You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by Pradeep Agrawal <pr...@gmail.com> on 2023/02/28 11:36:32 UTC
Review Request 74329: RANGER-4112: Update servicedef by name results in 400 status code
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74329/
-----------------------------------------------------------
Review request for ranger, Abhishek Kumar, Dineshkumar Yadav, Kishor Gollapalliwar, Abhay Kulkarni, Madhan Neethiraj, Nikhil P, Pradeep Agrawal, Ramesh Mani, Sailaja Polavarapu, and Velmurugan Periasamy.
Bugs: RANGER-4112
https://issues.apache.org/jira/browse/RANGER-4112
Repository: ranger
Description
-------
**Problem Statement: ** If a PUT request is made to update the servicedef by id (BASE_URL/service/public/v2/api/servicedef/id), the request passes,
but if the same PUT request is made to update the servicedef by name (BASE_URL/service/public/v2/api/servicedef/name/{servicedef_name}), then it results in 400 Bad request.
curl -i -H "Accept: application/json" -H "Content-Type: application/json" -X PUT "http://localhost:6080/service/public/v2/api/servicedef/name/hdfs" -u admin:Ranger@1234 -d '{"id":1,"guid":"0d047247-bafe-4cf8-8e9b-d5d377284b2d","isEnabled":true,"createTime":1677480515000,"updateTime":1677486608000,"version":1,"name":"hdfs","displayName":"hdfs","implClass":"org.apache.ranger.services.hdfs.RangerServiceHdfs","label":"HDFS Repository","description":"HDFS Repository","options":{"enableDenyAndExceptionsInPolicies":"true"},"configs":[{"itemId":1,"name":"username","type":"string","mandatory":true,"label":"Username"},{"itemId":2,"name":"password","type":"password","mandatory":true,"label":"Password"},{"itemId":3,"name":"fs.default.name","type":"string","mandatory":true,"uiHint":"{\"TextFieldWithIcon\":true, \"info\": \"1.For one Namenode Url, eg.<br>hdfs://<host>:<port><br>2.For HA Namenode Urls(use , delimiter), eg.<br>hdfs://<host>:<port>,hdfs://<host2>:<po
rt2><br>\"}","label":"Namenode URL"},{"itemId":4,"name":"hadoop.security.authorization","type":"bool","subType":"YesTrue:NoFalse","mandatory":true,"defaultValue":"false","label":"Authorization Enabled"},{"itemId":5,"name":"hadoop.security.authentication","type":"enum","subType":"authnType","mandatory":true,"defaultValue":"simple","label":"Authentication Type"},{"itemId":6,"name":"hadoop.security.auth_to_local","type":"string","mandatory":false},{"itemId":7,"name":"dfs.datanode.kerberos.principal","type":"string","mandatory":false},{"itemId":8,"name":"dfs.namenode.kerberos.principal","type":"string","mandatory":false},{"itemId":9,"name":"dfs.secondary.namenode.kerberos.principal","type":"string","mandatory":false},{"itemId":10,"name":"hadoop.rpc.protection","type":"enum","subType":"rpcProtection","mandatory":false,"defaultValue":"authentication","label":"RPC Protection Type"},{"itemId":11,"name":"commonNameForCertificate","type":"string","mandatory":false,"label":"Common Name for
Certificate"},{"itemId":12,"name":"ranger.plugin.audit.filters","type":"string","mandatory":false,"defaultValue":"[{'accessResult': 'DENIED', 'isAudited': true}, {'actions':['delete','rename'],'isAudited':true}, {'users':['hdfs'], 'actions': ['listStatus', 'getfileinfo', 'listCachePools', 'listCacheDirectives', 'listCorruptFileBlocks', 'monitorHealth', 'rollEditLog', 'open'], 'isAudited': false}, {'users': ['oozie'],'resources': {'path': {'values': ['/user/oozie/share/lib'],'isRecursive': true}},'isAudited': false},{'users': ['spark'],'resources': {'path': {'values': ['/user/spark/applicationHistory'],'isRecursive': true}},'isAudited': false},{'users': ['hue'],'resources': {'path': {'values': ['/user/hue'],'isRecursive': true}},'isAudited': false},{'users': ['hbase'],'resources': {'path': {'values': ['/hbase'],'isRecursive': true}},'isAudited': false},{'users': ['mapred'],'resources': {'path': {'values': ['/user/history'],'isRecursive': true}},'isAudited': false}, {'actions': ['getf
ileinfo'], 'isAudited':false} ]","label":"Ranger Default Audit Filters"}],"resources":[{"itemId":1,"name":"path","type":"path","level":10,"mandatory":true,"lookupSupported":true,"recursiveSupported":true,"excludesSupported":false,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerPathResourceMatcher","matcherOptions":{"wildCard":"true","ignoreCase":"false"},"label":"Resource Path","description":"HDFS file or directory path","isValidLeaf":true}],"accessTypes":[{"itemId":1,"name":"read","label":"Read"},{"itemId":2,"name":"write","label":"Write"},{"itemId":3,"name":"execute","label":"Execute"}],"enums":[{"itemId":1,"name":"authnType","elements":[{"itemId":1,"name":"simple","label":"Simple"},{"itemId":2,"name":"kerberos","label":"Kerberos"}],"defaultIndex":0},{"itemId":2,"name":"rpcProtection","elements":[{"itemId":1,"name":"authentication","label":"Authentication"},{"itemId":2,"name":"integrity","label":"Integrity"},{"itemId":3,"name":"privacy","label":"Privacy"}],"defaultIndex"
:0}],"dataMaskDef":{},"rowFilterDef":{}}'
HTTP/1.1 100 Continue
HTTP/1.1 400 Bad Request
Set-Cookie: RANGERADMINSESSIONID=45F4EC1192635D4C18483B175CF4B9D2; Path=/; HttpOnly
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline';font-src 'self'
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
Content-Type: application/json
Transfer-Encoding: chunked
Date: Tue, 28 Feb 2023 11:31:33 GMT
Connection: close
Server: Apache Ranger
serviceDef Id mismatch
Diffs
-----
security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 9e2fb66b4
Diff: https://reviews.apache.org/r/74329/diff/1/
Testing
-------
Tested the above curl request with this patch change and getting 200 response code.
Thanks,
Pradeep Agrawal
Re: Review Request 74329: RANGER-4112: Update servicedef by name results in 400 status code
Posted by Abhay Kulkarni <ak...@hortonworks.com>.
> On Feb. 28, 2023, 11:22 p.m., Abhay Kulkarni wrote:
> > security-admin/src/test/java/org/apache/ranger/rest/TestPublicAPIsv2.java
> > Line 320 (original), 320 (patched)
> > <https://reviews.apache.org/r/74329/diff/2/?file=2274869#file2274869line320>
> >
> > Consider reverting this change and the line 328. Having the original code will help test the fix in the ServiceREST.java file above.
>
> Ramachandran Krishnan wrote:
> Can we add one extra UT cases to cover negative conditions
> 1.test6updateServiceDefByNameWhenNameIsNull
> 2.test5updateServiceDefWhenIdIsDifferent
> 3.test5updateServiceDefWhenIdIsDifferentAndNameIsNull
>
> This will cover all the usecases
>
> Pradeep Agrawal wrote:
> @Abhay : Test is failing without this change.
ok. Please ignore the my comment.
- Abhay
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74329/#review225229
-----------------------------------------------------------
On Feb. 28, 2023, 11:36 a.m., Pradeep Agrawal wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/74329/
> -----------------------------------------------------------
>
> (Updated Feb. 28, 2023, 11:36 a.m.)
>
>
> Review request for ranger, Abhishek Kumar, Dineshkumar Yadav, Kishor Gollapalliwar, Abhay Kulkarni, Madhan Neethiraj, Nikhil P, Pradeep Agrawal, Ramesh Mani, Sailaja Polavarapu, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-4112
> https://issues.apache.org/jira/browse/RANGER-4112
>
>
> Repository: ranger
>
>
> Description
> -------
>
> **Problem Statement: ** If a PUT request is made to update the servicedef by id (BASE_URL/service/public/v2/api/servicedef/id), the request passes,
> but if the same PUT request is made to update the servicedef by name (BASE_URL/service/public/v2/api/servicedef/name/{servicedef_name}), then it results in 400 Bad request.
>
> curl -i -H "Accept: application/json" -H "Content-Type: application/json" -X PUT "http://localhost:6080/service/public/v2/api/servicedef/name/hdfs" -u admin:Ranger@1234 -d '{"id":1,"guid":"0d047247-bafe-4cf8-8e9b-d5d377284b2d","isEnabled":true,"createTime":1677480515000,"updateTime":1677486608000,"version":1,"name":"hdfs","displayName":"hdfs","implClass":"org.apache.ranger.services.hdfs.RangerServiceHdfs","label":"HDFS Repository","description":"HDFS Repository","options":{"enableDenyAndExceptionsInPolicies":"true"},"configs":[{"itemId":1,"name":"username","type":"string","mandatory":true,"label":"Username"},{"itemId":2,"name":"password","type":"password","mandatory":true,"label":"Password"},{"itemId":3,"name":"fs.default.name","type":"string","mandatory":true,"uiHint":"{\"TextFieldWithIcon\":true, \"info\": \"1.For one Namenode Url, eg.<br>hdfs://<host>:<port><br>2.For HA Namenode Urls(use , delimiter), eg.<br>hdfs://<host>:<port>,hdfs://<host2>:<
port2><br>\"}","label":"Namenode URL"},{"itemId":4,"name":"hadoop.security.authorization","type":"bool","subType":"YesTrue:NoFalse","mandatory":true,"defaultValue":"false","label":"Authorization Enabled"},{"itemId":5,"name":"hadoop.security.authentication","type":"enum","subType":"authnType","mandatory":true,"defaultValue":"simple","label":"Authentication Type"},{"itemId":6,"name":"hadoop.security.auth_to_local","type":"string","mandatory":false},{"itemId":7,"name":"dfs.datanode.kerberos.principal","type":"string","mandatory":false},{"itemId":8,"name":"dfs.namenode.kerberos.principal","type":"string","mandatory":false},{"itemId":9,"name":"dfs.secondary.namenode.kerberos.principal","type":"string","mandatory":false},{"itemId":10,"name":"hadoop.rpc.protection","type":"enum","subType":"rpcProtection","mandatory":false,"defaultValue":"authentication","label":"RPC Protection Type"},{"itemId":11,"name":"commonNameForCertificate","type":"string","mandatory":false,"label":"Common Name fo
r Certificate"},{"itemId":12,"name":"ranger.plugin.audit.filters","type":"string","mandatory":false,"defaultValue":"[{'accessResult': 'DENIED', 'isAudited': true}, {'actions':['delete','rename'],'isAudited':true}, {'users':['hdfs'], 'actions': ['listStatus', 'getfileinfo', 'listCachePools', 'listCacheDirectives', 'listCorruptFileBlocks', 'monitorHealth', 'rollEditLog', 'open'], 'isAudited': false}, {'users': ['oozie'],'resources': {'path': {'values': ['/user/oozie/share/lib'],'isRecursive': true}},'isAudited': false},{'users': ['spark'],'resources': {'path': {'values': ['/user/spark/applicationHistory'],'isRecursive': true}},'isAudited': false},{'users': ['hue'],'resources': {'path': {'values': ['/user/hue'],'isRecursive': true}},'isAudited': false},{'users': ['hbase'],'resources': {'path': {'values': ['/hbase'],'isRecursive': true}},'isAudited': false},{'users': ['mapred'],'resources': {'path': {'values': ['/user/history'],'isRecursive': true}},'isAudited': false}, {'actions': ['ge
tfileinfo'], 'isAudited':false} ]","label":"Ranger Default Audit Filters"}],"resources":[{"itemId":1,"name":"path","type":"path","level":10,"mandatory":true,"lookupSupported":true,"recursiveSupported":true,"excludesSupported":false,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerPathResourceMatcher","matcherOptions":{"wildCard":"true","ignoreCase":"false"},"label":"Resource Path","description":"HDFS file or directory path","isValidLeaf":true}],"accessTypes":[{"itemId":1,"name":"read","label":"Read"},{"itemId":2,"name":"write","label":"Write"},{"itemId":3,"name":"execute","label":"Execute"}],"enums":[{"itemId":1,"name":"authnType","elements":[{"itemId":1,"name":"simple","label":"Simple"},{"itemId":2,"name":"kerberos","label":"Kerberos"}],"defaultIndex":0},{"itemId":2,"name":"rpcProtection","elements":[{"itemId":1,"name":"authentication","label":"Authentication"},{"itemId":2,"name":"integrity","label":"Integrity"},{"itemId":3,"name":"privacy","label":"Privacy"}],"defaultInde
x":0}],"dataMaskDef":{},"rowFilterDef":{}}'
> HTTP/1.1 100 Continue
>
> HTTP/1.1 400 Bad Request
> Set-Cookie: RANGERADMINSESSIONID=45F4EC1192635D4C18483B175CF4B9D2; Path=/; HttpOnly
> Cache-Control: no-cache, no-store, max-age=0, must-revalidate
> X-Frame-Options: DENY
> X-XSS-Protection: 1; mode=block
> Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
> Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline';font-src 'self'
> X-Permitted-Cross-Domain-Policies: none
> X-Content-Type-Options: nosniff
> Content-Type: application/json
> Transfer-Encoding: chunked
> Date: Tue, 28 Feb 2023 11:31:33 GMT
> Connection: close
> Server: Apache Ranger
>
> serviceDef Id mismatch
>
>
> Diffs
> -----
>
> security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java 4ad6058cc
> security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 9e2fb66b4
> security-admin/src/test/java/org/apache/ranger/rest/TestPublicAPIsv2.java 53750a041
>
>
> Diff: https://reviews.apache.org/r/74329/diff/2/
>
>
> Testing
> -------
>
> Tested the above curl request with this patch change and getting 200 response code.
>
>
> Thanks,
>
> Pradeep Agrawal
>
>
Re: Review Request 74329: RANGER-4112: Update servicedef by name results in 400 status code
Posted by Pradeep Agrawal <pr...@gmail.com>.
> On Feb. 28, 2023, 11:22 p.m., Abhay Kulkarni wrote:
> > security-admin/src/test/java/org/apache/ranger/rest/TestPublicAPIsv2.java
> > Line 320 (original), 320 (patched)
> > <https://reviews.apache.org/r/74329/diff/2/?file=2274869#file2274869line320>
> >
> > Consider reverting this change and the line 328. Having the original code will help test the fix in the ServiceREST.java file above.
>
> Ramachandran Krishnan wrote:
> Can we add one extra UT cases to cover negative conditions
> 1.test6updateServiceDefByNameWhenNameIsNull
> 2.test5updateServiceDefWhenIdIsDifferent
> 3.test5updateServiceDefWhenIdIsDifferentAndNameIsNull
>
> This will cover all the usecases
@Abhay : Test is failing without this change.
- Pradeep
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74329/#review225229
-----------------------------------------------------------
On Feb. 28, 2023, 11:36 a.m., Pradeep Agrawal wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/74329/
> -----------------------------------------------------------
>
> (Updated Feb. 28, 2023, 11:36 a.m.)
>
>
> Review request for ranger, Abhishek Kumar, Dineshkumar Yadav, Kishor Gollapalliwar, Abhay Kulkarni, Madhan Neethiraj, Nikhil P, Pradeep Agrawal, Ramesh Mani, Sailaja Polavarapu, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-4112
> https://issues.apache.org/jira/browse/RANGER-4112
>
>
> Repository: ranger
>
>
> Description
> -------
>
> **Problem Statement: ** If a PUT request is made to update the servicedef by id (BASE_URL/service/public/v2/api/servicedef/id), the request passes,
> but if the same PUT request is made to update the servicedef by name (BASE_URL/service/public/v2/api/servicedef/name/{servicedef_name}), then it results in 400 Bad request.
>
> curl -i -H "Accept: application/json" -H "Content-Type: application/json" -X PUT "http://localhost:6080/service/public/v2/api/servicedef/name/hdfs" -u admin:Ranger@1234 -d '{"id":1,"guid":"0d047247-bafe-4cf8-8e9b-d5d377284b2d","isEnabled":true,"createTime":1677480515000,"updateTime":1677486608000,"version":1,"name":"hdfs","displayName":"hdfs","implClass":"org.apache.ranger.services.hdfs.RangerServiceHdfs","label":"HDFS Repository","description":"HDFS Repository","options":{"enableDenyAndExceptionsInPolicies":"true"},"configs":[{"itemId":1,"name":"username","type":"string","mandatory":true,"label":"Username"},{"itemId":2,"name":"password","type":"password","mandatory":true,"label":"Password"},{"itemId":3,"name":"fs.default.name","type":"string","mandatory":true,"uiHint":"{\"TextFieldWithIcon\":true, \"info\": \"1.For one Namenode Url, eg.<br>hdfs://<host>:<port><br>2.For HA Namenode Urls(use , delimiter), eg.<br>hdfs://<host>:<port>,hdfs://<host2>:<
port2><br>\"}","label":"Namenode URL"},{"itemId":4,"name":"hadoop.security.authorization","type":"bool","subType":"YesTrue:NoFalse","mandatory":true,"defaultValue":"false","label":"Authorization Enabled"},{"itemId":5,"name":"hadoop.security.authentication","type":"enum","subType":"authnType","mandatory":true,"defaultValue":"simple","label":"Authentication Type"},{"itemId":6,"name":"hadoop.security.auth_to_local","type":"string","mandatory":false},{"itemId":7,"name":"dfs.datanode.kerberos.principal","type":"string","mandatory":false},{"itemId":8,"name":"dfs.namenode.kerberos.principal","type":"string","mandatory":false},{"itemId":9,"name":"dfs.secondary.namenode.kerberos.principal","type":"string","mandatory":false},{"itemId":10,"name":"hadoop.rpc.protection","type":"enum","subType":"rpcProtection","mandatory":false,"defaultValue":"authentication","label":"RPC Protection Type"},{"itemId":11,"name":"commonNameForCertificate","type":"string","mandatory":false,"label":"Common Name fo
r Certificate"},{"itemId":12,"name":"ranger.plugin.audit.filters","type":"string","mandatory":false,"defaultValue":"[{'accessResult': 'DENIED', 'isAudited': true}, {'actions':['delete','rename'],'isAudited':true}, {'users':['hdfs'], 'actions': ['listStatus', 'getfileinfo', 'listCachePools', 'listCacheDirectives', 'listCorruptFileBlocks', 'monitorHealth', 'rollEditLog', 'open'], 'isAudited': false}, {'users': ['oozie'],'resources': {'path': {'values': ['/user/oozie/share/lib'],'isRecursive': true}},'isAudited': false},{'users': ['spark'],'resources': {'path': {'values': ['/user/spark/applicationHistory'],'isRecursive': true}},'isAudited': false},{'users': ['hue'],'resources': {'path': {'values': ['/user/hue'],'isRecursive': true}},'isAudited': false},{'users': ['hbase'],'resources': {'path': {'values': ['/hbase'],'isRecursive': true}},'isAudited': false},{'users': ['mapred'],'resources': {'path': {'values': ['/user/history'],'isRecursive': true}},'isAudited': false}, {'actions': ['ge
tfileinfo'], 'isAudited':false} ]","label":"Ranger Default Audit Filters"}],"resources":[{"itemId":1,"name":"path","type":"path","level":10,"mandatory":true,"lookupSupported":true,"recursiveSupported":true,"excludesSupported":false,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerPathResourceMatcher","matcherOptions":{"wildCard":"true","ignoreCase":"false"},"label":"Resource Path","description":"HDFS file or directory path","isValidLeaf":true}],"accessTypes":[{"itemId":1,"name":"read","label":"Read"},{"itemId":2,"name":"write","label":"Write"},{"itemId":3,"name":"execute","label":"Execute"}],"enums":[{"itemId":1,"name":"authnType","elements":[{"itemId":1,"name":"simple","label":"Simple"},{"itemId":2,"name":"kerberos","label":"Kerberos"}],"defaultIndex":0},{"itemId":2,"name":"rpcProtection","elements":[{"itemId":1,"name":"authentication","label":"Authentication"},{"itemId":2,"name":"integrity","label":"Integrity"},{"itemId":3,"name":"privacy","label":"Privacy"}],"defaultInde
x":0}],"dataMaskDef":{},"rowFilterDef":{}}'
> HTTP/1.1 100 Continue
>
> HTTP/1.1 400 Bad Request
> Set-Cookie: RANGERADMINSESSIONID=45F4EC1192635D4C18483B175CF4B9D2; Path=/; HttpOnly
> Cache-Control: no-cache, no-store, max-age=0, must-revalidate
> X-Frame-Options: DENY
> X-XSS-Protection: 1; mode=block
> Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
> Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline';font-src 'self'
> X-Permitted-Cross-Domain-Policies: none
> X-Content-Type-Options: nosniff
> Content-Type: application/json
> Transfer-Encoding: chunked
> Date: Tue, 28 Feb 2023 11:31:33 GMT
> Connection: close
> Server: Apache Ranger
>
> serviceDef Id mismatch
>
>
> Diffs
> -----
>
> security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java 4ad6058cc
> security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 9e2fb66b4
> security-admin/src/test/java/org/apache/ranger/rest/TestPublicAPIsv2.java 53750a041
>
>
> Diff: https://reviews.apache.org/r/74329/diff/2/
>
>
> Testing
> -------
>
> Tested the above curl request with this patch change and getting 200 response code.
>
>
> Thanks,
>
> Pradeep Agrawal
>
>
Re: Review Request 74329: RANGER-4112: Update servicedef by name results in 400 status code
Posted by Ramachandran Krishnan <ra...@gmail.com>.
> On Feb. 28, 2023, 11:22 p.m., Abhay Kulkarni wrote:
> > security-admin/src/test/java/org/apache/ranger/rest/TestPublicAPIsv2.java
> > Line 320 (original), 320 (patched)
> > <https://reviews.apache.org/r/74329/diff/2/?file=2274869#file2274869line320>
> >
> > Consider reverting this change and the line 328. Having the original code will help test the fix in the ServiceREST.java file above.
Can we add one extra UT cases to cover negative conditions
1.test6updateServiceDefByNameWhenNameIsNull
2.test5updateServiceDefWhenIdIsDifferent
3.test5updateServiceDefWhenIdIsDifferentAndNameIsNull
This will cover all the usecases
- Ramachandran
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74329/#review225229
-----------------------------------------------------------
On Feb. 28, 2023, 11:36 a.m., Pradeep Agrawal wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/74329/
> -----------------------------------------------------------
>
> (Updated Feb. 28, 2023, 11:36 a.m.)
>
>
> Review request for ranger, Abhishek Kumar, Dineshkumar Yadav, Kishor Gollapalliwar, Abhay Kulkarni, Madhan Neethiraj, Nikhil P, Pradeep Agrawal, Ramesh Mani, Sailaja Polavarapu, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-4112
> https://issues.apache.org/jira/browse/RANGER-4112
>
>
> Repository: ranger
>
>
> Description
> -------
>
> **Problem Statement: ** If a PUT request is made to update the servicedef by id (BASE_URL/service/public/v2/api/servicedef/id), the request passes,
> but if the same PUT request is made to update the servicedef by name (BASE_URL/service/public/v2/api/servicedef/name/{servicedef_name}), then it results in 400 Bad request.
>
> curl -i -H "Accept: application/json" -H "Content-Type: application/json" -X PUT "http://localhost:6080/service/public/v2/api/servicedef/name/hdfs" -u admin:Ranger@1234 -d '{"id":1,"guid":"0d047247-bafe-4cf8-8e9b-d5d377284b2d","isEnabled":true,"createTime":1677480515000,"updateTime":1677486608000,"version":1,"name":"hdfs","displayName":"hdfs","implClass":"org.apache.ranger.services.hdfs.RangerServiceHdfs","label":"HDFS Repository","description":"HDFS Repository","options":{"enableDenyAndExceptionsInPolicies":"true"},"configs":[{"itemId":1,"name":"username","type":"string","mandatory":true,"label":"Username"},{"itemId":2,"name":"password","type":"password","mandatory":true,"label":"Password"},{"itemId":3,"name":"fs.default.name","type":"string","mandatory":true,"uiHint":"{\"TextFieldWithIcon\":true, \"info\": \"1.For one Namenode Url, eg.<br>hdfs://<host>:<port><br>2.For HA Namenode Urls(use , delimiter), eg.<br>hdfs://<host>:<port>,hdfs://<host2>:<
port2><br>\"}","label":"Namenode URL"},{"itemId":4,"name":"hadoop.security.authorization","type":"bool","subType":"YesTrue:NoFalse","mandatory":true,"defaultValue":"false","label":"Authorization Enabled"},{"itemId":5,"name":"hadoop.security.authentication","type":"enum","subType":"authnType","mandatory":true,"defaultValue":"simple","label":"Authentication Type"},{"itemId":6,"name":"hadoop.security.auth_to_local","type":"string","mandatory":false},{"itemId":7,"name":"dfs.datanode.kerberos.principal","type":"string","mandatory":false},{"itemId":8,"name":"dfs.namenode.kerberos.principal","type":"string","mandatory":false},{"itemId":9,"name":"dfs.secondary.namenode.kerberos.principal","type":"string","mandatory":false},{"itemId":10,"name":"hadoop.rpc.protection","type":"enum","subType":"rpcProtection","mandatory":false,"defaultValue":"authentication","label":"RPC Protection Type"},{"itemId":11,"name":"commonNameForCertificate","type":"string","mandatory":false,"label":"Common Name fo
r Certificate"},{"itemId":12,"name":"ranger.plugin.audit.filters","type":"string","mandatory":false,"defaultValue":"[{'accessResult': 'DENIED', 'isAudited': true}, {'actions':['delete','rename'],'isAudited':true}, {'users':['hdfs'], 'actions': ['listStatus', 'getfileinfo', 'listCachePools', 'listCacheDirectives', 'listCorruptFileBlocks', 'monitorHealth', 'rollEditLog', 'open'], 'isAudited': false}, {'users': ['oozie'],'resources': {'path': {'values': ['/user/oozie/share/lib'],'isRecursive': true}},'isAudited': false},{'users': ['spark'],'resources': {'path': {'values': ['/user/spark/applicationHistory'],'isRecursive': true}},'isAudited': false},{'users': ['hue'],'resources': {'path': {'values': ['/user/hue'],'isRecursive': true}},'isAudited': false},{'users': ['hbase'],'resources': {'path': {'values': ['/hbase'],'isRecursive': true}},'isAudited': false},{'users': ['mapred'],'resources': {'path': {'values': ['/user/history'],'isRecursive': true}},'isAudited': false}, {'actions': ['ge
tfileinfo'], 'isAudited':false} ]","label":"Ranger Default Audit Filters"}],"resources":[{"itemId":1,"name":"path","type":"path","level":10,"mandatory":true,"lookupSupported":true,"recursiveSupported":true,"excludesSupported":false,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerPathResourceMatcher","matcherOptions":{"wildCard":"true","ignoreCase":"false"},"label":"Resource Path","description":"HDFS file or directory path","isValidLeaf":true}],"accessTypes":[{"itemId":1,"name":"read","label":"Read"},{"itemId":2,"name":"write","label":"Write"},{"itemId":3,"name":"execute","label":"Execute"}],"enums":[{"itemId":1,"name":"authnType","elements":[{"itemId":1,"name":"simple","label":"Simple"},{"itemId":2,"name":"kerberos","label":"Kerberos"}],"defaultIndex":0},{"itemId":2,"name":"rpcProtection","elements":[{"itemId":1,"name":"authentication","label":"Authentication"},{"itemId":2,"name":"integrity","label":"Integrity"},{"itemId":3,"name":"privacy","label":"Privacy"}],"defaultInde
x":0}],"dataMaskDef":{},"rowFilterDef":{}}'
> HTTP/1.1 100 Continue
>
> HTTP/1.1 400 Bad Request
> Set-Cookie: RANGERADMINSESSIONID=45F4EC1192635D4C18483B175CF4B9D2; Path=/; HttpOnly
> Cache-Control: no-cache, no-store, max-age=0, must-revalidate
> X-Frame-Options: DENY
> X-XSS-Protection: 1; mode=block
> Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
> Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline';font-src 'self'
> X-Permitted-Cross-Domain-Policies: none
> X-Content-Type-Options: nosniff
> Content-Type: application/json
> Transfer-Encoding: chunked
> Date: Tue, 28 Feb 2023 11:31:33 GMT
> Connection: close
> Server: Apache Ranger
>
> serviceDef Id mismatch
>
>
> Diffs
> -----
>
> security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java 4ad6058cc
> security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 9e2fb66b4
> security-admin/src/test/java/org/apache/ranger/rest/TestPublicAPIsv2.java 53750a041
>
>
> Diff: https://reviews.apache.org/r/74329/diff/2/
>
>
> Testing
> -------
>
> Tested the above curl request with this patch change and getting 200 response code.
>
>
> Thanks,
>
> Pradeep Agrawal
>
>
Re: Review Request 74329: RANGER-4112: Update servicedef by name results in 400 status code
Posted by Abhay Kulkarni <ak...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74329/#review225229
-----------------------------------------------------------
security-admin/src/test/java/org/apache/ranger/rest/TestPublicAPIsv2.java
Line 320 (original), 320 (patched)
<https://reviews.apache.org/r/74329/#comment313964>
Consider reverting this change and the line 328. Having the original code will help test the fix in the ServiceREST.java file above.
- Abhay Kulkarni
On Feb. 28, 2023, 11:36 a.m., Pradeep Agrawal wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/74329/
> -----------------------------------------------------------
>
> (Updated Feb. 28, 2023, 11:36 a.m.)
>
>
> Review request for ranger, Abhishek Kumar, Dineshkumar Yadav, Kishor Gollapalliwar, Abhay Kulkarni, Madhan Neethiraj, Nikhil P, Pradeep Agrawal, Ramesh Mani, Sailaja Polavarapu, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-4112
> https://issues.apache.org/jira/browse/RANGER-4112
>
>
> Repository: ranger
>
>
> Description
> -------
>
> **Problem Statement: ** If a PUT request is made to update the servicedef by id (BASE_URL/service/public/v2/api/servicedef/id), the request passes,
> but if the same PUT request is made to update the servicedef by name (BASE_URL/service/public/v2/api/servicedef/name/{servicedef_name}), then it results in 400 Bad request.
>
> curl -i -H "Accept: application/json" -H "Content-Type: application/json" -X PUT "http://localhost:6080/service/public/v2/api/servicedef/name/hdfs" -u admin:Ranger@1234 -d '{"id":1,"guid":"0d047247-bafe-4cf8-8e9b-d5d377284b2d","isEnabled":true,"createTime":1677480515000,"updateTime":1677486608000,"version":1,"name":"hdfs","displayName":"hdfs","implClass":"org.apache.ranger.services.hdfs.RangerServiceHdfs","label":"HDFS Repository","description":"HDFS Repository","options":{"enableDenyAndExceptionsInPolicies":"true"},"configs":[{"itemId":1,"name":"username","type":"string","mandatory":true,"label":"Username"},{"itemId":2,"name":"password","type":"password","mandatory":true,"label":"Password"},{"itemId":3,"name":"fs.default.name","type":"string","mandatory":true,"uiHint":"{\"TextFieldWithIcon\":true, \"info\": \"1.For one Namenode Url, eg.<br>hdfs://<host>:<port><br>2.For HA Namenode Urls(use , delimiter), eg.<br>hdfs://<host>:<port>,hdfs://<host2>:<
port2><br>\"}","label":"Namenode URL"},{"itemId":4,"name":"hadoop.security.authorization","type":"bool","subType":"YesTrue:NoFalse","mandatory":true,"defaultValue":"false","label":"Authorization Enabled"},{"itemId":5,"name":"hadoop.security.authentication","type":"enum","subType":"authnType","mandatory":true,"defaultValue":"simple","label":"Authentication Type"},{"itemId":6,"name":"hadoop.security.auth_to_local","type":"string","mandatory":false},{"itemId":7,"name":"dfs.datanode.kerberos.principal","type":"string","mandatory":false},{"itemId":8,"name":"dfs.namenode.kerberos.principal","type":"string","mandatory":false},{"itemId":9,"name":"dfs.secondary.namenode.kerberos.principal","type":"string","mandatory":false},{"itemId":10,"name":"hadoop.rpc.protection","type":"enum","subType":"rpcProtection","mandatory":false,"defaultValue":"authentication","label":"RPC Protection Type"},{"itemId":11,"name":"commonNameForCertificate","type":"string","mandatory":false,"label":"Common Name fo
r Certificate"},{"itemId":12,"name":"ranger.plugin.audit.filters","type":"string","mandatory":false,"defaultValue":"[{'accessResult': 'DENIED', 'isAudited': true}, {'actions':['delete','rename'],'isAudited':true}, {'users':['hdfs'], 'actions': ['listStatus', 'getfileinfo', 'listCachePools', 'listCacheDirectives', 'listCorruptFileBlocks', 'monitorHealth', 'rollEditLog', 'open'], 'isAudited': false}, {'users': ['oozie'],'resources': {'path': {'values': ['/user/oozie/share/lib'],'isRecursive': true}},'isAudited': false},{'users': ['spark'],'resources': {'path': {'values': ['/user/spark/applicationHistory'],'isRecursive': true}},'isAudited': false},{'users': ['hue'],'resources': {'path': {'values': ['/user/hue'],'isRecursive': true}},'isAudited': false},{'users': ['hbase'],'resources': {'path': {'values': ['/hbase'],'isRecursive': true}},'isAudited': false},{'users': ['mapred'],'resources': {'path': {'values': ['/user/history'],'isRecursive': true}},'isAudited': false}, {'actions': ['ge
tfileinfo'], 'isAudited':false} ]","label":"Ranger Default Audit Filters"}],"resources":[{"itemId":1,"name":"path","type":"path","level":10,"mandatory":true,"lookupSupported":true,"recursiveSupported":true,"excludesSupported":false,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerPathResourceMatcher","matcherOptions":{"wildCard":"true","ignoreCase":"false"},"label":"Resource Path","description":"HDFS file or directory path","isValidLeaf":true}],"accessTypes":[{"itemId":1,"name":"read","label":"Read"},{"itemId":2,"name":"write","label":"Write"},{"itemId":3,"name":"execute","label":"Execute"}],"enums":[{"itemId":1,"name":"authnType","elements":[{"itemId":1,"name":"simple","label":"Simple"},{"itemId":2,"name":"kerberos","label":"Kerberos"}],"defaultIndex":0},{"itemId":2,"name":"rpcProtection","elements":[{"itemId":1,"name":"authentication","label":"Authentication"},{"itemId":2,"name":"integrity","label":"Integrity"},{"itemId":3,"name":"privacy","label":"Privacy"}],"defaultInde
x":0}],"dataMaskDef":{},"rowFilterDef":{}}'
> HTTP/1.1 100 Continue
>
> HTTP/1.1 400 Bad Request
> Set-Cookie: RANGERADMINSESSIONID=45F4EC1192635D4C18483B175CF4B9D2; Path=/; HttpOnly
> Cache-Control: no-cache, no-store, max-age=0, must-revalidate
> X-Frame-Options: DENY
> X-XSS-Protection: 1; mode=block
> Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
> Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline';font-src 'self'
> X-Permitted-Cross-Domain-Policies: none
> X-Content-Type-Options: nosniff
> Content-Type: application/json
> Transfer-Encoding: chunked
> Date: Tue, 28 Feb 2023 11:31:33 GMT
> Connection: close
> Server: Apache Ranger
>
> serviceDef Id mismatch
>
>
> Diffs
> -----
>
> security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java 4ad6058cc
> security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 9e2fb66b4
> security-admin/src/test/java/org/apache/ranger/rest/TestPublicAPIsv2.java 53750a041
>
>
> Diff: https://reviews.apache.org/r/74329/diff/2/
>
>
> Testing
> -------
>
> Tested the above curl request with this patch change and getting 200 response code.
>
>
> Thanks,
>
> Pradeep Agrawal
>
>
Re: Review Request 74329: RANGER-4112: Update servicedef by name results in 400 status code
Posted by Abhay Kulkarni <ak...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74329/#review225234
-----------------------------------------------------------
Ship it!
Ship It!
- Abhay Kulkarni
On Feb. 28, 2023, 11:36 a.m., Pradeep Agrawal wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/74329/
> -----------------------------------------------------------
>
> (Updated Feb. 28, 2023, 11:36 a.m.)
>
>
> Review request for ranger, Abhishek Kumar, Dineshkumar Yadav, Kishor Gollapalliwar, Abhay Kulkarni, Madhan Neethiraj, Nikhil P, Pradeep Agrawal, Ramesh Mani, Sailaja Polavarapu, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-4112
> https://issues.apache.org/jira/browse/RANGER-4112
>
>
> Repository: ranger
>
>
> Description
> -------
>
> **Problem Statement: ** If a PUT request is made to update the servicedef by id (BASE_URL/service/public/v2/api/servicedef/id), the request passes,
> but if the same PUT request is made to update the servicedef by name (BASE_URL/service/public/v2/api/servicedef/name/{servicedef_name}), then it results in 400 Bad request.
>
> curl -i -H "Accept: application/json" -H "Content-Type: application/json" -X PUT "http://localhost:6080/service/public/v2/api/servicedef/name/hdfs" -u admin:Ranger@1234 -d '{"id":1,"guid":"0d047247-bafe-4cf8-8e9b-d5d377284b2d","isEnabled":true,"createTime":1677480515000,"updateTime":1677486608000,"version":1,"name":"hdfs","displayName":"hdfs","implClass":"org.apache.ranger.services.hdfs.RangerServiceHdfs","label":"HDFS Repository","description":"HDFS Repository","options":{"enableDenyAndExceptionsInPolicies":"true"},"configs":[{"itemId":1,"name":"username","type":"string","mandatory":true,"label":"Username"},{"itemId":2,"name":"password","type":"password","mandatory":true,"label":"Password"},{"itemId":3,"name":"fs.default.name","type":"string","mandatory":true,"uiHint":"{\"TextFieldWithIcon\":true, \"info\": \"1.For one Namenode Url, eg.<br>hdfs://<host>:<port><br>2.For HA Namenode Urls(use , delimiter), eg.<br>hdfs://<host>:<port>,hdfs://<host2>:<
port2><br>\"}","label":"Namenode URL"},{"itemId":4,"name":"hadoop.security.authorization","type":"bool","subType":"YesTrue:NoFalse","mandatory":true,"defaultValue":"false","label":"Authorization Enabled"},{"itemId":5,"name":"hadoop.security.authentication","type":"enum","subType":"authnType","mandatory":true,"defaultValue":"simple","label":"Authentication Type"},{"itemId":6,"name":"hadoop.security.auth_to_local","type":"string","mandatory":false},{"itemId":7,"name":"dfs.datanode.kerberos.principal","type":"string","mandatory":false},{"itemId":8,"name":"dfs.namenode.kerberos.principal","type":"string","mandatory":false},{"itemId":9,"name":"dfs.secondary.namenode.kerberos.principal","type":"string","mandatory":false},{"itemId":10,"name":"hadoop.rpc.protection","type":"enum","subType":"rpcProtection","mandatory":false,"defaultValue":"authentication","label":"RPC Protection Type"},{"itemId":11,"name":"commonNameForCertificate","type":"string","mandatory":false,"label":"Common Name fo
r Certificate"},{"itemId":12,"name":"ranger.plugin.audit.filters","type":"string","mandatory":false,"defaultValue":"[{'accessResult': 'DENIED', 'isAudited': true}, {'actions':['delete','rename'],'isAudited':true}, {'users':['hdfs'], 'actions': ['listStatus', 'getfileinfo', 'listCachePools', 'listCacheDirectives', 'listCorruptFileBlocks', 'monitorHealth', 'rollEditLog', 'open'], 'isAudited': false}, {'users': ['oozie'],'resources': {'path': {'values': ['/user/oozie/share/lib'],'isRecursive': true}},'isAudited': false},{'users': ['spark'],'resources': {'path': {'values': ['/user/spark/applicationHistory'],'isRecursive': true}},'isAudited': false},{'users': ['hue'],'resources': {'path': {'values': ['/user/hue'],'isRecursive': true}},'isAudited': false},{'users': ['hbase'],'resources': {'path': {'values': ['/hbase'],'isRecursive': true}},'isAudited': false},{'users': ['mapred'],'resources': {'path': {'values': ['/user/history'],'isRecursive': true}},'isAudited': false}, {'actions': ['ge
tfileinfo'], 'isAudited':false} ]","label":"Ranger Default Audit Filters"}],"resources":[{"itemId":1,"name":"path","type":"path","level":10,"mandatory":true,"lookupSupported":true,"recursiveSupported":true,"excludesSupported":false,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerPathResourceMatcher","matcherOptions":{"wildCard":"true","ignoreCase":"false"},"label":"Resource Path","description":"HDFS file or directory path","isValidLeaf":true}],"accessTypes":[{"itemId":1,"name":"read","label":"Read"},{"itemId":2,"name":"write","label":"Write"},{"itemId":3,"name":"execute","label":"Execute"}],"enums":[{"itemId":1,"name":"authnType","elements":[{"itemId":1,"name":"simple","label":"Simple"},{"itemId":2,"name":"kerberos","label":"Kerberos"}],"defaultIndex":0},{"itemId":2,"name":"rpcProtection","elements":[{"itemId":1,"name":"authentication","label":"Authentication"},{"itemId":2,"name":"integrity","label":"Integrity"},{"itemId":3,"name":"privacy","label":"Privacy"}],"defaultInde
x":0}],"dataMaskDef":{},"rowFilterDef":{}}'
> HTTP/1.1 100 Continue
>
> HTTP/1.1 400 Bad Request
> Set-Cookie: RANGERADMINSESSIONID=45F4EC1192635D4C18483B175CF4B9D2; Path=/; HttpOnly
> Cache-Control: no-cache, no-store, max-age=0, must-revalidate
> X-Frame-Options: DENY
> X-XSS-Protection: 1; mode=block
> Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
> Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline';font-src 'self'
> X-Permitted-Cross-Domain-Policies: none
> X-Content-Type-Options: nosniff
> Content-Type: application/json
> Transfer-Encoding: chunked
> Date: Tue, 28 Feb 2023 11:31:33 GMT
> Connection: close
> Server: Apache Ranger
>
> serviceDef Id mismatch
>
>
> Diffs
> -----
>
> security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java 4ad6058cc
> security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 9e2fb66b4
> security-admin/src/test/java/org/apache/ranger/rest/TestPublicAPIsv2.java 53750a041
>
>
> Diff: https://reviews.apache.org/r/74329/diff/2/
>
>
> Testing
> -------
>
> Tested the above curl request with this patch change and getting 200 response code.
>
>
> Thanks,
>
> Pradeep Agrawal
>
>
Re: Review Request 74329: RANGER-4112: Update servicedef by name results in 400 status code
Posted by Ramachandran Krishnan <ra...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74329/#review225228
-----------------------------------------------------------
Ship it!
Ship It!
- Ramachandran Krishnan
On Feb. 28, 2023, 11:36 a.m., Pradeep Agrawal wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/74329/
> -----------------------------------------------------------
>
> (Updated Feb. 28, 2023, 11:36 a.m.)
>
>
> Review request for ranger, Abhishek Kumar, Dineshkumar Yadav, Kishor Gollapalliwar, Abhay Kulkarni, Madhan Neethiraj, Nikhil P, Pradeep Agrawal, Ramesh Mani, Sailaja Polavarapu, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-4112
> https://issues.apache.org/jira/browse/RANGER-4112
>
>
> Repository: ranger
>
>
> Description
> -------
>
> **Problem Statement: ** If a PUT request is made to update the servicedef by id (BASE_URL/service/public/v2/api/servicedef/id), the request passes,
> but if the same PUT request is made to update the servicedef by name (BASE_URL/service/public/v2/api/servicedef/name/{servicedef_name}), then it results in 400 Bad request.
>
> curl -i -H "Accept: application/json" -H "Content-Type: application/json" -X PUT "http://localhost:6080/service/public/v2/api/servicedef/name/hdfs" -u admin:Ranger@1234 -d '{"id":1,"guid":"0d047247-bafe-4cf8-8e9b-d5d377284b2d","isEnabled":true,"createTime":1677480515000,"updateTime":1677486608000,"version":1,"name":"hdfs","displayName":"hdfs","implClass":"org.apache.ranger.services.hdfs.RangerServiceHdfs","label":"HDFS Repository","description":"HDFS Repository","options":{"enableDenyAndExceptionsInPolicies":"true"},"configs":[{"itemId":1,"name":"username","type":"string","mandatory":true,"label":"Username"},{"itemId":2,"name":"password","type":"password","mandatory":true,"label":"Password"},{"itemId":3,"name":"fs.default.name","type":"string","mandatory":true,"uiHint":"{\"TextFieldWithIcon\":true, \"info\": \"1.For one Namenode Url, eg.<br>hdfs://<host>:<port><br>2.For HA Namenode Urls(use , delimiter), eg.<br>hdfs://<host>:<port>,hdfs://<host2>:<
port2><br>\"}","label":"Namenode URL"},{"itemId":4,"name":"hadoop.security.authorization","type":"bool","subType":"YesTrue:NoFalse","mandatory":true,"defaultValue":"false","label":"Authorization Enabled"},{"itemId":5,"name":"hadoop.security.authentication","type":"enum","subType":"authnType","mandatory":true,"defaultValue":"simple","label":"Authentication Type"},{"itemId":6,"name":"hadoop.security.auth_to_local","type":"string","mandatory":false},{"itemId":7,"name":"dfs.datanode.kerberos.principal","type":"string","mandatory":false},{"itemId":8,"name":"dfs.namenode.kerberos.principal","type":"string","mandatory":false},{"itemId":9,"name":"dfs.secondary.namenode.kerberos.principal","type":"string","mandatory":false},{"itemId":10,"name":"hadoop.rpc.protection","type":"enum","subType":"rpcProtection","mandatory":false,"defaultValue":"authentication","label":"RPC Protection Type"},{"itemId":11,"name":"commonNameForCertificate","type":"string","mandatory":false,"label":"Common Name fo
r Certificate"},{"itemId":12,"name":"ranger.plugin.audit.filters","type":"string","mandatory":false,"defaultValue":"[{'accessResult': 'DENIED', 'isAudited': true}, {'actions':['delete','rename'],'isAudited':true}, {'users':['hdfs'], 'actions': ['listStatus', 'getfileinfo', 'listCachePools', 'listCacheDirectives', 'listCorruptFileBlocks', 'monitorHealth', 'rollEditLog', 'open'], 'isAudited': false}, {'users': ['oozie'],'resources': {'path': {'values': ['/user/oozie/share/lib'],'isRecursive': true}},'isAudited': false},{'users': ['spark'],'resources': {'path': {'values': ['/user/spark/applicationHistory'],'isRecursive': true}},'isAudited': false},{'users': ['hue'],'resources': {'path': {'values': ['/user/hue'],'isRecursive': true}},'isAudited': false},{'users': ['hbase'],'resources': {'path': {'values': ['/hbase'],'isRecursive': true}},'isAudited': false},{'users': ['mapred'],'resources': {'path': {'values': ['/user/history'],'isRecursive': true}},'isAudited': false}, {'actions': ['ge
tfileinfo'], 'isAudited':false} ]","label":"Ranger Default Audit Filters"}],"resources":[{"itemId":1,"name":"path","type":"path","level":10,"mandatory":true,"lookupSupported":true,"recursiveSupported":true,"excludesSupported":false,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerPathResourceMatcher","matcherOptions":{"wildCard":"true","ignoreCase":"false"},"label":"Resource Path","description":"HDFS file or directory path","isValidLeaf":true}],"accessTypes":[{"itemId":1,"name":"read","label":"Read"},{"itemId":2,"name":"write","label":"Write"},{"itemId":3,"name":"execute","label":"Execute"}],"enums":[{"itemId":1,"name":"authnType","elements":[{"itemId":1,"name":"simple","label":"Simple"},{"itemId":2,"name":"kerberos","label":"Kerberos"}],"defaultIndex":0},{"itemId":2,"name":"rpcProtection","elements":[{"itemId":1,"name":"authentication","label":"Authentication"},{"itemId":2,"name":"integrity","label":"Integrity"},{"itemId":3,"name":"privacy","label":"Privacy"}],"defaultInde
x":0}],"dataMaskDef":{},"rowFilterDef":{}}'
> HTTP/1.1 100 Continue
>
> HTTP/1.1 400 Bad Request
> Set-Cookie: RANGERADMINSESSIONID=45F4EC1192635D4C18483B175CF4B9D2; Path=/; HttpOnly
> Cache-Control: no-cache, no-store, max-age=0, must-revalidate
> X-Frame-Options: DENY
> X-XSS-Protection: 1; mode=block
> Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
> Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline';font-src 'self'
> X-Permitted-Cross-Domain-Policies: none
> X-Content-Type-Options: nosniff
> Content-Type: application/json
> Transfer-Encoding: chunked
> Date: Tue, 28 Feb 2023 11:31:33 GMT
> Connection: close
> Server: Apache Ranger
>
> serviceDef Id mismatch
>
>
> Diffs
> -----
>
> security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 9e2fb66b4
>
>
> Diff: https://reviews.apache.org/r/74329/diff/1/
>
>
> Testing
> -------
>
> Tested the above curl request with this patch change and getting 200 response code.
>
>
> Thanks,
>
> Pradeep Agrawal
>
>