[jira] [Commented] (RANGER-4005) Add support in ranger to return the list of roles in which given role is associated
[ https://issues.apache.org/jira/browse/RANGER-4005?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17646780#comment-17646780 ] Nikhil Purbhe commented on RANGER-4005: --- [~mad...@apache.org] [~abhayk] [~vel] [~spolavarapu] [~pradeep] Hi all :) , Please review. > Add support in ranger to return the list of roles in which given role is > associated > --- > > Key: RANGER-4005 > URL: https://issues.apache.org/jira/browse/RANGER-4005 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Affects Versions: 2.3.0 >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > Fix For: 3.0.0 > > Attachments: > RANGER-4005-Add-support-in-ranger-to-return-the-list.patch > > > Currently Role related API's does not provide functionality to provide the > list of roles in which given role is associated with. > For eg.If > ParentRole1 contains containingRole1, containingRole2 > ParentRole2 contains containingRole2 > ParentRole3 contains containingRole1 ,containingRole3 > . > . > . > ParentRole 1000 > Now If I want to know containingRole1 is part of which Roles then I don't > have a direct way to know the list of roles in which containingRole1 is > present. > > we need an API in RoleREST which can give the list of roles in which given > role is present. > we can pass the Rolename as containingRole1 to this API which will return us > the ParentRole1, ParentRole3. > > API input output based on above data could be as follows, > Input Output > containingRole1 Role Object for ParentRole1, ParentRole3. > containingRole2 Role Object for ParentRole1, ParentRole2 > containingRole3 Role Object for ParentRole3 > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Comment Edited] (RANGER-4005) Add support in ranger to return the list of roles in which given role is associated
[ https://issues.apache.org/jira/browse/RANGER-4005?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17644819#comment-17644819 ] Nikhil Purbhe edited comment on RANGER-4005 at 12/13/22 6:43 PM: - Review request : [https://reviews.apache.org/r/74247/] was (Author: nikhil@1): Pull request : https://reviews.apache.org/r/74247/ > Add support in ranger to return the list of roles in which given role is > associated > --- > > Key: RANGER-4005 > URL: https://issues.apache.org/jira/browse/RANGER-4005 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Affects Versions: 2.3.0 >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > Fix For: 3.0.0 > > Attachments: > RANGER-4005-Add-support-in-ranger-to-return-the-list.patch > > > Currently Role related API's does not provide functionality to provide the > list of roles in which given role is associated with. > For eg.If > ParentRole1 contains containingRole1, containingRole2 > ParentRole2 contains containingRole2 > ParentRole3 contains containingRole1 ,containingRole3 > . > . > . > ParentRole 1000 > Now If I want to know containingRole1 is part of which Roles then I don't > have a direct way to know the list of roles in which containingRole1 is > present. > > we need an API in RoleREST which can give the list of roles in which given > role is present. > we can pass the Rolename as containingRole1 to this API which will return us > the ParentRole1, ParentRole3. > > API input output based on above data could be as follows, > Input Output > containingRole1 Role Object for ParentRole1, ParentRole3. > containingRole2 Role Object for ParentRole1, ParentRole2 > containingRole3 Role Object for ParentRole3 > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] (RANGER-4005) Add support in ranger to return the list of roles in which given role is associated
[ https://issues.apache.org/jira/browse/RANGER-4005 ] Nikhil Purbhe deleted comment on RANGER-4005: --- was (Author: nikhil@1): Pull request : [https://reviews.apache.org/r/74247/] > Add support in ranger to return the list of roles in which given role is > associated > --- > > Key: RANGER-4005 > URL: https://issues.apache.org/jira/browse/RANGER-4005 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Affects Versions: 2.3.0 >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > Fix For: 3.0.0 > > Attachments: > RANGER-4005-Add-support-in-ranger-to-return-the-list.patch > > > Currently Role related API's does not provide functionality to provide the > list of roles in which given role is associated with. > For eg.If > ParentRole1 contains containingRole1, containingRole2 > ParentRole2 contains containingRole2 > ParentRole3 contains containingRole1 ,containingRole3 > . > . > . > ParentRole 1000 > Now If I want to know containingRole1 is part of which Roles then I don't > have a direct way to know the list of roles in which containingRole1 is > present. > > we need an API in RoleREST which can give the list of roles in which given > role is present. > we can pass the Rolename as containingRole1 to this API which will return us > the ParentRole1, ParentRole3. > > API input output based on above data could be as follows, > Input Output > containingRole1 Role Object for ParentRole1, ParentRole3. > containingRole2 Role Object for ParentRole1, ParentRole2 > containingRole3 Role Object for ParentRole3 > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (RANGER-4005) Add support in ranger to return the list of roles in which given role is associated
[ https://issues.apache.org/jira/browse/RANGER-4005?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-4005: -- Affects Version/s: 2.3.0 > Add support in ranger to return the list of roles in which given role is > associated > --- > > Key: RANGER-4005 > URL: https://issues.apache.org/jira/browse/RANGER-4005 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Affects Versions: 2.3.0 >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > Attachments: > RANGER-4005-Add-support-in-ranger-to-return-the-list.patch > > > Currently Role related API's does not provide functionality to provide the > list of roles in which given role is associated with. > For eg.If > ParentRole1 contains containingRole1, containingRole2 > ParentRole2 contains containingRole2 > ParentRole3 contains containingRole1 ,containingRole3 > . > . > . > ParentRole 1000 > Now If I want to know containingRole1 is part of which Roles then I don't > have a direct way to know the list of roles in which containingRole1 is > present. > > we need an API in RoleREST which can give the list of roles in which given > role is present. > we can pass the Rolename as containingRole1 to this API which will return us > the ParentRole1, ParentRole3. > > API input output based on above data could be as follows, > Input Output > containingRole1 Role Object for ParentRole1, ParentRole3. > containingRole2 Role Object for ParentRole1, ParentRole2 > containingRole3 Role Object for ParentRole3 > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (RANGER-4005) Add support in ranger to return the list of roles in which given role is associated
[ https://issues.apache.org/jira/browse/RANGER-4005?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-4005: -- Fix Version/s: 3.0.0 > Add support in ranger to return the list of roles in which given role is > associated > --- > > Key: RANGER-4005 > URL: https://issues.apache.org/jira/browse/RANGER-4005 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Affects Versions: 2.3.0 >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > Fix For: 3.0.0 > > Attachments: > RANGER-4005-Add-support-in-ranger-to-return-the-list.patch > > > Currently Role related API's does not provide functionality to provide the > list of roles in which given role is associated with. > For eg.If > ParentRole1 contains containingRole1, containingRole2 > ParentRole2 contains containingRole2 > ParentRole3 contains containingRole1 ,containingRole3 > . > . > . > ParentRole 1000 > Now If I want to know containingRole1 is part of which Roles then I don't > have a direct way to know the list of roles in which containingRole1 is > present. > > we need an API in RoleREST which can give the list of roles in which given > role is present. > we can pass the Rolename as containingRole1 to this API which will return us > the ParentRole1, ParentRole3. > > API input output based on above data could be as follows, > Input Output > containingRole1 Role Object for ParentRole1, ParentRole3. > containingRole2 Role Object for ParentRole1, ParentRole2 > containingRole3 Role Object for ParentRole3 > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (RANGER-4005) Add support in ranger to return the list of roles in which given role is associated
[ https://issues.apache.org/jira/browse/RANGER-4005?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-4005: -- Attachment: RANGER-4005-Add-support-in-ranger-to-return-the-list.patch > Add support in ranger to return the list of roles in which given role is > associated > --- > > Key: RANGER-4005 > URL: https://issues.apache.org/jira/browse/RANGER-4005 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > Attachments: > RANGER-4005-Add-support-in-ranger-to-return-the-list.patch > > > Currently Role related API's does not provide functionality to provide the > list of roles in which given role is associated with. > For eg.If > ParentRole1 contains containingRole1, containingRole2 > ParentRole2 contains containingRole2 > ParentRole3 contains containingRole1 ,containingRole3 > . > . > . > ParentRole 1000 > Now If I want to know containingRole1 is part of which Roles then I don't > have a direct way to know the list of roles in which containingRole1 is > present. > > we need an API in RoleREST which can give the list of roles in which given > role is present. > we can pass the Rolename as containingRole1 to this API which will return us > the ParentRole1, ParentRole3. > > API input output based on above data could be as follows, > Input Output > containingRole1 Role Object for ParentRole1, ParentRole3. > containingRole2 Role Object for ParentRole1, ParentRole2 > containingRole3 Role Object for ParentRole3 > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (RANGER-4005) Add support in ranger to return the list of roles in which given role is associated
[ https://issues.apache.org/jira/browse/RANGER-4005?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17644819#comment-17644819 ] Nikhil Purbhe commented on RANGER-4005: --- Pull request : https://reviews.apache.org/r/74247/ > Add support in ranger to return the list of roles in which given role is > associated > --- > > Key: RANGER-4005 > URL: https://issues.apache.org/jira/browse/RANGER-4005 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > > Currently Role related API's does not provide functionality to provide the > list of roles in which given role is associated with. > For eg.If > ParentRole1 contains containingRole1, containingRole2 > ParentRole2 contains containingRole2 > ParentRole3 contains containingRole1 ,containingRole3 > . > . > . > ParentRole 1000 > Now If I want to know containingRole1 is part of which Roles then I don't > have a direct way to know the list of roles in which containingRole1 is > present. > > we need an API in RoleREST which can give the list of roles in which given > role is present. > we can pass the Rolename as containingRole1 to this API which will return us > the ParentRole1, ParentRole3. > > API input output based on above data could be as follows, > Input Output > containingRole1 Role Object for ParentRole1, ParentRole3. > containingRole2 Role Object for ParentRole1, ParentRole2 > containingRole3 Role Object for ParentRole3 > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (RANGER-4006) Add Bulk create update delete API in Ranger
Nikhil Purbhe created RANGER-4006: - Summary: Add Bulk create update delete API in Ranger Key: RANGER-4006 URL: https://issues.apache.org/jira/browse/RANGER-4006 Project: Ranger Issue Type: New Feature Components: Ranger Reporter: Nikhil Purbhe Assignee: Nikhil Purbhe Currently Ranger does not have Bulk Policy creation/updation/deletion. Add API's in Ranger to support Bulk creation of policies, Bulk updation of policies and Bulk deletion of policies. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (RANGER-4005) Add support in ranger to return the list of roles in which given role is associated
Nikhil Purbhe created RANGER-4005: - Summary: Add support in ranger to return the list of roles in which given role is associated Key: RANGER-4005 URL: https://issues.apache.org/jira/browse/RANGER-4005 Project: Ranger Issue Type: Improvement Components: Ranger Reporter: Nikhil Purbhe Assignee: Nikhil Purbhe Currently Role related API's does not provide functionality to provide the list of roles in which given role is associated with. For eg.If ParentRole1 contains containingRole1, containingRole2 ParentRole2 contains containingRole2 ParentRole3 contains containingRole1 ,containingRole3 . . . ParentRole 1000 Now If I want to know containingRole1 is part of which Roles then I don't have a direct way to know the list of roles in which containingRole1 is present. we need an API in RoleREST which can give the list of roles in which given role is present. we can pass the Rolename as containingRole1 to this API which will return us the ParentRole1, ParentRole3. API input output based on above data could be as follows, Input Output containingRole1 Role Object for ParentRole1, ParentRole3. containingRole2 Role Object for ParentRole1, ParentRole2 containingRole3 Role Object for ParentRole3 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (RANGER-3898) Bug in Ranger Roles Cache
[ https://issues.apache.org/jira/browse/RANGER-3898?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17602474#comment-17602474 ] Nikhil Purbhe commented on RANGER-3898: --- Patch committed on [master|https://github.com/apache/ranger/commit/df608eebeea61447e4654708714f388a08ec65ae] > Bug in Ranger Roles Cache > - > > Key: RANGER-3898 > URL: https://issues.apache.org/jira/browse/RANGER-3898 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: 3.0.0 >Reporter: Ramachandran >Assignee: Ramachandran >Priority: Major > Attachments: 0001-RANGER-3898-Bug-in-Ranger-Roles-Cache.patch > > > It seems Apache Ranger open source contains a bug where else block in the > below code will not be called at all > In the below code else block is a dead code > > {code:java} > public RangerRoles getLatestRangerRoleOrCached(String serviceName, > RoleDBStore roleDBStore, Long lastKnownRoleVersion, Long > rangerRoleVersionInDB) throws Exception { >final RangerRoles ret; >if (lastKnownRoleVersion == null || > !lastKnownRoleVersion.equals(rangerRoleVersionInDB)) { > roleCacheWrapper = new RangerRoleCacheWrapper(); > ret = roleCacheWrapper.getLatestRangerRoles(serviceName, > roleDBStore, lastKnownRoleVersion, rangerRoleVersionInDB); >} else if (lastKnownRoleVersion.equals(rangerRoleVersionInDB)) { > ret = null; >} else { > ret = roleCacheWrapper.getRoles(); >} >return ret; > }{code} > The below behaviour also broken > when multiple threads are trying to access and one or more threads got > timeout while acquiring the lock,it will fetch the roles from cache but ,we > are not setting the roles in cache anywhere in our code > > {code} > public RangerRoles getLatestRangerRoles(String serviceName, RoleDBStore > roleDBStore, Long lastKnownRoleVersion, Long rolesVersionInDB) throws > Exception { >RangerRoles ret = null; >boolean lockResult = false; >if (LOG.isDebugEnabled()) { > LOG.debug("==> RangerRoleCache.getLatestRangerRoles(ServiceName= " + > serviceName + " lastKnownRoleVersion= " + lastKnownRoleVersion + " > rolesVersionInDB= " + rolesVersionInDB + ")"); >} >try { > lockResult = lock.tryLock(waitTimeInSeconds, TimeUnit.SECONDS); > if (lockResult) { > // We are getting all the Roles to be downloaded for now. Should do > downloades for each service based on what roles are there in the policies. > SearchFilter searchFilter = null; > final Set rolesInDB= new > HashSet<>(roleDBStore.getRoles(searchFilter)); > Date updateTime = new Date(); > if (rolesInDB != null) { > ret = new RangerRoles(); > ret.setRangerRoles(rolesInDB); > ret.setRoleUpdateTime(updateTime); > ret.setRoleVersion(rolesVersionInDB); > rolesVersion = rolesVersionInDB; > } else { > LOG.error("Could not get Ranger Roles from database ..."); > } > } else { > if (LOG.isDebugEnabled()) { > LOG.debug("Could not get lock in [" + waitTimeInSeconds + "] > seconds, returning cached RangerRoles"); > } > ret = getRoles(); > } >} catch (InterruptedException exception) { > LOG.error("RangerRoleCache.getLatestRangerRoles:lock got > interrupted..", exception); >} finally { > if (lockResult) { > lock.unlock(); > } >} >if (LOG.isDebugEnabled()) { > LOG.debug("<== RangerRoleCache.getLatestRangerRoles(ServiceName= " + > serviceName + " lastKnownRoleVersion= " + lastKnownRoleVersion + " > rolesVersionInDB= " + rolesVersionInDB + " RangerRoles= " + ret + ")"); >} >return ret; > }{code} -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (RANGER-2680) Ranger Usersync and Tagsync is not updating session cookie until restart
Nikhil Purbhe created RANGER-2680: - Summary: Ranger Usersync and Tagsync is not updating session cookie until restart Key: RANGER-2680 URL: https://issues.apache.org/jira/browse/RANGER-2680 Project: Ranger Issue Type: Bug Components: Ranger Reporter: Nikhil Purbhe Assignee: Nikhil Purbhe Ranger Usersync and Tagsync is not updating session cookie until restart, this is generating unnecessary login sessions in ranger admin from usersync and tagsync. Ranger clients should update the invalid session cookie and replace it with cookie which is valid and avoid unnecessary login session count increment. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (RANGER-2680) Ranger Usersync and Tagsync is not updating session cookie until restart
[ https://issues.apache.org/jira/browse/RANGER-2680?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2680: -- Fix Version/s: master > Ranger Usersync and Tagsync is not updating session cookie until restart > > > Key: RANGER-2680 > URL: https://issues.apache.org/jira/browse/RANGER-2680 > Project: Ranger > Issue Type: Bug > Components: Ranger >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > Fix For: master > > > Ranger Usersync and Tagsync is not updating session cookie until restart, > this is generating unnecessary login sessions in ranger admin from usersync > and tagsync. > > Ranger clients should update the invalid session cookie and replace it with > cookie which is valid and avoid unnecessary login session count increment. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (RANGER-2679) upgrade spring framework version to 4.3.23 to be compatible with current spring security version(4.2.13)
[ https://issues.apache.org/jira/browse/RANGER-2679?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17002837#comment-17002837 ] Nikhil Purbhe commented on RANGER-2679: --- patch committed on apache [master |https://github.com/apache/ranger/commit/e6b1a137cf157e7f9a73a760b8ee036d9cf269f5] > upgrade spring framework version to 4.3.23 to be compatible with current > spring security version(4.2.13) > > > Key: RANGER-2679 > URL: https://issues.apache.org/jira/browse/RANGER-2679 > Project: Ranger > Issue Type: Bug > Components: Ranger >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > > upgrade spring framework version to 4.3.23 to be compatible with current > spring security version(4.2.13) -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Resolved] (RANGER-2679) upgrade spring framework version to 4.3.23 to be compatible with current spring security version(4.2.13)
[ https://issues.apache.org/jira/browse/RANGER-2679?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe resolved RANGER-2679. --- Resolution: Fixed > upgrade spring framework version to 4.3.23 to be compatible with current > spring security version(4.2.13) > > > Key: RANGER-2679 > URL: https://issues.apache.org/jira/browse/RANGER-2679 > Project: Ranger > Issue Type: Bug > Components: Ranger >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > > upgrade spring framework version to 4.3.23 to be compatible with current > spring security version(4.2.13) -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (RANGER-2679) upgrade spring framework version to 4.3.23 to be compatible with current spring security version(4.2.13)
Nikhil Purbhe created RANGER-2679: - Summary: upgrade spring framework version to 4.3.23 to be compatible with current spring security version(4.2.13) Key: RANGER-2679 URL: https://issues.apache.org/jira/browse/RANGER-2679 Project: Ranger Issue Type: Bug Components: Ranger Reporter: Nikhil Purbhe Assignee: Nikhil Purbhe upgrade spring framework version to 4.3.23 to be compatible with current spring security version(4.2.13) -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Assigned] (RANGER-2660) Option to create missing users/groups/roles while creating/updating/importing policies
[ https://issues.apache.org/jira/browse/RANGER-2660?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe reassigned RANGER-2660: - Assignee: Nikhil Purbhe > Option to create missing users/groups/roles while creating/updating/importing > policies > -- > > Key: RANGER-2660 > URL: https://issues.apache.org/jira/browse/RANGER-2660 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: 2.0.0 >Reporter: Preetam Tripathi >Assignee: Nikhil Purbhe >Priority: Major > Fix For: 2.1.0 > > -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (RANGER-2561) add functionality in ranger to get default policy groups list from service config while creation of service and add that group to policies in that service
[ https://issues.apache.org/jira/browse/RANGER-2561?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16974963#comment-16974963 ] Nikhil Purbhe commented on RANGER-2561: --- patch committed on [master|https://github.com/apache/ranger/commit/3c788da0080c680c4c0a4220c23970979908277e] > add functionality in ranger to get default policy groups list from service > config while creation of service and add that group to policies in that > service > -- > > Key: RANGER-2561 > URL: https://issues.apache.org/jira/browse/RANGER-2561 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > > add functionality in ranger to get default policy groups list from service > config while creation of service and add that group to policies in that > service. > > user properties need to be set if those users needs to be added in default > policy during service creation. > > Required property in ranger-admin-site : > *ranger.default.policy.users : comma separated list of users* > required property in service config : > *default.policy.users :* *comma separated list of users*** > > similar to users , group properties need to be set if those groups needs to > be added in default policy during service creation. > > Required property in ranger-admin-site : > *ranger.default.policy.groups :* *comma separated list of groups*** > required property in service config : > *default.policy.groups :* *comma separated list of group* -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (RANGER-2644) Improvement in Ranger encryption algorithm usage.
[ https://issues.apache.org/jira/browse/RANGER-2644?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16973979#comment-16973979 ] Nikhil Purbhe commented on RANGER-2644: --- patch committed on apache master - https://github.com/apache/ranger/commit/d37a6b5a0fd909fe4cbe650a7bdfae401247849c > Improvement in Ranger encryption algorithm usage. > - > > Key: RANGER-2644 > URL: https://issues.apache.org/jira/browse/RANGER-2644 > Project: Ranger > Issue Type: Bug > Components: Ranger >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > > Improvement in Ranger encryption algorithm usage. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (RANGER-2644) Improvement in Ranger encryption algorithm usage.
Nikhil Purbhe created RANGER-2644: - Summary: Improvement in Ranger encryption algorithm usage. Key: RANGER-2644 URL: https://issues.apache.org/jira/browse/RANGER-2644 Project: Ranger Issue Type: Bug Components: Ranger Reporter: Nikhil Purbhe Assignee: Nikhil Purbhe Improvement in Ranger encryption algorithm usage. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (RANGER-2618) Restrict rolename change when a policy/another role with that role exist
[ https://issues.apache.org/jira/browse/RANGER-2618?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16953661#comment-16953661 ] Nikhil Purbhe commented on RANGER-2618: --- patch committed on apache [master|https://github.com/apache/ranger/commit/c267ee7ef05078eea0f7a4701d3189d05ca1] > Restrict rolename change when a policy/another role with that role exist > > > Key: RANGER-2618 > URL: https://issues.apache.org/jira/browse/RANGER-2618 > Project: Ranger > Issue Type: Bug > Components: admin >Reporter: suja s >Assignee: Nikhil Purbhe >Priority: Major > > When we try to delete a role associated with a ranger policy, the operation > is not allowed. Likewise, role edit for rolename change also should be > restricted. > Reason: > Rolename edit is allowed and the ranger policy still exists with old rolename > reference. Policy enforcement happens as per old policy. Rolename change is > not taken into consideration during policy download. > similarly for role which exist in another role rolename update should be > restricted -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (RANGER-2617) Provide descriptive error message when role delete not allowed
[ https://issues.apache.org/jira/browse/RANGER-2617?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16953624#comment-16953624 ] Nikhil Purbhe commented on RANGER-2617: --- patch committed on apache [master|https://github.com/apache/ranger/commit/f11d297ad74407e51707ba890b4f07db8ddb3be4] > Provide descriptive error message when role delete not allowed > -- > > Key: RANGER-2617 > URL: https://issues.apache.org/jira/browse/RANGER-2617 > Project: Ranger > Issue Type: Bug > Components: admin >Reporter: suja s >Assignee: Nikhil Purbhe >Priority: Minor > > Scenario: > Create a role r1 > Create a ranger policy for role r1 > Try to delete role > Role delete is not allowed as a policy exists with the specified role > Response: > {noformat} > {"statusCode":1,"msgDesc":"XXRole can't be > deleted","messageList":[{"name":"OPER_NOT_ALLOWED_FOR_STATE","rbKey":"xa.error.oper_not_allowed_for_state","message":"Operation > not allowed in current state","objectId":9}]} > {noformat} > Expected: > Descriptive message with details on why the operation is not allowed -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (RANGER-2618) Restrict rolename change when a policy/another role with that role exist
[ https://issues.apache.org/jira/browse/RANGER-2618?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2618: -- Description: When we try to delete a role associated with a ranger policy, the operation is not allowed. Likewise, role edit for rolename change also should be restricted. Reason: Rolename edit is allowed and the ranger policy still exists with old rolename reference. Policy enforcement happens as per old policy. Rolename change is not taken into consideration during policy download. similarly for role which exist in another role rolename update should be restricted was: When we try to delete a role associated with a ranger policy, the operation is not allowed. Likewise, role edit for rolename change also should be restricted. Reason: Rolename edit is allowed and the ranger policy still exists with old rolename reference. Policy enforcement happens as per old policy. Rolename change is not taken into consideration during policy download. > Restrict rolename change when a policy/another role with that role exist > > > Key: RANGER-2618 > URL: https://issues.apache.org/jira/browse/RANGER-2618 > Project: Ranger > Issue Type: Bug > Components: admin >Reporter: suja s >Assignee: Nikhil Purbhe >Priority: Major > > When we try to delete a role associated with a ranger policy, the operation > is not allowed. Likewise, role edit for rolename change also should be > restricted. > Reason: > Rolename edit is allowed and the ranger policy still exists with old rolename > reference. Policy enforcement happens as per old policy. Rolename change is > not taken into consideration during policy download. > similarly for role which exist in another role rolename update should be > restricted -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (RANGER-2618) Restrict rolename change when a policy/another role with that role exist
[ https://issues.apache.org/jira/browse/RANGER-2618?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2618: -- Summary: Restrict rolename change when a policy/another role with that role exist (was: Restrict rolename change when a policy with that role exist) > Restrict rolename change when a policy/another role with that role exist > > > Key: RANGER-2618 > URL: https://issues.apache.org/jira/browse/RANGER-2618 > Project: Ranger > Issue Type: Bug > Components: admin >Reporter: suja s >Assignee: Nikhil Purbhe >Priority: Major > > When we try to delete a role associated with a ranger policy, the operation > is not allowed. Likewise, role edit for rolename change also should be > restricted. > Reason: > Rolename edit is allowed and the ranger policy still exists with old rolename > reference. Policy enforcement happens as per old policy. Rolename change is > not taken into consideration during policy download. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Assigned] (RANGER-2618) Restrict rolename change when a policy with that role exist
[ https://issues.apache.org/jira/browse/RANGER-2618?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe reassigned RANGER-2618: - Assignee: Nikhil Purbhe > Restrict rolename change when a policy with that role exist > --- > > Key: RANGER-2618 > URL: https://issues.apache.org/jira/browse/RANGER-2618 > Project: Ranger > Issue Type: Bug > Components: admin >Reporter: suja s >Assignee: Nikhil Purbhe >Priority: Major > > When we try to delete a role associated with a ranger policy, the operation > is not allowed. Likewise, role edit for rolename change also should be > restricted. > Reason: > Rolename edit is allowed and the ranger policy still exists with old rolename > reference. Policy enforcement happens as per old policy. Rolename change is > not taken into consideration during policy download. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Assigned] (RANGER-2617) Provide descriptive error message when role delete not allowed
[ https://issues.apache.org/jira/browse/RANGER-2617?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe reassigned RANGER-2617: - Assignee: Nikhil Purbhe > Provide descriptive error message when role delete not allowed > -- > > Key: RANGER-2617 > URL: https://issues.apache.org/jira/browse/RANGER-2617 > Project: Ranger > Issue Type: Bug > Components: admin >Reporter: suja s >Assignee: Nikhil Purbhe >Priority: Minor > > Scenario: > Create a role r1 > Create a ranger policy for role r1 > Try to delete role > Role delete is not allowed as a policy exists with the specified role > Response: > {noformat} > {"statusCode":1,"msgDesc":"XXRole can't be > deleted","messageList":[{"name":"OPER_NOT_ALLOWED_FOR_STATE","rbKey":"xa.error.oper_not_allowed_for_state","message":"Operation > not allowed in current state","objectId":9}]} > {noformat} > Expected: > Descriptive message with details on why the operation is not allowed -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (RANGER-2602) Import is failing with "Can not construct instance of java.util.Date from String" error
[ https://issues.apache.org/jira/browse/RANGER-2602?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16947387#comment-16947387 ] Nikhil Purbhe commented on RANGER-2602: --- patch committed on apache [master|https://github.com/apache/ranger/commit/334e22ed1e507ca6477129cc8cccd8789d8f75b2] > Import is failing with "Can not construct instance of java.util.Date from > String" error > --- > > Key: RANGER-2602 > URL: https://issues.apache.org/jira/browse/RANGER-2602 > Project: Ranger > Issue Type: Bug > Components: Ranger >Reporter: Harshal Chavan >Assignee: Nikhil Purbhe >Priority: Major > > Steps to reproduce > 1.Create a service 'Hdfsservice1' > 2.Create a new policy 'Hdfspolicy1' > 3.Export the policies of 'Hdfsservice1' > 4.Import the same policies in 'Hdfsservice1' -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Assigned] (RANGER-2602) Import is failing with "Can not construct instance of java.util.Date from String" error
[ https://issues.apache.org/jira/browse/RANGER-2602?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe reassigned RANGER-2602: - Assignee: Nikhil Purbhe > Import is failing with "Can not construct instance of java.util.Date from > String" error > --- > > Key: RANGER-2602 > URL: https://issues.apache.org/jira/browse/RANGER-2602 > Project: Ranger > Issue Type: Bug > Components: Ranger >Reporter: Harshal Chavan >Assignee: Nikhil Purbhe >Priority: Major > > Steps to reproduce > 1.Create a service 'Hdfsservice1' > 2.Create a new policy 'Hdfspolicy1' > 3.Export the policies of 'Hdfsservice1' > 4.Import the same policies in 'Hdfsservice1' -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (RANGER-2576) Ranger is failing to start in kerberize mode with java-11
[ https://issues.apache.org/jira/browse/RANGER-2576?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16933281#comment-16933281 ] Nikhil Purbhe commented on RANGER-2576: --- patch committed on [master|https://github.com/apache/ranger/commit/06f329d5fc1e911bde012725f91a4bc46ff802d3] > Ranger is failing to start in kerberize mode with java-11 > - > > Key: RANGER-2576 > URL: https://issues.apache.org/jira/browse/RANGER-2576 > Project: Ranger > Issue Type: Sub-task > Components: Ranger >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > > Ranger is failing to start in kerberize mode with java-11 with error. > > {code:java} > SEVERE: Tomcat Server failed to start:java.io.IOException: Login failure for > rangeradmin/h...@domain.site from keytab /path/to/ranger.keytab > java.io.IOException: Login failure for rangeradmin/h...@domain.site from > keytab /path/to/ranger.keytab > at > org.apache.hadoop.security.SecureClientLogin.loginUserFromKeytab(SecureClientLogin.java:71) > at > org.apache.ranger.server.tomcat.EmbeddedServer.start(EmbeddedServer.java:249) > at > org.apache.ranger.server.tomcat.EmbeddedServer.main(EmbeddedServer.java:69) > Caused by: javax.security.auth.login.LoginException: > java.lang.NullPointerException: invalid null input(s) > at java.base/java.util.Objects.requireNonNull(Objects.java:246) > at java.base/javax.security.auth.Subject$SecureSet.remove(Subject.java:1172) > at > java.base/java.util.Collections$SynchronizedCollection.remove(Collections.java:2041) > at > jdk.security.auth/com.sun.security.auth.module.Krb5LoginModule.logout(Krb5LoginModule.java:1197) > at > java.base/javax.security.auth.login.LoginContext.invoke(LoginContext.java:732) > at > java.base/javax.security.auth.login.LoginContext$4.run(LoginContext.java:665){code} -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Assigned] (RANGER-2576) Ranger is failing to start in kerberize mode with java-11
[ https://issues.apache.org/jira/browse/RANGER-2576?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe reassigned RANGER-2576: - Assignee: Nikhil Purbhe > Ranger is failing to start in kerberize mode with java-11 > - > > Key: RANGER-2576 > URL: https://issues.apache.org/jira/browse/RANGER-2576 > Project: Ranger > Issue Type: Sub-task > Components: Ranger >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (RANGER-2576) Ranger is failing to start in kerberize mode with java-11
Nikhil Purbhe created RANGER-2576: - Summary: Ranger is failing to start in kerberize mode with java-11 Key: RANGER-2576 URL: https://issues.apache.org/jira/browse/RANGER-2576 Project: Ranger Issue Type: Sub-task Components: Ranger Reporter: Nikhil Purbhe -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (RANGER-2575) Java 11 Support for Ranger
Nikhil Purbhe created RANGER-2575: - Summary: Java 11 Support for Ranger Key: RANGER-2575 URL: https://issues.apache.org/jira/browse/RANGER-2575 Project: Ranger Issue Type: Improvement Components: Ranger Reporter: Nikhil Purbhe Assignee: Nikhil Purbhe add Support for Ranger to support java 11 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (RANGER-2561) add functionality in ranger to get default policy groups list from service config while creation of service and add that group to policies in that service
[ https://issues.apache.org/jira/browse/RANGER-2561?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2561: -- Description: add functionality in ranger to get default policy groups list from service config while creation of service and add that group to policies in that service. user properties need to be set if those users needs to be added in default policy during service creation. Required property in ranger-admin-site : *ranger.default.policy.users : comma separated list of users* required property in service config : *default.policy.users :* *comma separated list of users*** similar to users , group properties need to be set if those groups needs to be added in default policy during service creation. Required property in ranger-admin-site : *ranger.default.policy.groups :* *comma separated list of groups*** required property in service config : *default.policy.groups :* *comma separated list of group* was: add functionality in ranger to get default policy groups list from service config while creation of service and add that group to policies in that service. user properties need to be set if those users needs to be added in default policy during service creation. Required property in ranger-admin-site : *ranger.default.policy.users* required property in service config : *default.policy.users* similar to users , group properties need to be set if those groups needs to be added in default policy during service creation. Required property in ranger-admin-site : *ranger.default.policy.groups* required property in service config : *default.policy.groups* > add functionality in ranger to get default policy groups list from service > config while creation of service and add that group to policies in that > service > -- > > Key: RANGER-2561 > URL: https://issues.apache.org/jira/browse/RANGER-2561 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > > add functionality in ranger to get default policy groups list from service > config while creation of service and add that group to policies in that > service. > > user properties need to be set if those users needs to be added in default > policy during service creation. > > Required property in ranger-admin-site : > *ranger.default.policy.users : comma separated list of users* > required property in service config : > *default.policy.users :* *comma separated list of users*** > > similar to users , group properties need to be set if those groups needs to > be added in default policy during service creation. > > Required property in ranger-admin-site : > *ranger.default.policy.groups :* *comma separated list of groups*** > required property in service config : > *default.policy.groups :* *comma separated list of group* -- This message was sent by Atlassian Jira (v8.3.2#803003)
[jira] [Updated] (RANGER-2561) add functionality in ranger to get default policy groups list from service config while creation of service and add that group to policies in that service
[ https://issues.apache.org/jira/browse/RANGER-2561?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2561: -- Description: add functionality in ranger to get default policy groups list from service config while creation of service and add that group to policies in that service. user properties need to be set if those users needs to be added in default policy during service creation. Required property in ranger-admin-site : *ranger.default.policy.users* required property in service config : *default.policy.users* similar to users , group properties need to be set if those groups needs to be added in default policy during service creation. Required property in ranger-admin-site : *ranger.default.policy.groups* required property in service config : *default.policy.groups* was: add functionality in ranger to get default policy groups list from service config while creation of service and add that group to policies in that service. required property in service config : default.policy.groups > add functionality in ranger to get default policy groups list from service > config while creation of service and add that group to policies in that > service > -- > > Key: RANGER-2561 > URL: https://issues.apache.org/jira/browse/RANGER-2561 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > > add functionality in ranger to get default policy groups list from service > config while creation of service and add that group to policies in that > service. > > user properties need to be set if those users needs to be added in default > policy during service creation. > > Required property in ranger-admin-site : > *ranger.default.policy.users* > required property in service config : > *default.policy.users* > > similar to users , group properties need to be set if those groups needs to > be added in default policy during service creation. > > Required property in ranger-admin-site : > *ranger.default.policy.groups* > required property in service config : > *default.policy.groups* -- This message was sent by Atlassian Jira (v8.3.2#803003)
[jira] [Updated] (RANGER-2561) add functionality in ranger to get default policy groups list from service config while creation of service and add that group to policies in that service
[ https://issues.apache.org/jira/browse/RANGER-2561?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2561: -- Description: add functionality in ranger to get default policy groups list from service config while creation of service and add that group to policies in that service. required property in service config : default.policy.groups was:add functionality in ranger to get default policy groups list from service config while creation of service and add that group to policies in that service > add functionality in ranger to get default policy groups list from service > config while creation of service and add that group to policies in that > service > -- > > Key: RANGER-2561 > URL: https://issues.apache.org/jira/browse/RANGER-2561 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > > add functionality in ranger to get default policy groups list from service > config while creation of service and add that group to policies in that > service. > required property in service config : > default.policy.groups -- This message was sent by Atlassian Jira (v8.3.2#803003)
[jira] [Created] (RANGER-2535) Good coding practices for storing and retrieving data history in ranger
Nikhil Purbhe created RANGER-2535: - Summary: Good coding practices for storing and retrieving data history in ranger Key: RANGER-2535 URL: https://issues.apache.org/jira/browse/RANGER-2535 Project: Ranger Issue Type: Improvement Components: Ranger Reporter: Nikhil Purbhe Assignee: Nikhil Purbhe Good coding practices for storing and retrieving data history in ranger -- This message was sent by Atlassian JIRA (v7.6.14#76016)
[jira] [Assigned] (RANGER-2523) Ranger Admin debug config improvement
[ https://issues.apache.org/jira/browse/RANGER-2523?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe reassigned RANGER-2523: - Assignee: Nikhil Purbhe > Ranger Admin debug config improvement > - > > Key: RANGER-2523 > URL: https://issues.apache.org/jira/browse/RANGER-2523 > Project: Ranger > Issue Type: Bug > Components: Ranger >Reporter: Harshal Chavan >Assignee: Nikhil Purbhe >Priority: Major > > Improvement in debug log config -- This message was sent by Atlassian JIRA (v7.6.14#76016)
[jira] [Assigned] (RANGER-2508) Good coding practices for concurrent policy label creation
[ https://issues.apache.org/jira/browse/RANGER-2508?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe reassigned RANGER-2508: - Assignee: Nikhil Purbhe > Good coding practices for concurrent policy label creation > -- > > Key: RANGER-2508 > URL: https://issues.apache.org/jira/browse/RANGER-2508 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: 1.1.0 >Reporter: Preetam Tripathi >Assignee: Nikhil Purbhe >Priority: Major > Fix For: 2.0.0 > > > Good coding practices for concurrent policy label creation. -- This message was sent by Atlassian JIRA (v7.6.14#76016)
[jira] [Commented] (RANGER-2466) Improvement in setting cluster Name in RangerAccessRequest
[ https://issues.apache.org/jira/browse/RANGER-2466?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16871224#comment-16871224 ] Nikhil Purbhe commented on RANGER-2466: --- patch committed on [master|https://github.com/apache/ranger/commit/51bb1f831f956c6f88efb5305fd7aeb3859aee1f] > Improvement in setting cluster Name in RangerAccessRequest > -- > > Key: RANGER-2466 > URL: https://issues.apache.org/jira/browse/RANGER-2466 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > Attachments: > RANGER-2466-Improvement-in-setting-cluster-Name-in-R.patch > > > handling Clustername setting part during Policy engine instantiation. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2427) Tag policies are not evaluated if no security zones are configured
[ https://issues.apache.org/jira/browse/RANGER-2427?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2427: -- Fix Version/s: master > Tag policies are not evaluated if no security zones are configured > -- > > Key: RANGER-2427 > URL: https://issues.apache.org/jira/browse/RANGER-2427 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Affects Versions: master >Reporter: Abhay Kulkarni >Assignee: Abhay Kulkarni >Priority: Major > Fix For: master > > > Policies downloaded to plugin have empty string as a value for zone-name. > This causes the check for zone-name of policy(empty string) and zone-name of > accessed resource(null) to fail. Consequently, none of the tag policies will > match. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2427) Tag policies are not evaluated if no security zones are configured
[ https://issues.apache.org/jira/browse/RANGER-2427?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2427: -- Fix Version/s: (was: master) > Tag policies are not evaluated if no security zones are configured > -- > > Key: RANGER-2427 > URL: https://issues.apache.org/jira/browse/RANGER-2427 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Affects Versions: master >Reporter: Abhay Kulkarni >Assignee: Abhay Kulkarni >Priority: Major > > Policies downloaded to plugin have empty string as a value for zone-name. > This causes the check for zone-name of policy(empty string) and zone-name of > accessed resource(null) to fail. Consequently, none of the tag policies will > match. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (RANGER-2467) similar to clusterName custom condition, add clusterType custome condition.
[ https://issues.apache.org/jira/browse/RANGER-2467?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe reassigned RANGER-2467: - Assignee: Mateen Mansoori (was: Nikhil Purbhe) > similar to clusterName custom condition, add clusterType custome condition. > --- > > Key: RANGER-2467 > URL: https://issues.apache.org/jira/browse/RANGER-2467 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Reporter: Nikhil Purbhe >Assignee: Mateen Mansoori >Priority: Major > > add clusterType custome condition,This will help with custom conditions like > “Accessed from cluster type?” -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2466) Improvement in setting cluster Name in RangerAccessRequest
[ https://issues.apache.org/jira/browse/RANGER-2466?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2466: -- Attachment: RANGER-2466-Improvement-in-setting-cluster-Name-in-R.patch > Improvement in setting cluster Name in RangerAccessRequest > -- > > Key: RANGER-2466 > URL: https://issues.apache.org/jira/browse/RANGER-2466 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > Attachments: > RANGER-2466-Improvement-in-setting-cluster-Name-in-R.patch > > > handling Clustername setting part during Policy engine instantiation. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (RANGER-2467) similar to clusterName custom condition, add clusterType custome condition.
Nikhil Purbhe created RANGER-2467: - Summary: similar to clusterName custom condition, add clusterType custome condition. Key: RANGER-2467 URL: https://issues.apache.org/jira/browse/RANGER-2467 Project: Ranger Issue Type: Improvement Components: Ranger Reporter: Nikhil Purbhe Assignee: Nikhil Purbhe add clusterType custome condition,This will help with custom conditions like “Accessed from cluster type?” -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (RANGER-2466) Improvement in setting cluster Name in RangerAccessRequest
Nikhil Purbhe created RANGER-2466: - Summary: Improvement in setting cluster Name in RangerAccessRequest Key: RANGER-2466 URL: https://issues.apache.org/jira/browse/RANGER-2466 Project: Ranger Issue Type: Improvement Components: Ranger Reporter: Nikhil Purbhe Assignee: Nikhil Purbhe handling Clustername setting part during Policy engine instantiation. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (RANGER-2454) Remove the trailing slash in Ranger URL in RangerAdminJersey2RESTClient
[ https://issues.apache.org/jira/browse/RANGER-2454?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16855518#comment-16855518 ] Nikhil Purbhe commented on RANGER-2454: --- [~krisden] patch committed for Knox specific RangerAdminJersey2RESTClient on [master|https://github.com/apache/ranger/commit/4c3b1149f31173cc7a4c483dcb0aff74904cb3da] > Remove the trailing slash in Ranger URL in RangerAdminJersey2RESTClient > --- > > Key: RANGER-2454 > URL: https://issues.apache.org/jira/browse/RANGER-2454 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Affects Versions: master >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > Fix For: master > > > Remove the trailing slash in Ranger URL in RangerAdminJersey2RESTClient. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (RANGER-2454) Remove the trailing slash in Ranger URL in RangerAdminJersey2RESTClient
Nikhil Purbhe created RANGER-2454: - Summary: Remove the trailing slash in Ranger URL in RangerAdminJersey2RESTClient Key: RANGER-2454 URL: https://issues.apache.org/jira/browse/RANGER-2454 Project: Ranger Issue Type: Improvement Components: Ranger Affects Versions: master Reporter: Nikhil Purbhe Assignee: Nikhil Purbhe Fix For: master Remove the trailing slash in Ranger URL in RangerAdminJersey2RESTClient. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Resolved] (RANGER-2449) if service part of zone is not present then null pointer exception is thrown
[ https://issues.apache.org/jira/browse/RANGER-2449?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe resolved RANGER-2449. --- Resolution: Fixed > if service part of zone is not present then null pointer exception is thrown > > > Key: RANGER-2449 > URL: https://issues.apache.org/jira/browse/RANGER-2449 > Project: Ranger > Issue Type: Bug > Components: admin >Affects Versions: master >Reporter: Deepak Sharma >Assignee: Nikhil Purbhe >Priority: Major > Fix For: master > > > if service part of zone is not present then null pointer exception is thrown -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Comment Edited] (RANGER-2449) if service part of zone is not present then null pointer exception is thrown
[ https://issues.apache.org/jira/browse/RANGER-2449?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16850782#comment-16850782 ] Nikhil Purbhe edited comment on RANGER-2449 at 5/29/19 12:03 PM: - patch committed on [master|https://github.com/apache/ranger/commit/abfdb0893f3cd50ced6941d059c08fb82380f598] was (Author: nikhil@1): patch committed on [master|https://github.com/apache/ranger/commit/abfdb0893f3cd50ced6941d059c08fb82380f598]] > if service part of zone is not present then null pointer exception is thrown > > > Key: RANGER-2449 > URL: https://issues.apache.org/jira/browse/RANGER-2449 > Project: Ranger > Issue Type: Bug > Components: admin >Affects Versions: master >Reporter: Deepak Sharma >Assignee: Nikhil Purbhe >Priority: Major > Fix For: master > > > if service part of zone is not present then null pointer exception is thrown -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (RANGER-2449) if service part of zone is not present then null pointer exception is thrown
[ https://issues.apache.org/jira/browse/RANGER-2449?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16850782#comment-16850782 ] Nikhil Purbhe commented on RANGER-2449: --- patch committed on [master|https://github.com/apache/ranger/commit/abfdb0893f3cd50ced6941d059c08fb82380f598]] > if service part of zone is not present then null pointer exception is thrown > > > Key: RANGER-2449 > URL: https://issues.apache.org/jira/browse/RANGER-2449 > Project: Ranger > Issue Type: Bug > Components: admin >Affects Versions: master >Reporter: Deepak Sharma >Assignee: Nikhil Purbhe >Priority: Major > Fix For: master > > > if service part of zone is not present then null pointer exception is thrown -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (RANGER-2449) if service part of zone is not present then null pointer exception is thrown
[ https://issues.apache.org/jira/browse/RANGER-2449?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe reassigned RANGER-2449: - Assignee: Nikhil Purbhe > if service part of zone is not present then null pointer exception is thrown > > > Key: RANGER-2449 > URL: https://issues.apache.org/jira/browse/RANGER-2449 > Project: Ranger > Issue Type: Bug > Components: admin >Affects Versions: master >Reporter: Deepak Sharma >Assignee: Nikhil Purbhe >Priority: Major > Fix For: master > > > if service part of zone is not present then null pointer exception is thrown -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (RANGER-2445) Import of Tagservice for zone
[ https://issues.apache.org/jira/browse/RANGER-2445?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe reassigned RANGER-2445: - Assignee: Nikhil Purbhe > Import of Tagservice for zone > - > > Key: RANGER-2445 > URL: https://issues.apache.org/jira/browse/RANGER-2445 > Project: Ranger > Issue Type: Bug > Components: Ranger >Reporter: Harshal Chavan >Assignee: Nikhil Purbhe >Priority: Major > > Import of tagservice is not working for zone -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (RANGER-2436) Custom condition: Access from cluster
Nikhil Purbhe created RANGER-2436: - Summary: Custom condition: Access from cluster Key: RANGER-2436 URL: https://issues.apache.org/jira/browse/RANGER-2436 Project: Ranger Issue Type: Improvement Components: Ranger Affects Versions: master Reporter: Nikhil Purbhe Assignee: Nikhil Purbhe Fix For: master Include a custom-condition that checks if the current cluster-name matches one of the condition values. This will enable setting up different authorization policies depending on the cluster from which access was performed. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (RANGER-2411) Restrict Admin role user to create Zone for KMS service
[ https://issues.apache.org/jira/browse/RANGER-2411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe reassigned RANGER-2411: - Assignee: Nikhil Purbhe > Restrict Admin role user to create Zone for KMS service > --- > > Key: RANGER-2411 > URL: https://issues.apache.org/jira/browse/RANGER-2411 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: 2.0.0 >Reporter: Harshal Chavan >Assignee: Nikhil Purbhe >Priority: Major > > Expected Result: Admin role user should not be allowed to create Zone for KMS > service. > CURL Request: curl -i -u admin:admin123 --header "Accept:application/json" -H > "Content-Type: application/json" -X POST > [http://:6080/service/zones/zones|http://172.22.114.5:6080/service/zones/zones] > -d > '{"adminUserGroups":["admingroup1"],"adminUsers":["admintest1"],"auditUserGroups":["auditgroup1"],"auditUsers":["auditest1"],"name":"kms-accesspolicy","services":{"cl1_kms":{"resources":[ > {"keyname":["kmstest1"]} > ]}}}' > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (RANGER-2351) Implement Import / Export of Policies by Zone
[ https://issues.apache.org/jira/browse/RANGER-2351?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16826676#comment-16826676 ] Nikhil Purbhe commented on RANGER-2351: --- patch committed on [master|https://github.com/apache/ranger/commit/c9f8102cc8dfe80e15d12fa936e9956224d6238e] > Implement Import / Export of Policies by Zone > - > > Key: RANGER-2351 > URL: https://issues.apache.org/jira/browse/RANGER-2351 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Affects Versions: master >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > Fix For: master > > Attachments: RANGER-2351_1.patch > > > Implement Import / Export of Policies by Zone. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2403) proper error should be thrown when service part of zone being deleted
[ https://issues.apache.org/jira/browse/RANGER-2403?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2403: -- Attachment: 0001-RANGER-2403-proper-error-should-be-thrown-when-servi.patch > proper error should be thrown when service part of zone being deleted > - > > Key: RANGER-2403 > URL: https://issues.apache.org/jira/browse/RANGER-2403 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: master >Reporter: Deepak Sharma >Assignee: Nikhil Purbhe >Priority: Major > Fix For: master > > Attachments: > 0001-RANGER-2403-proper-error-should-be-thrown-when-servi.patch > > > currently when service part of zone being deleted ERROR XXService can't be > deleted is thrown, we can handle it eg: Service is associated with and > can not be deleted. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (RANGER-2403) proper error should be thrown when service part of zone being deleted
[ https://issues.apache.org/jira/browse/RANGER-2403?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe reassigned RANGER-2403: - Assignee: Nikhil Purbhe > proper error should be thrown when service part of zone being deleted > - > > Key: RANGER-2403 > URL: https://issues.apache.org/jira/browse/RANGER-2403 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: master >Reporter: Deepak Sharma >Assignee: Nikhil Purbhe >Priority: Major > Fix For: master > > > currently when service part of zone being deleted ERROR XXService can't be > deleted is thrown, we can handle it eg: Service is associated with and > can not be deleted. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2351) Implement Import / Export of Policies by Zone
[ https://issues.apache.org/jira/browse/RANGER-2351?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2351: -- Attachment: RANGER-2351_1.patch > Implement Import / Export of Policies by Zone > - > > Key: RANGER-2351 > URL: https://issues.apache.org/jira/browse/RANGER-2351 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Affects Versions: master >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > Fix For: master > > Attachments: RANGER-2351_1.patch > > > Implement Import / Export of Policies by Zone. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (RANGER-2382) Improvement to Access Audit page-Add ‘agentHostname’ column to audit log table, which records IP-address/hostname of the plugin
[ https://issues.apache.org/jira/browse/RANGER-2382?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16819043#comment-16819043 ] Nikhil Purbhe commented on RANGER-2382: --- patch committed on [master|https://github.com/apache/ranger/commit/03043c1c611b9d2177786855864a5471e14ecf50] > Improvement to Access Audit page-Add ‘agentHostname’ column to audit log > table, which records IP-address/hostname of the plugin > --- > > Key: RANGER-2382 > URL: https://issues.apache.org/jira/browse/RANGER-2382 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Affects Versions: master >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > Fix For: master > > Attachments: > 0001-RANGER-2382-Improvement-to-Access-Audit-page-Add-agentHostname-c.patch, > RANGER-2382_4.patch > > > In Audit Page > * Access tab: > ** Add ‘agentHostname’ column to audit log table, which records > IP-address/hostname of the plugin. Having this field in audit UI can avoid > having to scan all the hosts. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2382) Improvement to Access Audit page-Add ‘agentHostname’ column to audit log table, which records IP-address/hostname of the plugin
[ https://issues.apache.org/jira/browse/RANGER-2382?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2382: -- Attachment: RANGER-2382_4.patch > Improvement to Access Audit page-Add ‘agentHostname’ column to audit log > table, which records IP-address/hostname of the plugin > --- > > Key: RANGER-2382 > URL: https://issues.apache.org/jira/browse/RANGER-2382 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Affects Versions: master >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > Fix For: master > > Attachments: > 0001-RANGER-2382-Improvement-to-Access-Audit-page-Add-agentHostname-c.patch, > RANGER-2382_4.patch > > > In Audit Page > * Access tab: > ** Add ‘agentHostname’ column to audit log table, which records > IP-address/hostname of the plugin. Having this field in audit UI can avoid > having to scan all the hosts. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (RANGER-2382) Improvement to Access Audit page-Add ‘agentHostname’ column to audit log table, which records IP-address/hostname of the plugin
[ https://issues.apache.org/jira/browse/RANGER-2382?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16817586#comment-16817586 ] Nikhil Purbhe commented on RANGER-2382: --- [~rmani] updated the patch with suggested changes, please review the patch submitted on [Review request|https://reviews.apache.org/r/70340/]. > Improvement to Access Audit page-Add ‘agentHostname’ column to audit log > table, which records IP-address/hostname of the plugin > --- > > Key: RANGER-2382 > URL: https://issues.apache.org/jira/browse/RANGER-2382 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Affects Versions: master >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > Fix For: master > > Attachments: > 0001-RANGER-2382-Improvement-to-Access-Audit-page-Add-agentHostname-c.patch > > > In Audit Page > * Access tab: > ** Add ‘agentHostname’ column to audit log table, which records > IP-address/hostname of the plugin. Having this field in audit UI can avoid > having to scan all the hosts. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (RANGER-2383) Incorrect response when trying to delete user attached to a security zone
[ https://issues.apache.org/jira/browse/RANGER-2383?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16817578#comment-16817578 ] Nikhil Purbhe commented on RANGER-2383: --- patch committed on [master|https://github.com/apache/ranger/commit/c74745d8af0cc72ed893517ac6778fce3a518a9b] > Incorrect response when trying to delete user attached to a security zone > - > > Key: RANGER-2383 > URL: https://issues.apache.org/jira/browse/RANGER-2383 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: master >Reporter: suja s >Assignee: Nikhil Purbhe >Priority: Major > Fix For: master > > > Scenario: > Create a test user (user role is USER) > Create a security zone with the above user as admin user > Try to delete the user > Delete operation fails, but there is no reason for the failure, api response > gives a 404 error > The same occurs if that user is tagged as auditor for security zone > The scenario is applicable for group also > Expected: If user delete is not allowed, proper response indicating the > reason for failure should be displayed > Note: This behaviour is different from user assigned as delegated admin for a > policy, even if a user is delegated admin for a policy, user delete is > successful > {noformat} > Request URL: > http://:/service/xusers/secure/users/id/?forceDelete=true > Request Method: DELETE > Status Code: 404 Not Found > {noformat} -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2384) Get All Zones API is returning response in raw format,proper response object is required.
[ https://issues.apache.org/jira/browse/RANGER-2384?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2384: -- Attachment: RANGER-2384.patch > Get All Zones API is returning response in raw format,proper response object > is required. > - > > Key: RANGER-2384 > URL: https://issues.apache.org/jira/browse/RANGER-2384 > Project: Ranger > Issue Type: Bug > Components: Ranger >Reporter: Nitin Galave >Assignee: Nikhil Purbhe >Priority: Major > Fix For: master > > Attachments: RANGER-2384.patch > > > Get All Zones API is returning response in raw format,proper response object > is required. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2387) add public api v2 for security zones
[ https://issues.apache.org/jira/browse/RANGER-2387?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2387: -- Attachment: RANGER-2387-add-public-api-v2-for-security-zones.patch > add public api v2 for security zones > > > Key: RANGER-2387 > URL: https://issues.apache.org/jira/browse/RANGER-2387 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: master >Reporter: Deepak Sharma >Assignee: Nikhil Purbhe >Priority: Major > Fix For: master > > Attachments: RANGER-2387-add-public-api-v2-for-security-zones.patch > > > add public api v2 for security zones -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (RANGER-2387) add public api v2 for security zones
[ https://issues.apache.org/jira/browse/RANGER-2387?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe reassigned RANGER-2387: - Assignee: Nikhil Purbhe > add public api v2 for security zones > > > Key: RANGER-2387 > URL: https://issues.apache.org/jira/browse/RANGER-2387 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: master >Reporter: Deepak Sharma >Assignee: Nikhil Purbhe >Priority: Major > Fix For: master > > > add public api v2 for security zones -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2382) Improvement to Access Audit page-Add ‘agentHostname’ column to audit log table, which records IP-address/hostname of the plugin
[ https://issues.apache.org/jira/browse/RANGER-2382?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2382: -- Attachment: 0001-RANGER-2382-Improvement-to-Access-Audit-page-Add-agentHostname-c.patch > Improvement to Access Audit page-Add ‘agentHostname’ column to audit log > table, which records IP-address/hostname of the plugin > --- > > Key: RANGER-2382 > URL: https://issues.apache.org/jira/browse/RANGER-2382 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Affects Versions: master >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > Fix For: master > > Attachments: > 0001-RANGER-2382-Improvement-to-Access-Audit-page-Add-agentHostname-c.patch > > > In Audit Page > * Access tab: > ** Add ‘agentHostname’ column to audit log table, which records > IP-address/hostname of the plugin. Having this field in audit UI can avoid > having to scan all the hosts. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (RANGER-2383) Incorrect response when trying to delete user attached to a security zone
[ https://issues.apache.org/jira/browse/RANGER-2383?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe reassigned RANGER-2383: - Assignee: Nikhil Purbhe > Incorrect response when trying to delete user attached to a security zone > - > > Key: RANGER-2383 > URL: https://issues.apache.org/jira/browse/RANGER-2383 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: master >Reporter: suja s >Assignee: Nikhil Purbhe >Priority: Major > > Scenario: > Create a test user (user role is USER) > Create a security zone with the above user as admin user > Try to delete the user > Delete operation fails, but there is no reason for the failure, api response > gives a 404 error > The same occurs if that user is tagged as auditor for security zone > The scenario is applicable for group also > Expected: If user delete is not allowed, proper response indicating the > reason for failure should be displayed > Note: This behaviour is different from user assigned as delegated admin for a > policy, even if a user is delegated admin for a policy, user delete is > successful > {noformat} > Request URL: > http://:/service/xusers/secure/users/id/?forceDelete=true > Request Method: DELETE > Status Code: 404 Not Found > {noformat} -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (RANGER-2382) Improvement to Access Audit page-Add ‘agentHostname’ column to audit log table, which records IP-address/hostname of the plugin
Nikhil Purbhe created RANGER-2382: - Summary: Improvement to Access Audit page-Add ‘agentHostname’ column to audit log table, which records IP-address/hostname of the plugin Key: RANGER-2382 URL: https://issues.apache.org/jira/browse/RANGER-2382 Project: Ranger Issue Type: Improvement Components: Ranger Affects Versions: master Reporter: Nikhil Purbhe Assignee: Nikhil Purbhe Fix For: master In Audit Page * Access tab: ** Add ‘agentHostname’ column to audit log table, which records IP-address/hostname of the plugin. Having this field in audit UI can avoid having to scan all the hosts. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (RANGER-2373) User creation POST and PUT response not showing groupIdList and groupNameList with expected data
[ https://issues.apache.org/jira/browse/RANGER-2373?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16801418#comment-16801418 ] Nikhil Purbhe commented on RANGER-2373: --- patch committed on [master|https://github.com/apache/ranger/commit/7c52a79a5d0b41bfc94caca9d531e0fefba2bfe7] > User creation POST and PUT response not showing groupIdList and groupNameList > with expected data > > > Key: RANGER-2373 > URL: https://issues.apache.org/jira/browse/RANGER-2373 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: 1.0.0, 1.1.0, 2.0.0, 1.2.0 >Reporter: Pradeep Agrawal >Assignee: Nikhil Purbhe >Priority: Major > Fix For: 2.0.0 > > Attachments: RANGER-2373-2.patch > > > Used below POST data for user creation using request url - > /service/xusers/secure/users > {noformat} > { > "name": "testuser01", > "password": "testuser01", > "firstName": "testuser01", > "lastName": "", > "emailAddress": "", > "userRoleList": ["ROLE_USER"], > "groupIdList": [2], > "status": 1 > } > {noformat} > POST repsonse is, > {code} > {"id":20,"createDate":"2018-10-11T13:03:54Z","updateDate":"2018-10-11T13:03:54Z","owner":"Admin","updatedBy":"Admin","name":"testuser01","firstName":"testuser01","lastName":"","password":"*","description":"testuser01","groupIdList":[],"groupNameList":[],"status":1,"isVisible":1,"userSource":0,"userRoleList":["ROLE_USER"]} > {code} > For updating, the user used below PUT data > {noformat} > { > "name": "testuser01", > "firstName": "testuser01", > "lastName": "", > "emailAddress": "", > "userRoleList": ["ROLE_USER"], > "groupIdList": [2, 9], > "groupNameList": ["hadoop", "mapred"], > "status": 1, > "description": "testuser01", > "isVisible": 1, > "userSource": 0, > "id":20, > "owner": "Admin" > } > {noformat} > PUT response > {code} > {"id":20,"createDate":"2018-10-11T13:03:54Z","updateDate":"2018-10-11T14:09:34Z","owner":"Admin","updatedBy":"Admin","name":"testuser01","firstName":"testuser01","lastName":"","password":"*","description":"testuser01","groupIdList":[2,9],"groupNameList":["hadoop"],"status":1,"isVisible":1,"userSource":0,"userRoleList":["ROLE_USER"]} > {code} -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2373) User creation POST and PUT response not showing groupIdList and groupNameList with expected data
[ https://issues.apache.org/jira/browse/RANGER-2373?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2373: -- Attachment: RANGER-2373-2.patch > User creation POST and PUT response not showing groupIdList and groupNameList > with expected data > > > Key: RANGER-2373 > URL: https://issues.apache.org/jira/browse/RANGER-2373 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: 1.0.0, 1.1.0, 2.0.0, 1.2.0 >Reporter: Pradeep Agrawal >Assignee: Nikhil Purbhe >Priority: Major > Fix For: 2.0.0 > > Attachments: RANGER-2373-2.patch > > > Used below POST data for user creation using request url - > /service/xusers/secure/users > {noformat} > { > "name": "testuser01", > "password": "testuser01", > "firstName": "testuser01", > "lastName": "", > "emailAddress": "", > "userRoleList": ["ROLE_USER"], > "groupIdList": [2], > "status": 1 > } > {noformat} > POST repsonse is, > {code} > {"id":20,"createDate":"2018-10-11T13:03:54Z","updateDate":"2018-10-11T13:03:54Z","owner":"Admin","updatedBy":"Admin","name":"testuser01","firstName":"testuser01","lastName":"","password":"*","description":"testuser01","groupIdList":[],"groupNameList":[],"status":1,"isVisible":1,"userSource":0,"userRoleList":["ROLE_USER"]} > {code} > For updating, the user used below PUT data > {noformat} > { > "name": "testuser01", > "firstName": "testuser01", > "lastName": "", > "emailAddress": "", > "userRoleList": ["ROLE_USER"], > "groupIdList": [2, 9], > "groupNameList": ["hadoop", "mapred"], > "status": 1, > "description": "testuser01", > "isVisible": 1, > "userSource": 0, > "id":20, > "owner": "Admin" > } > {noformat} > PUT response > {code} > {"id":20,"createDate":"2018-10-11T13:03:54Z","updateDate":"2018-10-11T14:09:34Z","owner":"Admin","updatedBy":"Admin","name":"testuser01","firstName":"testuser01","lastName":"","password":"*","description":"testuser01","groupIdList":[2,9],"groupNameList":["hadoop"],"status":1,"isVisible":1,"userSource":0,"userRoleList":["ROLE_USER"]} > {code} -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (RANGER-2373) User creation POST and PUT response not showing groupIdList and groupNameList with expected data
[ https://issues.apache.org/jira/browse/RANGER-2373?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe reassigned RANGER-2373: - Assignee: Nikhil Purbhe (was: Pradeep Agrawal) > User creation POST and PUT response not showing groupIdList and groupNameList > with expected data > > > Key: RANGER-2373 > URL: https://issues.apache.org/jira/browse/RANGER-2373 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: 1.0.0, 1.1.0, 2.0.0, 1.2.0 >Reporter: Pradeep Agrawal >Assignee: Nikhil Purbhe >Priority: Major > Fix For: 2.0.0 > > > Used below POST data for user creation using request url - > /service/xusers/secure/users > {noformat} > { > "name": "testuser01", > "password": "testuser01", > "firstName": "testuser01", > "lastName": "", > "emailAddress": "", > "userRoleList": ["ROLE_USER"], > "groupIdList": [2], > "status": 1 > } > {noformat} > POST repsonse is, > {code} > {"id":20,"createDate":"2018-10-11T13:03:54Z","updateDate":"2018-10-11T13:03:54Z","owner":"Admin","updatedBy":"Admin","name":"testuser01","firstName":"testuser01","lastName":"","password":"*","description":"testuser01","groupIdList":[],"groupNameList":[],"status":1,"isVisible":1,"userSource":0,"userRoleList":["ROLE_USER"]} > {code} > For updating, the user used below PUT data > {noformat} > { > "name": "testuser01", > "firstName": "testuser01", > "lastName": "", > "emailAddress": "", > "userRoleList": ["ROLE_USER"], > "groupIdList": [2, 9], > "groupNameList": ["hadoop", "mapred"], > "status": 1, > "description": "testuser01", > "isVisible": 1, > "userSource": 0, > "id":20, > "owner": "Admin" > } > {noformat} > PUT response > {code} > {"id":20,"createDate":"2018-10-11T13:03:54Z","updateDate":"2018-10-11T14:09:34Z","owner":"Admin","updatedBy":"Admin","name":"testuser01","firstName":"testuser01","lastName":"","password":"*","description":"testuser01","groupIdList":[2,9],"groupNameList":["hadoop"],"status":1,"isVisible":1,"userSource":0,"userRoleList":["ROLE_USER"]} > {code} -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (RANGER-2357) Improvement on getServices API
[ https://issues.apache.org/jira/browse/RANGER-2357?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16791683#comment-16791683 ] Nikhil Purbhe commented on RANGER-2357: --- patch committed on [master|https://github.com/apache/ranger/commit/b3cb2248aba52af7c6bf977dfe921ca329265f12] > Improvement on getServices API > -- > > Key: RANGER-2357 > URL: https://issues.apache.org/jira/browse/RANGER-2357 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Affects Versions: master >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > Fix For: master > > Attachments: RANGER-2357.patch > > > Ranger user should be able to get plugin services based on its associated tag > service. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2357) Improvement on getServices API
[ https://issues.apache.org/jira/browse/RANGER-2357?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2357: -- Attachment: RANGER-2357.patch > Improvement on getServices API > -- > > Key: RANGER-2357 > URL: https://issues.apache.org/jira/browse/RANGER-2357 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Affects Versions: master >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > Fix For: master > > Attachments: RANGER-2357.patch > > > Ranger user should be able to get plugin services based on its associated tag > service. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (RANGER-2357) Improvement on getServices API
Nikhil Purbhe created RANGER-2357: - Summary: Improvement on getServices API Key: RANGER-2357 URL: https://issues.apache.org/jira/browse/RANGER-2357 Project: Ranger Issue Type: Improvement Components: Ranger Affects Versions: master Reporter: Nikhil Purbhe Assignee: Nikhil Purbhe Fix For: master Ranger user should be able to get plugin services based on its associated tag service. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (RANGER-2334) Audits: filter out service audit logs and additional users logs from user audit logs
[ https://issues.apache.org/jira/browse/RANGER-2334?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16771089#comment-16771089 ] Nikhil Purbhe commented on RANGER-2334: --- patch committed on [master | https://github.com/apache/ranger/commit/24e8f31af06433e159a6215b5bfb1588d7eb0700] > Audits: filter out service audit logs and additional users logs from user > audit logs > > > Key: RANGER-2334 > URL: https://issues.apache.org/jira/browse/RANGER-2334 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: 1.2.0 >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > Fix For: 2.0.0 > > Attachments: > RANGER-2334-Audits-filter-out-service-audit-logs-and.patch > > > allow ranger users to filter out access audit logs for service users and > other specific users. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2334) Audits: filter out service audit logs and additional users logs from user audit logs
[ https://issues.apache.org/jira/browse/RANGER-2334?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2334: -- Attachment: RANGER-2334-Audits-filter-out-service-audit-logs-and.patch > Audits: filter out service audit logs and additional users logs from user > audit logs > > > Key: RANGER-2334 > URL: https://issues.apache.org/jira/browse/RANGER-2334 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: 1.2.0 >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > Fix For: 2.0.0 > > Attachments: > RANGER-2334-Audits-filter-out-service-audit-logs-and.patch > > > allow ranger users to filter out access audit logs for service users and > other specific users. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2234) Cannot add or update a child row,a foreign key constraint fails when installing ranger-admin
[ https://issues.apache.org/jira/browse/RANGER-2234?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2234: -- Issue Type: Bug (was: New Feature) > Cannot add or update a child row,a foreign key constraint fails when > installing ranger-admin > > > Key: RANGER-2234 > URL: https://issues.apache.org/jira/browse/RANGER-2234 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 1.1.0 >Reporter: Haihui Xu >Assignee: Akash Pawale >Priority: Major > Labels: patch > Fix For: 2.0.0 > > Attachments: RANGER-2234-02.patch, RANGER-2234-03.patch, > RANGER-2234_Cannot add or update a child row,a foreign key constraint fails > when installing ranger-admin.patch > > > Installing ranger-admin use mysql as the database,execute setup.sh, in > progress something happend, the error logs are as flowing: > 2018-09-26 17:17:08,539 [I] Table xa_access_audit does not exist in database > ranger > 2018-09-26 17:17:08,539 [I] Importing db schema to database ranger from file: > ranger_core_db_mysql.sql > 2018-09-26 17:17:08,540 [JISQL] /home/ranger/jdk1.8.0_121/bin/java -cp > /usr/share/java/mysql-connector-java.jar:/home/ranger/ranger-1.1.0-admin/jisql/lib/* > org.apache.util.sql.Jisql -driver mysqlconj -cstring > jdbc:mysql://10.139.16.75/ranger -u 'root' -p '' -noheader -trim -c > \; -input > /home/ranger/ranger-1.1.0-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql > Error executing: INSERT INTO > x_portal_user_role(create_time,update_time,added_by_id,upd_by_id,user_id,user_role,status) > VALUES (UTC_TIMESTAMP(),UTC_TIMESTAMP(),NULL,NULL,2,'ROLE_SYS_ADMIN',1); > com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: > Cannot add or update a child row: a foreign key constraint fails > (`ranger`.`x_portal_user_role`, CONSTRAINT `x_portal_user_role_FK_user_id` > FOREIGN KEY (`user_id`) REFERENCES `x_portal_user` (`id`)) > SQLException : SQL state: 23000 > com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: > Cannot add or update a child row: a foreign key constraint fails > (`ranger`.`x_portal_user_role`, CONSTRAINT `x_portal_user_role_FK_user_id` > FOREIGN KEY (`user_id`) REFERENCES `x_portal_user` (`id`)) ErrorCode: 1452 > 2018-09-26 17:22:20,882 [E] ranger_core_db_mysql.sql file import failed! -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2234) Cannot add or update a child row,a foreign key constraint fails when installing ranger-admin
[ https://issues.apache.org/jira/browse/RANGER-2234?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2234: -- Issue Type: New Feature (was: Bug) > Cannot add or update a child row,a foreign key constraint fails when > installing ranger-admin > > > Key: RANGER-2234 > URL: https://issues.apache.org/jira/browse/RANGER-2234 > Project: Ranger > Issue Type: New Feature > Components: admin, Ranger >Affects Versions: 1.1.0 >Reporter: Haihui Xu >Assignee: Akash Pawale >Priority: Major > Labels: patch > Fix For: 2.0.0 > > Attachments: RANGER-2234-02.patch, RANGER-2234-03.patch, > RANGER-2234_Cannot add or update a child row,a foreign key constraint fails > when installing ranger-admin.patch > > > Installing ranger-admin use mysql as the database,execute setup.sh, in > progress something happend, the error logs are as flowing: > 2018-09-26 17:17:08,539 [I] Table xa_access_audit does not exist in database > ranger > 2018-09-26 17:17:08,539 [I] Importing db schema to database ranger from file: > ranger_core_db_mysql.sql > 2018-09-26 17:17:08,540 [JISQL] /home/ranger/jdk1.8.0_121/bin/java -cp > /usr/share/java/mysql-connector-java.jar:/home/ranger/ranger-1.1.0-admin/jisql/lib/* > org.apache.util.sql.Jisql -driver mysqlconj -cstring > jdbc:mysql://10.139.16.75/ranger -u 'root' -p '' -noheader -trim -c > \; -input > /home/ranger/ranger-1.1.0-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql > Error executing: INSERT INTO > x_portal_user_role(create_time,update_time,added_by_id,upd_by_id,user_id,user_role,status) > VALUES (UTC_TIMESTAMP(),UTC_TIMESTAMP(),NULL,NULL,2,'ROLE_SYS_ADMIN',1); > com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: > Cannot add or update a child row: a foreign key constraint fails > (`ranger`.`x_portal_user_role`, CONSTRAINT `x_portal_user_role_FK_user_id` > FOREIGN KEY (`user_id`) REFERENCES `x_portal_user` (`id`)) > SQLException : SQL state: 23000 > com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: > Cannot add or update a child row: a foreign key constraint fails > (`ranger`.`x_portal_user_role`, CONSTRAINT `x_portal_user_role_FK_user_id` > FOREIGN KEY (`user_id`) REFERENCES `x_portal_user` (`id`)) ErrorCode: 1452 > 2018-09-26 17:22:20,882 [E] ranger_core_db_mysql.sql file import failed! -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (RANGER-2334) Audits: filter out service audit logs and additional users logs from user audit logs
Nikhil Purbhe created RANGER-2334: - Summary: Audits: filter out service audit logs and additional users logs from user audit logs Key: RANGER-2334 URL: https://issues.apache.org/jira/browse/RANGER-2334 Project: Ranger Issue Type: Bug Components: Ranger Affects Versions: 1.2.0 Reporter: Nikhil Purbhe Assignee: Nikhil Purbhe Fix For: 2.0.0 allow ranger users to filter out access audit logs for service users and other specific users. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (RANGER-2309) Improve group search on policy edit page.
[ https://issues.apache.org/jira/browse/RANGER-2309?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16731780#comment-16731780 ] Nikhil Purbhe commented on RANGER-2309: --- path committed on [master|https://github.com/apache/ranger/commit/339950e51eb98f4730409540bb613e8d17f8743f] ,[1.1|https://github.com/apache/ranger/commit/94b7ed9f2ff98a10516647b963fbc6c7c9adf7eb] ,[1.2|https://github.com/apache/ranger/commit/f51640d997d43bfc219fc32e9c592c2b2be5f62e] > Improve group search on policy edit page. > - > > Key: RANGER-2309 > URL: https://issues.apache.org/jira/browse/RANGER-2309 > Project: Ranger > Issue Type: Bug > Components: Ranger >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > Fix For: master, 2.0.0, 1.1.1, 1.2.1 > > Attachments: > RANGER-2309-Improve-group-search-on-policy-edit-page.patch > > > Improve group search on policy edit page. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (RANGER-2310) Record admin audits in Ranger during Create, Update and Delete operations on Zone
Nikhil Purbhe created RANGER-2310: - Summary: Record admin audits in Ranger during Create, Update and Delete operations on Zone Key: RANGER-2310 URL: https://issues.apache.org/jira/browse/RANGER-2310 Project: Ranger Issue Type: Sub-task Components: Ranger Reporter: Nikhil Purbhe Assignee: Nikhil Purbhe As we save Admin audits for any operation on Services and Policies. Need to record Create, Update and Delete Security Zone admin audits. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2309) Improve group search on policy edit page.
[ https://issues.apache.org/jira/browse/RANGER-2309?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2309: -- Attachment: RANGER-2309-Improve-group-search-on-policy-edit-page.patch > Improve group search on policy edit page. > - > > Key: RANGER-2309 > URL: https://issues.apache.org/jira/browse/RANGER-2309 > Project: Ranger > Issue Type: Bug > Components: Ranger >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > Fix For: master, 2.0.0, 1.1.1, 1.2.1 > > Attachments: > RANGER-2309-Improve-group-search-on-policy-edit-page.patch > > > Improve group search on policy edit page. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (RANGER-2309) Improve group search on policy edit page.
Nikhil Purbhe created RANGER-2309: - Summary: Improve group search on policy edit page. Key: RANGER-2309 URL: https://issues.apache.org/jira/browse/RANGER-2309 Project: Ranger Issue Type: Bug Components: Ranger Reporter: Nikhil Purbhe Assignee: Nikhil Purbhe Fix For: master, 2.0.0, 1.1.1, 1.2.1 Improve group search on policy edit page. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (RANGER-2293) Create and update ref tables for security zone data
Nikhil Purbhe created RANGER-2293: - Summary: Create and update ref tables for security zone data Key: RANGER-2293 URL: https://issues.apache.org/jira/browse/RANGER-2293 Project: Ranger Issue Type: Sub-task Components: Ranger Reporter: Nikhil Purbhe Assignee: Nikhil Purbhe Security zones consist of services (with resource-specs) and admin/audit users and groups. This data is store as a blob in JSON format in the database. We need to ensure that the referential integrity is maintained for this data by maintaining references to service, user and group ids in a separate ref-table (as in policy reference tables). -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2273) Allow service admin and delegated admin user to view list of users and groups though they have 'USER' role
[ https://issues.apache.org/jira/browse/RANGER-2273?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2273: -- Attachment: RANGER-2273_0.7.patch > Allow service admin and delegated admin user to view list of users and groups > though they have 'USER' role > -- > > Key: RANGER-2273 > URL: https://issues.apache.org/jira/browse/RANGER-2273 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: 1.2.0 >Reporter: Pradeep Agrawal >Assignee: Nikhil Purbhe >Priority: Major > Fix For: 2.0.0, 1.2.1 > > Attachments: RANGER-2273-3.patch, > RANGER-2273-Allow-service-admin-and-delegated-admin-.patch, > RANGER-2273_0.7.patch > > > Due to RANGER-2208 users list access is too restricted to the users who are > having USER role. To create policies delegated admin and service admin need > access to users and groups information. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2273) Allow service admin and delegated admin user to view list of users and groups though they have 'USER' role
[ https://issues.apache.org/jira/browse/RANGER-2273?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2273: -- Attachment: RANGER-2273-3.patch > Allow service admin and delegated admin user to view list of users and groups > though they have 'USER' role > -- > > Key: RANGER-2273 > URL: https://issues.apache.org/jira/browse/RANGER-2273 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: 1.2.0 >Reporter: Pradeep Agrawal >Assignee: Nikhil Purbhe >Priority: Major > Fix For: 2.0.0, 1.2.1 > > Attachments: RANGER-2273-3.patch, > RANGER-2273-Allow-service-admin-and-delegated-admin-.patch > > > Due to RANGER-2208 users list access is too restricted to the users who are > having USER role. To create policies delegated admin and service admin need > access to users and groups information. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2273) Allow service admin and delegated admin user to view list of users and groups though they have 'USER' role
[ https://issues.apache.org/jira/browse/RANGER-2273?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2273: -- Attachment: RANGER-2273-Allow-service-admin-and-delegated-admin-.patch > Allow service admin and delegated admin user to view list of users and groups > though they have 'USER' role > -- > > Key: RANGER-2273 > URL: https://issues.apache.org/jira/browse/RANGER-2273 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: 1.2.0 >Reporter: Pradeep Agrawal >Assignee: Nikhil Purbhe >Priority: Major > Fix For: 2.0.0, 1.2.1 > > Attachments: > RANGER-2273-Allow-service-admin-and-delegated-admin-.patch > > > Due to RANGER-2208 users list access is too restricted to the users who are > having USER role. To create policies delegated admin and service admin need > access to users and groups information. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (RANGER-2273) Allow service admin and delegated admin user to view list of users and groups though they have 'USER' role
[ https://issues.apache.org/jira/browse/RANGER-2273?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe reassigned RANGER-2273: - Assignee: Nikhil Purbhe (was: Pradeep Agrawal) > Allow service admin and delegated admin user to view list of users and groups > though they have 'USER' role > -- > > Key: RANGER-2273 > URL: https://issues.apache.org/jira/browse/RANGER-2273 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: 1.2.0 >Reporter: Pradeep Agrawal >Assignee: Nikhil Purbhe >Priority: Major > Fix For: 2.0.0, 1.2.1 > > > Due to RANGER-2208 users list access is too restricted to the users who are > having USER role. To create policies delegated admin and service admin need > access to users and groups information. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2274) Allow delegated admin user to view list of users and groups though they have 'USER' role
[ https://issues.apache.org/jira/browse/RANGER-2274?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2274: -- Fix Version/s: 1.2.1 2.0.0 > Allow delegated admin user to view list of users and groups though they have > 'USER' role > > > Key: RANGER-2274 > URL: https://issues.apache.org/jira/browse/RANGER-2274 > Project: Ranger > Issue Type: Sub-task > Components: Ranger >Affects Versions: 1.2.0 >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > Fix For: 2.0.0, 1.2.1 > > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (RANGER-2274) Allow delegated admin user to view list of users and groups though they have 'USER' role
Nikhil Purbhe created RANGER-2274: - Summary: Allow delegated admin user to view list of users and groups though they have 'USER' role Key: RANGER-2274 URL: https://issues.apache.org/jira/browse/RANGER-2274 Project: Ranger Issue Type: Sub-task Components: Ranger Affects Versions: 1.2.0 Reporter: Nikhil Purbhe Assignee: Nikhil Purbhe -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2269) Implement best coding practices for validating user input
[ https://issues.apache.org/jira/browse/RANGER-2269?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2269: -- Attachment: 0001-RANGER-2269-Implement-best-coding-practices-for-vali.patch > Implement best coding practices for validating user input > - > > Key: RANGER-2269 > URL: https://issues.apache.org/jira/browse/RANGER-2269 > Project: Ranger > Issue Type: Bug > Components: Ranger >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > Fix For: master, 1.1.1, 1.2.1 > > Attachments: > 0001-RANGER-2269-Implement-best-coding-practices-for-vali.patch > > > Implement best coding practices for validating user input -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2262) Improvement of export to excel from report listing page for Oracle database.
[ https://issues.apache.org/jira/browse/RANGER-2262?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2262: -- Attachment: RANGER-2262-0.7.patch > Improvement of export to excel from report listing page for Oracle database. > > > Key: RANGER-2262 > URL: https://issues.apache.org/jira/browse/RANGER-2262 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: master >Reporter: Harshal Chavan >Assignee: Nikhil Purbhe >Priority: Major > Fix For: master, 0.7.2, 1.0.1, 2.0.0, 1.1.1, 1.2.1 > > Attachments: RANGER-2262-0.7.patch, RANGER-2262.patch > > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2262) Improvement of export to excel from report listing page for Oracle database.
[ https://issues.apache.org/jira/browse/RANGER-2262?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2262: -- Fix Version/s: 1.2.1 1.1.1 1.0.1 0.7.2 master > Improvement of export to excel from report listing page for Oracle database. > > > Key: RANGER-2262 > URL: https://issues.apache.org/jira/browse/RANGER-2262 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: master >Reporter: Harshal Chavan >Assignee: Nikhil Purbhe >Priority: Major > Fix For: master, 0.7.2, 1.0.1, 2.0.0, 1.1.1, 1.2.1 > > Attachments: RANGER-2262.patch > > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2262) Improvement of export to excel from report listing page for Oracle database.
[ https://issues.apache.org/jira/browse/RANGER-2262?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2262: -- Attachment: RANGER-2262.patch > Improvement of export to excel from report listing page for Oracle database. > > > Key: RANGER-2262 > URL: https://issues.apache.org/jira/browse/RANGER-2262 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: master >Reporter: Harshal Chavan >Assignee: Nikhil Purbhe >Priority: Major > Fix For: 2.0.0 > > Attachments: RANGER-2262.patch > > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (RANGER-2262) Improvement of export to excel from report listing page for Oracle database.
[ https://issues.apache.org/jira/browse/RANGER-2262?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe reassigned RANGER-2262: - Assignee: Nikhil Purbhe > Improvement of export to excel from report listing page for Oracle database. > > > Key: RANGER-2262 > URL: https://issues.apache.org/jira/browse/RANGER-2262 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: master >Reporter: Harshal Chavan >Assignee: Nikhil Purbhe >Priority: Major > Fix For: 2.0.0 > > Attachments: RANGER-2262.patch > > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (RANGER-2171) Unit Test cases to cover policy operations from service admin user
[ https://issues.apache.org/jira/browse/RANGER-2171?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe reassigned RANGER-2171: - Assignee: Nikhil Purbhe (was: Pradeep Agrawal) > Unit Test cases to cover policy operations from service admin user > -- > > Key: RANGER-2171 > URL: https://issues.apache.org/jira/browse/RANGER-2171 > Project: Ranger > Issue Type: Test > Components: Ranger >Reporter: Pradeep Agrawal >Assignee: Nikhil Purbhe >Priority: Major > Fix For: 1.0.1, 2.0.0 > > > Unit Test cases to cover policy operations from service admin > user(RANGER-2168) -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2160) 'Email Address' search is not working properly along with other filter in user listing page,userRoles filters also needs to be improved.
[ https://issues.apache.org/jira/browse/RANGER-2160?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2160: -- Attachment: RANGER-2160-Email-Address-search-is-not-working-prop.patch > 'Email Address' search is not working properly along with other filter in > user listing page,userRoles filters also needs to be improved. > > > Key: RANGER-2160 > URL: https://issues.apache.org/jira/browse/RANGER-2160 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: 1.0.0 >Reporter: Harshal Chavan >Assignee: Nikhil Purbhe >Priority: Major > Fix For: 2.0.0 > > Attachments: > RANGER-2160-Email-Address-search-is-not-working-prop.patch > > > Issues related to search in user listing page > 1.Email search is not working in userlisting page. > 2.In userrole if we enter wrong data then it should show invalid data (Eg - > userrole:fbvhbfdhb) -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2160) 'Email Address' search is not working properly along with other filter in user listing page,userRoles filters also needs to be improved.
[ https://issues.apache.org/jira/browse/RANGER-2160?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2160: -- Summary: 'Email Address' search is not working properly along with other filter in user listing page,userRoles filters also needs to be improved. (was: 'Email Address' search is not working in user listing page,userRoles filters also needs to be improved.) > 'Email Address' search is not working properly along with other filter in > user listing page,userRoles filters also needs to be improved. > > > Key: RANGER-2160 > URL: https://issues.apache.org/jira/browse/RANGER-2160 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: 1.0.0 >Reporter: Harshal Chavan >Assignee: Nikhil Purbhe >Priority: Major > Fix For: 2.0.0 > > > Issues related to search in user listing page > 1.Email search is not working in userlisting page. > 2.In userrole if we enter wrong data then it should show invalid data (Eg - > userrole:fbvhbfdhb) > 3.When searched with \admin as username it should not show user list (eg - > username:\admin) -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (RANGER-2160) 'Email Address' search is not working in user listing page,userRoles filters also needs to be improved.
[ https://issues.apache.org/jira/browse/RANGER-2160?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe reassigned RANGER-2160: - Assignee: Nikhil Purbhe > 'Email Address' search is not working in user listing page,userRoles filters > also needs to be improved. > --- > > Key: RANGER-2160 > URL: https://issues.apache.org/jira/browse/RANGER-2160 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: 1.0.0 >Reporter: Harshal Chavan >Assignee: Nikhil Purbhe >Priority: Major > Fix For: 2.0.0 > > > Issues related to search in user listing page > 1.Email search is not working in userlisting page. > 2.In userrole if we enter wrong data then it should show invalid data (Eg - > userrole:fbvhbfdhb) > 3.When searched with \admin as username it should not show user list (eg - > username:\admin) -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2125) Improvement in ranger unit test cases.
[ https://issues.apache.org/jira/browse/RANGER-2125?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2125: -- Fix Version/s: 1.1.0 > Improvement in ranger unit test cases. > -- > > Key: RANGER-2125 > URL: https://issues.apache.org/jira/browse/RANGER-2125 > Project: Ranger > Issue Type: Test > Components: Ranger >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > Fix For: 1.1.0 > > > Improvement in ranger unit test cases. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2125) Improvement in ranger unit test cases.
[ https://issues.apache.org/jira/browse/RANGER-2125?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Purbhe updated RANGER-2125: -- Fix Version/s: (was: 1.1.0) > Improvement in ranger unit test cases. > -- > > Key: RANGER-2125 > URL: https://issues.apache.org/jira/browse/RANGER-2125 > Project: Ranger > Issue Type: Test > Components: Ranger >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > Fix For: 1.1.0 > > > Improvement in ranger unit test cases. -- This message was sent by Atlassian JIRA (v7.6.3#76005)