You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by Pradeep Agrawal <pr...@freestoneinfotech.com> on 2016/05/30 06:31:18 UTC
Review Request 48026: RANGER-999 : Delete Module REST API is failing
as it is not removing assigned users and groups
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/48026/
-----------------------------------------------------------
Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Ramesh Mani, Selvamohan Neethiraj, and Velmurugan Periasamy.
Bugs: RANGER-999
https://issues.apache.org/jira/browse/RANGER-999
Repository: ranger
Description
-------
**Problem Statement:**
DELETE Module REST API is not working properly if any user or group has access permission in the module. DELETE Module REST API should remove assigned users and groups references also.
**Proposed Solution:**
Before deleting a module; provided patch will delete user module mapping entry from 'x_user_module_perm' and group module mapping from x_group_module_perm.
Diffs
-----
security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java 96f2ee3
security-admin/src/main/java/org/apache/ranger/db/XXGroupPermissionDao.java f6444f8
security-admin/src/main/java/org/apache/ranger/db/XXUserPermissionDao.java 2db6fd6
security-admin/src/main/resources/META-INF/jpa_named_queries.xml 76d3f21
security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java 37dddee
Diff: https://reviews.apache.org/r/48026/diff/
Testing
-------
**Steps Performed(with patch)**
1. Installed and started Ranger Admin.
2. Added a module 'module1' using create module REST API.
curl -i -u admin:admin --header "Accept:application/json" -H "Content-Type:application/json" -X POST http://localhost:6080/service/xusers/permission -d '{"module":"module1","url":""}'
3. Visited Ranger admin permission page to verify whether 'module1' is added or not. 'module1' was added there.
4. In 'module1' Added groups(group1,group2) and users(testuser1,testuser2) to allow access.
5. Visited 'x_user_module_perm' and 'x_group_module_perm' table to check whether mapping of user module and group module is persisted or not. Mappings were persisted.
6. Called delete module REST API to delete module 'module1'.
curl -i -u admin:admin --header "Accept:application/json" -H "Content-Type:application/json" -X DELETE http://localhost:6080/service/xusers/permission/7
**Expected Behaviour :**
1. Entries of users having access on 'module1' should get deleted from 'x_user_module_perm' table.
2. Entries of groups having access on 'module1' should get deleted from 'x_group_module_perm' table.
3. Module should get deleted successfully.
**Actual Behaviour :**
1. Entries of users having access on 'module1' were removed from 'x_user_module_perm' table.
2. Entries of groups having access on 'module1' were removed from 'x_group_module_perm' table.
3. Module 'module1' was deleted successfully.
Thanks,
Pradeep Agrawal
Re: Review Request 48026: RANGER-999 : Delete Module REST API is
failing as it is not removing assigned users and groups
Posted by Velmurugan Periasamy <vp...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/48026/#review135508
-----------------------------------------------------------
Ship it!
Ship It!
- Velmurugan Periasamy
On May 30, 2016, 6:31 a.m., Pradeep Agrawal wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/48026/
> -----------------------------------------------------------
>
> (Updated May 30, 2016, 6:31 a.m.)
>
>
> Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Ramesh Mani, Selvamohan Neethiraj, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-999
> https://issues.apache.org/jira/browse/RANGER-999
>
>
> Repository: ranger
>
>
> Description
> -------
>
> **Problem Statement:**
> DELETE Module REST API is not working properly if any user or group has access permission in the module. DELETE Module REST API should remove assigned users and groups references also.
>
> **Proposed Solution:**
> Before deleting a module; provided patch will delete user module mapping entry from 'x_user_module_perm' and group module mapping from x_group_module_perm.
>
>
> Diffs
> -----
>
> security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java 96f2ee3
> security-admin/src/main/java/org/apache/ranger/db/XXGroupPermissionDao.java f6444f8
> security-admin/src/main/java/org/apache/ranger/db/XXUserPermissionDao.java 2db6fd6
> security-admin/src/main/resources/META-INF/jpa_named_queries.xml 76d3f21
> security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java 37dddee
>
> Diff: https://reviews.apache.org/r/48026/diff/
>
>
> Testing
> -------
>
> **Steps Performed(with patch)**
> 1. Installed and started Ranger Admin.
> 2. Added a module 'module1' using create module REST API.
> curl -i -u admin:admin --header "Accept:application/json" -H "Content-Type:application/json" -X POST http://localhost:6080/service/xusers/permission -d '{"module":"module1","url":""}'
> 3. Visited Ranger admin permission page to verify whether 'module1' is added or not. 'module1' was added there.
> 4. In 'module1' Added groups(group1,group2) and users(testuser1,testuser2) to allow access.
> 5. Visited 'x_user_module_perm' and 'x_group_module_perm' table to check whether mapping of user module and group module is persisted or not. Mappings were persisted.
> 6. Called delete module REST API to delete module 'module1'.
> curl -i -u admin:admin --header "Accept:application/json" -H "Content-Type:application/json" -X DELETE http://localhost:6080/service/xusers/permission/7
>
> **Expected Behaviour :**
> 1. Entries of users having access on 'module1' should get deleted from 'x_user_module_perm' table.
> 2. Entries of groups having access on 'module1' should get deleted from 'x_group_module_perm' table.
> 3. Module should get deleted successfully.
> **Actual Behaviour :**
> 1. Entries of users having access on 'module1' were removed from 'x_user_module_perm' table.
> 2. Entries of groups having access on 'module1' were removed from 'x_group_module_perm' table.
> 3. Module 'module1' was deleted successfully.
>
>
> Thanks,
>
> Pradeep Agrawal
>
>