You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by Abhay Kulkarni <ak...@hortonworks.com> on 2016/07/28 21:23:35 UTC
Review Request 50585: Ability to specify 'audit all accesses' via
Ranger admin configuration
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/50585/
-----------------------------------------------------------
Review request for ranger and Madhan Neethiraj.
Bugs: RANGER-1129
https://issues.apache.org/jira/browse/RANGER-1129
Repository: ranger
Description
-------
Currently, Ranger plugins create access audit log only when a policy that matches the accessed-resource has audit enabled. This patch adds supports to force audit generation, irrespective of existence of a policy with audit-enabled.
Diffs
-----
agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngine.java 360da0c
agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyRepository.java be98f3b
agents-common/src/main/java/org/apache/ranger/plugin/util/ServicePolicies.java d450af1
security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 7947d4b
Diff: https://reviews.apache.org/r/50585/diff/
Testing
-------
Ran all unit tests successfully.
Thanks,
Abhay Kulkarni
Re: Review Request 50585: Ability to specify 'audit all accesses' via
Ranger admin configuration
Posted by Madhan Neethiraj <ma...@apache.org>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/50585/#review144015
-----------------------------------------------------------
Ship it!
Ship It!
- Madhan Neethiraj
On July 28, 2016, 9:23 p.m., Abhay Kulkarni wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/50585/
> -----------------------------------------------------------
>
> (Updated July 28, 2016, 9:23 p.m.)
>
>
> Review request for ranger and Madhan Neethiraj.
>
>
> Bugs: RANGER-1129
> https://issues.apache.org/jira/browse/RANGER-1129
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Currently, Ranger plugins create access audit log only when a policy that matches the accessed-resource has audit enabled. This patch adds supports to force audit generation, irrespective of existence of a policy with audit-enabled.
>
>
> Diffs
> -----
>
> agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngine.java 360da0c
> agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyRepository.java be98f3b
> agents-common/src/main/java/org/apache/ranger/plugin/util/ServicePolicies.java d450af1
> security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 7947d4b
>
> Diff: https://reviews.apache.org/r/50585/diff/
>
>
> Testing
> -------
>
> Ran all unit tests successfully.
>
>
> Thanks,
>
> Abhay Kulkarni
>
>
Re: Review Request 50585: Ability to specify 'audit all accesses' via
Ranger admin configuration
Posted by Madhan Neethiraj <ma...@apache.org>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/50585/#review144040
-----------------------------------------------------------
Ship it!
Ship It!
- Madhan Neethiraj
On July 28, 2016, 10:21 p.m., Abhay Kulkarni wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/50585/
> -----------------------------------------------------------
>
> (Updated July 28, 2016, 10:21 p.m.)
>
>
> Review request for ranger and Madhan Neethiraj.
>
>
> Bugs: RANGER-1129
> https://issues.apache.org/jira/browse/RANGER-1129
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Currently, Ranger plugins create access audit log only when a policy that matches the accessed-resource has audit enabled. This patch adds supports to force audit generation, irrespective of existence of a policy with audit-enabled.
>
>
> Diffs
> -----
>
> agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngine.java 360da0c
> agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyRepository.java be98f3b
> agents-common/src/main/java/org/apache/ranger/plugin/util/ServicePolicies.java d450af1
> agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngine.java dd15ff8
> agents-common/src/test/resources/policyengine/test_policyengine_hdfs_allaudit.json PRE-CREATION
> agents-common/src/test/resources/policyengine/test_policyengine_hdfs_noaudit.json PRE-CREATION
> security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 7947d4b
>
> Diff: https://reviews.apache.org/r/50585/diff/
>
>
> Testing
> -------
>
> Ran all unit tests successfully.
>
>
> Thanks,
>
> Abhay Kulkarni
>
>
Re: Review Request 50585: Ability to specify 'audit all accesses' via
Ranger admin configuration
Posted by Abhay Kulkarni <ak...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/50585/
-----------------------------------------------------------
(Updated July 28, 2016, 10:21 p.m.)
Review request for ranger and Madhan Neethiraj.
Changes
-------
Added unit tests.
Bugs: RANGER-1129
https://issues.apache.org/jira/browse/RANGER-1129
Repository: ranger
Description
-------
Currently, Ranger plugins create access audit log only when a policy that matches the accessed-resource has audit enabled. This patch adds supports to force audit generation, irrespective of existence of a policy with audit-enabled.
Diffs (updated)
-----
agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngine.java 360da0c
agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyRepository.java be98f3b
agents-common/src/main/java/org/apache/ranger/plugin/util/ServicePolicies.java d450af1
agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngine.java dd15ff8
agents-common/src/test/resources/policyengine/test_policyengine_hdfs_allaudit.json PRE-CREATION
agents-common/src/test/resources/policyengine/test_policyengine_hdfs_noaudit.json PRE-CREATION
security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 7947d4b
Diff: https://reviews.apache.org/r/50585/diff/
Testing
-------
Ran all unit tests successfully.
Thanks,
Abhay Kulkarni