Review Request 72693: RANGER-2918:Ranger Audit for HBase does not capture predicates

2020-07-18 Thread Ramesh Mani 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72693/
---

Review request for ranger, Abhay Kulkarni and Madhan Neethiraj.


Bugs: RANGER-2918
https://issues.apache.org/jira/browse/RANGER-2918


Repository: ranger


Description
---

RANGER-2918:Ranger Audit for HBase does not capture predicates


Diffs
-

  
hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/HbaseConstants.java
 PRE-CREATION 
  
hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationCoprocessor.java
 c50a192 


Diff: https://reviews.apache.org/r/72693/diff/1/


Testing
---

Verified in Local vm
 - Get and Scan commands have various predicates and this all will be printed 
in ranger audit where command Strings are stored


Thanks,

Ramesh Mani

[jira] [Created] (RANGER-2918) Ranger Audit for HBase does not capture predicates

2020-07-18 Thread Ramesh Mani (Jira) 
Ramesh Mani created RANGER-2918:
---

 Summary: Ranger Audit for HBase does not capture predicates
 Key: RANGER-2918
 URL: https://issues.apache.org/jira/browse/RANGER-2918
 Project: Ranger
  Issue Type: Bug
  Components: Ranger
Affects Versions: 2.1.0
Reporter: Ramesh Mani
Assignee: Ramesh Mani
 Fix For: 2.1.0


Ranger Audit for HBase does not capture predicates



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Created] (RANGER-2917) Avoid recursive audit log in ES Plugin by user elasticsearch when plugin is enabled for ranger_audits index

2020-07-18 Thread Pradeep Agrawal (Jira) 
Pradeep Agrawal created RANGER-2917:
---

 Summary: Avoid recursive audit log in ES Plugin by user 
elasticsearch when plugin is enabled for ranger_audits index
 Key: RANGER-2917
 URL: https://issues.apache.org/jira/browse/RANGER-2917
 Project: Ranger
  Issue Type: Bug
  Components: Ranger
Reporter: Pradeep Agrawal
Assignee: Pradeep Agrawal






--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Resolved] (RANGER-2909) Authorization support for atlas `entity-label` and `entity-business metadata`

2020-07-18 Thread Pradeep Agrawal (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-2909?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Pradeep Agrawal resolved RANGER-2909.
-
Resolution: Information Provided

> Authorization support for atlas `entity-label` and `entity-business metadata`
> -
>
> Key: RANGER-2909
> URL: https://issues.apache.org/jira/browse/RANGER-2909
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: ranger-2.0
>Reporter: Nityananda Gohain
>Assignee: Pradeep Agrawal
>Priority: Major
>
> We were using Ranger 2.0.0 with Atlas which was working perfectly fine, but 
> we wanted authorisation for `entity-labels` and `entity-business-metadata` 
> that comes with new version of Atlas i.e Atlas 2.0.0.
>  # We tried building ranger from the master branch, but authorisation for 
> roles which were attached to policies was not working (authorisation for 
> users and groups attached to policies was working)
>  # Since the above didn’t work we tried building ranger from the specific 
> commit where the patch to support authorisation for labels and  
> business-metadata was added 
> [https://github.com/apache/ranger/commit/3b49c2f9fb77d76154911b7dd61f2382d0b56bfb]
>   , the same problem appeared here i.e authorisation for roles attached to 
> policies was not working
>  # Finally, we added the patches to  Ranger 2.0.0
>  ## Applied the patches  
> [https://github.com/atlanhq/ranger/commit/a252ecf4b1006cc78e1c48cc3bacc518401b4825]
>  , 
> [https://github.com/atlanhq/ranger/commit/a7024c23bf6f54e39dfb3b31f6186ebd21977f93]
>  ## After building and running ranger I had to manually delete the entry from 
> `x_db_version_h` table i.e `J10034` and then restart ranger to apply the 
> patch by running `db_setup.py`. Even after applying the patch, the changes 
> are not reflected. i.e(No option for `entity-label` and 
> `entity-business-metadata`  (have also checked `x_access_type_def` table and 
> entity-label and entity-business-metadata was not present)
> What will be the best way to move forward to support authorisation for 
> `labels` and `business-metadata` where authorisation policies work with roles.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)