You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ranger.apache.org by Ramachandran Krishnan <ra...@gmail.com> on 2023/04/10 13:57:38 UTC

Re: Review Request 74349: RANGER-4133 Improvement in Ranger Roles Rest API's

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74349/
-----------------------------------------------------------

(Updated April 10, 2023, 1:57 p.m.)


Review request for ranger, Don Bosco Durai, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Nikhil P, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja Polavarapu, Subhrat Chaudhary, and Velmurugan Periasamy.


Bugs: RANGER-4133
    https://issues.apache.org/jira/browse/RANGER-4133


Repository: ranger


Description
-------

Apis:

API :addUsersAndGroups

URI:/roles/roles/{id}/addUsersAndGroups

In the API we mentioned a couple of fields (List<String> users, List<String> groups, Boolean isAdmin). 
How the caller will pass the fields 
Proposed Solution:
Via query Parameter (Limitation: we can not pass more characters as part of URI )
Via Request payload of List<String> users, List<String> groups, Boolean isAdmin –(RangerUsersAndGroups –Modal mentioned above to accommodate users, groups, isAdmin)


API :removeUsersAndGroups

URI:/roles/roles/{id}/removeUsersAndGroups


In the API we mentioned a couple of fields (List<String> users, List<String> groups)
How the caller will pass the fields 
Proposed Solution:
Via query Parameter (Limitation: we can not pass more characters as part of URI )
Via Request payload of List<String> users, List<String> groups (RangerUsersAndGroups –Modal mentioned above to accommodate users,groups)

API :removeAdminFromUsersAndGroups

URI:/roles/roles/{id}/removeUsersAndGroups


In the API we mentioned a couple of fields (List<String> users, List<String> groups)
How the caller will pass the fields 
Proposed Solution:
Via query Parameter (Limitation: we can not pass more characters as part of URI )
Via Request payload of List<String> users, List<String> groups (RangerUsersAndGroups –Modal mentioned above to accommodate users, groups)


Diffs (updated)
-----

  security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java 85cd7dd67 
  security-admin/src/main/java/org/apache/ranger/rest/RoleREST.java 4f0edd2b0 
  security-admin/src/test/java/org/apache/ranger/rest/TestPublicAPIsv2.java 73a593e9f 
  security-admin/src/test/java/org/apache/ranger/rest/TestRoleREST.java 217c1bba3 


Diff: https://reviews.apache.org/r/74349/diff/2/

Changes: https://reviews.apache.org/r/74349/diff/1-2/


Testing
-------


Thanks,

Ramachandran Krishnan

Re: Review Request 74349: RANGER-4133 Improvement in Ranger Roles Rest API's

Posted by Ramachandran Krishnan <ra...@gmail.com>.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74349/
-----------------------------------------------------------

(Updated April 10, 2023, 2:01 p.m.)


Review request for ranger, Don Bosco Durai, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Nikhil P, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja Polavarapu, Subhrat Chaudhary, and Velmurugan Periasamy.


Bugs: RANGER-4133
    https://issues.apache.org/jira/browse/RANGER-4133


Repository: ranger


Description (updated)
-------

Apis:

API :addUsersAndGroups

URI:/roles/roles/{id}/addUsersAndGroups

In the API we mentioned a couple of fields (List<String> users, List<String> groups, Boolean isAdmin). 
How the caller will pass the fields 
Proposed Solution:
Via query Parameter (Limitation: we can not pass more characters as part of URI )

Existing RangerRole accommodate users, groups

{
  "groups": [
    {
      "name": "testGroup1"
    },
    {
      "name": "testGroup2"
    }
  ],
  "users": [
    {
      "name": "testUser1"
    },
    {
      "name": "testUser2"
    }
  ]
}

So we can use RangerRole as the Request payload

Existing RangerRole accommodate users, groups


API :removeUsersAndGroups

URI:/roles/roles/{id}/removeUsersAndGroups


In the API we mentioned a couple of fields (List<String> users, List<String> groups)
How the caller will pass the fields 
Proposed Solution:
Existing RangerRole accommodate users, groups
So we can use RangerRole as the Request payload


API :removeAdminFromUsersAndGroups

URI:/roles/roles/{id}/removeUsersAndGroups


In the API we mentioned a couple of fields (List<String> users, List<String> groups)
How the caller will pass the fields 
Proposed Solution:
Existing RangerRole accommodate users, groups
So we can use RangerRole as the Request payload


Diffs
-----

  security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java 85cd7dd67 
  security-admin/src/main/java/org/apache/ranger/rest/RoleREST.java 4f0edd2b0 
  security-admin/src/test/java/org/apache/ranger/rest/TestPublicAPIsv2.java 73a593e9f 
  security-admin/src/test/java/org/apache/ranger/rest/TestRoleREST.java 217c1bba3 


Diff: https://reviews.apache.org/r/74349/diff/2/


Testing
-------


Thanks,

Ramachandran Krishnan