You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by Nitin Galave <ni...@gmail.com> on 2017/10/11 08:17:45 UTC
Review Request 62881: RANGER-1176: Ranger admin does not allow to
create / update a policy with only delegate admin permission.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62881/
-----------------------------------------------------------
Review request for ranger, Gautam Borad, Mehul Parikh, Pradeep Agrawal, and Velmurugan Periasamy.
Bugs: RANGER-1176
https://issues.apache.org/jira/browse/RANGER-1176
Repository: ranger
Description
-------
A policy with empty access list is valid if delegated admin is true.But the Ranger Admin UI doesn't allow user to create / update a policy with only the 'delegate admin' permission for a user / group.
Diffs
-----
security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java 0b97da9
security-admin/src/main/webapp/scripts/modules/globalize/message/en.js 73b4cd3
security-admin/src/main/webapp/scripts/views/policies/RangerPolicyCreate.js df13b7c
security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js 9a8d82d
security-admin/src/main/webapp/templates/helpers/XAHelpers.js 1766880
security-admin/src/main/webapp/templates/reports/PlugableServicePolicyUpdateDiff_tmpl.html 524b18f
Diff: https://reviews.apache.org/r/62881/diff/1/
Testing
-------
1.Tested with all components.
2.Tested policy getting created by adding both permission and selecting delegate admin in allow/deny policy item.
3.Tested old and new value in the logs (Audit -> Admin tab) is getting correctly displayed.
Thanks,
Nitin Galave
Re: Review Request 62881: RANGER-1176: Ranger admin does not allow to
create / update a policy with only delegate admin permission.
Posted by Velmurugan Periasamy <vp...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62881/#review187652
-----------------------------------------------------------
Ship it!
Ship It!
- Velmurugan Periasamy
On Oct. 11, 2017, 8:17 a.m., Nitin Galave wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62881/
> -----------------------------------------------------------
>
> (Updated Oct. 11, 2017, 8:17 a.m.)
>
>
> Review request for ranger, Gautam Borad, Mehul Parikh, Pradeep Agrawal, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-1176
> https://issues.apache.org/jira/browse/RANGER-1176
>
>
> Repository: ranger
>
>
> Description
> -------
>
> A policy with empty access list is valid if delegated admin is true.But the Ranger Admin UI doesn't allow user to create / update a policy with only the 'delegate admin' permission for a user / group.
>
>
> Diffs
> -----
>
> security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java 0b97da9
> security-admin/src/main/webapp/scripts/modules/globalize/message/en.js 73b4cd3
> security-admin/src/main/webapp/scripts/views/policies/RangerPolicyCreate.js df13b7c
> security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js 9a8d82d
> security-admin/src/main/webapp/templates/helpers/XAHelpers.js 1766880
> security-admin/src/main/webapp/templates/reports/PlugableServicePolicyUpdateDiff_tmpl.html 524b18f
>
>
> Diff: https://reviews.apache.org/r/62881/diff/1/
>
>
> Testing
> -------
>
> 1.Tested with all components.
> 2.Tested policy getting created by adding both permission and selecting delegate admin in allow/deny policy item.
> 3.Tested old and new value in the logs (Audit -> Admin tab) is getting correctly displayed.
>
>
> Thanks,
>
> Nitin Galave
>
>
Re: Review Request 62881: RANGER-1176: Ranger admin does not allow to
create / update a policy with only delegate admin permission.
Posted by Mehul Parikh <me...@freestoneinfotech.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62881/#review187648
-----------------------------------------------------------
Ship it!
Ship It!
- Mehul Parikh
On Oct. 11, 2017, 8:17 a.m., Nitin Galave wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62881/
> -----------------------------------------------------------
>
> (Updated Oct. 11, 2017, 8:17 a.m.)
>
>
> Review request for ranger, Gautam Borad, Mehul Parikh, Pradeep Agrawal, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-1176
> https://issues.apache.org/jira/browse/RANGER-1176
>
>
> Repository: ranger
>
>
> Description
> -------
>
> A policy with empty access list is valid if delegated admin is true.But the Ranger Admin UI doesn't allow user to create / update a policy with only the 'delegate admin' permission for a user / group.
>
>
> Diffs
> -----
>
> security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java 0b97da9
> security-admin/src/main/webapp/scripts/modules/globalize/message/en.js 73b4cd3
> security-admin/src/main/webapp/scripts/views/policies/RangerPolicyCreate.js df13b7c
> security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js 9a8d82d
> security-admin/src/main/webapp/templates/helpers/XAHelpers.js 1766880
> security-admin/src/main/webapp/templates/reports/PlugableServicePolicyUpdateDiff_tmpl.html 524b18f
>
>
> Diff: https://reviews.apache.org/r/62881/diff/1/
>
>
> Testing
> -------
>
> 1.Tested with all components.
> 2.Tested policy getting created by adding both permission and selecting delegate admin in allow/deny policy item.
> 3.Tested old and new value in the logs (Audit -> Admin tab) is getting correctly displayed.
>
>
> Thanks,
>
> Nitin Galave
>
>
Re: Review Request 62881: RANGER-1176: Ranger admin does not allow to
create / update a policy with only delegate admin permission.
Posted by Endre Zoltan Kovacs via Review Board <no...@reviews.apache.org>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62881/#review189911
-----------------------------------------------------------
security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
Lines 391 (patched)
<https://reviews.apache.org/r/62881/#comment267141>
please fix:
typo: User is trrying => User is trying
remove the 'it' from the sentence:
'which we are not allowing it to change' => 'which we are not allowing to change'
- Endre Zoltan Kovacs
On Oct. 11, 2017, 8:17 a.m., Nitin Galave wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62881/
> -----------------------------------------------------------
>
> (Updated Oct. 11, 2017, 8:17 a.m.)
>
>
> Review request for ranger, Gautam Borad, Mehul Parikh, Pradeep Agrawal, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-1176
> https://issues.apache.org/jira/browse/RANGER-1176
>
>
> Repository: ranger
>
>
> Description
> -------
>
> A policy with empty access list is valid if delegated admin is true.But the Ranger Admin UI doesn't allow user to create / update a policy with only the 'delegate admin' permission for a user / group.
>
>
> Diffs
> -----
>
> security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java 0b97da9
> security-admin/src/main/webapp/scripts/modules/globalize/message/en.js 73b4cd3
> security-admin/src/main/webapp/scripts/views/policies/RangerPolicyCreate.js df13b7c
> security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js 9a8d82d
> security-admin/src/main/webapp/templates/helpers/XAHelpers.js 1766880
> security-admin/src/main/webapp/templates/reports/PlugableServicePolicyUpdateDiff_tmpl.html 524b18f
>
>
> Diff: https://reviews.apache.org/r/62881/diff/1/
>
>
> Testing
> -------
>
> 1.Tested with all components.
> 2.Tested policy getting created by adding both permission and selecting delegate admin in allow/deny policy item.
> 3.Tested old and new value in the logs (Audit -> Admin tab) is getting correctly displayed.
>
>
> Thanks,
>
> Nitin Galave
>
>
Re: Review Request 62881: RANGER-1176: Ranger admin does not allow to
create / update a policy with only delegate admin permission.
Posted by Gautam Borad <gb...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62881/#review187647
-----------------------------------------------------------
Ship it!
Ship It!
- Gautam Borad
On Oct. 11, 2017, 8:17 a.m., Nitin Galave wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62881/
> -----------------------------------------------------------
>
> (Updated Oct. 11, 2017, 8:17 a.m.)
>
>
> Review request for ranger, Gautam Borad, Mehul Parikh, Pradeep Agrawal, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-1176
> https://issues.apache.org/jira/browse/RANGER-1176
>
>
> Repository: ranger
>
>
> Description
> -------
>
> A policy with empty access list is valid if delegated admin is true.But the Ranger Admin UI doesn't allow user to create / update a policy with only the 'delegate admin' permission for a user / group.
>
>
> Diffs
> -----
>
> security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java 0b97da9
> security-admin/src/main/webapp/scripts/modules/globalize/message/en.js 73b4cd3
> security-admin/src/main/webapp/scripts/views/policies/RangerPolicyCreate.js df13b7c
> security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js 9a8d82d
> security-admin/src/main/webapp/templates/helpers/XAHelpers.js 1766880
> security-admin/src/main/webapp/templates/reports/PlugableServicePolicyUpdateDiff_tmpl.html 524b18f
>
>
> Diff: https://reviews.apache.org/r/62881/diff/1/
>
>
> Testing
> -------
>
> 1.Tested with all components.
> 2.Tested policy getting created by adding both permission and selecting delegate admin in allow/deny policy item.
> 3.Tested old and new value in the logs (Audit -> Admin tab) is getting correctly displayed.
>
>
> Thanks,
>
> Nitin Galave
>
>