Review Request 65829: Improvement on permission module for listing modules

[Fatima Khan]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/65829/
---

Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, 
Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and 
Sailaja Polavarapu.


Bugs: RANGER-1993
https://issues.apache.org/jira/browse/RANGER-1993


Repository: ranger


Description
---

1.On permission listing page, if there are many users/group added in modules 
and we do partial search then it gives pagination even when number of modules 
are 7.
2.On Policy Listing Page, we don't have partial search for users and groups.


Diffs
-

  
agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractPredicateUtil.java
 7583864 
  
security-admin/src/main/java/org/apache/ranger/service/XModuleDefServiceBase.java
 57cc694 


Diff: https://reviews.apache.org/r/65829/diff/1/


Testing
---

1.Tested on permission listing module: to show proper results even after 
applying filters.
2.Tested for all allowed filters on policy listing page, verified results after 
applying filters for user's name and group name  .


Thanks,

Fatima Khan

Re: Review Request 65739: RANGER-1985: Auditing for Ranger usersync operations

[Sailaja Polavarapu]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/65739/
---

(Updated Feb. 28, 2018, 6:34 a.m.)


Review request for ranger, Ankita Sinha, Gautam Borad, Abhay Kulkarni, Madhan 
Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
Polavarapu, and Velmurugan Periasamy.


Changes
---

Fixed PMD violations as well as added db scripts for all the db flavors


Bugs: RANGER-1985
https://issues.apache.org/jira/browse/RANGER-1985


Repository: ranger


Description
---

Added code to support auditing for Ranger Usersync operations. This includes 
auditing for all the sync sources (unix, file, and LDAP/AD) for every sync 
interval. Also includes Rest API for showing these audits in Ranger UI.


Diffs (updated)
-

  security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 69f3768e 
  security-admin/db/mysql/patches/031-create-schema-for-usersync-audit-info.sql 
PRE-CREATION 
  security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql 5abbcd0c 
  
security-admin/db/oracle/patches/031-create-schema-for-usersync-audit-info.sql 
PRE-CREATION 
  security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql 
6dfc8412 
  
security-admin/db/postgres/patches/031-create-schema-for-usersync-audit-info.sql
 PRE-CREATION 
  
security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql 
d016 
  
security-admin/db/sqlanywhere/patches/031-create-schema-for-usersync-audit-info.sql
 PRE-CREATION 
  security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql 
a2be2d4c 
  
security-admin/db/sqlserver/patches/031-create-schema-for-usersync-audit-info.sql
 PRE-CREATION 
  security-admin/src/main/java/org/apache/ranger/biz/AssetMgr.java 034053d2 
  security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java cecb3f8b 
  security-admin/src/main/java/org/apache/ranger/common/AppConstants.java 
4a02e26b 
  security-admin/src/main/java/org/apache/ranger/db/RangerDaoManagerBase.java 
db20a14a 
  security-admin/src/main/java/org/apache/ranger/db/XXUgsyncAuditInfoDao.java 
PRE-CREATION 
  security-admin/src/main/java/org/apache/ranger/entity/XXUgsyncAuditInfo.java 
PRE-CREATION 
  security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java 3c274e3f 
  security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java a07c243a 
  
security-admin/src/main/java/org/apache/ranger/security/context/RangerAPIList.java
 460c7fda 
  
security-admin/src/main/java/org/apache/ranger/service/XUgsyncAuditInfoService.java
 PRE-CREATION 
  
security-admin/src/main/java/org/apache/ranger/service/XUgsyncAuditInfoServiceBase.java
 PRE-CREATION 
  security-admin/src/main/java/org/apache/ranger/view/VXFileSyncSourceInfo.java 
PRE-CREATION 
  security-admin/src/main/java/org/apache/ranger/view/VXLdapSyncSourceInfo.java 
PRE-CREATION 
  security-admin/src/main/java/org/apache/ranger/view/VXUgsyncAuditInfo.java 
PRE-CREATION 
  
security-admin/src/main/java/org/apache/ranger/view/VXUgsyncAuditInfoList.java 
PRE-CREATION 
  security-admin/src/main/java/org/apache/ranger/view/VXUnixSyncSourceInfo.java 
PRE-CREATION 
  security-admin/src/main/resources/META-INF/jpa_named_queries.xml 786b4bfd 
  security-admin/src/main/resources/META-INF/persistence.xml 20f5bbac 
  
ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapDeltaUserGroupBuilder.java
 2852b320 
  
ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapPolicyMgrUserGroupBuilder.java
 18366ef1 
  
ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapUserGroupBuilder.java
 6b2648d9 
  
ugsync/src/main/java/org/apache/ranger/unixusersync/model/FileSyncSourceInfo.java
 PRE-CREATION 
  
ugsync/src/main/java/org/apache/ranger/unixusersync/model/LdapSyncSourceInfo.java
 PRE-CREATION 
  
ugsync/src/main/java/org/apache/ranger/unixusersync/model/UgsyncAuditInfo.java 
PRE-CREATION 
  
ugsync/src/main/java/org/apache/ranger/unixusersync/model/UnixSyncSourceInfo.java
 PRE-CREATION 
  
ugsync/src/main/java/org/apache/ranger/unixusersync/process/FileSourceUserGroupBuilder.java
 713c8688 
  
ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java
 864d884d 
  
ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java
 60ce08d1 
  ugsync/src/main/java/org/apache/ranger/usergroupsync/UserGroupSink.java 
494efc21 


Diff: https://reviews.apache.org/r/65739/diff/3/

Changes: https://reviews.apache.org/r/65739/diff/2-3/


Testing
---

1. Tested with different types of sync sources (Unix, File, and LDAP/AD)
2. Also tested with incremental sync enabled for AD sync source.
3. Tested the Rest API for showing audits in Ranger UI.


Thanks,

Sailaja Polavarapu

Re: Review Request 65828: Update tagsync to handle Atlas notifications of type V1 and V2

[Madhan Neethiraj]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/65828/#review198376
---


Fix it, then Ship it!





tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/EntityNotificationWrapper.java
Lines 47 (patched)


Consider extracting fields in the constructor itself and storing them as 
members, so that accessor methods can simply return them:
- RangerAtlasEntityentity;
- String   entityTypeName;
- entityNotificationType   notificationType;
- Map> allClassifications;
- boolean  isEntityTypeHandled;
- boolean  isEntityDeleteOp;



tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/EntityNotificationWrapper.java
Lines 158 (patched)


allClassifications could be null. Please update to handle this case.



tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/EntityNotificationWrapper.java
Lines 176 (patched)


allTraits could be null. Please update to handle this case.


- Madhan Neethiraj


On Feb. 28, 2018, 3:11 a.m., Abhay Kulkarni wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/65828/
> ---
> 
> (Updated Feb. 28, 2018, 3:11 a.m.)
> 
> 
> Review request for ranger and Madhan Neethiraj.
> 
> 
> Bugs: RANGER-1997
> https://issues.apache.org/jira/browse/RANGER-1997
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Atlas is upgraded to emit more efficient Entity Notifications (of type V2). 
> Tagsync is updated to handle them.
> 
> 
> Diffs
> -
> 
>   
> tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasNotificationMapper.java
>  91cf606af 
>   
> tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasTagSource.java
>  8c15ee58b 
>   
> tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/EntityNotificationWrapper.java
>  PRE-CREATION 
>   
> tagsync/src/main/java/org/apache/ranger/tagsync/source/atlasrest/RangerAtlasEntityWithTags.java
>  b25a24127 
> 
> 
> Diff: https://reviews.apache.org/r/65828/diff/1/
> 
> 
> Testing
> ---
> 
> Tested with local VM
> 
> 
> Thanks,
> 
> Abhay Kulkarni
> 
>

[jira] [Created] (RANGER-1998) Add ability to specify passwords for admin accounts during ranger install only.

[Fatima Amjad Khan (JIRA)]

Fatima Amjad Khan created RANGER-1998:
-

 Summary: Add ability to specify passwords for admin accounts 
during ranger install only.
 Key: RANGER-1998
 URL: https://issues.apache.org/jira/browse/RANGER-1998
 Project: Ranger
  Issue Type: Bug
  Components: Ranger
Affects Versions: 1.0.0
Reporter: Fatima Amjad Khan
Assignee: Fatima Amjad Khan
 Fix For: 1.0.0


1] Currently, when Ranger is installed admin,keyadmin, rangerusersync, 
rangertagsync users are seeded users and they are not configurable during the 
install process. This task is to provide a facility to specify the admin users 
password during ranger install.
2] This feature can only be used once, for changing the admin user password for 
more than one time, users can use Ranger UI or using change password utility.




--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (RANGER-1993) Improvement on permission module for listing modules

[Fatima Amjad Khan (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Fatima Amjad Khan updated RANGER-1993:
--
Attachment: 0001-RANGER-1993-Improvement-on-permission-module-for-lis.patch

> Improvement on permission module for listing modules
> 
>
> Key: RANGER-1993
> URL: https://issues.apache.org/jira/browse/RANGER-1993
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 1.0.0
>Reporter: Fatima Amjad Khan
>Assignee: Fatima Amjad Khan
>Priority: Major
> Fix For: 1.0.0
>
> Attachments: 
> 0001-RANGER-1993-Improvement-on-permission-module-for-lis.patch
>
>
> # On permission listing page, if there are many users/group added in modules 
> and we do partial search then it gives pagination even when number of modules 
> are 7.
>  # on Policy Listing Page, we don't have partial search for users and groups.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Re: Review Request 65793: RANGER-1991 : fix errors detected by static code analysis

[Velmurugan Periasamy]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/65793/#review198372
---


Ship it!




Ship It!

- Velmurugan Periasamy


On Feb. 27, 2018, 2:42 p.m., Zsombor Gegesy wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/65793/
> ---
> 
> (Updated Feb. 27, 2018, 2:42 p.m.)
> 
> 
> Review request for ranger.
> 
> 
> Bugs: RANGER-1991
> https://issues.apache.org/jira/browse/RANGER-1991
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> FindBugs/SpotBug detects a couple of problems with the code base:
> * Incorrect class casting - in XXServiceDef.equals
> * Unnecessary NPE checks - for variables which is known to be non-null (for 
> example, because in other places a method is called on that object). In 
> ServiceREST.java PublicAPIs.java, ServiceUtil.java and independently in 
> XUserMgr.java
> * Collection.contains method call which is never true - in 
> ServiceDBStore.validatePolicyItems for policyItem.getAccesses().contains("") 
> - because getAccesses doesn't store String objects
> * Making public partially initialized objects in 
> HadoopConfigHolder.initResourceMap()
> * Calling toString on array, which is not too readable
> 
> 
> Diffs
> -
> 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/client/HadoopConfigHolder.java
>  fd925aa4 
>   
> hdfs-agent/src/test/java/org/apache/ranger/services/hdfs/RangerHdfsAuthorizerTest.java
>  46f92ecb 
>   security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 
> 5665577d 
>   security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java cecb3f8b 
>   security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java 
> 56aa831f 
>   security-admin/src/main/java/org/apache/ranger/common/ServiceUtil.java 
> e82d33d3 
>   security-admin/src/main/java/org/apache/ranger/entity/XXServiceDef.java 
> 3d496831 
>   security-admin/src/main/java/org/apache/ranger/rest/PublicAPIs.java 
> 7818eb59 
>   security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 
> 017c2853 
> 
> 
> Diff: https://reviews.apache.org/r/65793/diff/2/
> 
> 
> Testing
> ---
> 
> Tested locally
> 
> 
> Thanks,
> 
> Zsombor Gegesy
> 
>

Review Request 65828: Update tagsync to handle Atlas notifications of type V1 and V2

[Abhay Kulkarni]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/65828/
---

Review request for ranger and Madhan Neethiraj.


Bugs: RANGER-1997
https://issues.apache.org/jira/browse/RANGER-1997


Repository: ranger


Description
---

Atlas is upgraded to emit more efficient Entity Notifications (of type V2). 
Tagsync is updated to handle them.


Diffs
-

  
tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasNotificationMapper.java
 91cf606af 
  
tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasTagSource.java
 8c15ee58b 
  
tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/EntityNotificationWrapper.java
 PRE-CREATION 
  
tagsync/src/main/java/org/apache/ranger/tagsync/source/atlasrest/RangerAtlasEntityWithTags.java
 b25a24127 


Diff: https://reviews.apache.org/r/65828/diff/1/


Testing
---

Tested with local VM


Thanks,

Abhay Kulkarni

Re: Review Request 65826: Change Atlas version from 0.8.2 to 1.0.0-SNAPSHOT

[Madhan Neethiraj]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/65826/#review198365
---


Ship it!




Ship It!

- Madhan Neethiraj


On Feb. 28, 2018, 12:43 a.m., Abhay Kulkarni wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/65826/
> ---
> 
> (Updated Feb. 28, 2018, 12:43 a.m.)
> 
> 
> Review request for ranger and Madhan Neethiraj.
> 
> 
> Bugs: RANGER-1996
> https://issues.apache.org/jira/browse/RANGER-1996
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Reapplied commit e8afb9faad81e7042877aa528635848a0043cb0c and appropriate 
> changes to RangerAtlasAuthorizer.
> 
> 
> Diffs
> -
> 
>   
> plugin-atlas/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasAuthorizer.java
>  542acf9c 
>   
> plugin-atlas/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasResource.java
>  f056f3e0 
>   pom.xml 294c422f 
>   
> ranger-atlas-plugin-shim/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasAuthorizer.java
>  1f82fccf 
>   src/main/assembly/tagsync.xml 0b17151b 
>   tagsync/pom.xml 8757f8d1 
>   
> tagsync/src/main/java/org/apache/ranger/tagsync/process/TagSynchronizer.java 
> b07cd34b 
>   
> tagsync/src/main/java/org/apache/ranger/tagsync/sink/tagadmin/TagAdminRESTSink.java
>  c34b6ead 
>   
> tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasEntityWithTraits.java
>  77dee01e 
>   
> tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasHbaseResourceMapper.java
>  8b36a318 
>   
> tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasHdfsResourceMapper.java
>  06bff906 
>   
> tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasHiveResourceMapper.java
>  a3596223 
>   
> tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasKafkaResourceMapper.java
>  09ae5d19 
>   
> tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasNotificationMapper.java
>  f007ae55 
>   
> tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasResourceMapper.java
>  8ececdf7 
>   
> tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasResourceMapperUtil.java
>  40a639bd 
>   
> tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasStormResourceMapper.java
>  4ed01ca1 
>   
> tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasTagSource.java
>  c382db01 
>   
> tagsync/src/main/java/org/apache/ranger/tagsync/source/atlasrest/AtlasRESTTagSource.java
>  4e0ae908 
>   
> tagsync/src/main/java/org/apache/ranger/tagsync/source/atlasrest/AtlasRESTUtil.java
>  00a101e7 
>   
> tagsync/src/main/java/org/apache/ranger/tagsync/source/atlasrest/RangerAtlasEntity.java
>  PRE-CREATION 
>   
> tagsync/src/main/java/org/apache/ranger/tagsync/source/atlasrest/RangerAtlasEntityWithTags.java
>  PRE-CREATION 
>   
> tagsync/src/test/java/org/apache/ranger/tagsync/process/TestHbaseResourceMapper.java
>  e990c280 
>   
> tagsync/src/test/java/org/apache/ranger/tagsync/process/TestHdfsResourceMapper.java
>  392b0967 
>   
> tagsync/src/test/java/org/apache/ranger/tagsync/process/TestHiveResourceMapper.java
>  7fde91a4 
>   
> tagsync/src/test/java/org/apache/ranger/tagsync/process/TestKafkaResourceMapper.java
>  3beb82f6 
> 
> 
> Diff: https://reviews.apache.org/r/65826/diff/1/
> 
> 
> Testing
> ---
> 
> Compiles clean and passed all unit tests
> 
> 
> Thanks,
> 
> Abhay Kulkarni
> 
>

Review Request 65826: Change Atlas version from 0.8.2 to 1.0.0-SNAPSHOT

[Abhay Kulkarni]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/65826/
---

Review request for ranger and Madhan Neethiraj.


Bugs: RANGER-1996
https://issues.apache.org/jira/browse/RANGER-1996


Repository: ranger


Description
---

Reapplied commit e8afb9faad81e7042877aa528635848a0043cb0c and appropriate 
changes to RangerAtlasAuthorizer.


Diffs
-

  
plugin-atlas/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasAuthorizer.java
 542acf9c 
  
plugin-atlas/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasResource.java
 f056f3e0 
  pom.xml 294c422f 
  
ranger-atlas-plugin-shim/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasAuthorizer.java
 1f82fccf 
  src/main/assembly/tagsync.xml 0b17151b 
  tagsync/pom.xml 8757f8d1 
  tagsync/src/main/java/org/apache/ranger/tagsync/process/TagSynchronizer.java 
b07cd34b 
  
tagsync/src/main/java/org/apache/ranger/tagsync/sink/tagadmin/TagAdminRESTSink.java
 c34b6ead 
  
tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasEntityWithTraits.java
 77dee01e 
  
tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasHbaseResourceMapper.java
 8b36a318 
  
tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasHdfsResourceMapper.java
 06bff906 
  
tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasHiveResourceMapper.java
 a3596223 
  
tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasKafkaResourceMapper.java
 09ae5d19 
  
tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasNotificationMapper.java
 f007ae55 
  
tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasResourceMapper.java
 8ececdf7 
  
tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasResourceMapperUtil.java
 40a639bd 
  
tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasStormResourceMapper.java
 4ed01ca1 
  
tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasTagSource.java
 c382db01 
  
tagsync/src/main/java/org/apache/ranger/tagsync/source/atlasrest/AtlasRESTTagSource.java
 4e0ae908 
  
tagsync/src/main/java/org/apache/ranger/tagsync/source/atlasrest/AtlasRESTUtil.java
 00a101e7 
  
tagsync/src/main/java/org/apache/ranger/tagsync/source/atlasrest/RangerAtlasEntity.java
 PRE-CREATION 
  
tagsync/src/main/java/org/apache/ranger/tagsync/source/atlasrest/RangerAtlasEntityWithTags.java
 PRE-CREATION 
  
tagsync/src/test/java/org/apache/ranger/tagsync/process/TestHbaseResourceMapper.java
 e990c280 
  
tagsync/src/test/java/org/apache/ranger/tagsync/process/TestHdfsResourceMapper.java
 392b0967 
  
tagsync/src/test/java/org/apache/ranger/tagsync/process/TestHiveResourceMapper.java
 7fde91a4 
  
tagsync/src/test/java/org/apache/ranger/tagsync/process/TestKafkaResourceMapper.java
 3beb82f6 


Diff: https://reviews.apache.org/r/65826/diff/1/


Testing
---

Compiles clean and passed all unit tests


Thanks,

Abhay Kulkarni

[jira] [Created] (RANGER-1996) Change Atlas version from 0.8.2 to 1.0.0-SNAPSHOT

[Abhay Kulkarni (JIRA)]

Abhay Kulkarni created RANGER-1996:
--

 Summary: Change Atlas version from 0.8.2 to 1.0.0-SNAPSHOT
 Key: RANGER-1996
 URL: https://issues.apache.org/jira/browse/RANGER-1996
 Project: Ranger
  Issue Type: Bug
  Components: Ranger
Affects Versions: master
Reporter: Abhay Kulkarni
 Fix For: master


Reapply commit 
[e8afb9faad81e7042877aa528635848a0043cb0c|https://git-wip-us.apache.org/repos/asf?p=ranger.git;a=object;h=e8afb9faad81e7042877aa528635848a0043cb0c]
 and appropriate changes to RangerAtlasAuthorizer.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Assigned] (RANGER-1996) Change Atlas version from 0.8.2 to 1.0.0-SNAPSHOT

[Abhay Kulkarni (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1996?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Abhay Kulkarni reassigned RANGER-1996:
--

Assignee: Abhay Kulkarni

> Change Atlas version from 0.8.2 to 1.0.0-SNAPSHOT
> -
>
> Key: RANGER-1996
> URL: https://issues.apache.org/jira/browse/RANGER-1996
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: master
>Reporter: Abhay Kulkarni
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: master
>
>
> Reapply commit 
> [e8afb9faad81e7042877aa528635848a0043cb0c|https://git-wip-us.apache.org/repos/asf?p=ranger.git;a=object;h=e8afb9faad81e7042877aa528635848a0043cb0c]
>  and appropriate changes to RangerAtlasAuthorizer.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (RANGER-1958) [HBase] Implement getUserPermissions API of AccessControlService.Interface to allow clients to access HBase permissions stored in Ranger

[Ramesh Mani (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-1958?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16379495#comment-16379495
 ] 

Ramesh Mani commented on RANGER-1958:
-

[~an...@apache.org] do you have patch ready for this?

> [HBase] Implement getUserPermissions API of AccessControlService.Interface to 
> allow clients to access HBase permissions stored in Ranger
> 
>
> Key: RANGER-1958
> URL: https://issues.apache.org/jira/browse/RANGER-1958
> Project: Ranger
>  Issue Type: Bug
>  Components: plugins
>Reporter: Ankit Singhal
>Priority: Major
>
> We have added the support of ACLs in Phoenix as part of PHOENIX-4198. 
> Currently, the implementation relies on some of the APIs provided by 
> AccessControlService.Interface to get the user permission of the table but we 
> see that the API "AccessControlService.Interface#getUserPermissions"  is not 
> yet implemented in Ranger authorization module for HBase and thus, we are 
> unable to access permissions stored for HBase Table in Phoenix.
> In class RangerAuthorizationCoprocessor
> {code}
> @Override
>   public void getUserPermissions(RpcController controller, 
> AccessControlProtos.GetUserPermissionsRequest request, 
> RpcCallback done) {
>   LOG.debug("getUserPermissions(): ");
>   }
> {code}
> If we just implement this API, we can leverage the current HBase Ranger 
> plugin for Phoenix too.
> Although the long-term solution for Ranger could be to implement the 
> coprocessor hooks for Phoenix as how it has been done for HBase so that we 
> can also authorize new entities like VIEW, SEQUENCES, FUNCTIONs  (which can 
> not be supported with native HBase ACLs) along with Table and Schema. 
> Let me know your thoughts, I can try to put up a patch soon.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Re: Prep for ranger-1.0.0 release

[Sailaja Polavarapu]

Thanks for all the feedback and +1s. I will be including latest version of 
kafka in ranger-1.0.0. But for Kylin, since there will be hadoop3 support 
release soon, it can be included in that.
-Sailaja.

On 2/23/18, 2:36 PM, "Zsombor Gegesy"  wrote:

+1 for Ranger 1.0 !

Regards,
 Zsombor

On Sat, Feb 24, 2018 at 5:03 AM, Velmurugan Periasamy 
wrote:

> +1 for Ranger 1.0 release.
>
> Thanks Sailaja for volunteering.
>
> From:  pengjianhua <35573...@qq.com>
> Reply-To:  "dev@ranger.apache.org" 
> Date:  Friday, February 23, 2018 at 4:55 AM
> To:  "dev@ranger.apache.org" 
> Subject:  Re: Prep for ranger-1.0.0 release
>
> I agree with Colm's point of view. Zhangqiang am developing this issue
> to upgrade Kafka whichwas delayed due to our Spring Festival.
>
> I also hope to merge the Apacke Kylin Plugin into the ranger 1.0.0. the
> 2.3.0 version of the Apache kylin is being voted. The Apacke Kylin
> Plugin of the ranger has been successfully applied in some business
> projects.
>
>
>
> Jianhua Peng
>
> 在 2018年02月23日 17:36, Colm O hEigeartaigh 写道:
> >  +1. It would be nice to get the Kafka upgrade in if possible, as
> currently
> >  we support a very old version of Kafka.
> >
> >  Colm.
> >
> >  On Fri, Feb 23, 2018 at 9:00 AM, Jianhua Peng 
> >  wrote:
> >
> >>  +1
> >>
> >>  On 2018/02/23 01:34:36, Sailaja Polavarapu <
> spolavar...@hortonworks.com>
> >>  wrote:
> >>>  Rangers:
> >>>  As we are planning to do a release of ranger 1.0.0 soon (tentatively
> >>  3/15/2018), I would like to create a branch ranger-1.0.0 for
> stabilizing
> >>  the release. All of the fixes should go into the master which will
> track
> >>  for our next major release and if needed will get cherry-picked into
> >>  ranger-1.0.0 release.
> >>>  I am volunteering to be the release manager for ranger 1.0.0 release.
> >>  Based on the discussion, current plan is to make the ranger 1.0.0
> release
> >>  with Hadoop 2.7.x (not Hadoop 3) and Atlas 0.8.2 as dependencies.
> >>>  Please let me know if any of you have any concerns and/or suggestions
> on
> >>  the release process.
> >>>  Thanks,
> >>>  Sailaja.
> >>>
> >
> >
>
>
>
>
>

[jira] [Created] (RANGER-1995) Ranger Release of 1.0.0

[Velmurugan Periasamy (JIRA)]

Velmurugan Periasamy created RANGER-1995:


 Summary: Ranger Release of 1.0.0
 Key: RANGER-1995
 URL: https://issues.apache.org/jira/browse/RANGER-1995
 Project: Ranger
  Issue Type: Task
  Components: Ranger
Reporter: Selvamohan Neethiraj
Assignee: Selvamohan Neethiraj
 Fix For: 0.7.0


Track all Release related activities



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Assigned] (RANGER-1995) Ranger Release of 1.0.0

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1995?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy reassigned RANGER-1995:


Assignee: Sailaja Polavarapu  (was: Selvamohan Neethiraj)

> Ranger Release of 1.0.0
> ---
>
> Key: RANGER-1995
> URL: https://issues.apache.org/jira/browse/RANGER-1995
> Project: Ranger
>  Issue Type: Task
>  Components: Ranger
>Reporter: Velmurugan Periasamy
>Assignee: Sailaja Polavarapu
>Priority: Blocker
> Fix For: 1.0.0
>
>
> Track all Release related activities



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (RANGER-1995) Ranger Release of 1.0.0

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1995?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-1995:
-
Fix Version/s: (was: 0.7.0)
   1.0.0

> Ranger Release of 1.0.0
> ---
>
> Key: RANGER-1995
> URL: https://issues.apache.org/jira/browse/RANGER-1995
> Project: Ranger
>  Issue Type: Task
>  Components: Ranger
>Reporter: Velmurugan Periasamy
>Assignee: Sailaja Polavarapu
>Priority: Blocker
> Fix For: 1.0.0
>
>
> Track all Release related activities



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (RANGER-1995) Ranger Release of 1.0.0

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1995?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-1995:
-
Reporter: Velmurugan Periasamy  (was: Selvamohan Neethiraj)

> Ranger Release of 1.0.0
> ---
>
> Key: RANGER-1995
> URL: https://issues.apache.org/jira/browse/RANGER-1995
> Project: Ranger
>  Issue Type: Task
>  Components: Ranger
>Reporter: Velmurugan Periasamy
>Assignee: Selvamohan Neethiraj
>Priority: Blocker
> Fix For: 1.0.0
>
>
> Track all Release related activities



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (RANGER-1991) Fix problems detected by static code analysis

[Ramesh Mani (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-1991?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16379083#comment-16379083
 ] 

Ramesh Mani commented on RANGER-1991:
-

[~zsombor] Never mind I see that RR there in email thread. Thanks.

> Fix problems detected by static code analysis
> -
>
> Key: RANGER-1991
> URL: https://issues.apache.org/jira/browse/RANGER-1991
> Project: Ranger
>  Issue Type: Bug
>  Components: admin
>Affects Versions: 0.7.1
>Reporter: Zsombor Gegesy
>Assignee: Zsombor Gegesy
>Priority: Minor
>  Labels: code-cleanup, findbugs
> Attachments: RANGER-1991.patch
>
>
> FindBugs/SpotBug detects a couple of problems with the code base:
>  * Incorrect class casting - in XXServiceDef.equals
>  * Unnecessary NPE checks - for variables which is known to be non-null (for 
> example, because in other places a method is called on that object). In 
> ServiceREST.java PublicAPIs.java, ServiceUtil.java and independently in 
> XUserMgr.java
>  * Collection.contains method call which is never true - in 
> ServiceDBStore.validatePolicyItems for policyItem.getAccesses().contains("") 
> - because getAccesses doesn't store String objects
>  * Making public partially initialized objects in 
> HadoopConfigHolder.initResourceMap()
>  * Calling toString on array, which is not too readable
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (RANGER-1991) Fix problems detected by static code analysis

[Ramesh Mani (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-1991?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16379080#comment-16379080
 ] 

Ramesh Mani commented on RANGER-1991:
-

[~zsombor] Please create an RR for this patch. Thanks.

> Fix problems detected by static code analysis
> -
>
> Key: RANGER-1991
> URL: https://issues.apache.org/jira/browse/RANGER-1991
> Project: Ranger
>  Issue Type: Bug
>  Components: admin
>Affects Versions: 0.7.1
>Reporter: Zsombor Gegesy
>Assignee: Zsombor Gegesy
>Priority: Minor
>  Labels: code-cleanup, findbugs
> Attachments: RANGER-1991.patch
>
>
> FindBugs/SpotBug detects a couple of problems with the code base:
>  * Incorrect class casting - in XXServiceDef.equals
>  * Unnecessary NPE checks - for variables which is known to be non-null (for 
> example, because in other places a method is called on that object). In 
> ServiceREST.java PublicAPIs.java, ServiceUtil.java and independently in 
> XUserMgr.java
>  * Collection.contains method call which is never true - in 
> ServiceDBStore.validatePolicyItems for policyItem.getAccesses().contains("") 
> - because getAccesses doesn't store String objects
>  * Making public partially initialized objects in 
> HadoopConfigHolder.initResourceMap()
>  * Calling toString on array, which is not too readable
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Re: Please Add me as contributor

[Velmurugan Periasamy]

Welcome aboard. I have added you as contributor.

From:  Nixon Rodrigues 
Reply-To:  "dev@ranger.apache.org" 
Date:  Tuesday, February 27, 2018 at 11:24 AM
To:  "dev@ranger.apache.org" 
Subject:  Please Add me as contributor

Hi

Please Add me as contributor, my apache jira id is *nixonrodrigues*

Thanks

Nixon

Please Add me as contributor

[Nixon Rodrigues]

Hi

Please Add me as contributor, my apache jira id is *nixonrodrigues*

Thanks

Nixon

Re: Review Request 65793: RANGER-1991 : fix errors detected by static code analysis

[Zsombor Gegesy]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/65793/
---

(Updated Feb. 27, 2018, 2:42 p.m.)


Review request for ranger.


Bugs: RANGER-1991
https://issues.apache.org/jira/browse/RANGER-1991


Repository: ranger


Description
---

FindBugs/SpotBug detects a couple of problems with the code base:
* Incorrect class casting - in XXServiceDef.equals
* Unnecessary NPE checks - for variables which is known to be non-null (for 
example, because in other places a method is called on that object). In 
ServiceREST.java PublicAPIs.java, ServiceUtil.java and independently in 
XUserMgr.java
* Collection.contains method call which is never true - in 
ServiceDBStore.validatePolicyItems for policyItem.getAccesses().contains("") - 
because getAccesses doesn't store String objects
* Making public partially initialized objects in 
HadoopConfigHolder.initResourceMap()
* Calling toString on array, which is not too readable


Diffs (updated)
-

  
agents-common/src/main/java/org/apache/ranger/plugin/client/HadoopConfigHolder.java
 fd925aa4 
  
hdfs-agent/src/test/java/org/apache/ranger/services/hdfs/RangerHdfsAuthorizerTest.java
 46f92ecb 
  security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 
5665577d 
  security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java cecb3f8b 
  security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java 
56aa831f 
  security-admin/src/main/java/org/apache/ranger/common/ServiceUtil.java 
e82d33d3 
  security-admin/src/main/java/org/apache/ranger/entity/XXServiceDef.java 
3d496831 
  security-admin/src/main/java/org/apache/ranger/rest/PublicAPIs.java 7818eb59 
  security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 017c2853 


Diff: https://reviews.apache.org/r/65793/diff/2/

Changes: https://reviews.apache.org/r/65793/diff/1-2/


Testing
---

Tested locally


Thanks,

Zsombor Gegesy

Re: servicedef validation - implClass

[Nigel Jones]

Quick update... I worked around this for now by implementing a dummy
resource lookup class and deploying to the server.

On Tue, 27 Feb 2018 at 13:08 Nigel Jones  wrote:

> Having tried this against master (for about a week ago) I am still getting
> the same issue deploying the plugin on a base ranger install (it works ok
> in HDP)
>
> The exception trace in the log included as an attachment
>
> My ews/lib directory does include
> ranger-plugins-common-1.0.0-SNAPSHOT.jar
>
> and is readable by the user ranger is started with
>
> It is also available within ews/webapp/WEB-INF/lib
>
> Currently my implClass is blank
>
> Any ideas?
>
> On Sat, 3 Feb 2018 at 00:37 Ramesh Mani  wrote:
>
>> Nigel,
>>
>> Could you please provide the exception stack that is printed along with
>> error message you are showing. Please check in xa_portal.log ( Ranger
>> log).
>>
>> Also check in Ranger class path ranger-plugins-common*jar is there. Check
>> in {install.dir}/ranger-admin/ews/lib and
>> {install.dir}/ranger-admin/ews/webapp/WEB-INF/lib and it has the necessary
>> permission for the process user who start ranger admin.
>>
>> As you notice it should have used the base implementation when you leave
>> implClass blank / or not in the service def.
>>
>> Regards,
>> Ramesh
>>
>>
>> On 2/2/18, 6:24 AM, "Nigel Jones"  wrote:
>>
>> >We're currently writing a Ranger plugin for an open source virtual
>> >database driver known as ŒGaianDB¹.
>> >
>> >We have the basics of a plugin working, but today a colleague tried to
>> >setup our plugin, and on their ranger install they could not create an
>> >instance of our ranger service, hitting the error
>> >
>> >"Gaian failed to find service class
>> >org.apache.ranger.services.gaiandb.RangerServiceGaian. Resource lookup
>> >will not be available. Please make sure plugin jar is in the correct
>> >place.²
>> >
>> >I had expected this to be a warning (fair enough), but it actually
>> >prevents the UI from saving the service instance, and so Gaian related
>> >policies cannot be created.
>> >
>> >They got this on I think a) an old 0.6.x build, and 0.7.1.
>> >Meanwhile I had been using a HDP 2.6.3 setup, which comes with 0.7.0 and
>> >with the same service definition did NOT of course hit this error.
>> >
>> >We haven¹t actually deployed any plugin code to the ranger server (yet)
>> >since we have not implemented the resource lookup capability. We had
>> >though specified an implClass in the servicedef. It¹s a later task :-)
>> >
>> >Looking at the ranger code in ServiceMgr.java it seems as if an empty
>> >string should cause ranger to use a default class. We tried this, as well
>> >as specifying the org.apache.ranger.plugin.service.RangerDefaultService
>> >class, but had the same error in both cases. I was though looking at code
>> >in master and see there have been a few changes
>> >
>> >Any suggestions as to how to persuade 0.7.0 to load the servicedef (other
>> >than implement the class required, albeit a no-op oneŠ?), or an
>> >explanation as to why we might see different behaviour?
>> >
>> >I¹m setting up a ranger install off master to debug/check latest codeŠ.
>> >
>> >For info the servicedef begins:
>> >{
>> >  "id":99,
>> >  "name": "gaian",
>> >  "implClass": "org.apache.ranger.services.gaiandb.RangerServiceGaian",
>> >  "label": "Gaian",
>> >  "description": "Gaian",
>> >  "options": {
>> >"enableDenyAndExceptionsInPolicies": "true"
>> >  },
>> >"guid": "86d10748-e4fc-442b-8991-f6a727054ece",
>> >
>> >  "resources": [
>> >The full version can be found in
>> >https://issues.apache.org/jira/browse/RANGER-1699
>> > - see the latest
>> >attachment. Not as a patch as currently getting things working in a diff.
>> >Build tree
>> >
>> >If it seems like a bug (rather than a newbie error or specific to hdp)
>> >let me know and I¹ll open a jira!
>> >
>> >Many thanks
>> >Nigel.
>> >
>> >
>> >
>>
>>

[jira] [Created] (RANGER-1994) Tomcat Security Vulnerability Alert. The version of the tomcat for ranger should upgrade to 7.0.85.

[Qiang Zhang (JIRA)]

Qiang Zhang created RANGER-1994:
---

 Summary: Tomcat Security Vulnerability Alert. The version of the 
tomcat for ranger should upgrade to 7.0.85.
 Key: RANGER-1994
 URL: https://issues.apache.org/jira/browse/RANGER-1994
 Project: Ranger
  Issue Type: Bug
  Components: Ranger
Reporter: Qiang Zhang
Assignee: Qiang Zhang


[SECURITY] CVE-2018-1305 Security constraint annotations applied too late

CVE-2018-1305 Security constraint annotations applied too late

Severity: High 

Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.4 Apache Tomcat 8.5.0 to 
8.5.27 Apache Tomcat 8.0.0.RC1 to 8.0.49 Apache Tomcat 7.0.0 to 7.0.84

Description: Security constraints defined by annotations of Servlets were only 
applied once a Servlet had been loaded. Because security constraints defined in 
this way apply to the URL pattern and any URLs below that point, it was 
possible - depending on the order Servlets were loaded - for some security 
constraints not to be applied. This could have exposed resources to users who 
were not authorised to access them.

Mitigation: Users of the affected versions should apply one of the following 
mitigations. Upgrade to: - Apache Tomcat 9.0.5 or later - Apache Tomcat 8.5.28 
or later - Apache Tomcat 8.0.50 or later - Apache Tomcat 7.0.85 or later

References:https://lists.apache.org/thread.html/d3354bb0a4eda4acc0a66f3eb24a213fdb75d12c7d16060b23e65781@%3Cannounce.tomcat.apache.org%3E



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Re: servicedef validation - implClass

[Nigel Jones]

Having tried this against master (for about a week ago) I am still getting
the same issue deploying the plugin on a base ranger install (it works ok
in HDP)

The exception trace in the log included as an attachment

My ews/lib directory does include
ranger-plugins-common-1.0.0-SNAPSHOT.jar

and is readable by the user ranger is started with

It is also available within ews/webapp/WEB-INF/lib

Currently my implClass is blank

Any ideas?

On Sat, 3 Feb 2018 at 00:37 Ramesh Mani  wrote:

> Nigel,
>
> Could you please provide the exception stack that is printed along with
> error message you are showing. Please check in xa_portal.log ( Ranger log).
>
> Also check in Ranger class path ranger-plugins-common*jar is there. Check
> in {install.dir}/ranger-admin/ews/lib and
> {install.dir}/ranger-admin/ews/webapp/WEB-INF/lib and it has the necessary
> permission for the process user who start ranger admin.
>
> As you notice it should have used the base implementation when you leave
> implClass blank / or not in the service def.
>
> Regards,
> Ramesh
>
>
> On 2/2/18, 6:24 AM, "Nigel Jones"  wrote:
>
> >We're currently writing a Ranger plugin for an open source virtual
> >database driver known as ŒGaianDB¹.
> >
> >We have the basics of a plugin working, but today a colleague tried to
> >setup our plugin, and on their ranger install they could not create an
> >instance of our ranger service, hitting the error
> >
> >"Gaian failed to find service class
> >org.apache.ranger.services.gaiandb.RangerServiceGaian. Resource lookup
> >will not be available. Please make sure plugin jar is in the correct
> >place.²
> >
> >I had expected this to be a warning (fair enough), but it actually
> >prevents the UI from saving the service instance, and so Gaian related
> >policies cannot be created.
> >
> >They got this on I think a) an old 0.6.x build, and 0.7.1.
> >Meanwhile I had been using a HDP 2.6.3 setup, which comes with 0.7.0 and
> >with the same service definition did NOT of course hit this error.
> >
> >We haven¹t actually deployed any plugin code to the ranger server (yet)
> >since we have not implemented the resource lookup capability. We had
> >though specified an implClass in the servicedef. It¹s a later task :-)
> >
> >Looking at the ranger code in ServiceMgr.java it seems as if an empty
> >string should cause ranger to use a default class. We tried this, as well
> >as specifying the org.apache.ranger.plugin.service.RangerDefaultService
> >class, but had the same error in both cases. I was though looking at code
> >in master and see there have been a few changes
> >
> >Any suggestions as to how to persuade 0.7.0 to load the servicedef (other
> >than implement the class required, albeit a no-op oneŠ?), or an
> >explanation as to why we might see different behaviour?
> >
> >I¹m setting up a ranger install off master to debug/check latest codeŠ.
> >
> >For info the servicedef begins:
> >{
> >  "id":99,
> >  "name": "gaian",
> >  "implClass": "org.apache.ranger.services.gaiandb.RangerServiceGaian",
> >  "label": "Gaian",
> >  "description": "Gaian",
> >  "options": {
> >"enableDenyAndExceptionsInPolicies": "true"
> >  },
> >"guid": "86d10748-e4fc-442b-8991-f6a727054ece",
> >
> >  "resources": [
> >The full version can be found in
> >https://issues.apache.org/jira/browse/RANGER-1699
> > - see the latest
> >attachment. Not as a patch as currently getting things working in a diff.
> >Build tree
> >
> >If it seems like a bug (rather than a newbie error or specific to hdp)
> >let me know and I¹ll open a jira!
> >
> >Many thanks
> >Nigel.
> >
> >
> >
>
>

[jira] [Updated] (RANGER-1967) The Ranger support the Kafka 1.0.0

[Zsombor Gegesy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1967?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Zsombor Gegesy updated RANGER-1967:
---
Attachment: RANGER-1967-3.patch

> The Ranger support the Kafka 1.0.0
> --
>
> Key: RANGER-1967
> URL: https://issues.apache.org/jira/browse/RANGER-1967
> Project: Ranger
>  Issue Type: New Feature
>  Components: plugins
>Reporter: Qiang Zhang
>Assignee: Zsombor Gegesy
>Priority: Major
>  Labels: newbie, patch
> Attachments: RANGER-1967-2.patch, RANGER-1967-3.patch, 
> RANGER-1967.patch
>
>
> Now the Ranger don't support the Kafka 1.0.0. We should support the Kafka 
> 1.0.0.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Re: Review Request 65777: RANGER-1967 - Kafka 1.0 support

[Zsombor Gegesy]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/65777/
---

(Updated Feb. 27, 2018, 11:17 a.m.)


Review request for ranger.


Changes
---

Implementing suggested changes


Bugs: RANGER-1967
https://issues.apache.org/jira/browse/RANGER-1967


Repository: ranger


Description
---

The API changes are not too big, however running Kafka in embedded mode turned 
out to be a bit trickier beast. I had to add a couple of new flags, otherwise 
it would wait for 2 other broker to join.
 The commit also contains logging changes, even a test log4j configuration, 
just to make the debugging easier.


Diffs (updated)
-

  agents-audit/pom.xml 4fa44c5f 
  plugin-kafka/pom.xml f644646b 
  
plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java
 b3d5a74d 
  
plugin-kafka/src/test/java/org/apache/ranger/authorization/kafka/authorizer/KafkaRangerAuthorizerGSSTest.java
 4ea39ed7 
  
plugin-kafka/src/test/java/org/apache/ranger/authorization/kafka/authorizer/KafkaRangerAuthorizerSASLSSLTest.java
 fb541cd3 
  
plugin-kafka/src/test/java/org/apache/ranger/authorization/kafka/authorizer/KafkaRangerAuthorizerTest.java
 fb0a2c0f 
  plugin-kafka/src/test/resources/log4j.properties PRE-CREATION 
  pom.xml 294c422f 
  ranger-kafka-plugin-shim/pom.xml f1aeee6f 


Diff: https://reviews.apache.org/r/65777/diff/3/

Changes: https://reviews.apache.org/r/65777/diff/2-3/


Testing
---

Unit & local tests


Thanks,

Zsombor Gegesy

Re: Review Request 65777: RANGER-1967 - Kafka 1.0 support

[Zsombor Gegesy]

> On Feb. 26, 2018, 4:30 p.m., Colm O hEigeartaigh wrote:
> > > JaasContext context = JaasContext.load(Type.SERVER, new 
> > > ListenerName("KafkaServer"), configs);
> > 
> > Should "KafkaServer" be configurable here?
> > 
> > Apart from that looks good to me - have you tested the plugin with a Kafka 
> > 1.0.0 deployment?
> 
> Qiang Zhang wrote:
> We configure listeners in server.properties as following:
> listeners=SASL_PLAINTEXT://HDC90:9092
> 
> In order to above function, I write following code and execute succefully:
> String listeners = (String)configs.get("listeners");
> ...
> JaasContext jaasContext = JaasContext.load(JaasContext.Type.SERVER, new 
> ListenerName(listeners.split(":")[0]), configs);
> 
> ListenerName("KafkaServer")
> 
> "KafkaServer" should equal to SASL_PLAINTEXT.

Adding a configurable option for specifying ListenerName is a good idea. 
This hardcoded "KafkaServer" will force using the 'KafkaServer' JAAS 
configuration - which makes our tests happy. However, If the user could specify 
this JAAS configuration name, they could pick any, which suits them, if needed, 
however the SASL_PLAINTEXT seems a better default configuration.
As I understood, there could be multiple listeners in kafka, so blindly parsing 
the 'listeners' could cause some trouble.


- Zsombor


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/65777/#review198284
---


On Feb. 24, 2018, 10:08 a.m., Zsombor Gegesy wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/65777/
> ---
> 
> (Updated Feb. 24, 2018, 10:08 a.m.)
> 
> 
> Review request for ranger.
> 
> 
> Bugs: RANGER-1967
> https://issues.apache.org/jira/browse/RANGER-1967
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> The API changes are not too big, however running Kafka in embedded mode 
> turned out to be a bit trickier beast. I had to add a couple of new flags, 
> otherwise it would wait for 2 other broker to join.
>  The commit also contains logging changes, even a test log4j configuration, 
> just to make the debugging easier.
> 
> 
> Diffs
> -
> 
>   agents-audit/pom.xml 4fa44c5f 
>   plugin-kafka/pom.xml f644646b 
>   
> plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java
>  b3d5a74d 
>   
> plugin-kafka/src/test/java/org/apache/ranger/authorization/kafka/authorizer/KafkaRangerAuthorizerGSSTest.java
>  4ea39ed7 
>   
> plugin-kafka/src/test/java/org/apache/ranger/authorization/kafka/authorizer/KafkaRangerAuthorizerSASLSSLTest.java
>  fb541cd3 
>   
> plugin-kafka/src/test/java/org/apache/ranger/authorization/kafka/authorizer/KafkaRangerAuthorizerTest.java
>  fb0a2c0f 
>   plugin-kafka/src/test/resources/log4j.properties PRE-CREATION 
>   pom.xml fa1d1c7b 
>   ranger-kafka-plugin-shim/pom.xml f1aeee6f 
> 
> 
> Diff: https://reviews.apache.org/r/65777/diff/2/
> 
> 
> Testing
> ---
> 
> Unit & local tests
> 
> 
> Thanks,
> 
> Zsombor Gegesy
> 
>

[jira] [Commented] (RANGER-1972) Ability to label policies, filter/search and show policies by labels

[bhavik patel (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-1972?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16378306#comment-16378306
 ] 

bhavik patel commented on RANGER-1972:
--

Commit link for master : 
https://github.com/apache/ranger/commit/44b3738480032c5304aa3f1c2d75e6808d31cc65

> Ability to label policies, filter/search and show policies by labels
> 
>
> Key: RANGER-1972
> URL: https://issues.apache.org/jira/browse/RANGER-1972
> Project: Ranger
>  Issue Type: New Feature
>  Components: Ranger
>Affects Versions: 1.0.0
>Reporter: bhavik patel
>Assignee: bhavik patel
>Priority: Major
> Fix For: 1.0.0
>
> Attachments: RANGER-1972-master-01.patch, 
> RANGER-1972-master-02.patch, RANGER-1972-master-03.patch, 
> RANGER-1972-master.patch
>
>
> In Ranger Admin, need a feature to be able to group (for example by tenant 
> name or business unit) sets of policies with one or more labels that are 
> relevant to business. 
> Furthermore, Need to able to search policies on this additional set of 
> labels. This will be useful for export/import policies as well.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (RANGER-1982) Error Improvement for Analytics Metric of Ranger Admin and Ranger Kms

[Fatima Amjad Khan (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-1982?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16378295#comment-16378295
 ] 

Fatima Amjad Khan commented on RANGER-1982:
---

committed the improved patch on 
[master|https://github.com/apache/ranger/commit/7954cbbcd90500ec90d425aa20ca7e2fba34d695]

> Error Improvement for Analytics Metric of Ranger Admin and Ranger Kms
> -
>
> Key: RANGER-1982
> URL: https://issues.apache.org/jira/browse/RANGER-1982
> Project: Ranger
>  Issue Type: Bug
>  Components: kms, Ranger
>Affects Versions: 1.0.0
>Reporter: Fatima Amjad Khan
>Assignee: Fatima Amjad Khan
>Priority: Major
> Fix For: 1.0.0
>
> Attachments: 0001-RANGER-1982-V2.patch, RANGER-1982.patch
>
>
> Improve Error handling in analytical metrics of ranger admin and ranger kms



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (RANGER-1993) Improvement on permission module for listing modules

[Fatima Amjad Khan (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Fatima Amjad Khan updated RANGER-1993:
--
Attachment: (was: 
0001-RANGER-1993-Improvement-on-permission-module-for-lis.patch)

> Improvement on permission module for listing modules
> 
>
> Key: RANGER-1993
> URL: https://issues.apache.org/jira/browse/RANGER-1993
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 1.0.0
>Reporter: Fatima Amjad Khan
>Assignee: Fatima Amjad Khan
>Priority: Major
> Fix For: 1.0.0
>
>
> # On permission listing page, if there are many users/group added in modules 
> and we do partial search then it gives pagination even when number of modules 
> are 7.
>  # on Policy Listing Page, we don't have partial search for users and groups.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (RANGER-1993) Improvement on permission module for listing modules

[Fatima Amjad Khan (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Fatima Amjad Khan updated RANGER-1993:
--
Attachment: 0001-RANGER-1993-Improvement-on-permission-module-for-lis.patch

> Improvement on permission module for listing modules
> 
>
> Key: RANGER-1993
> URL: https://issues.apache.org/jira/browse/RANGER-1993
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 1.0.0
>Reporter: Fatima Amjad Khan
>Assignee: Fatima Amjad Khan
>Priority: Major
> Fix For: 1.0.0
>
>
> # On permission listing page, if there are many users/group added in modules 
> and we do partial search then it gives pagination even when number of modules 
> are 7.
>  # on Policy Listing Page, we don't have partial search for users and groups.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Created] (RANGER-1993) Improvement on permission module for listing modules

[Fatima Amjad Khan (JIRA)]

Fatima Amjad Khan created RANGER-1993:
-

 Summary: Improvement on permission module for listing modules
 Key: RANGER-1993
 URL: https://issues.apache.org/jira/browse/RANGER-1993
 Project: Ranger
  Issue Type: Bug
  Components: Ranger
Affects Versions: 1.0.0
Reporter: Fatima Amjad Khan
Assignee: Fatima Amjad Khan
 Fix For: 1.0.0


# On permission listing page, if there are many users/group added in modules 
and we do partial search then it gives pagination even when number of modules 
are 7.
 # on Policy Listing Page, we don't have partial search for users and groups.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)