You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by me...@apache.org on 2020/10/27 09:23:01 UTC
[ranger] branch master updated (72a3f94 -> 081a5c2)
This is an automated email from the ASF dual-hosted git repository.
mehul pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git.
from 72a3f94 RANGER-2996 : Add search by Roles and Auditor user should be able to see Roles tab.4
new cddb435 RANGER-3056: Show Audit ID in Audit->Access tab
new e394f97 RANGER-3057: Support Audit search based on Audit ID
new 081a5c2 RANGER-3060: Maven build failing due to PMD violations
The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../hbase/RangerAuthorizationCoprocessor.java | 1 -
.../main/java/org/apache/ranger/rest/AssetREST.java | 20 ++++++++++----------
.../apache/ranger/solr/SolrAccessAuditsService.java | 7 +++++++
.../java/org/apache/ranger/view/VXAccessAudit.java | 11 +++++++++++
.../webapp/scripts/modules/globalize/message/en.js | 3 ++-
.../main/webapp/scripts/views/reports/AuditLayout.js | 3 ++-
.../templates/reports/AuditAccessLogDetail_tmpl.html | 12 ++++++++++++
.../java/org/apache/ranger/rest/TestAssetREST.java | 4 ++--
8 files changed, 46 insertions(+), 15 deletions(-)
[ranger] 01/03: RANGER-3056: Show Audit ID in Audit->Access tab
Posted by me...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
mehul pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
commit cddb43501f0c2b1dd1a1fc776e823aac4f0b12d8
Author: Kishor Gollapalliwar <ki...@gmail.com>
AuthorDate: Thu Oct 22 13:20:54 2020 +0530
RANGER-3056: Show Audit ID in Audit->Access tab
Signed-off-by: Mehul Parikh <me...@apache.org>
---
.../java/org/apache/ranger/solr/SolrAccessAuditsService.java | 1 +
.../src/main/java/org/apache/ranger/view/VXAccessAudit.java | 11 +++++++++++
.../src/main/webapp/scripts/modules/globalize/message/en.js | 3 ++-
.../webapp/templates/reports/AuditAccessLogDetail_tmpl.html | 12 ++++++++++++
4 files changed, 26 insertions(+), 1 deletion(-)
diff --git a/security-admin/src/main/java/org/apache/ranger/solr/SolrAccessAuditsService.java b/security-admin/src/main/java/org/apache/ranger/solr/SolrAccessAuditsService.java
index f3c6e3f..4b1cf5b 100644
--- a/security-admin/src/main/java/org/apache/ranger/solr/SolrAccessAuditsService.java
+++ b/security-admin/src/main/java/org/apache/ranger/solr/SolrAccessAuditsService.java
@@ -127,6 +127,7 @@ public class SolrAccessAuditsService extends AccessAuditsService {
if (value != null) {
// TODO: Converting ID to hashcode for now
accessAudit.setId((long) value.hashCode());
+ accessAudit.setEventId(value.toString());
}
value = doc.getFieldValue("cluster");
diff --git a/security-admin/src/main/java/org/apache/ranger/view/VXAccessAudit.java b/security-admin/src/main/java/org/apache/ranger/view/VXAccessAudit.java
index a9a9cb9..4dfd207 100644
--- a/security-admin/src/main/java/org/apache/ranger/view/VXAccessAudit.java
+++ b/security-admin/src/main/java/org/apache/ranger/view/VXAccessAudit.java
@@ -152,6 +152,9 @@ public class VXAccessAudit extends VXDataObject implements java.io.Serializable
protected Long policyVersion;
+ // Event ID
+ protected String eventId;
+
/**
* Default constructor. This will set all the attributes to default value.
*/
@@ -604,6 +607,13 @@ public class VXAccessAudit extends VXDataObject implements java.io.Serializable
this.policyVersion = policyVersion;
}
+ public String getEventId() {
+ return eventId;
+ }
+
+ public void setEventId(String eventId) {
+ this.eventId = eventId;
+ }
/**
* This return the bean content in string format
@@ -641,6 +651,7 @@ public class VXAccessAudit extends VXDataObject implements java.io.Serializable
str += "clusterName={" + clusterName + "}";
str += "zoneName={" + zoneName + "}";
str += "agentHost={" + agentHost + "}";
+ str += "eventId={" + eventId + "}";
str += "}";
return str;
}
diff --git a/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js b/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js
index 0989976..3b99c86 100644
--- a/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js
+++ b/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js
@@ -286,7 +286,8 @@ define(function(require) {
tags : 'Tags',
permission : 'Permission',
override : 'Override',
- normal : 'Normal'
+ normal : 'Normal',
+ auditId : 'Audit ID'
},
btn : {
diff --git a/security-admin/src/main/webapp/templates/reports/AuditAccessLogDetail_tmpl.html b/security-admin/src/main/webapp/templates/reports/AuditAccessLogDetail_tmpl.html
index e0f9348..fe41386 100644
--- a/security-admin/src/main/webapp/templates/reports/AuditAccessLogDetail_tmpl.html
+++ b/security-admin/src/main/webapp/templates/reports/AuditAccessLogDetail_tmpl.html
@@ -17,6 +17,18 @@
<div id="serviceDetails" class="row">
<table class="table table-bordered table-condensed">
<tbody>
+ <tr>
+ <td>
+ {{tt 'lbl.auditId'}}
+ </td>
+ {{#compare auditaccessDetail.eventId "eq" ''}}
+ <td> -- </td>
+ {{else}}
+ <td>
+ {{auditaccessDetail.eventId}}
+ </td>
+ {{/compare}}
+ </tr>
<tr>
<td>
{{tt 'lbl.policyId'}}
[ranger] 03/03: RANGER-3060: Maven build failing due to PMD
violations
Posted by me...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
mehul pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
commit 081a5c288faa713718cff784702a33a82637edab
Author: Kishor Gollapalliwar <ki...@gmail.com>
AuthorDate: Tue Oct 27 13:17:11 2020 +0530
RANGER-3060: Maven build failing due to PMD violations
Signed-off-by: Mehul Parikh <me...@apache.org>
---
.../ranger/authorization/hbase/RangerAuthorizationCoprocessor.java | 1 -
1 file changed, 1 deletion(-)
diff --git a/hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationCoprocessor.java b/hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationCoprocessor.java
index b9dd52e..924c531 100644
--- a/hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationCoprocessor.java
+++ b/hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationCoprocessor.java
@@ -49,7 +49,6 @@ import org.apache.hadoop.hbase.security.User;
import org.apache.hadoop.hbase.security.UserProvider;
import org.apache.hadoop.hbase.security.access.*;
import org.apache.hadoop.hbase.security.access.Permission.Action;
-import org.apache.hadoop.hbase.security.access.Permission.Builder;
import org.apache.hadoop.hbase.protobuf.ProtobufUtil;
import org.apache.hadoop.hbase.shaded.protobuf.ResponseConverter;
import org.apache.hadoop.hbase.shaded.protobuf.generated.ClientProtos.CleanupBulkLoadRequest;
[ranger] 02/03: RANGER-3057: Support Audit search based on Audit ID
Posted by me...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
mehul pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
commit e394f970864636a66e984e3efc56e2c1a6e1d547
Author: Kishor Gollapalliwar <ki...@gmail.com>
AuthorDate: Fri Oct 23 20:27:22 2020 +0530
RANGER-3057: Support Audit search based on Audit ID
Signed-off-by: Mehul Parikh <me...@apache.org>
---
.../main/java/org/apache/ranger/rest/AssetREST.java | 20 ++++++++++----------
.../apache/ranger/solr/SolrAccessAuditsService.java | 6 ++++++
.../main/webapp/scripts/views/reports/AuditLayout.js | 3 ++-
.../java/org/apache/ranger/rest/TestAssetREST.java | 4 ++--
4 files changed, 20 insertions(+), 13 deletions(-)
diff --git a/security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java b/security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java
index fd6e738..51d000e 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java
@@ -641,24 +641,24 @@ public class AssetREST {
"Resource Type", StringUtil.VALIDATION_TEXT);
searchUtil.extractString(request,searchCriteria,"excludeServiceUser",
"Exclude Service User",StringUtil.VALIDATION_TEXT);
+
searchUtil.extractInt(request, searchCriteria, "auditType", "Audit Type");
- searchUtil.extractInt(request, searchCriteria, "accessResult", "Result");
+ searchUtil.extractInt(request, searchCriteria, "accessResult", "Result");
searchUtil.extractInt(request, searchCriteria, "assetId", "Asset ID");
searchUtil.extractLong(request, searchCriteria, "policyId", "Policy ID");
- searchUtil.extractInt(request, searchCriteria, "repoType", "Service Type");
-
- searchUtil.extractDate(request, searchCriteria, "startDate",
- "Start Date", "MM/dd/yyyy");
- searchUtil.extractDate(request, searchCriteria, "endDate", "End Date",
- "MM/dd/yyyy");
+ searchUtil.extractInt(request, searchCriteria, "repoType", "Service Type");
+
+ searchUtil.extractDate(request, searchCriteria, "startDate","Start Date", "MM/dd/yyyy");
+ searchUtil.extractDate(request, searchCriteria, "endDate", "End Date", "MM/dd/yyyy");
searchUtil.extractString(request, searchCriteria, "tags", "tags", null);
searchUtil.extractString(request, searchCriteria, "cluster", "Cluster Name", StringUtil.VALIDATION_TEXT);
- searchUtil.extractStringList(request, searchCriteria, "zoneName", "Zone Name List", "zoneName", null,
- null);
+ searchUtil.extractStringList(request, searchCriteria, "zoneName", "Zone Name List", "zoneName", null, null);
searchUtil.extractString(request, searchCriteria, "agentHost", "Agent Host Name", StringUtil.VALIDATION_TEXT);
-
+
+ searchUtil.extractString(request, searchCriteria, "eventId", "Event Id", null);
+
boolean isKeyAdmin = msBizUtil.isKeyAdmin();
boolean isAuditKeyAdmin = msBizUtil.isAuditKeyAdmin();
XXServiceDef xxServiceDef = daoManager.getXXServiceDef().findByName(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_KMS_NAME);
diff --git a/security-admin/src/main/java/org/apache/ranger/solr/SolrAccessAuditsService.java b/security-admin/src/main/java/org/apache/ranger/solr/SolrAccessAuditsService.java
index 4b1cf5b..0aea46d 100644
--- a/security-admin/src/main/java/org/apache/ranger/solr/SolrAccessAuditsService.java
+++ b/security-admin/src/main/java/org/apache/ranger/solr/SolrAccessAuditsService.java
@@ -75,6 +75,12 @@ public class SolrAccessAuditsService extends AccessAuditsService {
List<VXAccessAudit> xAccessAuditList = new ArrayList<VXAccessAudit>();
Map<String, Object> paramList = searchCriteria.getParamList();
+
+ Object eventIdObj = paramList.get("eventId");
+ if (eventIdObj != null) {
+ paramList.put("id", eventIdObj.toString());
+ }
+
updateUserExclusion(paramList);
QueryResponse response = solrUtil.searchResources(searchCriteria,
diff --git a/security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js b/security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js
index 16b70f4..a068ad8 100644
--- a/security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js
+++ b/security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js
@@ -431,10 +431,11 @@ define(function(require) {
{text : 'Cluster Name',label : 'cluster', urlLabel : 'clusterName'},
{text : 'Zone Name',label : 'zoneName', urlLabel : 'zoneName'},
{text : localization.tt("lbl.agentHost"), label :"agentHost", urlLabel : 'agentHost'},
+ {text : 'Audit ID', label : 'eventId', urlLabel : 'eventId'}
//{text : localization.tt("lbl.permission"), label :'action', urlLabel : 'permission'}
];
var searchOpt = ['Resource Type','Start Date','End Date','Application','User','Service Name','Service Type','Resource Name','Access Type','Result','Access Enforcer',
- 'Client IP','Tags','Cluster Name', 'Zone Name', 'Exclude User', localization.tt("lbl.agentHost"), 'Policy ID'];//, localization.tt("lbl.permission")];
+ 'Client IP','Tags','Cluster Name', 'Zone Name', 'Exclude User', localization.tt("lbl.agentHost"), 'Policy ID', 'Audit ID'];//, localization.tt("lbl.permission")];
this.clearVisualSearch(this.accessAuditList, serverAttrName);
this.searchInfoArr =[{text :'Access Enforcer', info :localization.tt('msg.accessEnforcer')},
{text :'Access Type' , info :localization.tt('msg.accessTypeMsg')},
diff --git a/security-admin/src/test/java/org/apache/ranger/rest/TestAssetREST.java b/security-admin/src/test/java/org/apache/ranger/rest/TestAssetREST.java
index c4844cf..abd4b1c 100644
--- a/security-admin/src/test/java/org/apache/ranger/rest/TestAssetREST.java
+++ b/security-admin/src/test/java/org/apache/ranger/rest/TestAssetREST.java
@@ -762,7 +762,7 @@ public class TestAssetREST {
Mockito.verify(msBizUtil).isKeyAdmin();
Mockito.verify(assetMgr).getAccessLogs(searchCriteria);
Mockito.verify(daoManager).getXXServiceDef();
- Mockito.verify(searchUtil, Mockito.times(13)).extractString((HttpServletRequest) Mockito.any(),
+ Mockito.verify(searchUtil, Mockito.times(14)).extractString((HttpServletRequest) Mockito.any(),
(SearchCriteria) Mockito.any(), Mockito.anyString(), Mockito.anyString(), Mockito.nullable(String.class));
Mockito.verify(searchUtil, Mockito.times(4)).extractInt((HttpServletRequest) Mockito.any(),
(SearchCriteria) Mockito.any(), Mockito.anyString(), Mockito.anyString());
@@ -818,7 +818,7 @@ public class TestAssetREST {
Mockito.verify(msBizUtil).isKeyAdmin();
Mockito.verify(assetMgr).getAccessLogs(searchCriteria);
Mockito.verify(daoManager).getXXServiceDef();
- Mockito.verify(searchUtil, Mockito.times(13)).extractString((HttpServletRequest) Mockito.any(),
+ Mockito.verify(searchUtil, Mockito.times(14)).extractString((HttpServletRequest) Mockito.any(),
(SearchCriteria) Mockito.any(), Mockito.anyString(), Mockito.anyString(), Mockito.nullable(String.class));
Mockito.verify(searchUtil, Mockito.times(4)).extractInt((HttpServletRequest) Mockito.any(),
(SearchCriteria) Mockito.any(), Mockito.anyString(), Mockito.anyString());