You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by Sailaja Polavarapu <sp...@hortonworks.com> on 2017/02/11 00:42:27 UTC
Review Request 56567: RANGER-1375: HIVERangerAuthorizerTest UT fails
intermittently
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/56567/
-----------------------------------------------------------
Review request for ranger, Ankita Sinha, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and Velmurugan Periasamy.
Bugs: RANGER-1375
https://issues.apache.org/jira/browse/RANGER-1375
Repository: ranger
Description
-------
Moved hive config to enable ranger authorization after the initial db setup and table creating is done. This will avoid going through ranger authorization for initial setup.
Diffs
-----
hive-agent/src/test/java/org/apache/ranger/services/hive/HIVERangerAuthorizerTest.java 9b22794
Diff: https://reviews.apache.org/r/56567/diff/
Testing
-------
1. Commented out the authorization config block of code and ran the unit tests and all the tests failed because of no permissions on hive side. This is to confirm that hive config can be dynamically updated without restarting hiveserver.
2. To confirm that the DB creation in setup method is going through Ranger authorization \u2013 For testing this, keeping the ranger authorization config block as it is before hiverserver startup, changed the username to \u201cadmin1\u201d instead of \u201cadmin\u201d in the connection url for create db statement. With this the setup failed saying "admin1" has no permissions to create db and the stack trace shows ranger authorization.
3. Moving the ranger authorization config block after creating DB and creating basic tables, the setup was successful even with \u201cadmin1\u201d as the user for creating DB connection url.
Thanks,
Sailaja Polavarapu
Re: Review Request 56567: RANGER-1375: HIVERangerAuthorizerTest UT
fails intermittently
Posted by Velmurugan Periasamy <vp...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/56567/#review165289
-----------------------------------------------------------
Ship it!
Ship It!
- Velmurugan Periasamy
On Feb. 11, 2017, 12:42 a.m., Sailaja Polavarapu wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/56567/
> -----------------------------------------------------------
>
> (Updated Feb. 11, 2017, 12:42 a.m.)
>
>
> Review request for ranger, Ankita Sinha, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-1375
> https://issues.apache.org/jira/browse/RANGER-1375
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Moved hive config to enable ranger authorization after the initial db setup and table creating is done. This will avoid going through ranger authorization for initial setup.
>
>
> Diffs
> -----
>
> hive-agent/src/test/java/org/apache/ranger/services/hive/HIVERangerAuthorizerTest.java 9b22794
>
> Diff: https://reviews.apache.org/r/56567/diff/
>
>
> Testing
> -------
>
> 1. Commented out the authorization config block of code and ran the unit tests and all the tests failed because of no permissions on hive side. This is to confirm that hive config can be dynamically updated without restarting hiveserver.
> 2. To confirm that the DB creation in setup method is going through Ranger authorization \u2013 For testing this, keeping the ranger authorization config block as it is before hiverserver startup, changed the username to \u201cadmin1\u201d instead of \u201cadmin\u201d in the connection url for create db statement. With this the setup failed saying "admin1" has no permissions to create db and the stack trace shows ranger authorization.
> 3. Moving the ranger authorization config block after creating DB and creating basic tables, the setup was successful even with \u201cadmin1\u201d as the user for creating DB connection url.
>
>
> Thanks,
>
> Sailaja Polavarapu
>
>