Re: Review Request 62269: The Ranger can not refresh screen and hide child menu when user clicks menu

2017-09-14 Thread Colm O hEigeartaigh 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62269/#review185387
---


Ship it!




Ship It!

- Colm O hEigeartaigh


On Sept. 13, 2017, 8:53 a.m., pengjianhua wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62269/
> ---
> 
> (Updated Sept. 13, 2017, 8:53 a.m.)
> 
> 
> Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O 
> hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan 
> Neethiraj, Velmurugan Periasamy, and Qiang Zhang.
> 
> 
> Bugs: RANGER-1777
> https://issues.apache.org/jira/browse/RANGER-1777
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Like https://issues.apache.org/jira/projects/RANGER, related web screen will 
> be refresh and child menu will be hided when user clicked menu. But Ranger 
> can not refresh screen and hide child menu.
> At most web-menu-button ,such as 
> https://issues.apache.org/jira/projects/RANGER, the sub-memu-buttons should 
> be hide when you click menu.(see normal.jpg).
> When you click "Access Manage" or "Settings" menu, the sub-memu-buttons is 
> not hide(see ranger-not-hide.jpg) in Ranger. 
> We should modify the control logic of Ranger menu to keep consistent with 
> https://issues.apache.org/jira/projects/RANGER.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/webapp/scripts/views/common/TopNav.js bc5d17c4 
> 
> 
> Diff: https://reviews.apache.org/r/62269/diff/1/
> 
> 
> Testing
> ---
> 
> 
> Thanks,
> 
> pengjianhua
> 
>

[jira] [Resolved] (RANGER-1777) The Ranger can not refresh screen and hide child menu when user clicks menu

2017-09-14 Thread Colm O hEigeartaigh (JIRA) 

 [ 
https://issues.apache.org/jira/browse/RANGER-1777?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh resolved RANGER-1777.
-
Resolution: Fixed

> The Ranger can not refresh screen and hide child menu when user clicks menu
> ---
>
> Key: RANGER-1777
> URL: https://issues.apache.org/jira/browse/RANGER-1777
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 1.0.0, master
>Reporter: peng.jianhua
>Assignee: peng.jianhua
> Fix For: 1.0.0
>
> Attachments: 0001-RANGER-1777-A-button-problem.patch, normal.jpg, 
> ranger-not-hide.jpg
>
>
> Like https://issues.apache.org/jira/projects/RANGER, related web screen will 
> be refresh and child menu will be hided when user clicked menu. But Ranger 
> can not refresh screen and hide child menu.
> At most web-menu-button ,such as  
> https://issues.apache.org/jira/projects/RANGER, the sub-memu-buttons should 
> be hide when you click menu.(see normal.jpg).
> When you click "Access Manage" or "Settings" menu, the sub-memu-buttons is 
> not hide(see ranger-not-hide.jpg) in Ranger. 
> We should modify the control logic of Ranger menu to  keep consistent with 
> https://issues.apache.org/jira/projects/RANGER.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Resolved] (RANGER-1776) ranger-plugin-audit always show error.

2017-09-14 Thread Colm O hEigeartaigh (JIRA) 

 [ 
https://issues.apache.org/jira/browse/RANGER-1776?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh resolved RANGER-1776.
-
Resolution: Fixed

> ranger-plugin-audit always show error.
> --
>
> Key: RANGER-1776
> URL: https://issues.apache.org/jira/browse/RANGER-1776
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: master
>Reporter: peng.jianhua
>Assignee: peng.jianhua
> Fix For: 1.0.0
>
> Attachments: 0001-RANGER_1776-ranger-plugin-audit-show-log-error.patch
>
>
> Ranger always show error , the reason is logJSON always return false :
> {code}
> AuditFileSpool.java
> ret = consumerProvider.logJSON(lines);
>   if (!ret) {
>   // Need to log error after fixed interval
>   logError("Error sending logs to consumer. 
> provider="
>   + queueProvider.getName() + ", 
> consumer="
>   + consumerProvider.getName());
>   } else {
>  
> }
> {code}
> {code}
> BufferedAuditProvider.java
>@Override
>   public boolean logJSON(Collection events) {
>   boolean ret = true;
>   for (String event : events) {
>   ret = logJSON(event);
>   if (!ret) {
>   break;
>   }
>   }
>   return false;
>   }
> {code}
> Here should return ret.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (RANGER-1776) ranger-plugin-audit always show error.

2017-09-14 Thread Colm O hEigeartaigh (JIRA) 

 [ 
https://issues.apache.org/jira/browse/RANGER-1776?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated RANGER-1776:

Fix Version/s: 1.0.0

> ranger-plugin-audit always show error.
> --
>
> Key: RANGER-1776
> URL: https://issues.apache.org/jira/browse/RANGER-1776
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: master
>Reporter: peng.jianhua
>Assignee: peng.jianhua
> Fix For: 1.0.0
>
> Attachments: 0001-RANGER_1776-ranger-plugin-audit-show-log-error.patch
>
>
> Ranger always show error , the reason is logJSON always return false :
> {code}
> AuditFileSpool.java
> ret = consumerProvider.logJSON(lines);
>   if (!ret) {
>   // Need to log error after fixed interval
>   logError("Error sending logs to consumer. 
> provider="
>   + queueProvider.getName() + ", 
> consumer="
>   + consumerProvider.getName());
>   } else {
>  
> }
> {code}
> {code}
> BufferedAuditProvider.java
>@Override
>   public boolean logJSON(Collection events) {
>   boolean ret = true;
>   for (String event : events) {
>   ret = logJSON(event);
>   if (!ret) {
>   break;
>   }
>   }
>   return false;
>   }
> {code}
> Here should return ret.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Re: Review Request 62264: RANGER-1776:ranger-plugin-audit always show error.

2017-09-14 Thread Colm O hEigeartaigh 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62264/#review185388
---


Ship it!




Ship It!

- Colm O hEigeartaigh


On Sept. 13, 2017, 9:01 a.m., pengjianhua wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62264/
> ---
> 
> (Updated Sept. 13, 2017, 9:01 a.m.)
> 
> 
> Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O 
> hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan 
> Neethiraj, Velmurugan Periasamy, and Qiang Zhang.
> 
> 
> Bugs: RANGER-1776
> https://issues.apache.org/jira/browse/RANGER-1776
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Ranger always show error , the reason is logJSON always return false :
> AuditFileSpool.java
> ret = consumerProvider.logJSON(lines);
>   if (!ret) {
>   // Need to log error after fixed interval
>   logError("Error sending logs to consumer. 
> provider="
>   + queueProvider.getName() + ", 
> consumer="
>   + consumerProvider.getName());
>   } else {
>  
> }
> BufferedAuditProvider.java
>@Override
>   public boolean logJSON(Collection events) {
>   boolean ret = true;
>   for (String event : events) {
>   ret = logJSON(event);
>   if (!ret) {
>   break;
>   }
>   }
>   return false;
>   }
> 
> Here should return ret .
> 
> 
> Diffs
> -
> 
>   
> agents-audit/src/main/java/org/apache/ranger/audit/provider/BufferedAuditProvider.java
>  31b171e9 
> 
> 
> Diff: https://reviews.apache.org/r/62264/diff/1/
> 
> 
> Testing
> ---
> 
> 
> Thanks,
> 
> pengjianhua
> 
>

[jira] [Commented] (RANGER-1778) The logical of the policy details for Ranger Hive Plugin is error.

2017-09-14 Thread peng.jianhua (JIRA) 

[ 
https://issues.apache.org/jira/browse/RANGER-1778?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16165929#comment-16165929
 ] 

peng.jianhua commented on RANGER-1778:
--

Hi [~nitin.galave], I had modified the issue and was building patch. Thanks.

> The logical of the policy details for Ranger Hive Plugin is error.
> --
>
> Key: RANGER-1778
> URL: https://issues.apache.org/jira/browse/RANGER-1778
> Project: Ranger
>  Issue Type: Bug
>  Components: plugins, Ranger
>Affects Versions: 1.0.0, master
>Reporter: peng.jianhua
>Assignee: peng.jianhua
>
> The current logic is as following:
> 1、If policy choose “database”, the  Permissions can choose "Read" and "Write"
> 2、If policy choose “url”, the  Permissions can not  choose "Read" and "Write"
> Above logic is error. The right logic should be as following:
> 1、If policy choose “database”, the  Permissions can not choose "Read" and 
> "Write"
> 2、If policy choose “url”, the  Permissions can only choose "Read" and "Write"
> 3、Control relation values between "database" and "url" when user switched 
> them.That is, we should control the linkage of the switch for  "database" and 
> "url".
> Please refer to 
> https://community.hortonworks.com/questions/135781/ranger-hive-read-and-write-permissions.html



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (RANGER-1774) When the security admin and mysql service is not the same computer, the security admin was installed failed.

2017-09-14 Thread Pradeep Agrawal (JIRA) 

[ 
https://issues.apache.org/jira/browse/RANGER-1774?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16166068#comment-16166068
 ] 

Pradeep Agrawal commented on RANGER-1774:
-

I installed MySQL 5.5.35 on centos : 
{code:java}
mysql> select version();
+---+
| version() |
+---+
| 5.5.35|
+---+
1 row in set (0.00 sec)
{code}
After Install entries in mysql.user table was like this : 
{code:java}
mysql> select user,host from mysql.user;
+--+--+
| user | host |
+--+--+
| root | 127.0.0.1|
| root | ::1  |
| root | localhost|
| root | pk-ear6694-1 |
+--+--+
{code}
After that, I created root user with '%' host and granted privileges. 
{code:java}
mysql>create user 'root'@'%' identified by 'root';
mysql>GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY 'root' WITH GRANT 
OPTION;
mysql> select user,host from mysql.user;
+--+--+
| user | host |
+--+--+
| root | %|
| root | 127.0.0.1|
| root | ::1  |
| root | localhost|
| root | pk-ear6694-1 |
+--+--+
{code}
Added Ranger Host and MYSQL host entry in /etc/hosts file of both the node. For 
example in my case both the node have below given entries in /etc/hosts file.
{code:java}
172.22.112.148  pagrawal-mysql-ssl-1.openstacklocal pagrawal-mysql-ssl-1
pagrawal-mysql-ssl-1.openstacklocal.
172.22.93.14pk-ear6694-1.openstacklocal pk-ear6694-1
pk-ear6694-1.openstacklocal.
{code}
On node *pagrawal-mysql-ssl-1* executed setup.sh script with below config : 
{code:java}
db_root_user=root
db_root_password=root
db_host=pk-ear6694-1.openstacklocal
db_name=ranger091401
db_user=ranger091401
db_password=ranger091401
{code}
Ranger installation completed successfully and entries in mysql.user are like 
this : 
{code:java}
mysql> select user,host from mysql.user;
+--+-+
| user | host|
+--+-+
| ranger091401 | %   |
| root | %   |
| root | 127.0.0.1   |
| root | ::1 |
| ranger091401 | localhost   |
| root | localhost   |
| root | pk-ear6694-1|
| ranger091401 | pk-ear6694-1.openstacklocal |
+--+-+
{code}
After above tried to run script with short host name; please refer below config 
for ranger installation
{code:java}
db_root_user=root
db_root_password=root
db_host=pk-ear6694-1
db_name=ranger091403
db_user=ranger091403
db_password=ranger091403
{code}
Ranger installation completed successfully and entries in mysql.user are like 
this : 
{code:java}
mysql> select user,host from mysql.user order by user;
+--+-+
| user | host|
+--+-+
| ranger091401 | %   |
| ranger091401 | pk-ear6694-1.openstacklocal |
| ranger091401 | localhost   |
| ranger091403 | localhost   |
| ranger091403 | pk-ear6694-1|
| ranger091403 | %   |
| root | %   |
| root | ::1 |
| root | 127.0.0.1   |
| root | pk-ear6694-1|
| root | localhost   |
+--+-+
{code}
==> So its not reproducing at my end.

> When the security admin and mysql service is not the same computer, the 
> security admin was installed failed.
> 
>
> Key: RANGER-1774
> URL: https://issues.apache.org/jira/browse/RANGER-1774
> Project: Ranger
>  Issue Type: Bug
>  Components: admin
>Affects Versions: 1.0.0, master
>Reporter: peng.jianhua
>Assignee: peng.jianhua
>  Labels: patch
> Attachments: grant-privileges.png, mysql-version.png
>
>
> The security admin installed fail based on mysql 5.5.35-log version(refer to 
> mysql-version.png). The error log is as following:
> {code}
> 2017-09-12 13:21:05,525  [JISQL] /usr/java/jdk/bin/java  -cp 
> /usr/share/java/mysql-connector-java.jar:/opt/ZDH/parcels/lib/ranger/ranger-admin/jisql/lib/*
>  org.apache.util.sql.Jisql -driver mysqlconj -cstring 
> jdbc:mysql://10.43.183.132/ranger -u 'rangeradmin' -p '' -noheader 
> -trim -c \; -query "SELECT version();"
> SQLException : SQL state: 28000 java.sql.SQLException: Access denied for user 
> 'rangeradmin'@'dap134-183' (using password: YES) ErrorCode: 1045
> {code}
> We should explicitly

[jira] [Commented] (RANGER-1774) When the security admin and mysql service is not the same computer, the security admin was installed failed.

2017-09-14 Thread Pradeep Agrawal (JIRA) 

[ 
https://issues.apache.org/jira/browse/RANGER-1774?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16165993#comment-16165993
 ] 

Pradeep Agrawal commented on RANGER-1774:
-

[~peng.jianhua] I will try in 5.5.35 version and shall share my observations.

> When the security admin and mysql service is not the same computer, the 
> security admin was installed failed.
> 
>
> Key: RANGER-1774
> URL: https://issues.apache.org/jira/browse/RANGER-1774
> Project: Ranger
>  Issue Type: Bug
>  Components: admin
>Affects Versions: 1.0.0, master
>Reporter: peng.jianhua
>Assignee: peng.jianhua
>  Labels: patch
> Attachments: grant-privileges.png, mysql-version.png
>
>
> The security admin installed fail based on mysql 5.5.35-log version(refer to 
> mysql-version.png). The error log is as following:
> {code}
> 2017-09-12 13:21:05,525  [JISQL] /usr/java/jdk/bin/java  -cp 
> /usr/share/java/mysql-connector-java.jar:/opt/ZDH/parcels/lib/ranger/ranger-admin/jisql/lib/*
>  org.apache.util.sql.Jisql -driver mysqlconj -cstring 
> jdbc:mysql://10.43.183.132/ranger -u 'rangeradmin' -p '' -noheader 
> -trim -c \; -query "SELECT version();"
> SQLException : SQL state: 28000 java.sql.SQLException: Access denied for user 
> 'rangeradmin'@'dap134-183' (using password: YES) ErrorCode: 1045
> {code}
> We should explicitly assign the ranger machine to access mysql using 'grant 
> all privileges' command. That is the following code segment should be add the 
> IP of the computer running security admin installer.
> {code:title=ranger/security-admin/scripts/dba_script.py|borderStyle=solid}
> hosts_arr =["%", "localhost"]
> if not self.host == "localhost": hosts_arr.append(self.host)
> for host in hosts_arr:
> ..
> query = get_cmd + " -query \"grant all privileges on %s.* to '%s'@'%s' with 
> grant option;\"" %(db_name,db_user, host)
> ..
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Review Request 62325: The logical of the policy details for Ranger Hive Plugin is error.

2017-09-14 Thread pengjianhua 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62325/
---

Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O 
hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan 
Neethiraj, Velmurugan Periasamy, and Qiang Zhang.


Bugs: RANGER-1778
https://issues.apache.org/jira/browse/RANGER-1778


Repository: ranger


Description
---

The current logic is as following:
1?If policy choose “database”, the Permissions can choose "Read" and "Write"
2?If policy choose “url”, the Permissions can not choose "Read" and "Write"
Above logic is error. The right logic should be as following:
1?If policy choose “database”, the Permissions can not choose "Read" and "Write"
2?If policy choose “url”, the Permissions can only choose "Read" and "Write"
3?Control relation values between "database" and "url" when user switched 
them.That is, we should control the linkage of the switch for "database" and 
"url".
Please refer to 
https://community.hortonworks.com/questions/135781/ranger-hive-read-and-write-permissions.html


Diffs
-

  security-admin/src/main/webapp/scripts/views/policies/PermissionList.js 
bb649840 
  security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js 
9a8d82db 


Diff: https://reviews.apache.org/r/62325/diff/1/


Testing
---


Thanks,

pengjianhua

[jira] [Updated] (RANGER-1778) The logical of the policy details for Ranger Hive Plugin is error.

2017-09-14 Thread peng.jianhua (JIRA) 

 [ 
https://issues.apache.org/jira/browse/RANGER-1778?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

peng.jianhua updated RANGER-1778:
-
Attachment: 0001-RANGER-1778-The-logical-of-the-policy-details-for-Ra.patch

> The logical of the policy details for Ranger Hive Plugin is error.
> --
>
> Key: RANGER-1778
> URL: https://issues.apache.org/jira/browse/RANGER-1778
> Project: Ranger
>  Issue Type: Bug
>  Components: plugins, Ranger
>Affects Versions: 1.0.0, master
>Reporter: peng.jianhua
>Assignee: peng.jianhua
> Attachments: 
> 0001-RANGER-1778-The-logical-of-the-policy-details-for-Ra.patch
>
>
> The current logic is as following:
> 1、If policy choose “database”, the  Permissions can choose "Read" and "Write"
> 2、If policy choose “url”, the  Permissions can not  choose "Read" and "Write"
> Above logic is error. The right logic should be as following:
> 1、If policy choose “database”, the  Permissions can not choose "Read" and 
> "Write"
> 2、If policy choose “url”, the  Permissions can only choose "Read" and "Write"
> 3、Control relation values between "database" and "url" when user switched 
> them.That is, we should control the linkage of the switch for  "database" and 
> "url".
> Please refer to 
> https://community.hortonworks.com/questions/135781/ranger-hive-read-and-write-permissions.html



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (RANGER-1774) When the security admin and mysql service is not the same computer, the security admin was installed failed.

2017-09-14 Thread peng.jianhua (JIRA) 

[ 
https://issues.apache.org/jira/browse/RANGER-1774?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16165990#comment-16165990
 ] 

peng.jianhua commented on RANGER-1774:
--

Hi [~pradeep.agrawal], we have a complete test for ranger, in addition to this 
issue, ranger can perfectly support mysql5.5. *. 

> When the security admin and mysql service is not the same computer, the 
> security admin was installed failed.
> 
>
> Key: RANGER-1774
> URL: https://issues.apache.org/jira/browse/RANGER-1774
> Project: Ranger
>  Issue Type: Bug
>  Components: admin
>Affects Versions: 1.0.0, master
>Reporter: peng.jianhua
>Assignee: peng.jianhua
>  Labels: patch
> Attachments: grant-privileges.png, mysql-version.png
>
>
> The security admin installed fail based on mysql 5.5.35-log version(refer to 
> mysql-version.png). The error log is as following:
> {code}
> 2017-09-12 13:21:05,525  [JISQL] /usr/java/jdk/bin/java  -cp 
> /usr/share/java/mysql-connector-java.jar:/opt/ZDH/parcels/lib/ranger/ranger-admin/jisql/lib/*
>  org.apache.util.sql.Jisql -driver mysqlconj -cstring 
> jdbc:mysql://10.43.183.132/ranger -u 'rangeradmin' -p '' -noheader 
> -trim -c \; -query "SELECT version();"
> SQLException : SQL state: 28000 java.sql.SQLException: Access denied for user 
> 'rangeradmin'@'dap134-183' (using password: YES) ErrorCode: 1045
> {code}
> We should explicitly assign the ranger machine to access mysql using 'grant 
> all privileges' command. That is the following code segment should be add the 
> IP of the computer running security admin installer.
> {code:title=ranger/security-admin/scripts/dba_script.py|borderStyle=solid}
> hosts_arr =["%", "localhost"]
> if not self.host == "localhost": hosts_arr.append(self.host)
> for host in hosts_arr:
> ..
> query = get_cmd + " -query \"grant all privileges on %s.* to '%s'@'%s' with 
> grant option;\"" %(db_name,db_user, host)
> ..
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (RANGER-1777) The Ranger can not refresh screen and hide child menu when user clicks menu

2017-09-14 Thread Colm O hEigeartaigh (JIRA) 

 [ 
https://issues.apache.org/jira/browse/RANGER-1777?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated RANGER-1777:

Fix Version/s: 1.0.0

> The Ranger can not refresh screen and hide child menu when user clicks menu
> ---
>
> Key: RANGER-1777
> URL: https://issues.apache.org/jira/browse/RANGER-1777
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 1.0.0, master
>Reporter: peng.jianhua
>Assignee: peng.jianhua
> Fix For: 1.0.0
>
> Attachments: 0001-RANGER-1777-A-button-problem.patch, normal.jpg, 
> ranger-not-hide.jpg
>
>
> Like https://issues.apache.org/jira/projects/RANGER, related web screen will 
> be refresh and child menu will be hided when user clicked menu. But Ranger 
> can not refresh screen and hide child menu.
> At most web-menu-button ,such as  
> https://issues.apache.org/jira/projects/RANGER, the sub-memu-buttons should 
> be hide when you click menu.(see normal.jpg).
> When you click "Access Manage" or "Settings" menu, the sub-memu-buttons is 
> not hide(see ranger-not-hide.jpg) in Ranger. 
> We should modify the control logic of Ranger menu to  keep consistent with 
> https://issues.apache.org/jira/projects/RANGER.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Assigned] (RANGER-1682) Clicking on export service after session timeout gets stuck indefinitely

2017-09-14 Thread Nitin Galave (JIRA) 

 [ 
https://issues.apache.org/jira/browse/RANGER-1682?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Nitin Galave reassigned RANGER-1682:


Assignee: Nitin Galave

> Clicking on export service after session timeout gets stuck indefinitely
> 
>
> Key: RANGER-1682
> URL: https://issues.apache.org/jira/browse/RANGER-1682
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Aditya Sirna
>Assignee: Nitin Galave
> Fix For: 1.0.0, 0.7.2
>
>
> Steps to repro
> 1)login to ranger UI.
> 2) wait until the session is expired / delete the cookies from the browser
> 3)Click on export button of any service
> 4)The loader is shown indefinitely.
> In the background, the below call fails with HTTP Status 419
> http://:6080/service/plugins/policies/exportJson?serviceName==true
> Expected: Should go to login page if session is expired.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Created] (RANGER-1782) When the drop-down box is switched, more than one symbol is displayed each time in ranger-web-hivedev

2017-09-14 Thread peng.jianhua (JIRA) 
peng.jianhua created RANGER-1782:


 Summary: When the drop-down box is switched, more than one symbol 
is displayed each time in ranger-web-hivedev 
 Key: RANGER-1782
 URL: https://issues.apache.org/jira/browse/RANGER-1782
 Project: Ranger
  Issue Type: Bug
  Components: admin, Ranger
Affects Versions: master
Reporter: peng.jianhua
Assignee: peng.jianhua


In ranger-web-hivedev ,when the drop-down box is switched, more than one symbol 
is displayed each time(see 1.jpg).



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Re: Review Request 62325: The logical of the policy details for Ranger Hive Plugin is error.

2017-09-14 Thread Qiang Zhang 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62325/#review185397
---



Please fix it.

Applying: RANGER-1778 The logical of the policy details for Ranger Hive Plugin 
is error.
.git/rebase-apply/patch:24: space before tab in indent.
var perms = [];
.git/rebase-apply/patch:25: space before tab in indent.
var permsIds = [];
.git/rebase-apply/patch:26: space before tab in indent.
for(var i = 0;i 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62325/
> ---
> 
> (Updated Sept. 14, 2017, 10:41 a.m.)
> 
> 
> Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O 
> hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan 
> Neethiraj, Velmurugan Periasamy, and Qiang Zhang.
> 
> 
> Bugs: RANGER-1778
> https://issues.apache.org/jira/browse/RANGER-1778
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> The current logic is as following:
> 1?If policy choose “database”, the Permissions can choose "Read" and "Write"
> 2?If policy choose “url”, the Permissions can not choose "Read" and "Write"
> Above logic is error. The right logic should be as following:
> 1?If policy choose “database”, the Permissions can not choose "Read" and 
> "Write"
> 2?If policy choose “url”, the Permissions can only choose "Read" and "Write"
> 3?Control relation values between "database" and "url" when user switched 
> them.That is, we should control the linkage of the switch for "database" and 
> "url".
> Please refer to 
> https://community.hortonworks.com/questions/135781/ranger-hive-read-and-write-permissions.html
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/webapp/scripts/views/policies/PermissionList.js 
> bb649840 
>   security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js 
> 9a8d82db 
> 
> 
> Diff: https://reviews.apache.org/r/62325/diff/1/
> 
> 
> Testing
> ---
> 
> 
> Thanks,
> 
> pengjianhua
> 
>

[jira] [Created] (RANGER-1783) Restrict User-Role user from seeing other users.

2017-09-14 Thread Nikhil Purbhe (JIRA) 
Nikhil Purbhe created RANGER-1783:
-

 Summary: Restrict User-Role user from seeing other users.
 Key: RANGER-1783
 URL: https://issues.apache.org/jira/browse/RANGER-1783
 Project: Ranger
  Issue Type: Bug
  Components: Ranger
Reporter: Nikhil Purbhe
Assignee: Nikhil Purbhe
 Fix For: 1.0.0, 0.7.2


Currently, A 'User Role user' is able to see other User Role Users.
Expected Result : User having role as USER should not be able to see other 
users.




--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (RANGER-1682) Clicking on export service after session timeout gets stuck indefinitely

2017-09-14 Thread Nitin Galave (JIRA) 

 [ 
https://issues.apache.org/jira/browse/RANGER-1682?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Nitin Galave updated RANGER-1682:
-
Attachment: RANGER-1682-master.patch

> Clicking on export service after session timeout gets stuck indefinitely
> 
>
> Key: RANGER-1682
> URL: https://issues.apache.org/jira/browse/RANGER-1682
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Aditya Sirna
>Assignee: Nitin Galave
> Fix For: 1.0.0, 0.7.2
>
> Attachments: RANGER-1682-master.patch
>
>
> Steps to repro
> 1)login to ranger UI.
> 2) wait until the session is expired / delete the cookies from the browser
> 3)Click on export button of any service
> 4)The loader is shown indefinitely.
> In the background, the below call fails with HTTP Status 419
> http://:6080/service/plugins/policies/exportJson?serviceName==true
> Expected: Should go to login page if session is expired.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Review Request 62328: RANGER-1682: Clicking on export service after session timeout gets stuck indefinitely.

2017-09-14 Thread Nitin Galave 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62328/
---

Review request for ranger, Ankita Sinha, Gautam Borad, Mehul Parikh, and 
Velmurugan Periasamy.


Bugs: RANGER-1682
https://issues.apache.org/jira/browse/RANGER-1682


Repository: ranger


Description
---

Steps to repro
1)login to ranger UI.
2) wait until the session is expired / delete the cookies from the browser
3)Click on export button of any service
4)The loader is shown indefinitely.
In the background, the below call fails with HTTP Status 419
http://:6080/service/plugins/policies/exportJson?serviceName==true
Expected: Should go to login page if session is expired.


Diffs
-

  security-admin/src/main/webapp/login.jsp 39fb327 
  security-admin/src/main/webapp/scripts/models/RangerServiceDef.js 56411b4 
  security-admin/src/main/webapp/scripts/models/XABaseModel.js 6083210 
  security-admin/src/main/webapp/scripts/utils/XAUtils.js 1979847 
  security-admin/src/main/webapp/scripts/views/DownloadServicePolicy.js fb10562 
  security-admin/src/main/webapp/scripts/views/UploadServicePolicy.js 338fffb 
  security-admin/src/main/webapp/scripts/views/kms/KMSTableLayout.js fbbee46 
  
security-admin/src/main/webapp/scripts/views/permissions/ModulePermissionForm.js
 aa4c332 
  security-admin/src/main/webapp/scripts/views/policies/PermissionList.js 
bb64984 
  security-admin/src/main/webapp/scripts/views/policies/RangerPolicyRO.js 
3011f1e 
  security-admin/src/main/webapp/scripts/views/policymanager/ServiceLayout.js 
c551887 
  security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js aecaf95 
  security-admin/src/main/webapp/scripts/views/service/ServiceCreate.js c2b78ab 
  security-admin/src/main/webapp/scripts/views/user/UserProfile.js cac80a8 


Diff: https://reviews.apache.org/r/62328/diff/1/


Testing
---

1.UI able to redirect to login page clicking on export service button after 
session timeout and also shows session timeout message in the alert box.
2.Also most of modules are convered for the same scenario.


Thanks,

Nitin Galave

Re: Review Request 62328: RANGER-1682: Clicking on export service after session timeout gets stuck indefinitely.

2017-09-14 Thread Velmurugan Periasamy 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62328/#review185418
---


Ship it!




Ship It!

- Velmurugan Periasamy


On Sept. 14, 2017, 12:33 p.m., Nitin Galave wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62328/
> ---
> 
> (Updated Sept. 14, 2017, 12:33 p.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Gautam Borad, Mehul Parikh, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1682
> https://issues.apache.org/jira/browse/RANGER-1682
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Steps to repro
> 1)login to ranger UI.
> 2) wait until the session is expired / delete the cookies from the browser
> 3)Click on export button of any service
> 4)The loader is shown indefinitely.
> In the background, the below call fails with HTTP Status 419
> http://:6080/service/plugins/policies/exportJson?serviceName==true
> Expected: Should go to login page if session is expired.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/webapp/login.jsp 39fb327 
>   security-admin/src/main/webapp/scripts/models/RangerServiceDef.js 56411b4 
>   security-admin/src/main/webapp/scripts/models/XABaseModel.js 6083210 
>   security-admin/src/main/webapp/scripts/utils/XAUtils.js 1979847 
>   security-admin/src/main/webapp/scripts/views/DownloadServicePolicy.js 
> fb10562 
>   security-admin/src/main/webapp/scripts/views/UploadServicePolicy.js 338fffb 
>   security-admin/src/main/webapp/scripts/views/kms/KMSTableLayout.js fbbee46 
>   
> security-admin/src/main/webapp/scripts/views/permissions/ModulePermissionForm.js
>  aa4c332 
>   security-admin/src/main/webapp/scripts/views/policies/PermissionList.js 
> bb64984 
>   security-admin/src/main/webapp/scripts/views/policies/RangerPolicyRO.js 
> 3011f1e 
>   security-admin/src/main/webapp/scripts/views/policymanager/ServiceLayout.js 
> c551887 
>   security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js aecaf95 
>   security-admin/src/main/webapp/scripts/views/service/ServiceCreate.js 
> c2b78ab 
>   security-admin/src/main/webapp/scripts/views/user/UserProfile.js cac80a8 
> 
> 
> Diff: https://reviews.apache.org/r/62328/diff/1/
> 
> 
> Testing
> ---
> 
> 1.UI able to redirect to login page clicking on export service button after 
> session timeout and also shows session timeout message in the alert box.
> 2.Also most of modules are convered for the same scenario.
> 
> 
> Thanks,
> 
> Nitin Galave
> 
>

Re: Review Request 62325: The logical of the policy details for Ranger Hive Plugin is error.

2017-09-14 Thread Velmurugan Periasamy 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62325/#review185411
---




security-admin/src/main/webapp/scripts/views/policies/PermissionList.js
Lines 818 (patched)


It would be better to seek a generic solution.


- Velmurugan Periasamy


On Sept. 14, 2017, 10:41 a.m., pengjianhua wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62325/
> ---
> 
> (Updated Sept. 14, 2017, 10:41 a.m.)
> 
> 
> Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O 
> hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan 
> Neethiraj, Velmurugan Periasamy, and Qiang Zhang.
> 
> 
> Bugs: RANGER-1778
> https://issues.apache.org/jira/browse/RANGER-1778
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> The current logic is as following:
> 1?If policy choose “database”, the Permissions can choose "Read" and "Write"
> 2?If policy choose “url”, the Permissions can not choose "Read" and "Write"
> Above logic is error. The right logic should be as following:
> 1?If policy choose “database”, the Permissions can not choose "Read" and 
> "Write"
> 2?If policy choose “url”, the Permissions can only choose "Read" and "Write"
> 3?Control relation values between "database" and "url" when user switched 
> them.That is, we should control the linkage of the switch for "database" and 
> "url".
> Please refer to 
> https://community.hortonworks.com/questions/135781/ranger-hive-read-and-write-permissions.html
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/webapp/scripts/views/policies/PermissionList.js 
> bb649840 
>   security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js 
> 9a8d82db 
> 
> 
> Diff: https://reviews.apache.org/r/62325/diff/1/
> 
> 
> Testing
> ---
> 
> 
> Thanks,
> 
> pengjianhua
> 
>

[jira] [Commented] (RANGER-1647) Allow Ranger policy conditions to use tag attributes and values in Ranger

2017-09-14 Thread Sailaja Polavarapu (JIRA) 

[ 
https://issues.apache.org/jira/browse/RANGER-1647?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16166533#comment-16166533
 ] 

Sailaja Polavarapu commented on RANGER-1647:


Checked in the changes to ranger-0.7 branch as well

> Allow Ranger policy conditions to use tag attributes and values in Ranger
> -
>
> Key: RANGER-1647
> URL: https://issues.apache.org/jira/browse/RANGER-1647
> Project: Ranger
>  Issue Type: New Feature
>  Components: Ranger
>Affects Versions: 0.7.1
>Reporter: Sailaja Polavarapu
>Assignee: Sailaja Polavarapu
> Fix For: 1.0.0, 0.7.2
>
> Attachments: 
> 0001-RANGER-1647-Allow-Ranger-policy-conditions-to-use-ta.patch
>
>
> Support user to enter the policy conditions in java script format which will 
> be evaluated and enforced by the policy engine in the component during ranger 
> policy evaluation.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Re: Review Request 62313: RANGER-1647: Allow Ranger policy conditions to use tag attributes and values in Ranger -- ranger0.7 branch

2017-09-14 Thread Velmurugan Periasamy 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62313/#review185416
---


Ship it!




Ship It!

- Velmurugan Periasamy


On Sept. 13, 2017, 11:33 p.m., Sailaja Polavarapu wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62313/
> ---
> 
> (Updated Sept. 13, 2017, 11:33 p.m.)
> 
> 
> Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, and Velmurugan 
> Periasamy.
> 
> 
> Bugs: RANGER-1647
> https://issues.apache.org/jira/browse/RANGER-1647
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Merged https://reviews.apache.org/r/60140/ to ranger-0.7 branch and added 
> patch file to handle upgrades.
> 
> 
> Diffs
> -
> 
>   
> security-admin/src/main/java/org/apache/ranger/patch/PatchForTagServiceDefUpdate_J10008.java
>  PRE-CREATION 
> 
> 
> Diff: https://reviews.apache.org/r/62313/diff/2/
> 
> 
> Testing
> ---
> 
> 1. Performed basic functionality tests
> 2. Ran all the unit tests with successfully.
> 
> 
> Thanks,
> 
> Sailaja Polavarapu
> 
>

[jira] [Commented] (RANGER-1778) The logical of the policy details for Ranger Hive Plugin is error.

2017-09-14 Thread Velmurugan Periasamy (JIRA) 

[ 
https://issues.apache.org/jira/browse/RANGER-1778?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16166450#comment-16166450
 ] 

Velmurugan Periasamy commented on RANGER-1778:
--

My suggestion is to handle this generically as per 
https://issues.apache.org/jira/browse/RANGER-1781. 

[~peng.jianhua] - can you please close this JIRA and discard 
https://reviews.apache.org/r/62325/

> The logical of the policy details for Ranger Hive Plugin is error.
> --
>
> Key: RANGER-1778
> URL: https://issues.apache.org/jira/browse/RANGER-1778
> Project: Ranger
>  Issue Type: Bug
>  Components: plugins, Ranger
>Affects Versions: 1.0.0, master
>Reporter: peng.jianhua
>Assignee: peng.jianhua
> Attachments: 
> 0001-RANGER-1778-The-logical-of-the-policy-details-for-Ra.patch
>
>
> The current logic is as following:
> 1、If policy choose “database”, the  Permissions can choose "Read" and "Write"
> 2、If policy choose “url”, the  Permissions can not  choose "Read" and "Write"
> Above logic is error. The right logic should be as following:
> 1、If policy choose “database”, the  Permissions can not choose "Read" and 
> "Write"
> 2、If policy choose “url”, the  Permissions can only choose "Read" and "Write"
> 3、Control relation values between "database" and "url" when user switched 
> them.That is, we should control the linkage of the switch for  "database" and 
> "url".
> Please refer to 
> https://community.hortonworks.com/questions/135781/ranger-hive-read-and-write-permissions.html



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Resolved] (RANGER-1647) Allow Ranger policy conditions to use tag attributes and values in Ranger

2017-09-14 Thread Sailaja Polavarapu (JIRA) 

 [ 
https://issues.apache.org/jira/browse/RANGER-1647?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sailaja Polavarapu resolved RANGER-1647.

Resolution: Fixed

> Allow Ranger policy conditions to use tag attributes and values in Ranger
> -
>
> Key: RANGER-1647
> URL: https://issues.apache.org/jira/browse/RANGER-1647
> Project: Ranger
>  Issue Type: New Feature
>  Components: Ranger
>Affects Versions: 0.7.1
>Reporter: Sailaja Polavarapu
>Assignee: Sailaja Polavarapu
> Fix For: 1.0.0, 0.7.2
>
> Attachments: 
> 0001-RANGER-1647-Allow-Ranger-policy-conditions-to-use-ta.patch
>
>
> Support user to enter the policy conditions in java script format which will 
> be evaluated and enforced by the policy engine in the component during ranger 
> policy evaluation.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (RANGER-1782) When the drop-down box is switched, more than one symbol is displayed each time in ranger-web-hivedev

2017-09-14 Thread peng.jianhua (JIRA) 

 [ 
https://issues.apache.org/jira/browse/RANGER-1782?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

peng.jianhua updated RANGER-1782:
-
Attachment: 0001-RANGER-1782-When-the-drop-down-box-is-switched-more-.patch

> When the drop-down box is switched, more than one symbol is displayed each 
> time in ranger-web-hivedev 
> --
>
> Key: RANGER-1782
> URL: https://issues.apache.org/jira/browse/RANGER-1782
> Project: Ranger
>  Issue Type: Bug
>  Components: admin, Ranger
>Affects Versions: master
>Reporter: peng.jianhua
>Assignee: peng.jianhua
> Attachments: 
> 0001-RANGER-1782-When-the-drop-down-box-is-switched-more-.patch, 1.bmp
>
>
> In ranger-web-hivedev ,when the drop-down box is switched, more than one 
> symbol is displayed each time(see 1.bmp).
> 1、switch "database" and "url"
> 2、switch "udf" and "table"
> 3、then show "**" 
> I have modifyed with patch



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (RANGER-1782) When the drop-down box is switched, more than one symbol is displayed each time in ranger-web-hivedev

2017-09-14 Thread peng.jianhua (JIRA) 

 [ 
https://issues.apache.org/jira/browse/RANGER-1782?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

peng.jianhua updated RANGER-1782:
-
Attachment: 1.bmp

> When the drop-down box is switched, more than one symbol is displayed each 
> time in ranger-web-hivedev 
> --
>
> Key: RANGER-1782
> URL: https://issues.apache.org/jira/browse/RANGER-1782
> Project: Ranger
>  Issue Type: Bug
>  Components: admin, Ranger
>Affects Versions: master
>Reporter: peng.jianhua
>Assignee: peng.jianhua
> Attachments: 
> 0001-RANGER-1782-When-the-drop-down-box-is-switched-more-.patch, 1.bmp
>
>
> In ranger-web-hivedev ,when the drop-down box is switched, more than one 
> symbol is displayed each time(see 1.bmp).
> 1、switch "database" and "url"
> 2、switch "udf" and "table"
> 3、then show "**" 
> I have modifyed with patch



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (RANGER-1782) When the drop-down box is switched, more than one symbol is displayed each time in ranger-web-hivedev

2017-09-14 Thread peng.jianhua (JIRA) 

 [ 
https://issues.apache.org/jira/browse/RANGER-1782?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

peng.jianhua updated RANGER-1782:
-
Attachment: (was: 
0001-RANGER-1782-When-the-drop-down-box-is-switched-more-.patch)

> When the drop-down box is switched, more than one symbol is displayed each 
> time in ranger-web-hivedev 
> --
>
> Key: RANGER-1782
> URL: https://issues.apache.org/jira/browse/RANGER-1782
> Project: Ranger
>  Issue Type: Bug
>  Components: admin, Ranger
>Affects Versions: master
>Reporter: peng.jianhua
>Assignee: peng.jianhua
> Attachments: 1.bmp
>
>
> In ranger-web-hivedev ,when the drop-down box is switched, more than one 
> symbol is displayed each time(see 1.bmp).
> 1、switch "database" and "url"
> 2、switch "udf" and "table"
> 3、then show "**" 
> I have modifyed with patch



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (RANGER-1782) When the drop-down box is switched, more than one symbol is displayed each time in ranger-web-hivedev

2017-09-14 Thread peng.jianhua (JIRA) 

 [ 
https://issues.apache.org/jira/browse/RANGER-1782?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

peng.jianhua updated RANGER-1782:
-
Description: 
In ranger-web-hivedev ,when the drop-down box is switched, more than one symbol 
is displayed each time(see 1.bmp).
1、switch "database" and "url"
2、switch "udf" and "table"
3、then show "**" ,correctly should display one "*"

I have modifyed with patch

  was:
In ranger-web-hivedev ,when the drop-down box is switched, more than one symbol 
is displayed each time(see 1.bmp).
1、switch "database" and "url"
2、switch "udf" and "table"
3、then show "**" 

I have modifyed with patch


> When the drop-down box is switched, more than one symbol is displayed each 
> time in ranger-web-hivedev 
> --
>
> Key: RANGER-1782
> URL: https://issues.apache.org/jira/browse/RANGER-1782
> Project: Ranger
>  Issue Type: Bug
>  Components: admin, Ranger
>Affects Versions: master
>Reporter: peng.jianhua
>Assignee: peng.jianhua
> Attachments: 1.bmp
>
>
> In ranger-web-hivedev ,when the drop-down box is switched, more than one 
> symbol is displayed each time(see 1.bmp).
> 1、switch "database" and "url"
> 2、switch "udf" and "table"
> 3、then show "**" ,correctly should display one "*"
> I have modifyed with patch



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (RANGER-1778) The logical of the policy details for Ranger Hive Plugin is error.

2017-09-14 Thread peng.jianhua (JIRA) 

 [ 
https://issues.apache.org/jira/browse/RANGER-1778?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

peng.jianhua updated RANGER-1778:
-
Attachment: (was: 
0001-RANGER-1778-The-logical-of-the-policy-details-for-Ra.patch)

> The logical of the policy details for Ranger Hive Plugin is error.
> --
>
> Key: RANGER-1778
> URL: https://issues.apache.org/jira/browse/RANGER-1778
> Project: Ranger
>  Issue Type: Bug
>  Components: plugins, Ranger
>Affects Versions: 1.0.0, master
>Reporter: peng.jianhua
>Assignee: peng.jianhua
>
> The current logic is as following:
> 1、If policy choose “database”, the  Permissions can choose "Read" and "Write"
> 2、If policy choose “url”, the  Permissions can not  choose "Read" and "Write"
> Above logic is error. The right logic should be as following:
> 1、If policy choose “database”, the  Permissions can not choose "Read" and 
> "Write"
> 2、If policy choose “url”, the  Permissions can only choose "Read" and "Write"
> 3、Control relation values between "database" and "url" when user switched 
> them.That is, we should control the linkage of the switch for  "database" and 
> "url".
> Please refer to 
> https://community.hortonworks.com/questions/135781/ranger-hive-read-and-write-permissions.html



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (RANGER-1782) When the drop-down box is switched, more than one symbol is displayed each time in ranger-web-hivedev

2017-09-14 Thread peng.jianhua (JIRA) 

 [ 
https://issues.apache.org/jira/browse/RANGER-1782?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

peng.jianhua updated RANGER-1782:
-
Description: 
In ranger-web-hivedev ,when the drop-down box is switched, more than one symbol 
is displayed each time(see 1.jpg).
1、switch "database" and "url"
2、switch "udf" and "table"
3、then show "**" 

  was:In ranger-web-hivedev ,when the drop-down box is switched, more than one 
symbol is displayed each time(see 1.jpg).


> When the drop-down box is switched, more than one symbol is displayed each 
> time in ranger-web-hivedev 
> --
>
> Key: RANGER-1782
> URL: https://issues.apache.org/jira/browse/RANGER-1782
> Project: Ranger
>  Issue Type: Bug
>  Components: admin, Ranger
>Affects Versions: master
>Reporter: peng.jianhua
>Assignee: peng.jianhua
>
> In ranger-web-hivedev ,when the drop-down box is switched, more than one 
> symbol is displayed each time(see 1.jpg).
> 1、switch "database" and "url"
> 2、switch "udf" and "table"
> 3、then show "**" 



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (RANGER-1782) When the drop-down box is switched, more than one symbol is displayed each time in ranger-web-hivedev

2017-09-14 Thread peng.jianhua (JIRA) 

 [ 
https://issues.apache.org/jira/browse/RANGER-1782?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

peng.jianhua updated RANGER-1782:
-
Description: 
In ranger-web-hivedev ,when the drop-down box is switched, more than one symbol 
is displayed each time(see 1.bmp).
1、switch "database" and "url"
2、switch "udf" and "table"
3、then show "**" 

  was:
In ranger-web-hivedev ,when the drop-down box is switched, more than one symbol 
is displayed each time(see 1.jpg).
1、switch "database" and "url"
2、switch "udf" and "table"
3、then show "**" 


> When the drop-down box is switched, more than one symbol is displayed each 
> time in ranger-web-hivedev 
> --
>
> Key: RANGER-1782
> URL: https://issues.apache.org/jira/browse/RANGER-1782
> Project: Ranger
>  Issue Type: Bug
>  Components: admin, Ranger
>Affects Versions: master
>Reporter: peng.jianhua
>Assignee: peng.jianhua
>
> In ranger-web-hivedev ,when the drop-down box is switched, more than one 
> symbol is displayed each time(see 1.bmp).
> 1、switch "database" and "url"
> 2、switch "udf" and "table"
> 3、then show "**" 



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Re: Review Request 62325: The logical of the policy details for Ranger Hive Plugin is error.

2017-09-14 Thread pengjianhua 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62325/
---

(Updated 九月 15, 2017, 2:41 a.m.)


Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O 
hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan 
Neethiraj, Velmurugan Periasamy, and Qiang Zhang.


Bugs: RANGER-1778
https://issues.apache.org/jira/browse/RANGER-1778


Repository: ranger


Description
---

The current logic is as following:
1?If policy choose “database”, the Permissions can choose "Read" and "Write"
2?If policy choose “url”, the Permissions can not choose "Read" and "Write"
Above logic is error. The right logic should be as following:
1?If policy choose “database”, the Permissions can not choose "Read" and "Write"
2?If policy choose “url”, the Permissions can only choose "Read" and "Write"
3?Control relation values between "database" and "url" when user switched 
them.That is, we should control the linkage of the switch for "database" and 
"url".
Please refer to 
https://community.hortonworks.com/questions/135781/ranger-hive-read-and-write-permissions.html


Diffs (updated)
-

  security-admin/src/main/webapp/scripts/views/policies/PermissionList.js 
bb649840 
  security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js 
9a8d82db 


Diff: https://reviews.apache.org/r/62325/diff/2/

Changes: https://reviews.apache.org/r/62325/diff/1-2/


Testing
---


Thanks,

pengjianhua

[jira] [Updated] (RANGER-1778) The logical of the policy details for Ranger Hive Plugin is error.

2017-09-14 Thread peng.jianhua (JIRA) 

 [ 
https://issues.apache.org/jira/browse/RANGER-1778?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

peng.jianhua updated RANGER-1778:
-
Attachment: 0001-RANGER-1778-The-logical-of-the-policy-details-for-Ra.patch

> The logical of the policy details for Ranger Hive Plugin is error.
> --
>
> Key: RANGER-1778
> URL: https://issues.apache.org/jira/browse/RANGER-1778
> Project: Ranger
>  Issue Type: Bug
>  Components: plugins, Ranger
>Affects Versions: 1.0.0, master
>Reporter: peng.jianhua
>Assignee: peng.jianhua
> Attachments: 
> 0001-RANGER-1778-The-logical-of-the-policy-details-for-Ra.patch
>
>
> The current logic is as following:
> 1、If policy choose “database”, the  Permissions can choose "Read" and "Write"
> 2、If policy choose “url”, the  Permissions can not  choose "Read" and "Write"
> Above logic is error. The right logic should be as following:
> 1、If policy choose “database”, the  Permissions can not choose "Read" and 
> "Write"
> 2、If policy choose “url”, the  Permissions can only choose "Read" and "Write"
> 3、Control relation values between "database" and "url" when user switched 
> them.That is, we should control the linkage of the switch for  "database" and 
> "url".
> Please refer to 
> https://community.hortonworks.com/questions/135781/ranger-hive-read-and-write-permissions.html



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (RANGER-1782) When the drop-down box is switched, more than one symbol is displayed each time in ranger-web-hivedev

2017-09-14 Thread peng.jianhua (JIRA) 

 [ 
https://issues.apache.org/jira/browse/RANGER-1782?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

peng.jianhua updated RANGER-1782:
-
Description: 
In ranger-web-hivedev ,when the drop-down box is switched, more than one symbol 
is displayed each time(see 1.bmp).
1.switch "database" and "url"
2.switch "udf" and "table"
3.then show ** , but correctly it should display only one *

I have modifyed with patch

  was:
In ranger-web-hivedev ,when the drop-down box is switched, more than one symbol 
is displayed each time(see 1.bmp).
1.switch "database" and "url"
2.switch "udf" and "table"
3.then show "**", but correctly it should display one "*"

I have modifyed with patch


> When the drop-down box is switched, more than one symbol is displayed each 
> time in ranger-web-hivedev 
> --
>
> Key: RANGER-1782
> URL: https://issues.apache.org/jira/browse/RANGER-1782
> Project: Ranger
>  Issue Type: Bug
>  Components: admin, Ranger
>Affects Versions: master
>Reporter: peng.jianhua
>Assignee: peng.jianhua
> Attachments: 1.bmp
>
>
> In ranger-web-hivedev ,when the drop-down box is switched, more than one 
> symbol is displayed each time(see 1.bmp).
> 1.switch "database" and "url"
> 2.switch "udf" and "table"
> 3.then show ** , but correctly it should display only one *
> I have modifyed with patch



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (RANGER-1782) When the drop-down box is switched, more than one symbol is displayed each time in ranger-web-hivedev

2017-09-14 Thread peng.jianhua (JIRA) 

 [ 
https://issues.apache.org/jira/browse/RANGER-1782?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

peng.jianhua updated RANGER-1782:
-
Description: 
In ranger-web-hivedev ,when the drop-down box is switched, more than one symbol 
is displayed each time(see 1.bmp).
1.switch "database" and "url"
2.switch "udf" and "table"
3.then show "**", but correctly it should display one "*"

I have modifyed with patch

  was:
In ranger-web-hivedev ,when the drop-down box is switched, more than one symbol 
is displayed each time(see 1.bmp).
1、switch "database" and "url"
2、switch "udf" and "table"
3、then show "**" ,correctly should display one "*"

I have modifyed with patch


> When the drop-down box is switched, more than one symbol is displayed each 
> time in ranger-web-hivedev 
> --
>
> Key: RANGER-1782
> URL: https://issues.apache.org/jira/browse/RANGER-1782
> Project: Ranger
>  Issue Type: Bug
>  Components: admin, Ranger
>Affects Versions: master
>Reporter: peng.jianhua
>Assignee: peng.jianhua
> Attachments: 1.bmp
>
>
> In ranger-web-hivedev ,when the drop-down box is switched, more than one 
> symbol is displayed each time(see 1.bmp).
> 1.switch "database" and "url"
> 2.switch "udf" and "table"
> 3.then show "**", but correctly it should display one "*"
> I have modifyed with patch



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Resolved] (RANGER-1774) When the security admin and mysql service is not the same computer, the security admin was installed failed.

2017-09-14 Thread peng.jianhua (JIRA) 

 [ 
https://issues.apache.org/jira/browse/RANGER-1774?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

peng.jianhua resolved RANGER-1774.
--
Resolution: Invalid

> When the security admin and mysql service is not the same computer, the 
> security admin was installed failed.
> 
>
> Key: RANGER-1774
> URL: https://issues.apache.org/jira/browse/RANGER-1774
> Project: Ranger
>  Issue Type: Bug
>  Components: admin
>Affects Versions: 1.0.0, master
>Reporter: peng.jianhua
>Assignee: peng.jianhua
>  Labels: patch
> Attachments: grant-privileges.png, mysql-version.png
>
>
> The security admin installed fail based on mysql 5.5.35-log version(refer to 
> mysql-version.png). The error log is as following:
> {code}
> 2017-09-12 13:21:05,525  [JISQL] /usr/java/jdk/bin/java  -cp 
> /usr/share/java/mysql-connector-java.jar:/opt/ZDH/parcels/lib/ranger/ranger-admin/jisql/lib/*
>  org.apache.util.sql.Jisql -driver mysqlconj -cstring 
> jdbc:mysql://10.43.183.132/ranger -u 'rangeradmin' -p '' -noheader 
> -trim -c \; -query "SELECT version();"
> SQLException : SQL state: 28000 java.sql.SQLException: Access denied for user 
> 'rangeradmin'@'dap134-183' (using password: YES) ErrorCode: 1045
> {code}
> We should explicitly assign the ranger machine to access mysql using 'grant 
> all privileges' command. That is the following code segment should be add the 
> IP of the computer running security admin installer.
> {code:title=ranger/security-admin/scripts/dba_script.py|borderStyle=solid}
> hosts_arr =["%", "localhost"]
> if not self.host == "localhost": hosts_arr.append(self.host)
> for host in hosts_arr:
> ..
> query = get_cmd + " -query \"grant all privileges on %s.* to '%s'@'%s' with 
> grant option;\"" %(db_name,db_user, host)
> ..
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (RANGER-1774) When the security admin and mysql service is not the same computer, the security admin was installed failed.

2017-09-14 Thread peng.jianhua (JIRA) 

[ 
https://issues.apache.org/jira/browse/RANGER-1774?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16166123#comment-16166123
 ] 

peng.jianhua commented on RANGER-1774:
--

[~pradeep.agrawal], ok. this should be a problem with a particular version. I  
close the issue.

> When the security admin and mysql service is not the same computer, the 
> security admin was installed failed.
> 
>
> Key: RANGER-1774
> URL: https://issues.apache.org/jira/browse/RANGER-1774
> Project: Ranger
>  Issue Type: Bug
>  Components: admin
>Affects Versions: 1.0.0, master
>Reporter: peng.jianhua
>Assignee: peng.jianhua
>  Labels: patch
> Attachments: grant-privileges.png, mysql-version.png
>
>
> The security admin installed fail based on mysql 5.5.35-log version(refer to 
> mysql-version.png). The error log is as following:
> {code}
> 2017-09-12 13:21:05,525  [JISQL] /usr/java/jdk/bin/java  -cp 
> /usr/share/java/mysql-connector-java.jar:/opt/ZDH/parcels/lib/ranger/ranger-admin/jisql/lib/*
>  org.apache.util.sql.Jisql -driver mysqlconj -cstring 
> jdbc:mysql://10.43.183.132/ranger -u 'rangeradmin' -p '' -noheader 
> -trim -c \; -query "SELECT version();"
> SQLException : SQL state: 28000 java.sql.SQLException: Access denied for user 
> 'rangeradmin'@'dap134-183' (using password: YES) ErrorCode: 1045
> {code}
> We should explicitly assign the ranger machine to access mysql using 'grant 
> all privileges' command. That is the following code segment should be add the 
> IP of the computer running security admin installer.
> {code:title=ranger/security-admin/scripts/dba_script.py|borderStyle=solid}
> hosts_arr =["%", "localhost"]
> if not self.host == "localhost": hosts_arr.append(self.host)
> for host in hosts_arr:
> ..
> query = get_cmd + " -query \"grant all privileges on %s.* to '%s'@'%s' with 
> grant option;\"" %(db_name,db_user, host)
> ..
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Re: Review Request 62313: RANGER-1647: Allow Ranger policy conditions to use tag attributes and values in Ranger -- ranger0.7 branch

2017-09-14 Thread Abhay Kulkarni 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62313/#review185455
---




security-admin/src/main/java/org/apache/ranger/patch/PatchForTagServiceDefUpdate_J10008.java
Lines 165 (patched)


Please review this logic. It appears that preUpdateValue will always be 
null. Should the line 164 be as follows?

if(serviceDefOptionsPreUpdate == null || 
serviceDefOptionsPreUpdate.containsKey(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES))
 {

I think the idea is that the value of 
RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES before the 
updateServiceDef needs to be restored in the database if the updateServiceDef() 
call (line 154) causes the value of the option to be overwritten.


- Abhay Kulkarni


On Sept. 13, 2017, 11:33 p.m., Sailaja Polavarapu wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62313/
> ---
> 
> (Updated Sept. 13, 2017, 11:33 p.m.)
> 
> 
> Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, and Velmurugan 
> Periasamy.
> 
> 
> Bugs: RANGER-1647
> https://issues.apache.org/jira/browse/RANGER-1647
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Merged https://reviews.apache.org/r/60140/ to ranger-0.7 branch and added 
> patch file to handle upgrades.
> 
> 
> Diffs
> -
> 
>   
> security-admin/src/main/java/org/apache/ranger/patch/PatchForTagServiceDefUpdate_J10008.java
>  PRE-CREATION 
> 
> 
> Diff: https://reviews.apache.org/r/62313/diff/2/
> 
> 
> Testing
> ---
> 
> 1. Performed basic functionality tests
> 2. Ran all the unit tests with successfully.
> 
> 
> Thanks,
> 
> Sailaja Polavarapu
> 
>

Re: Review Request 61553: RANGER-1730 : Utility script that will list the users with a given role

2017-09-14 Thread Ramesh Mani 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/61553/#review185372
---




security-admin/src/main/java/org/apache/ranger/patch/cliutil/RoleBasedUserSearchUtil.java
Lines 63 (patched)


name variables as userRole. Follow this pattern



security-admin/src/main/java/org/apache/ranger/patch/cliutil/RoleBasedUserSearchUtil.java
Lines 133 (patched)


Please Indent the methods to start at same position, check all the methods



security-admin/src/main/java/org/apache/ranger/patch/cliutil/RoleBasedUserSearchUtil.java
Lines 141 (patched)


Please use Apache CollectionUtils.isEmpty() if possible. Check all the 
other occurances of other similar checks



security-admin/src/main/java/org/apache/ranger/patch/cliutil/RoleBasedUserSearchUtil.java
Lines 206 (patched)


Please check if currentEncryptedPassword can be null?



security-admin/src/main/java/org/apache/ranger/patch/cliutil/RoleBasedUserSearchUtil.java
Lines 209 (patched)


can existingRole be null? Please verify



security-admin/src/main/java/org/apache/ranger/patch/cliutil/RoleBasedUserSearchUtil.java
Lines 217 (patched)


if UserRole is going to be not null 
do UserRole.equalsIgnoreCase(existingRole.get(0)). Verify similar check and 
correct it where ever needed.



security-admin/src/main/java/org/apache/ranger/patch/cliutil/RoleBasedUserSearchUtil.java
Lines 242 (patched)


Change this flag variable to "isUserAuthorized"



security-admin/src/main/java/org/apache/ranger/patch/cliutil/RoleBasedUserSearchUtil.java
Lines 247 (patched)


Authorized?


- Ramesh Mani


On Sept. 14, 2017, 4:33 a.m., Fatima Khan wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/61553/
> ---
> 
> (Updated Sept. 14, 2017, 4:33 a.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay 
> Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan 
> Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1730
> https://issues.apache.org/jira/browse/RANGER-1730
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Actual :
> Provide utility to list user according to role.
> 
> Expected :
> Utility to list users for the given role based on thier authorization
> 
> 
> Diffs
> -
> 
>   security-admin/scripts/rolebasedusersearchutil.py PRE-CREATION 
>   
> security-admin/src/main/java/org/apache/ranger/patch/cliutil/RoleBasedUserSearchUtil.java
>  PRE-CREATION 
>   
> security-admin/src/test/java/org/apache/ranger/patch/cliutil/TestRoleBasedUserSearchUtil.java
>  PRE-CREATION 
>   src/main/assembly/admin-web.xml cb1aad2 
> 
> 
> Diff: https://reviews.apache.org/r/61553/diff/3/
> 
> 
> Testing
> ---
> 
> Tested on Simple against all roles
> Tested on Secure against all roles
> 
> 
> Thanks,
> 
> Fatima Khan
> 
>