You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ranger.apache.org by Pradeep Agrawal <pr...@gmail.com> on 2022/03/03 05:21:21 UTC

Re: Review Request 73867: RANGER-3630: Support wildcards, group short names, and list of memberof attribute DNs for computing user search filter

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73867/#review224118
-----------------------------------------------------------




ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapUserGroupBuilder.java
Lines 1282 (patched)
<https://reviews.apache.org/r/73867/#comment313063>

    Do we need to handle closing exception or it will be handled by own.


- Pradeep Agrawal


On Feb. 25, 2022, 4:12 a.m., Sailaja Polavarapu wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73867/
> -----------------------------------------------------------
> 
> (Updated Feb. 25, 2022, 4:12 a.m.)
> 
> 
> Review request for ranger, Mateen Mansoori, Mehul Parikh, Pradeep Agrawal, and Ramesh Mani.
> 
> 
> Bugs: RANGER-3630
>     https://issues.apache.org/jira/browse/RANGER-3630
> 
> 
> Repository: ranger
> 
> 
> Description
> -------
> 
> Introduced new usersync configuration "ranger.usersync.ldap.groupnames" that accepts ";" separated list of group names with wildcards, shortname, or DN format. During startup of usersync added logic to read this configuration to compute the user search filter. Also added new unit tests to cover some functional and error cases.
> 
> 
> Diffs
> -----
> 
>   ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapUserGroupBuilder.java dae78e9f2 
>   ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java 5f301651b 
>   ugsync/src/test/java/org/apache/ranger/usergroupsync/TestLdapUserGroup.java 78bc56cd9 
> 
> 
> Diff: https://reviews.apache.org/r/73867/diff/1/
> 
> 
> Testing
> -------
> 
> 1. Patched cluster and ran some functional tests to verify the new logic
> 2. Ran few regression tests with AD/LDAP sync source
> 
> 
> Thanks,
> 
> Sailaja Polavarapu
> 
>

Re: Review Request 73867: RANGER-3630: Support wildcards, group short names, and list of memberof attribute DNs for computing user search filter

Posted by Sailaja Polavarapu <sp...@hortonworks.com>.


> On March 3, 2022, 5:21 a.m., Pradeep Agrawal wrote:
> > ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapUserGroupBuilder.java
> > Lines 1282 (patched)
> > <https://reviews.apache.org/r/73867/diff/1/?file=2266547#file2266547line1284>
> >
> >     Do we need to handle closing exception or it will be handled by own.

If there is an exception, currently we are passing to the caller and in this case, usersync process will exit. I kept this behavior intentionally as the exception is at the init stage.


- Sailaja


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73867/#review224118
-----------------------------------------------------------


On Feb. 25, 2022, 4:12 a.m., Sailaja Polavarapu wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73867/
> -----------------------------------------------------------
> 
> (Updated Feb. 25, 2022, 4:12 a.m.)
> 
> 
> Review request for ranger, Mateen Mansoori, Mehul Parikh, Pradeep Agrawal, and Ramesh Mani.
> 
> 
> Bugs: RANGER-3630
>     https://issues.apache.org/jira/browse/RANGER-3630
> 
> 
> Repository: ranger
> 
> 
> Description
> -------
> 
> Introduced new usersync configuration "ranger.usersync.ldap.groupnames" that accepts ";" separated list of group names with wildcards, shortname, or DN format. During startup of usersync added logic to read this configuration to compute the user search filter. Also added new unit tests to cover some functional and error cases.
> 
> 
> Diffs
> -----
> 
>   ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapUserGroupBuilder.java dae78e9f2 
>   ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java 5f301651b 
>   ugsync/src/test/java/org/apache/ranger/usergroupsync/TestLdapUserGroup.java 78bc56cd9 
> 
> 
> Diff: https://reviews.apache.org/r/73867/diff/1/
> 
> 
> Testing
> -------
> 
> 1. Patched cluster and ran some functional tests to verify the new logic
> 2. Ran few regression tests with AD/LDAP sync source
> 
> 
> Thanks,
> 
> Sailaja Polavarapu
> 
>