
record.


Diffs
-

  security-admin/src/main/webapp/scripts/utils/XAUtils.js 
08aa95acc14d0b3e2e73b3b9ef8d9406af4f980f 
  security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js 
b98e2cc96cfe4b683ac2929546e1951633c1bb94 
  security-admin/src/main/webapp/styles/xa.css 
06ef1d0b4b74717c6c4723a18b4ac7a53dcc7079 


Diff: https://reviews.apache.org/r/59227/diff/1/


Testing
---

Tested that on the Audits page, all records that has tag attributes are shown 
as hyper link and on clicking on these the attritubes are shown.


Thanks,

Gautam Borad

[jira] [Updated] (RANGER-1576) Show attribute values to tags column in audit log

[Gautam Borad (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1576?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Gautam Borad updated RANGER-1576:
-
Attachment: RANGER-1576.patch

> Show attribute values to tags column in audit log
> -
>
> Key: RANGER-1576
> URL: https://issues.apache.org/jira/browse/RANGER-1576
> Project: Ranger
>  Issue Type: Bug
>  Components: admin, Ranger
>Affects Versions: 0.7.0
>Reporter: Gautam Borad
>    Assignee: Gautam Borad
> Fix For: 1.0.0, 0.7.1
>
> Attachments: RANGER-1576.patch
>
>
> Currently in the access audit log record (Audit Menu-> admin tab), the tags 
> column is populated when the accessed resource has any tags associated with 
> it. 
> However, if the tag has any attributes, their values are not shown in the 
> audit log record. As authorization decision may be based on the 
> attribute-value(s) as well as tag-type (such as in the case of expiry_date 
> attribute’s value for EXPIRES_ON tag-type), they too need to be populated and 
> displayed on audit log record.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Created] (RANGER-1576) Show attribute values to tags column in audit log

[Gautam Borad (JIRA)]

Gautam Borad created RANGER-1576:


 Summary: Show attribute values to tags column in audit log
 Key: RANGER-1576
 URL: https://issues.apache.org/jira/browse/RANGER-1576
 Project: Ranger
  Issue Type: Bug
  Components: admin, Ranger
Affects Versions: 0.7.0
Reporter: Gautam Borad
Assignee: Gautam Borad
 Fix For: 1.0.0, 0.7.1


Currently in the access audit log record (Audit Menu-> admin tab), the tags 
column is populated when the accessed resource has any tags associated with it. 
However, if the tag has any attributes, their values are not shown in the audit 
log record. As authorization decision may be based on the attribute-value(s) as 
well as tag-type (such as in the case of expiry_date attribute’s value for 
EXPIRES_ON tag-type), they too need to be populated and displayed on audit log 
record.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (RANGER-1571) Code Improvement To Follow Best Practices

[Gautam Borad (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-1571?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16007824#comment-16007824
 ] 

Gautam Borad commented on RANGER-1571:
--

Committed to master : fa38ed737d8696519d39b0cc53c128141e29edc6
Committed to ranger-0.7 : 3999d5b6a2f93ef72bdf1deea45d7abbe4268652

> Code Improvement To Follow Best Practices
> -
>
> Key: RANGER-1571
> URL: https://issues.apache.org/jira/browse/RANGER-1571
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: bhavik patel
>Assignee: bhavik patel
> Fix For: 1.0.0, 0.7.1
>
> Attachments: RANGER-1571-07-01.patch, RANGER-1571-07-02.patch, 
> RANGER-1571-master-01.patch, RANGER-1571-master.patch
>
>
> Code Improvement To Follow Best Practices



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Updated] (RANGER-1571) Code Improvement To Follow Best Practices

[Gautam Borad (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1571?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Gautam Borad updated RANGER-1571:
-
Fix Version/s: 1.0.0

> Code Improvement To Follow Best Practices
> -
>
> Key: RANGER-1571
> URL: https://issues.apache.org/jira/browse/RANGER-1571
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: bhavik patel
>Assignee: bhavik patel
> Fix For: 1.0.0, 0.7.1
>
> Attachments: RANGER-1571-07-01.patch, RANGER-1571-07-02.patch, 
> RANGER-1571-master-01.patch, RANGER-1571-master.patch
>
>
> Code Improvement To Follow Best Practices



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Re: Review Request 59172: RANGER-1571 : Code Improvement To Follow Best Practices

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59172/#review174765
---


Ship it!




Ship It!

- Gautam Borad


On May 12, 2017, 5:54 a.m., bhavik patel wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/59172/
> ---
> 
> (Updated May 12, 2017, 5:54 a.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Gautam Borad, Abhay Kulkarni, Madhan 
> Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, 
> and Velmurugan Periasamy.
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Code Improvement To Follow Best Practices.
> 
> 
> Diffs
> -
> 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/client/HadoopConfigHolder.java
>  96645b9 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/util/PasswordUtils.java 
> f32355a 
>   security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 
> f1248bc 
>   
> security-admin/src/main/java/org/apache/ranger/service/RangerServiceService.java
>  0d97298 
>   security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml 
> 0feecfe 
> 
> 
> Diff: https://reviews.apache.org/r/59172/diff/2/
> 
> 
> Testing
> ---
> 
> 1. Tested Ranger Admin & Ranger KMS rest calls.
> 2. Verified Test-Connection for plugins on simple as well as on kerberized 
> environment.
> 
> 
> Thanks,
> 
> bhavik patel
> 
>

[jira] [Commented] (RANGER-1560) Code Improvement To Follow Best Practices

[Gautam Borad (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-1560?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15998708#comment-15998708
 ] 

Gautam Borad commented on RANGER-1560:
--

Committed to master : a5ab9a34d3c8a66d3119f9bd552bd35ce68b03ed
Committed to ranger-0.7 : ca69b58ca9b634dcc90b49fe6f4a580df3c49213

> Code Improvement To Follow Best Practices
> -
>
> Key: RANGER-1560
> URL: https://issues.apache.org/jira/browse/RANGER-1560
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Ankita Sinha
>Assignee: Ankita Sinha
> Fix For: 1.0.0, 0.7.1
>
> Attachments: RANGER-1560.patch
>
>
> Code Improvement To Follow Best Practices



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Re: Review Request 59021: Code improvement to follow best practices.

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59021/#review174062
---


Ship it!




Ship It!

- Gautam Borad


On May 5, 2017, 11:40 a.m., Ankita Sinha wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/59021/
> ---
> 
> (Updated May 5, 2017, 11:40 a.m.)
> 
> 
> Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, 
> Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
> Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1560
> https://issues.apache.org/jira/browse/RANGER-1560
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Code improvement to follow best practices.
> 
> 
> Diffs
> -
> 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicyResourceSignature.java
>  27d0e42 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/store/RangerServiceResourceSignature.java
>  d643034 
>   
> agents-common/src/test/java/org/apache/ranger/plugin/model/TestRangerPolicyResourceSignature.java
>  345b260 
>   
> ranger-hive-utils/src/main/java/org/apache/ranger/authorization/hive/udf/RangerUdfMaskHash.java
>  430212b 
> 
> 
> Diff: https://reviews.apache.org/r/59021/diff/1/
> 
> 
> Testing
> ---
> 
> 1. Tested on simple cluster for Hive and HDFS component (Test connection, 
> resource lookup and enforcement)
> 2. Tested on secure cluster for Hive and HDFS component (Test connection, 
> resource lookup and enforcement)
> 3. Tested CRUD operation for Service/Repo and Policies.
> 
> 
> Thanks,
> 
> Ankita Sinha
> 
>

[jira] [Commented] (RANGER-1500) Add support to exclude/disable SSL protocols.

[Gautam Borad (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-1500?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15998686#comment-15998686
 ] 

Gautam Borad commented on RANGER-1500:
--

Committed to master : 58116e0118909b7ef495c3721575ba866a919c3a
Committed to ranger-0.7 : 07fc810408d1b5772925357413795dd7d93bdc8e

> Add support to exclude/disable SSL protocols.
> -
>
> Key: RANGER-1500
> URL: https://issues.apache.org/jira/browse/RANGER-1500
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 0.7.0
>Reporter: Ayub Pathan
>Assignee: bhavik patel
>Priority: Critical
> Fix For: 1.0.0, 0.7.1
>
> Attachments: RANGER-1500-1.patch, RANGER-1500-2.patch, 
> RANGER-1500-3.patch, RANGER-1500.patch
>
>
> Add support to disable/exclude weaker SSL protocols like TLSv1, TLSv1.1 for 
> ranger.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (RANGER-1556) Provide keyadmin user with privileges to read ranger kms audits

[Gautam Borad (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-1556?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15996028#comment-15996028
 ] 

Gautam Borad commented on RANGER-1556:
--

Committed to master : 93ccc5237384a378416489d68e9e7d4234d07f73
Committed to ranger-0.7 : 6fa851ddc6f83bc056829f9b5738726573262028

> Provide keyadmin user with privileges to read ranger kms audits
> ---
>
> Key: RANGER-1556
> URL: https://issues.apache.org/jira/browse/RANGER-1556
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 0.7.1
>Reporter: Ankita Sinha
>Assignee: Ankita Sinha
> Fix For: 1.0.0, 0.7.1
>
> Attachments: RANGER-1556.patch
>
>
> *Actual* : 
> To provide keyadmin user privileges for Ranger KMS Audit folder, manually 
> policy need to be created giving all access rights in HDFS repo
> *Expected* :
> Need to handle default policy creation in HDFS for keyadmin user to have 
> access to all access rights for Ranger KMS Audits folder (/ranger/audit/kms)



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Re: Review Request 58957: Provide keyadmin user with privileges to read ranger kms audits

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58957/#review173858
---


Ship it!




Ship It!

- Gautam Borad


On May 3, 2017, 12:38 p.m., Ankita Sinha wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58957/
> ---
> 
> (Updated May 3, 2017, 12:38 p.m.)
> 
> 
> Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, 
> Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
> Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1556
> https://issues.apache.org/jira/browse/RANGER-1556
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> **Actual** : 
> To provide keyadmin user privileges for Ranger KMS Audit folder, manually 
> policy need to be created giving all access rights in HDFS repo
> 
> **Expected** :
> Need to handle default policy creation in HDFS for keyadmin user to have 
> access to all access rights for Ranger KMS Audits folder (/ranger/audit/kms)
> 
> 
> Diffs
> -
> 
>   
> hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/RangerServiceHdfs.java
>  c269648 
> 
> 
> Diff: https://reviews.apache.org/r/58957/diff/1/
> 
> 
> Testing
> ---
> 
> Testing Done:
> 
> 1. Tested on simple cluster, the HDFS Repo contains default policy for 
> keyadmin user.
> 2. Tested on secure cluster.
> 3. Tested Audit to HDFS for KMS.
> 
> 
> Thanks,
> 
> Ankita Sinha
> 
>

[jira] [Commented] (RANGER-1548) Display detailed error messages in Ranger for Audit store issues

[Gautam Borad (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-1548?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15991385#comment-15991385
 ] 

Gautam Borad commented on RANGER-1548:
--

Committed to master : 501e05f1a1225dfbcc16bf4d2c0d86e55d4a928e
Committed to ranger-0.7 : ce7169f8f62fbadba516ea7af89a9ab9f9b5fb76

> Display detailed error messages in Ranger for Audit store issues
> 
>
> Key: RANGER-1548
> URL: https://issues.apache.org/jira/browse/RANGER-1548
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 0.7.1
>Reporter: Ankita Sinha
>Assignee: Ankita Sinha
> Fix For: 0.7.1
>
> Attachments: RANGER-1548_07.patch, RANGER-1548_master.patch
>
>
> Actual :
> When audit store is not configured properly or if audit store is down, Ranger 
> UI shows 
> "Unable to connect to Audit store !!"
> Expected : 
> To show more informative message if audit store has some issues.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Re: Review Request 58745: RANGER-1544: Misaligned input boxes and cleanup on Reports Search

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58745/#review173268
---


Ship it!




Ship It!

- Gautam Borad


On April 27, 2017, 9:25 p.m., Anna Shaverdian wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58745/
> ---
> 
> (Updated April 27, 2017, 9:25 p.m.)
> 
> 
> Review request for ranger.
> 
> 
> Bugs: RANGER-1544
> https://issues.apache.org/jira/browse/RANGER-1544
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> RANGER-1544
> On the Ranger Admin > User Access Report page, the input boxes for Policy 
> Type and Resource will overlap the other text boxes when resizing the window. 
> Also UserAccessLayout_tmpl.html has some typos (ie searchInfoUserAccss) and 
> needs to reformat the indentation.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/webapp/styles/xa.css 7a5ec2e 
>   
> security-admin/src/main/webapp/templates/policies/RangerPolicyCreate_tmpl.html
>  31252af 
>   security-admin/src/main/webapp/templates/reports/UserAccessLayout_tmpl.html 
> f428f3a 
> 
> 
> Diff: https://reviews.apache.org/r/58745/diff/1/
> 
> 
> Testing
> ---
> 
> Cosmetic UI testing done on chrome, firefox, safari, UI boxes. 
> Corrected typos and indentation
> 
> 
> Thanks,
> 
> Anna Shaverdian
> 
>

[jira] [Commented] (RANGER-1499) Upgrade Tomcat version

[Gautam Borad (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-1499?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15987531#comment-15987531
 ] 

Gautam Borad commented on RANGER-1499:
--

Committed to master: 45f30336fd885a7bda5bb3700821ea237fb13b31
Committed to 0.7: 0a5265a54a0c12aaa5c399a3c3153b5e794783b7

> Upgrade Tomcat version
> --
>
> Key: RANGER-1499
> URL: https://issues.apache.org/jira/browse/RANGER-1499
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Velmurugan Periasamy
>Assignee: bhavik patel
> Fix For: 0.6.4, 1.0.0, 0.7.1
>
> Attachments: RANGER-1499.patch
>
>
> Tomcat version used by Ranger & Ranger KMS is 7.0.68.
> Need to upgrade to 7.0.73



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Updated] (RANGER-1546) Code Improvement To Follow Best Practices

[Gautam Borad (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1546?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Gautam Borad updated RANGER-1546:
-
Fix Version/s: 1.0.0

> Code Improvement To Follow Best Practices
> -
>
> Key: RANGER-1546
> URL: https://issues.apache.org/jira/browse/RANGER-1546
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Reporter: bhavik patel
>Assignee: bhavik patel
> Fix For: 1.0.0, 0.7.1
>
> Attachments: RANGER-1546-07-1.patch, RANGER-1546-master-1.patch, 
> RANGER-1546-master.patch
>
>
> Code improvement to follow best practices.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (RANGER-1522) Update consolidated db schema script for SQLServer DB flavor to reduce execution time

[Gautam Borad (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-1522?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15987454#comment-15987454
 ] 

Gautam Borad commented on RANGER-1522:
--

Committed to master : c01d01f54622286de7ef17b302ae0a734664a9d1
Committed to 0.7 : a7bb8e732b840bbcdcf48c49b21a8e17ea97293c

> Update consolidated db schema script for SQLServer DB flavor to reduce 
> execution time
> -
>
> Key: RANGER-1522
> URL: https://issues.apache.org/jira/browse/RANGER-1522
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 1.0.0, 0.7.1
>Reporter: Pradeep Agrawal
>Assignee: Pradeep Agrawal
> Fix For: 1.0.0, 0.7.1
>
> Attachments: RANGER-1522-0.7-branch.patch, 
> RANGER-1522-master-branch.patch
>
>
> Modify the schema file to exclude the GO statements or use the minimum number 
> of GO Statement.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Updated] (RANGER-1471) Remember filters on all tabs of Ranger Audits page

[Gautam Borad (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1471?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Gautam Borad updated RANGER-1471:
-
Fix Version/s: master

> Remember filters on all tabs of Ranger Audits page
> --
>
> Key: RANGER-1471
> URL: https://issues.apache.org/jira/browse/RANGER-1471
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: 0.7.1
>Reporter: bhavik patel
>Assignee: bhavik patel
> Fix For: master, 0.7.1
>
> Attachments: RANGER-1471-07.patch, RANGER-1471-1.patch, 
> RANGER-1471-2.patch, RANGER-1471-master.patch, RANGER-1471.patch
>
>
> Currently, when we apply filter for anything in Ranger Audit page for any of 
> the tabs. It resets the filter on change of tab or if we move to any other 
> page in Ranger.
> Planning to add feature of remembering latest filters on all Tabs of Audits 
> page. That will help users to stay focused on what they are looking for in 
> audits tab and users will not have to apply for filters again and again to 
> check audit events of a particular service.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (RANGER-1471) Remember filters on all tabs of Ranger Audits page

[Gautam Borad (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-1471?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15987094#comment-15987094
 ] 

Gautam Borad commented on RANGER-1471:
--

Committed to master : c7784876173bc9eafd1c47def7f45bad3b5010ac
Committed to 0.7 : 1a461ecfb7b4c0e8005d06e8d9d2dfb7c65a1497

> Remember filters on all tabs of Ranger Audits page
> --
>
> Key: RANGER-1471
> URL: https://issues.apache.org/jira/browse/RANGER-1471
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: 0.7.1
>Reporter: bhavik patel
>Assignee: bhavik patel
> Fix For: 0.7.1
>
> Attachments: RANGER-1471-07.patch, RANGER-1471-1.patch, 
> RANGER-1471-2.patch, RANGER-1471-master.patch, RANGER-1471.patch
>
>
> Currently, when we apply filter for anything in Ranger Audit page for any of 
> the tabs. It resets the filter on change of tab or if we move to any other 
> page in Ranger.
> Planning to add feature of remembering latest filters on all Tabs of Audits 
> page. That will help users to stay focused on what they are looking for in 
> audits tab and users will not have to apply for filters again and again to 
> check audit events of a particular service.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Re: Review Request 57837: Remember filters on all tabs of Ranger Audits page

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/57837/#review173218
---


Ship it!




Ship It!

- Gautam Borad


On April 26, 2017, 4:41 a.m., bhavik patel wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/57837/
> ---
> 
> (Updated April 26, 2017, 4:41 a.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay 
> Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan 
> Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1471
> https://issues.apache.org/jira/browse/RANGER-1471
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Currently, when we apply filter for anything in Ranger Audit page for any of 
> the tabs. It resets the filter on change of tab or if we move to any other 
> page in Ranger.
> Planning to add feature of remembering latest filters on all Tabs of Audits 
> page. That will help users to stay focused on what they are looking for in 
> audits tab and users will not have to apply for filters again and again to 
> check audit events of a particular service.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/java/org/apache/ranger/common/SearchUtil.java 
> fe253ef 
>   security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java ed34525 
>   security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java 0776021 
>   security-admin/src/main/java/org/apache/ranger/solr/SolrUtil.java 0a30cf6 
>   security-admin/src/main/webapp/scripts/modules/globalize/message/en.js 
> 4a153bf 
>   security-admin/src/main/webapp/scripts/utils/XAUtils.js 480c515 
>   security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js 1277334 
>   security-admin/src/main/webapp/scripts/views/reports/LoginSessionDetail.js 
> 6f1069d 
>   security-admin/src/main/webapp/styles/xa.css 7a5ec2e 
>   
> security-admin/src/main/webapp/templates/common/ServiceManagerLayout_tmpl.html
>  ea2f198 
>   security-admin/src/main/webapp/templates/reports/AuditLayout_tmpl.html 
> 028fdbf 
>   
> security-admin/src/main/webapp/templates/reports/LoginSessionDetail_tmpl.html 
> ddd6e3d 
>   security-admin/src/test/java/org/apache/ranger/rest/TestXUserREST.java 
> c544832 
> 
> 
> Diff: https://reviews.apache.org/r/57837/diff/4/
> 
> 
> Testing
> ---
> 
> 1. Tested multiple search is working correctly in "Audit" tab.
> 2. Tested search remains the same when we navigate from one tab to other.
> 3. Tested search is working correctly for different user role.
> 
> 
> Thanks,
> 
> bhavik patel
> 
>

[jira] [Commented] (RANGER-1544) Misaligned input boxes and cleanup on Reports Search

[Gautam Borad (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-1544?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15985325#comment-15985325
 ] 

Gautam Borad commented on RANGER-1544:
--

[~arpsian] Ranger follows Review Request based method for contributions. Please 
follow the steps listed 
[here|https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=55151244]
 (specifically the 8th point) to file a Review Request. Thanks.

> Misaligned input boxes and cleanup on Reports Search
> 
>
> Key: RANGER-1544
> URL: https://issues.apache.org/jira/browse/RANGER-1544
> Project: Ranger
>  Issue Type: Bug
>  Components: admin
>Affects Versions: 0.7.1
>Reporter: Anna Shaverdian
>Assignee: Anna Shaverdian
>Priority: Trivial
>  Labels: newbie, patch
> Fix For: 0.7.1
>
> Attachments: 0001-RANGER-1544-Misaligned-input-boxes.patch, Screen 
> Shot 2017-04-25 at 8.58.31 PM.png
>
>
> On the Ranger Admin > User Access Report page, the input boxes for Policy 
> Type and Resource will overlap the other text boxes when resizing the window. 
>  Also UserAccessLayout_tmpl.html has some typos (ie searchInfoUserAccss) and 
> needs to reformat the indentation.  



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (RANGER-1484) RangerUI: Escape of policy condition text entered in the policy form.

[Gautam Borad (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-1484?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15954604#comment-15954604
 ] 

Gautam Borad commented on RANGER-1484:
--

Committed to master: bdf0b61c0f6e109c2f4e0459676dda71f0265aeb
Committed to ranger-0.7 : ba664e1b310ae65b674ff28e0772d208d3b20464

> RangerUI: Escape of policy condition text entered in the policy form.
> -
>
> Key: RANGER-1484
> URL: https://issues.apache.org/jira/browse/RANGER-1484
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 0.7.0
>Reporter: Madhan Neethiraj
>Assignee: Nitin Galave
> Fix For: 1.0.0, 0.7.1
>
> Attachments: image001.png, image002.png, RANGER-1484.patch
>
>
> The text entered in policy condition UI comes back with escape characters 
> after saving the policy.
> {code}
> For example: 
> 1.create policy with policy condition as “tag.attributes['type']=='ccn'” .
> 2.Now open that policy in edit mode you will see policy condition 
> becomes "tag.attributes[type]==ccn".
> {code}
> Another issue is that UI displays policy conditions that don’t have any 
> value.Only the condition edit popup would list all the conditions; the policy 
> view would only list the conditions that have non-empty value.
> See attachments for more info: image001.png, image002.png.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Re: Review Request 58104: RangerUI: Escape of policy condition text entered in the policy form.

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58104/#review170955
---


Ship it!




Ship It!

- Gautam Borad


On March 31, 2017, 11:15 a.m., Nitin Galave wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58104/
> ---
> 
> (Updated March 31, 2017, 11:15 a.m.)
> 
> 
> Review request for ranger, Gautam Borad, Madhan Neethiraj, Mehul Parikh, 
> Pradeep Agrawal, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1484
> https://issues.apache.org/jira/browse/RANGER-1484
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> The text entered in policy condition UI comes back with escape characters 
> after saving the policy.
> 
> For example: 
> 1.create policy with policy condition as “tag.attributes['type']=='ccn'” .
> 2.Now open that policy in edit mode you will see policy condition 
> becomes "tag.attributes[type]==ccn".
> 
> Another issue is that UI displays policy conditions that don’t have any 
> value.Only the condition edit popup would list all the conditions; the policy 
> view would only list the conditions that have non-empty value.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/webapp/scripts/modules/XAOverrides.js 1e2b553 
>   security-admin/src/main/webapp/scripts/views/policies/PermissionList.js 
> 2ac494e 
> 
> 
> Diff: https://reviews.apache.org/r/58104/diff/1/
> 
> 
> Testing
> ---
> 
> Verified : Text entered in policy condition come back as it is after saving 
> policy.
> Tested with following characters : ~`!@#$%^&*()-_+={}[]:;"'<,>.?/
> 
> Verified : UI only displays policy conditions name and value which has 
> non-empty values.
> 
> 
> Thanks,
> 
> Nitin Galave
> 
>

Re: Review Request 57905: RANGER-1474 : On SP12, hive policy page opens up with UDF as default under resources, rather than table.

[Gautam Borad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/57905/#review170360
---


Ship it!




Ship It!

- Gautam Borad


On March 24, 2017, 5:52 a.m., Nitin Galave wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/57905/
> ---
> 
> (Updated March 24, 2017, 5:52 a.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Gautam Borad, Mehul Parikh, Navina 
> Ramesh, Pradeep Agrawal, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1474
> https://issues.apache.org/jira/browse/RANGER-1474
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> On Suse env, when add Hive policy page opens up, it shows 'UDF' as default 
> (Hive Column * is not seen) rather than 'table', under resources.
> Till now, users are used to getting 'table' by default under resources and 
> also that's the more used option between 'table' and 'udf'.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/webapp/scripts/models/BackboneFormDataType.js 
> 283e626 
> 
> 
> Diff: https://reviews.apache.org/r/57905/diff/1/
> 
> 
> Testing
> ---
> 
> Verified population of resources for all services(hdfs, hive, hbase, 
> atlas,knox) and also tested policy CRUD for the same.
> 
> 
> Thanks,
> 
> Nitin Galave
> 
>

[jira] [Commented] (RANGER-1459) Ranger update policy API is failing on Postgres / Oracle for case sensitive ACLs

[Gautam Borad (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-1459?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15928387#comment-15928387
 ] 

Gautam Borad commented on RANGER-1459:
--

Committed to ranger-0.7 : a44c04e436caadbe391cad957e9f4d70f66eb51e
Committed to master : f310aaf6bb7b81825ce2886ba4f16c13a09c603a

> Ranger update policy API is failing on Postgres / Oracle for case sensitive 
> ACLs
> 
>
> Key: RANGER-1459
> URL: https://issues.apache.org/jira/browse/RANGER-1459
> Project: Ranger
>  Issue Type: Bug
>  Components: admin
>Affects Versions: 0.7.0
>Reporter: Mehul Parikh
>Assignee: Gautam Borad
> Fix For: 0.7.1
>
> Attachments: RANGER-1459.patch
>
>
> When user tries to disable a ranger policy via REST API with postgres DB,  
> then it gives this error, it works on MySQL though : 
> {code}
> {u'msgDesc': u"Create: is not a valid access-type. 
> policy='cl1_hive-87808627-ac26-499a-bea8-e99677a41889' service='cl1_hive'", 
> u'statusCode': 1}
> {code}
> Mainly : This is a case sensitive issue on postgres / Oracle for ACLs, need 
> to keep it consistent for GET and PUT calls for policies. 



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Assigned] (RANGER-1459) Ranger update policy API is failing on Postgres / Oracle for case sensitive ACLs

[Gautam Borad (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1459?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Gautam Borad reassigned RANGER-1459:


Assignee: Gautam Borad

> Ranger update policy API is failing on Postgres / Oracle for case sensitive 
> ACLs
> 
>
> Key: RANGER-1459
> URL: https://issues.apache.org/jira/browse/RANGER-1459
> Project: Ranger
>  Issue Type: Bug
>  Components: admin
>Affects Versions: 0.7.0
>Reporter: Mehul Parikh
>Assignee: Gautam Borad
> Fix For: 0.7.1
>
>
> When user tries to disable a ranger policy via REST API with postgres DB,  
> then it gives this error, it works on MySQL though : 
> {code}
> {u'msgDesc': u"Create: is not a valid access-type. 
> policy='cl1_hive-87808627-ac26-499a-bea8-e99677a41889' service='cl1_hive'", 
> u'statusCode': 1}
> {code}
> Mainly : This is a case sensitive issue on postgres / Oracle for ACLs, need 
> to keep it consistent for GET and PUT calls for policies. 



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)