Re: Review Request 70389: RANGER-2394 - filter multiple users or exclude multiple users in audit search

2019-06-05 Thread Mehul Parikh 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/70389/#review215698
---


Ship it!




Ship It!

- Mehul Parikh


On June 5, 2019, 12:03 p.m., Zsombor Gegesy wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/70389/
> ---
> 
> (Updated June 5, 2019, 12:03 p.m.)
> 
> 
> Review request for ranger.
> 
> 
> Bugs: RANGER-2394
> https://issues.apache.org/jira/browse/RANGER-2394
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Currently the audit search only allows to:
> 
> * filter to one user's activity
> * exclude all 'service users' from every user's activity.
> 
> If there were way to search for multiple users or exclude multiple users from 
> the search list, it would make debugging complex interactions simpler, for 
> example only look for actions for 'alice' and 'hive' and 'yarn'
> 
> The frontend tweaked a bit, so if multiple users are passed to the jquery 
> layer, the user names are always converted as 
> requestUser=aaa=bbb=ccc instead of changing to 
> requestUser[]=aaa[]=bbb[]=ccc, which would be an 
> incompatible change between the server and to any potential client code.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java 
> 037888e8cd33f7a9bae9720a3c3180222758bda8 
>   security-admin/src/main/java/org/apache/ranger/rest/XAuditREST.java 
> fdf5ad86bff91e811c7d56ceb87845f158f8c789 
>   
> security-admin/src/main/java/org/apache/ranger/solr/SolrAccessAuditsService.java
>  a517d7627af47adacb5bd8f90a104499981beeb8 
>   security-admin/src/main/webapp/scripts/utils/XAUtils.js 
> a7c4497feea13f06ddf8b92c05344301fca5a9a0 
>   security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js 
> 9c01eb76e410b45b19056f2638e23b8722cfb0fe 
>   security-admin/src/test/java/org/apache/ranger/rest/TestAssetREST.java 
> ef149d5fa01b72f1ec3631012db4cf3433570547 
> 
> 
> Diff: https://reviews.apache.org/r/70389/diff/6/
> 
> 
> Testing
> ---
> 
> Tested on a live cluster that:
> * searching for one user
> * searching for multiple users
> * excluding one user
> * excluding multiple users
> * searching for one user + 'excluding service users'
> * searching for multiple users + 'excluding service users'
> * excluding one user + 'excluding service users'
> * excluding multiple users + 'excluding service users'
> 
> works as expected.
> 
> 
> Thanks,
> 
> Zsombor Gegesy
> 
>

Re: Review Request 70389: RANGER-2394 - filter multiple users or exclude multiple users in audit search

2019-06-05 Thread Zsombor Gegesy 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/70389/
---

(Updated June 5, 2019, 12:03 p.m.)


Review request for ranger.


Changes
---

One more js issue


Bugs: RANGER-2394
https://issues.apache.org/jira/browse/RANGER-2394


Repository: ranger


Description
---

Currently the audit search only allows to:

* filter to one user's activity
* exclude all 'service users' from every user's activity.

If there were way to search for multiple users or exclude multiple users from 
the search list, it would make debugging complex interactions simpler, for 
example only look for actions for 'alice' and 'hive' and 'yarn'

The frontend tweaked a bit, so if multiple users are passed to the jquery 
layer, the user names are always converted as 
requestUser=aaa=bbb=ccc instead of changing to 
requestUser[]=aaa[]=bbb[]=ccc, which would be an 
incompatible change between the server and to any potential client code.


Diffs (updated)
-

  security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java 
037888e8cd33f7a9bae9720a3c3180222758bda8 
  security-admin/src/main/java/org/apache/ranger/rest/XAuditREST.java 
fdf5ad86bff91e811c7d56ceb87845f158f8c789 
  
security-admin/src/main/java/org/apache/ranger/solr/SolrAccessAuditsService.java
 a517d7627af47adacb5bd8f90a104499981beeb8 
  security-admin/src/main/webapp/scripts/utils/XAUtils.js 
a7c4497feea13f06ddf8b92c05344301fca5a9a0 
  security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js 
9c01eb76e410b45b19056f2638e23b8722cfb0fe 
  security-admin/src/test/java/org/apache/ranger/rest/TestAssetREST.java 
ef149d5fa01b72f1ec3631012db4cf3433570547 


Diff: https://reviews.apache.org/r/70389/diff/6/

Changes: https://reviews.apache.org/r/70389/diff/5-6/


Testing
---

Tested on a live cluster that:
* searching for one user
* searching for multiple users
* excluding one user
* excluding multiple users
* searching for one user + 'excluding service users'
* searching for multiple users + 'excluding service users'
* excluding one user + 'excluding service users'
* excluding multiple users + 'excluding service users'

works as expected.


Thanks,

Zsombor Gegesy

Re: Review Request 70389: RANGER-2394 - filter multiple users or exclude multiple users in audit search

2019-05-30 Thread Zsombor Gegesy 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/70389/
---

(Updated May 30, 2019, 10:24 a.m.)


Review request for ranger.


Changes
---

Fix js issues


Bugs: RANGER-2394
https://issues.apache.org/jira/browse/RANGER-2394


Repository: ranger


Description
---

Currently the audit search only allows to:

* filter to one user's activity
* exclude all 'service users' from every user's activity.

If there were way to search for multiple users or exclude multiple users from 
the search list, it would make debugging complex interactions simpler, for 
example only look for actions for 'alice' and 'hive' and 'yarn'

The frontend tweaked a bit, so if multiple users are passed to the jquery 
layer, the user names are always converted as 
requestUser=aaa=bbb=ccc instead of changing to 
requestUser[]=aaa[]=bbb[]=ccc, which would be an 
incompatible change between the server and to any potential client code.


Diffs (updated)
-

  security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java 037888e8c 
  security-admin/src/main/java/org/apache/ranger/rest/XAuditREST.java fdf5ad86b 
  
security-admin/src/main/java/org/apache/ranger/solr/SolrAccessAuditsService.java
 a517d7627 
  security-admin/src/main/webapp/scripts/utils/XAUtils.js 18e86c9cc 
  security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js 18dba7ace 
  security-admin/src/test/java/org/apache/ranger/rest/TestAssetREST.java 
ef149d5fa 


Diff: https://reviews.apache.org/r/70389/diff/5/

Changes: https://reviews.apache.org/r/70389/diff/4-5/


Testing
---

Tested on a live cluster that:
* searching for one user
* searching for multiple users
* excluding one user
* excluding multiple users
* searching for one user + 'excluding service users'
* searching for multiple users + 'excluding service users'
* excluding one user + 'excluding service users'
* excluding multiple users + 'excluding service users'

works as expected.


Thanks,

Zsombor Gegesy

Re: Review Request 70389: RANGER-2394 - filter multiple users or exclude multiple users in audit search

2019-05-03 Thread Zsombor Gegesy 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/70389/
---

(Updated May 3, 2019, 6:18 p.m.)


Review request for ranger.


Changes
---

Fix rebase problems


Bugs: RANGER-2394
https://issues.apache.org/jira/browse/RANGER-2394


Repository: ranger


Description
---

Currently the audit search only allows to:

* filter to one user's activity
* exclude all 'service users' from every user's activity.

If there were way to search for multiple users or exclude multiple users from 
the search list, it would make debugging complex interactions simpler, for 
example only look for actions for 'alice' and 'hive' and 'yarn'

The frontend tweaked a bit, so if multiple users are passed to the jquery 
layer, the user names are always converted as 
requestUser=aaa=bbb=ccc instead of changing to 
requestUser[]=aaa[]=bbb[]=ccc, which would be an 
incompatible change between the server and to any potential client code.


Diffs (updated)
-

  security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java 703d30beb 
  security-admin/src/main/java/org/apache/ranger/rest/XAuditREST.java fdf5ad86b 
  
security-admin/src/main/java/org/apache/ranger/solr/SolrAccessAuditsService.java
 9be2ef480 
  security-admin/src/main/webapp/scripts/utils/XAUtils.js 6da76d5bf 
  security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js 5ae06d5cd 
  security-admin/src/test/java/org/apache/ranger/rest/TestAssetREST.java 
1f7370955 


Diff: https://reviews.apache.org/r/70389/diff/4/

Changes: https://reviews.apache.org/r/70389/diff/3-4/


Testing
---

Tested on a live cluster that:
* searching for one user
* searching for multiple users
* excluding one user
* excluding multiple users
* searching for one user + 'excluding service users'
* searching for multiple users + 'excluding service users'
* excluding one user + 'excluding service users'
* excluding multiple users + 'excluding service users'

works as expected.


Thanks,

Zsombor Gegesy

Re: Review Request 70389: RANGER-2394 - filter multiple users or exclude multiple users in audit search

2019-04-27 Thread Zsombor Gegesy 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/70389/
---

(Updated April 27, 2019, 6:17 p.m.)


Review request for ranger.


Bugs: RANGER-2394
https://issues.apache.org/jira/browse/RANGER-2394


Repository: ranger


Description
---

Currently the audit search only allows to:

* filter to one user's activity
* exclude all 'service users' from every user's activity.

If there were way to search for multiple users or exclude multiple users from 
the search list, it would make debugging complex interactions simpler, for 
example only look for actions for 'alice' and 'hive' and 'yarn'

The frontend tweaked a bit, so if multiple users are passed to the jquery 
layer, the user names are always converted as 
requestUser=aaa=bbb=ccc instead of changing to 
requestUser[]=aaa[]=bbb[]=ccc, which would be an 
incompatible change between the server and to any potential client code.


Diffs (updated)
-

  security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java 703d30beb 
  security-admin/src/main/java/org/apache/ranger/rest/XAuditREST.java fdf5ad86b 
  
security-admin/src/main/java/org/apache/ranger/solr/SolrAccessAuditsService.java
 9be2ef480 
  security-admin/src/main/webapp/scripts/utils/XAUtils.js 6da76d5bf 
  security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js 5ae06d5cd 
  security-admin/src/test/java/org/apache/ranger/rest/TestAssetREST.java 
1f7370955 


Diff: https://reviews.apache.org/r/70389/diff/3/

Changes: https://reviews.apache.org/r/70389/diff/2-3/


Testing
---

Tested on a live cluster that:
* searching for one user
* searching for multiple users
* excluding one user
* excluding multiple users
* searching for one user + 'excluding service users'
* searching for multiple users + 'excluding service users'
* excluding one user + 'excluding service users'
* excluding multiple users + 'excluding service users'

works as expected.


Thanks,

Zsombor Gegesy

Re: Review Request 70389: RANGER-2394 - filter multiple users or exclude multiple users in audit search

2019-04-11 Thread Zsombor Gegesy 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/70389/
---

(Updated April 11, 2019, 8:24 a.m.)


Review request for ranger.


Changes
---

Unit test fix


Bugs: RANGER-2394
https://issues.apache.org/jira/browse/RANGER-2394


Repository: ranger


Description
---

Currently the audit search only allows to:

* filter to one user's activity
* exclude all 'service users' from every user's activity.

If there were way to search for multiple users or exclude multiple users from 
the search list, it would make debugging complex interactions simpler, for 
example only look for actions for 'alice' and 'hive' and 'yarn'

The frontend tweaked a bit, so if multiple users are passed to the jquery 
layer, the user names are always converted as 
requestUser=aaa=bbb=ccc instead of changing to 
requestUser[]=aaa[]=bbb[]=ccc, which would be an 
incompatible change between the server and to any potential client code.


Diffs (updated)
-

  security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java 
ce577e0fc73a02962f923b13317021cd1feef38b 
  security-admin/src/main/java/org/apache/ranger/rest/XAuditREST.java 
fdf5ad86bff91e811c7d56ceb87845f158f8c789 
  
security-admin/src/main/java/org/apache/ranger/solr/SolrAccessAuditsService.java
 cf2a3b4d8862d738f882b6157cd1e9a317613aa7 
  security-admin/src/main/webapp/scripts/utils/XAUtils.js 
b14f4b918a23be4f8ae1ae95308c90ebb3e4bcf6 
  security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js 
daf6924ebb8b3f6dc0935736275d3e8d1c1f3f0b 
  security-admin/src/test/java/org/apache/ranger/rest/TestAssetREST.java 
ef149d5fa01b72f1ec3631012db4cf3433570547 


Diff: https://reviews.apache.org/r/70389/diff/2/

Changes: https://reviews.apache.org/r/70389/diff/1-2/


Testing
---

Tested on a live cluster that:
* searching for one user
* searching for multiple users
* excluding one user
* excluding multiple users
* searching for one user + 'excluding service users'
* searching for multiple users + 'excluding service users'
* excluding one user + 'excluding service users'
* excluding multiple users + 'excluding service users'

works as expected.


Thanks,

Zsombor Gegesy

Re: Review Request 70389: RANGER-2394 - filter multiple users or exclude multiple users in audit search

2019-04-10 Thread Velmurugan Periasamy 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/70389/#review214542
---




security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java
Line 629 (original), 629 (patched)


Seems like this is failing unit tests. Could you please take a look and 
resolve? 

```
Failed tests:
  TestAssetREST.testGetAccessLogs:764
searchUtil.extractString(
,
,
,
,
or(isA(java.lang.String), isNull())
);
Wanted 14 times:
-> at 
org.apache.ranger.rest.TestAssetREST.testGetAccessLogs(TestAssetREST.java:764)
But was 13 times:
-> at org.apache.ranger.rest.AssetREST.getAccessLogs(AssetREST.java:619)
-> at org.apache.ranger.rest.AssetREST.getAccessLogs(AssetREST.java:621)
-> at org.apache.ranger.rest.AssetREST.getAccessLogs(AssetREST.java:623)
-> at org.apache.ranger.rest.AssetREST.getAccessLogs(AssetREST.java:625)
-> at org.apache.ranger.rest.AssetREST.getAccessLogs(AssetREST.java:627)
-> at org.apache.ranger.rest.AssetREST.getAccessLogs(AssetREST.java:633)
-> at org.apache.ranger.rest.AssetREST.getAccessLogs(AssetREST.java:635)
-> at org.apache.ranger.rest.AssetREST.getAccessLogs(AssetREST.java:637)
-> at org.apache.ranger.rest.AssetREST.getAccessLogs(AssetREST.java:639)
-> at org.apache.ranger.rest.AssetREST.getAccessLogs(AssetREST.java:641)
-> at org.apache.ranger.rest.AssetREST.getAccessLogs(AssetREST.java:654)
-> at org.apache.ranger.rest.AssetREST.getAccessLogs(AssetREST.java:655)
-> at org.apache.ranger.rest.AssetREST.getAccessLogs(AssetREST.java:656)

  TestAssetREST.testGetAccessLogsForKms:807
searchUtil.extractString(
,
,
,
,
or(isA(java.lang.String), isNull())
);
Wanted 14 times:
-> at 
org.apache.ranger.rest.TestAssetREST.testGetAccessLogsForKms(TestAssetREST.java:807)
But was 13 times:
-> at org.apache.ranger.rest.AssetREST.getAccessLogs(AssetREST.java:619)
-> at org.apache.ranger.rest.AssetREST.getAccessLogs(AssetREST.java:621)
-> at org.apache.ranger.rest.AssetREST.getAccessLogs(AssetREST.java:623)
-> at org.apache.ranger.rest.AssetREST.getAccessLogs(AssetREST.java:625)
-> at org.apache.ranger.rest.AssetREST.getAccessLogs(AssetREST.java:627)
-> at org.apache.ranger.rest.AssetREST.getAccessLogs(AssetREST.java:633)
-> at org.apache.ranger.rest.AssetREST.getAccessLogs(AssetREST.java:635)
-> at org.apache.ranger.rest.AssetREST.getAccessLogs(AssetREST.java:637)
-> at org.apache.ranger.rest.AssetREST.getAccessLogs(AssetREST.java:639)
-> at org.apache.ranger.rest.AssetREST.getAccessLogs(AssetREST.java:641)
-> at org.apache.ranger.rest.AssetREST.getAccessLogs(AssetREST.java:654)
-> at org.apache.ranger.rest.AssetREST.getAccessLogs(AssetREST.java:655)
-> at org.apache.ranger.rest.AssetREST.getAccessLogs(AssetREST.java:656)
```


- Velmurugan Periasamy


On April 4, 2019, 6:13 p.m., Zsombor Gegesy wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/70389/
> ---
> 
> (Updated April 4, 2019, 6:13 p.m.)
> 
> 
> Review request for ranger.
> 
> 
> Bugs: RANGER-2394
> https://issues.apache.org/jira/browse/RANGER-2394
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Currently the audit search only allows to:
> 
> * filter to one user's activity
> * exclude all 'service users' from every user's activity.
> 
> If there were way to search for multiple users or exclude multiple users from 
> the search list, it would make debugging complex interactions simpler, for 
> example only look for actions for 'alice' and 'hive' and 'yarn'
> 
> The frontend tweaked a bit, so if multiple users are passed to the jquery 
> layer, the user names are always converted as 
> requestUser=aaa=bbb=ccc instead of changing to 
> requestUser[]=aaa[]=bbb[]=ccc, which would be an 
> incompatible change between the server and to any potential client code.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java 
> ce577e0fc 
>   security-admin/src/main/java/org/apache/ranger/rest/XAuditREST.java 
> fdf5ad86b 
>   
> security-admin/src/main/java/org/apache/ranger/solr/SolrAccessAuditsService.java
>  cf2a3b4d8 
>   security-admin/src/main/webapp/scripts/utils/XAUtils.js b14f4b918 
>   security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js 
> e7b45d992 
> 
> 
> Diff: https://reviews.apache.org/r/70389/diff/1/
> 
> 
> Testing
> ---
> 
> Tested on a live cluster that:
> * searching for one user
> * searching for multiple users
> * excluding one user
> * excluding

Review Request 70389: RANGER-2394 - filter multiple users or exclude multiple users in audit search

2019-04-04 Thread Zsombor Gegesy 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/70389/
---

Review request for ranger.


Bugs: RANGER-2394
https://issues.apache.org/jira/browse/RANGER-2394


Repository: ranger


Description
---

Currently the audit search only allows to:

* filter to one user's activity
* exclude all 'service users' from every user's activity.

If there were way to search for multiple users or exclude multiple users from 
the search list, it would make debugging complex interactions simpler, for 
example only look for actions for 'alice' and 'hive' and 'yarn'

The frontend tweaked a bit, so if multiple users are passed to the jquery 
layer, the user names are always converted as 
requestUser=aaa=bbb=ccc instead of changing to 
requestUser[]=aaa[]=bbb[]=ccc, which would be an 
incompatible change between the server and to any potential client code.


Diffs
-

  security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java ce577e0fc 
  security-admin/src/main/java/org/apache/ranger/rest/XAuditREST.java fdf5ad86b 
  
security-admin/src/main/java/org/apache/ranger/solr/SolrAccessAuditsService.java
 cf2a3b4d8 
  security-admin/src/main/webapp/scripts/utils/XAUtils.js b14f4b918 
  security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js e7b45d992 


Diff: https://reviews.apache.org/r/70389/diff/1/


Testing
---

Tested on a live cluster that:
* searching for one user
* searching for multiple users
* excluding one user
* excluding multiple users
* searching for one user + 'excluding service users'
* searching for multiple users + 'excluding service users'
* excluding one user + 'excluding service users'
* excluding multiple users + 'excluding service users'

works as expected.


Thanks,

Zsombor Gegesy