[jira] [Commented] (RANGER-2856) A policy should be deleted if it has no policyItems
[ https://issues.apache.org/jira/browse/RANGER-2856?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17133923#comment-17133923 ] Madhan Neethiraj commented on RANGER-2856: -- [~RickyMa] - instead of handling such optimization in lower level {{updatePolicy()}} method, which is called from many different contexts, I suggest to consider adding a new REST API to purge empty policies, like: {code:java} public class PublicAPIsv2 { ... @DELETE @Path("/api/server/purgepolicies/{serviceName}") @PreAuthorize("hasRole('ROLE_SYS_ADMIN')") public List purgeEmptyPolicies(@PathParam("serviceName", @Context HttpServletRequest request) String serviceName) { ... } ... } {code} > A policy should be deleted if it has no policyItems > --- > > Key: RANGER-2856 > URL: https://issues.apache.org/jira/browse/RANGER-2856 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: master >Reporter: RickyMa >Priority: Minor > Fix For: master > > Attachments: RANGER-2856.patch > > Time Spent: 10m > Remaining Estimate: 0h > > Condition: A policy contains only one policyItem and the policyItem only sets > one user and no groups. > Action: Delete the user in the policyItem using API: > '[http://ip:6080/service/xusers/users/\{id}?forceDelete=true'|http://ip:6080/service/xusers/users/id?forceDelete=true%27,] > Result: The policy still exists, but it has no policyItems. A policy with no > policyItems is completely meaningless and it should be deleted. -- This message was sent by Atlassian Jira (v8.3.4#803005)
Re: Review Request 72588: RANGER-2856: A policy should be deleted if it has no policyItems
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/72588/#review220999 --- Why you want to delete such policies. Can you give more details on your side use case or the problem you are facing here. Also there could be many users who want such policies as madhan explained above. So if you really want this fix in your environment i would suggest to make it configurable through either approach: 1) At the service level through service config page and add a custom property there. if the value of that property is set to true then only your code shall delete the policy. by default property shall not be there so its value will be false and in that case policies should not be deleted. or 2) The same configuration can be added at the application level in ranger-admin-default-site.xml and default value shall be false and in that case policies should not be deleted. - Pradeep Agrawal On June 11, 2020, 5:51 p.m., Haoxiang Ma wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/72588/ > --- > > (Updated June 11, 2020, 5:51 p.m.) > > > Review request for ranger. > > > Bugs: RANGER-2856 > https://issues.apache.org/jira/browse/RANGER-2856 > > > Repository: ranger > > > Description > --- > > A policy should be deleted if it has no policyItems > > > Diffs > - > > security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java > 9be61f2eb > > > Diff: https://reviews.apache.org/r/72588/diff/1/ > > > Testing > --- > > 1.Compilation OK > 2.Already used in production environment > > > Thanks, > > Haoxiang Ma > >
[jira] [Commented] (RANGER-2856) A policy should be deleted if it has no policyItems
[ https://issues.apache.org/jira/browse/RANGER-2856?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17133901#comment-17133901 ] RickyMa commented on RANGER-2856: - [~madhan] : I added an if condition to dispel your worries about audit logs. In our situation, we have a very high employee turnover rate and large numbers of employees. So we need to delete users in Ranger more frequently than others. That's why we are more likely to face this issue. We have tens of thousands of policies in Ranger and as time goes by, most of them will be meaningless policies which have no policyItems. And this can be a great performance issue in our condition. Because a large number of useless policies are synchronized to plugins every time the policies are updated(created,updated,deleted). And every time Ranger is managing an access control, it has to filter a lot of redundant policies. This is a great performance issue as I think. > A policy should be deleted if it has no policyItems > --- > > Key: RANGER-2856 > URL: https://issues.apache.org/jira/browse/RANGER-2856 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: master >Reporter: RickyMa >Priority: Minor > Fix For: master > > Attachments: RANGER-2856.patch > > Time Spent: 10m > Remaining Estimate: 0h > > Condition: A policy contains only one policyItem and the policyItem only sets > one user and no groups. > Action: Delete the user in the policyItem using API: > '[http://ip:6080/service/xusers/users/\{id}?forceDelete=true'|http://ip:6080/service/xusers/users/id?forceDelete=true%27,] > Result: The policy still exists, but it has no policyItems. A policy with no > policyItems is completely meaningless and it should be deleted. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (RANGER-2856) A policy should be deleted if it has no policyItems
[ https://issues.apache.org/jira/browse/RANGER-2856?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] RickyMa updated RANGER-2856: Attachment: (was: RANGER-2856.patch) > A policy should be deleted if it has no policyItems > --- > > Key: RANGER-2856 > URL: https://issues.apache.org/jira/browse/RANGER-2856 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: master >Reporter: RickyMa >Priority: Minor > Fix For: master > > Attachments: RANGER-2856.patch > > Time Spent: 10m > Remaining Estimate: 0h > > Condition: A policy contains only one policyItem and the policyItem only sets > one user and no groups. > Action: Delete the user in the policyItem using API: > '[http://ip:6080/service/xusers/users/\{id}?forceDelete=true'|http://ip:6080/service/xusers/users/id?forceDelete=true%27,] > Result: The policy still exists, but it has no policyItems. A policy with no > policyItems is completely meaningless and it should be deleted. -- This message was sent by Atlassian Jira (v8.3.4#803005)
Re: Review Request 72588: RANGER-2856: A policy should be deleted if it has no policyItems
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/72588/#review220997 --- The side effect is deleting such policies is potential skipping of audit logs for the resources covered by the policy i.e. if there is no audit-enabled policy that matches the accessed resource, Ranger plugins would not generate audit logs. I suggest to not delete policies having no items automatically. - Madhan Neethiraj On June 11, 2020, 5:51 p.m., Haoxiang Ma wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/72588/ > --- > > (Updated June 11, 2020, 5:51 p.m.) > > > Review request for ranger. > > > Bugs: RANGER-2856 > https://issues.apache.org/jira/browse/RANGER-2856 > > > Repository: ranger > > > Description > --- > > A policy should be deleted if it has no policyItems > > > Diffs > - > > security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java > 9be61f2eb > > > Diff: https://reviews.apache.org/r/72588/diff/1/ > > > Testing > --- > > 1.Compilation OK > 2.Already used in production environment > > > Thanks, > > Haoxiang Ma > >
[jira] [Commented] (RANGER-2856) A policy should be deleted if it has no policyItems
[ https://issues.apache.org/jira/browse/RANGER-2856?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17133587#comment-17133587 ] Madhan Neethiraj commented on RANGER-2856: -- The side effect is deleting such policies is potential skipping of audit logs for the resources covered by the policy i.e. if there is no audit-enabled policy that matches the accessed resource, Ranger plugins would not generate audit logs. I suggest to not delete policies having no items automatically. > A policy should be deleted if it has no policyItems > --- > > Key: RANGER-2856 > URL: https://issues.apache.org/jira/browse/RANGER-2856 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: master >Reporter: RickyMa >Priority: Minor > Fix For: master > > Attachments: RANGER-2856.patch > > Time Spent: 10m > Remaining Estimate: 0h > > Condition: A policy contains only one policyItem and the policyItem only sets > one user and no groups. > Action: Delete the user in the policyItem using API: > '[http://ip:6080/service/xusers/users/\{id}?forceDelete=true'|http://ip:6080/service/xusers/users/id?forceDelete=true%27,] > Result: The policy still exists, but it has no policyItems. A policy with no > policyItems is completely meaningless and it should be deleted. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (RANGER-2856) A policy should be deleted if it has no policyItems
[ https://issues.apache.org/jira/browse/RANGER-2856?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17133534#comment-17133534 ] RickyMa commented on RANGER-2856: - A simple patch to fix this bug. Pull Request and Review link is ready. Can anyone please merge this? > A policy should be deleted if it has no policyItems > --- > > Key: RANGER-2856 > URL: https://issues.apache.org/jira/browse/RANGER-2856 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: master >Reporter: RickyMa >Priority: Minor > Fix For: master > > Attachments: RANGER-2856.patch > > Time Spent: 10m > Remaining Estimate: 0h > > Condition: A policy contains only one policyItem and the policyItem only sets > one user and no groups. > Action: Delete the user in the policyItem using API: > '[http://ip:6080/service/xusers/users/\{id}?forceDelete=true'|http://ip:6080/service/xusers/users/id?forceDelete=true%27,] > Result: The policy still exists, but it has no policyItems. A policy with no > policyItems is completely meaningless and it should be deleted. -- This message was sent by Atlassian Jira (v8.3.4#803005)
Review Request 72588: RANGER-2856: A policy should be deleted if it has no policyItems
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/72588/ --- Review request for ranger. Bugs: RANGER-2856 https://issues.apache.org/jira/browse/RANGER-2856 Repository: ranger Description --- A policy should be deleted if it has no policyItems Diffs - security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 9be61f2eb Diff: https://reviews.apache.org/r/72588/diff/1/ Testing --- 1.Compilation OK 2.Already used in production environment Thanks, Haoxiang Ma
[jira] [Updated] (RANGER-2856) A policy should be deleted if it has no policyItems
[ https://issues.apache.org/jira/browse/RANGER-2856?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] RickyMa updated RANGER-2856: Attachment: RANGER-2856.patch > A policy should be deleted if it has no policyItems > --- > > Key: RANGER-2856 > URL: https://issues.apache.org/jira/browse/RANGER-2856 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: master >Reporter: RickyMa >Priority: Minor > Fix For: master > > Attachments: RANGER-2856.patch > > Time Spent: 10m > Remaining Estimate: 0h > > Condition: A policy contains only one policyItem and the policyItem only sets > one user and no groups. > Action: Delete the user in the policyItem using API: > '[http://ip:6080/service/xusers/users/\{id}?forceDelete=true'|http://ip:6080/service/xusers/users/id?forceDelete=true%27,] > Result: The policy still exists, but it has no policyItems. A policy with no > policyItems is completely meaningless and it should be deleted. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[GitHub] [ranger] rickyma opened a new pull request #66: RANGER-2856: A policy should be deleted if it has no policyItems
rickyma opened a new pull request #66: URL: https://github.com/apache/ranger/pull/66 Condition: A policy contains only one policyItem and the policyItem only sets one user and no groups. Action: Delete the user in the policyItem using API: 'http://ip:6080/service/xusers/users/{id}?forceDelete=true' Result: The policy still exists, but it has no policyItems. A policy with no policyItems is completely meaningless and it should be deleted. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Updated] (RANGER-2856) A policy should be deleted if it has no policyItems
[ https://issues.apache.org/jira/browse/RANGER-2856?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] RickyMa updated RANGER-2856: Description: Condition: A policy contains only one policyItem and the policyItem only sets one user and no groups. Action: Delete the user in the policyItem using API: '[http://ip:6080/service/xusers/users/\{id}?forceDelete=true'|http://ip:6080/service/xusers/users/id?forceDelete=true%27,] Result: The policy still exists, but it has no policyItems. A policy with no policyItems is completely meaningless and it should be deleted. > A policy should be deleted if it has no policyItems > --- > > Key: RANGER-2856 > URL: https://issues.apache.org/jira/browse/RANGER-2856 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: master >Reporter: RickyMa >Priority: Minor > Fix For: master > > > Condition: A policy contains only one policyItem and the policyItem only sets > one user and no groups. > Action: Delete the user in the policyItem using API: > '[http://ip:6080/service/xusers/users/\{id}?forceDelete=true'|http://ip:6080/service/xusers/users/id?forceDelete=true%27,] > Result: The policy still exists, but it has no policyItems. A policy with no > policyItems is completely meaningless and it should be deleted. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (RANGER-2856) A policy should be deleted if it has no policyItems
RickyMa created RANGER-2856: --- Summary: A policy should be deleted if it has no policyItems Key: RANGER-2856 URL: https://issues.apache.org/jira/browse/RANGER-2856 Project: Ranger Issue Type: Bug Components: admin, Ranger Affects Versions: master Reporter: RickyMa Fix For: master -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (RANGER-2855) import policy for ranger is not working properly if updateifexist parameter is passed
[ https://issues.apache.org/jira/browse/RANGER-2855?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dineshkumar Yadav updated RANGER-2855: -- Description: If updateifexist parameter is passed during import ranger policy then it is overriding the existing policy which is not supposed to update. Solution : Earlier we used to find the existing policy using zoneName, ServiceName and PolicyName or ServiceName and PolicyName. If not found then we try to find using guid. Now we are searching the existing policy on the basis of resource signature match. was:If updateifexist parameter is passed during import ranger policy then it is overriding the existing policy which is not supposed to update. > import policy for ranger is not working properly if updateifexist parameter > is passed > - > > Key: RANGER-2855 > URL: https://issues.apache.org/jira/browse/RANGER-2855 > Project: Ranger > Issue Type: Bug > Components: Ranger >Reporter: Dineshkumar Yadav >Assignee: Dineshkumar Yadav >Priority: Major > > If updateifexist parameter is passed during import ranger policy then it is > overriding the existing policy which is not supposed to update. > > Solution : Earlier we used to find the existing policy using zoneName, > ServiceName and PolicyName or ServiceName and PolicyName. If not found then > we try to find using guid. > Now we are searching the existing policy on the basis of resource signature > match. > -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (RANGER-2855) import policy for ranger is not working properly if updateifexist parameter is passed
[ https://issues.apache.org/jira/browse/RANGER-2855?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dineshkumar Yadav updated RANGER-2855: -- Description: If updateifexist parameter is passed during import ranger policy then it is overriding the existing policy which is not supposed to update. *Solution :* Earlier we used to find the existing policy using zoneName, ServiceName and PolicyName or ServiceName and PolicyName. If not found then we try to find using guid. Now we are searching the existing policy on the basis of resource signature match. was: If updateifexist parameter is passed during import ranger policy then it is overriding the existing policy which is not supposed to update. Solution : Earlier we used to find the existing policy using zoneName, ServiceName and PolicyName or ServiceName and PolicyName. If not found then we try to find using guid. Now we are searching the existing policy on the basis of resource signature match. > import policy for ranger is not working properly if updateifexist parameter > is passed > - > > Key: RANGER-2855 > URL: https://issues.apache.org/jira/browse/RANGER-2855 > Project: Ranger > Issue Type: Bug > Components: Ranger >Reporter: Dineshkumar Yadav >Assignee: Dineshkumar Yadav >Priority: Major > > If updateifexist parameter is passed during import ranger policy then it is > overriding the existing policy which is not supposed to update. > > *Solution :* Earlier we used to find the existing policy using zoneName, > ServiceName and PolicyName or ServiceName and PolicyName. If not found then > we try to find using guid. > Now we are searching the existing policy on the basis of resource signature > match. > -- This message was sent by Atlassian Jira (v8.3.4#803005)
Re: Review Request 72585: RANGER-2854: Make audit bootstrap property configurable
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/72585/#review220994 --- Ship it! Ship It! - bhavik patel On June 11, 2020, 12:25 p.m., Pradeep Agrawal wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/72585/ > --- > > (Updated June 11, 2020, 12:25 p.m.) > > > Review request for ranger, Ankita Sinha, Don Bosco Durai, bhavik patel, Colm > O hEigeartaigh, Gautam Borad, Jayendra Parab, Abhay Kulkarni, Madhan > Neethiraj, Mehul Parikh, Nikhil P, Nitin Galave, pengjianhua, Ramesh Mani, > Selvamohan Neethiraj, Sailaja Polavarapu, Velmurugan Periasamy, Qiang Zhang, > and Zsombor Gegesy. > > > Bugs: RANGER-2854 > https://issues.apache.org/jira/browse/RANGER-2854 > > > Repository: ranger > > > Description > --- > > **Problem Statement:** Current bootstrap properties are not available in > install.properties so at the first time installation user have to manually > change in the ranger-admin-site.xml. Also after the elastic search audit > feature these property should be honoured based on ranger audit source type > which can be solr or elastic search. > > **Proposed solution:** by Exposing bootstrap configs in install.properties, > setup.sh shall update them in ranger-admin-site.xml. During the start of > embeddedserver based on ranger audit source type relevant bootstrap property > will be referred. By default bootstrap config values are true. > > > Diffs > - > > > embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServer.java > dc931c25d > security-admin/scripts/install.properties cb79d1295 > security-admin/scripts/setup.sh 61d351dde > security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml > 3eb47f932 > security-admin/src/main/resources/conf.dist/ranger-admin-site.xml 5dc14ab21 > > > Diff: https://reviews.apache.org/r/72585/diff/1/ > > > Testing > --- > > Tested Ranger installation with true and false values; values are getting > populated in ranger-admin-site.xml file. > > > Thanks, > > Pradeep Agrawal > >
Review Request 72585: RANGER-2854: Make audit bootstrap property configurable
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/72585/ --- Review request for ranger, Ankita Sinha, Don Bosco Durai, bhavik patel, Colm O hEigeartaigh, Gautam Borad, Jayendra Parab, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Nikhil P, Nitin Galave, pengjianhua, Ramesh Mani, Selvamohan Neethiraj, Sailaja Polavarapu, Velmurugan Periasamy, Qiang Zhang, and Zsombor Gegesy. Bugs: RANGER-2854 https://issues.apache.org/jira/browse/RANGER-2854 Repository: ranger Description --- **Problem Statement:** Current bootstrap properties are not available in install.properties so at the first time installation user have to manually change in the ranger-admin-site.xml. Also after the elastic search audit feature these property should be honoured based on ranger audit source type which can be solr or elastic search. **Proposed solution:** by Exposing bootstrap configs in install.properties, setup.sh shall update them in ranger-admin-site.xml. During the start of embeddedserver based on ranger audit source type relevant bootstrap property will be referred. By default bootstrap config values are true. Diffs - embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServer.java dc931c25d security-admin/scripts/install.properties cb79d1295 security-admin/scripts/setup.sh 61d351dde security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml 3eb47f932 security-admin/src/main/resources/conf.dist/ranger-admin-site.xml 5dc14ab21 Diff: https://reviews.apache.org/r/72585/diff/1/ Testing --- Tested Ranger installation with true and false values; values are getting populated in ranger-admin-site.xml file. Thanks, Pradeep Agrawal
[jira] [Commented] (RANGER-2853) "Unauthenticated : Please check the permission in the policy for the user": An NPE in ranger admin when enable kms.
[ https://issues.apache.org/jira/browse/RANGER-2853?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17133183#comment-17133183 ] Pradeep Agrawal commented on RANGER-2853: - [~lalapala] : Please close the review request. > "Unauthenticated : Please check the permission in the policy for the user": > An NPE in ranger admin when enable kms. > --- > > Key: RANGER-2853 > URL: https://issues.apache.org/jira/browse/RANGER-2853 > Project: Ranger > Issue Type: Bug > Components: admin >Affects Versions: 1.2.0 >Reporter: gaozhan ding >Priority: Major > Fix For: 2.1.0 > > Attachments: > 0001-RANGER-2853-fix-NPE-error-in-ranger-admin-when-enabl.patch, image.png > > > We use ranger with kerberos. When enable ranger-kms for hdfs encryption, we > got an error from ranger admin web ui. On the premise that all configurations > have been completed, I can not list keys in ranger admin, errors are as > follows: Unauthenticated : Please check the permission in the policy for the > user. > {panel:title=logs in ranger admin:} > -XX-XX 13:09:39,164 [http-bio-6182-exec-10] INFO > org.apache.ranger.common.RESTErrorUtil (RESTErrorUtil.java:63) - Request > failed. loginId=keyadmin, logMessage=Unauthenticated : Please check the > permission in the policy for the user > javax.ws.rs.WebApplicationException > at > org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:56) > at > org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:325) > at org.apache.ranger.rest.XKeyREST.handleError(XKeyREST.java:215) > at org.apache.ranger.rest.XKeyREST.searchKeys(XKeyREST.java:87) > at > org.apache.ranger.rest.XKeyREST$$FastClassBySpringCGLIB$$c5260d52.invoke() > .. > {panel} > I studied the problem and found that this problem have nothing to do with > authentication, it is an exception caused by NPE. I try print that exception: > {panel:title=NPE} > -XX-XX 07:16:42,615 [http-bio-6182-exec-2] ERROR > org.apache.ranger.biz.KmsKeyMgr (KmsKeyMgr.java:176) - test_for_ranger: > java.lang.NullPointerException > at > org.apache.hadoop.security.authentication.util.KerberosName.getShortName(KerberosName.java:395) > at org.apache.hadoop.security.User.(User.java:48) > at > org.apache.hadoop.security.SecureClientLogin.loginUserFromKeytab(SecureClientLogin.java:66) > at org.apache.ranger.biz.KmsKeyMgr.getSubjectForKerberos(KmsKeyMgr.java:574) > at org.apache.ranger.biz.KmsKeyMgr.searchKeys(KmsKeyMgr.java:152) > at org.apache.ranger.rest.XKeyREST.searchKeys(XKeyREST.java:85) > at > org.apache.ranger.rest.XKeyREST$$FastClassBySpringCGLIB$$c5260d52.invoke() > at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204) > at > org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:736) > at > org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) > at > org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:69) > at > org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) > at > org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99) > at > org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:282) > at > org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96) > at > org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) > at > org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:671) > at > org.apache.ranger.rest.XKeyREST$$EnhancerBySpringCGLIB$$5010f39f.searchKeys() > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > at > com.sun.jersey.spi.container.JavaMethodInvokerFactory$1.invoke(JavaMethodInvokerFactory.java:60) > at > com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(AbstractResourceMethodDispatchProvider.java:185) > at > com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.java:75) > at >
[jira] [Updated] (RANGER-2855) import policy for ranger is not working properly if updateifexist parameter is passed
[ https://issues.apache.org/jira/browse/RANGER-2855?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dineshkumar Yadav updated RANGER-2855: -- Description: If updateifexist parameter is passed during import ranger policy then it is overriding the existing policy which is not supposed to update. (was: if updateifexist parameter is passed during import ranger policy then it is overriding the existing policy.) > import policy for ranger is not working properly if updateifexist parameter > is passed > - > > Key: RANGER-2855 > URL: https://issues.apache.org/jira/browse/RANGER-2855 > Project: Ranger > Issue Type: Bug > Components: Ranger >Reporter: Dineshkumar Yadav >Assignee: Dineshkumar Yadav >Priority: Major > > If updateifexist parameter is passed during import ranger policy then it is > overriding the existing policy which is not supposed to update. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (RANGER-2855) import policy for ranger is not working properly if updateifexist parameter is passed
[ https://issues.apache.org/jira/browse/RANGER-2855?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dineshkumar Yadav updated RANGER-2855: -- Description: if updateifexist parameter is passed during import ranger policy then it is overriding the existing policy. > import policy for ranger is not working properly if updateifexist parameter > is passed > - > > Key: RANGER-2855 > URL: https://issues.apache.org/jira/browse/RANGER-2855 > Project: Ranger > Issue Type: Bug > Components: Ranger >Reporter: Dineshkumar Yadav >Assignee: Dineshkumar Yadav >Priority: Major > > if updateifexist parameter is passed during import ranger policy then it is > overriding the existing policy. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (RANGER-2855) import policy for ranger is not working properly if updateifexist parameter is passed
Dineshkumar Yadav created RANGER-2855: - Summary: import policy for ranger is not working properly if updateifexist parameter is passed Key: RANGER-2855 URL: https://issues.apache.org/jira/browse/RANGER-2855 Project: Ranger Issue Type: Bug Components: Ranger Reporter: Dineshkumar Yadav Assignee: Dineshkumar Yadav -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (RANGER-2854) Make audit bootstrap property configurable
Pradeep Agrawal created RANGER-2854: --- Summary: Make audit bootstrap property configurable Key: RANGER-2854 URL: https://issues.apache.org/jira/browse/RANGER-2854 Project: Ranger Issue Type: Improvement Components: Ranger Reporter: Pradeep Agrawal Assignee: Pradeep Agrawal Fix For: 2.1.0 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (RANGER-2852) Add .gitattributes file to prevent CRLF and LF mismatches for source and text files
[ https://issues.apache.org/jira/browse/RANGER-2852?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17132996#comment-17132996 ] Pradeep Agrawal commented on RANGER-2852: - Patch committed : [https://github.com/apache/ranger/commit/12019572d2a7f77e221ccdb28cec2e58fd776141] > Add .gitattributes file to prevent CRLF and LF mismatches for source and text > files > --- > > Key: RANGER-2852 > URL: https://issues.apache.org/jira/browse/RANGER-2852 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Reporter: Pradeep Agrawal >Assignee: Pradeep Agrawal >Priority: Major > Fix For: 2.1.0 > > Attachments: > 0001-RANGER-2852-Add-.gitattributes-file-to-prevent-CRLF-.patch > > > Source code in Ranger repo has a bunch of files that have CRLF endings. > I would like to avoid that by creating .gitattributes file which prevents > sources from having CRLF entries in text files. > I am adding a couple of links here to give more primer on what exactly is the > issue and how we are trying to fix it. > # [http://git-scm.com/docs/gitattributes#_checking_out_and_checking_in] > # > [http://stackoverflow.com/questions/170961/whats-the-best-crlf-handling-strategy-with-git] -- This message was sent by Atlassian Jira (v8.3.4#803005)