You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ab...@apache.org on 2018/09/27 00:23:52 UTC
[1/2] ranger git commit: RANGER-2008: Policy evaluation is failing
for multiline policy conditions.
Repository: ranger
Updated Branches:
refs/heads/ranger-0.7 508d347bc -> 92bdc78f3
RANGER-2008: Policy evaluation is failing for multiline policy conditions.
Signed-off-by: pradeep <pr...@apache.org>
Project: http://git-wip-us.apache.org/repos/asf/ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/3d430201
Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/3d430201
Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/3d430201
Branch: refs/heads/ranger-0.7
Commit: 3d430201d2e90708da3bae8ee0034f32e1c925f7
Parents: 508d347
Author: ni3galave <ni...@gmail.com>
Authored: Tue Mar 6 15:10:49 2018 +0530
Committer: Abhay Kulkarni <ak...@hortonworks.com>
Committed: Wed Sep 26 16:58:44 2018 -0700
----------------------------------------------------------------------
.../webapp/scripts/views/policies/PermissionList.js | 15 +++++++--------
1 file changed, 7 insertions(+), 8 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ranger/blob/3d430201/security-admin/src/main/webapp/scripts/views/policies/PermissionList.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/views/policies/PermissionList.js b/security-admin/src/main/webapp/scripts/views/policies/PermissionList.js
index c4aad36..9184675 100644
--- a/security-admin/src/main/webapp/scripts/views/policies/PermissionList.js
+++ b/security-admin/src/main/webapp/scripts/views/policies/PermissionList.js
@@ -530,7 +530,7 @@ define(function(require) {
emptytext : 'Add Conditions',
value : this.conditions,
display: function(value) {
- var continue_ = false, i = 0;
+ var continue_ = false, i = 0, cond = [];
if(!value) {
$(this).empty();
return;
@@ -545,19 +545,18 @@ define(function(require) {
return '';
}
//Add label for policy condition
- var pcond = _.findWhere(that.multiLinecond, { 'name': name})
+ var pcond = _.findWhere(that.multiLinecond, { 'name': name});
if(!_.isUndefined(pcond) && !_.isUndefined(pcond['evaluatorOptions'])
&& ! _.isUndefined(pcond['evaluatorOptions']["ui.isMultiline"])
&& ! _.isUndefined(pcond['evaluatorOptions']['engineName'])){
- val = pcond['evaluatorOptions']['engineName'] + ' Condition'
+ cond.push({ 'type' : name, 'values' : !_.isArray(val) ? [val] : val });
+ val = pcond['evaluatorOptions']['engineName'] + ' Condition';
+ } else {
+ cond.push({ 'type' : name, 'values' : !_.isArray(val) ? val.split(',') : val });
}
i++;
- return '<span class="'+label+' white-space-normal" >'+name+' : '+ _.escape(val) + '</span>';
+ return '<span class="'+label+' white-space-normal" >'+name+' : '+ _.escape(val) + '</span>';
});
- var cond = _.map(value, function(val, name) {
- return {'type' : name, 'values' : !_.isArray(val) ? val.split(',') : val};
- });
-
that.model.set('conditions', cond);
$(this).html(html);
that.ui.addConditionsSpan.find('i').attr('class', 'icon-pencil');
[2/2] ranger git commit: RANGER-2007: ranger-tagsync's Kerberos
ticket fails to renew
Posted by ab...@apache.org.
RANGER-2007: ranger-tagsync's Kerberos ticket fails to renew
Project: http://git-wip-us.apache.org/repos/asf/ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/92bdc78f
Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/92bdc78f
Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/92bdc78f
Branch: refs/heads/ranger-0.7
Commit: 92bdc78f3c05d92316f9d1bb1c304f374a790b89
Parents: 3d43020
Author: Abhay Kulkarni <ak...@hortonworks.com>
Authored: Mon Mar 5 17:02:57 2018 -0800
Committer: Abhay Kulkarni <ak...@hortonworks.com>
Committed: Wed Sep 26 16:59:41 2018 -0700
----------------------------------------------------------------------
.../ranger/tagsync/process/TagSynchronizer.java | 33 +++++++-------------
1 file changed, 12 insertions(+), 21 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ranger/blob/92bdc78f/tagsync/src/main/java/org/apache/ranger/tagsync/process/TagSynchronizer.java
----------------------------------------------------------------------
diff --git a/tagsync/src/main/java/org/apache/ranger/tagsync/process/TagSynchronizer.java b/tagsync/src/main/java/org/apache/ranger/tagsync/process/TagSynchronizer.java
index b07cd34..612dd64 100644
--- a/tagsync/src/main/java/org/apache/ranger/tagsync/process/TagSynchronizer.java
+++ b/tagsync/src/main/java/org/apache/ranger/tagsync/process/TagSynchronizer.java
@@ -28,7 +28,6 @@ import org.apache.log4j.Logger;
import org.apache.ranger.tagsync.model.TagSink;
import org.apache.ranger.tagsync.model.TagSource;
-import javax.security.auth.Subject;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
@@ -380,31 +379,23 @@ public class TagSynchronizer {
if (LOG.isDebugEnabled()) {
LOG.debug("Trying to get kerberos identitiy");
}
- Subject subject = null;
- try {
- subject = SecureClientLogin.loginUserFromKeytab(principal, keytab, nameRules);
- } catch(IOException exception) {
- LOG.error("Could not get Subject from principal:[" + principal + "], keytab:[" + keytab + "], nameRules:[" + nameRules + "]", exception);
- }
UserGroupInformation kerberosIdentity;
- if (subject != null) {
- try {
- UserGroupInformation.loginUserFromSubject(subject);
- kerberosIdentity = UserGroupInformation.getLoginUser();
- if (kerberosIdentity != null) {
- props.put(TagSyncConfig.TAGSYNC_KERBEROS_IDENTITY, kerberosIdentity.getUserName());
- if (LOG.isDebugEnabled()) {
- LOG.debug("Got UGI, user:[" + kerberosIdentity.getUserName() + "]");
- }
- ret = true;
- } else {
- LOG.error("KerberosIdentity is null!");
+ try {
+ UserGroupInformation.loginUserFromKeytab(principal, keytab);
+ kerberosIdentity = UserGroupInformation.getLoginUser();
+ if (kerberosIdentity != null) {
+ props.put(TagSyncConfig.TAGSYNC_KERBEROS_IDENTITY, kerberosIdentity.getUserName());
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("Got UGI, user:[" + kerberosIdentity.getUserName() + "]");
}
- } catch (IOException exception) {
- LOG.error("Failed to get UGI from Subject:[" + subject + "]", exception);
+ ret = true;
+ } else {
+ LOG.error("KerberosIdentity is null!");
}
+ } catch (IOException exception) {
+ LOG.error("Failed to get UGI from principal:[" + principal + "], and keytab:[" + keytab + "]", exception);
}
} else {
if (LOG.isDebugEnabled()) {