You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by Pradeep Agrawal <pr...@gmail.com> on 2019/06/28 13:31:42 UTC
Review Request 70953: RANGER-2485: Security zone filter is causing
Ranger audit access request waiting for longer
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/70953/
-----------------------------------------------------------
Review request for ranger, Ankita Sinha, bhavik patel, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Nikhil P, Nitin Galave, Ramesh Mani, Sailaja Polavarapu, and Velmurugan Periasamy.
Bugs: RANGER-2485
https://issues.apache.org/jira/browse/RANGER-2485
Repository: ranger
Description
-------
** Problem Statement ** Currently for logged-in user his all groups information is being pulled to collect on which security zones the user is zone admin or zone audit. if a user is member of large no. of groups then pulling all the info shall take time.
Moreover, later part of the current code fetches above details for logged in user irrespective of his role but does not run for the admin user.
** Proposed Solution: **
Is logged user is not an admin user then only should fetch the details.
Also there are nested sql calls for reference entries which can be reduced by using join queries.
Diffs
-----
security-admin/src/main/java/org/apache/ranger/biz/AssetMgr.java 1a787909c
security-admin/src/main/java/org/apache/ranger/db/XXSecurityZoneDao.java c0f06668f
security-admin/src/main/resources/META-INF/jpa_named_queries.xml 54e34d5bb
Diff: https://reviews.apache.org/r/70953/diff/1/
Testing
-------
Tested the ranger access audit page from admin,service admin, keyadmin , user, security-zone admin users and its working fine.
Thanks,
Pradeep Agrawal
Re: Review Request 70953: RANGER-2485: Security zone filter is causing
Ranger audit access request waiting for longer
Posted by Abhay Kulkarni <ak...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/70953/#review216235
-----------------------------------------------------------
Ship it!
Ship It!
- Abhay Kulkarni
On June 28, 2019, 1:31 p.m., Pradeep Agrawal wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/70953/
> -----------------------------------------------------------
>
> (Updated June 28, 2019, 1:31 p.m.)
>
>
> Review request for ranger, Ankita Sinha, bhavik patel, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Nikhil P, Nitin Galave, Ramesh Mani, Sailaja Polavarapu, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-2485
> https://issues.apache.org/jira/browse/RANGER-2485
>
>
> Repository: ranger
>
>
> Description
> -------
>
> ** Problem Statement ** Currently for logged-in user his all groups information is being pulled to collect on which security zones the user is zone admin or zone audit. if a user is member of large no. of groups then pulling all the info shall take time.
> Moreover, later part of the current code fetches above details for logged in user irrespective of his role but does not run for the admin user.
>
> ** Proposed Solution: **
> Is logged user is not an admin user then only should fetch the details.
> Also there are nested sql calls for reference entries which can be reduced by using join queries.
>
>
> Diffs
> -----
>
> security-admin/src/main/java/org/apache/ranger/biz/AssetMgr.java 1a787909c
> security-admin/src/main/java/org/apache/ranger/db/XXSecurityZoneDao.java c0f06668f
> security-admin/src/main/resources/META-INF/jpa_named_queries.xml 54e34d5bb
>
>
> Diff: https://reviews.apache.org/r/70953/diff/1/
>
>
> Testing
> -------
>
> Tested the ranger access audit page from admin,service admin, keyadmin , user, security-zone admin users and its working fine.
>
>
> Thanks,
>
> Pradeep Agrawal
>
>
Re: Review Request 70953: RANGER-2485: Security zone filter is causing
Ranger audit access request waiting for longer
Posted by Velmurugan Periasamy <vp...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/70953/#review216250
-----------------------------------------------------------
Ship it!
Ship It!
- Velmurugan Periasamy
On June 28, 2019, 1:31 p.m., Pradeep Agrawal wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/70953/
> -----------------------------------------------------------
>
> (Updated June 28, 2019, 1:31 p.m.)
>
>
> Review request for ranger, Ankita Sinha, bhavik patel, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Nikhil P, Nitin Galave, Ramesh Mani, Sailaja Polavarapu, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-2485
> https://issues.apache.org/jira/browse/RANGER-2485
>
>
> Repository: ranger
>
>
> Description
> -------
>
> ** Problem Statement ** Currently for logged-in user his all groups information is being pulled to collect on which security zones the user is zone admin or zone audit. if a user is member of large no. of groups then pulling all the info shall take time.
> Moreover, later part of the current code fetches above details for logged in user irrespective of his role but does not run for the admin user.
>
> ** Proposed Solution: **
> Is logged user is not an admin user then only should fetch the details.
> Also there are nested sql calls for reference entries which can be reduced by using join queries.
>
>
> Diffs
> -----
>
> security-admin/src/main/java/org/apache/ranger/biz/AssetMgr.java 1a787909c
> security-admin/src/main/java/org/apache/ranger/db/XXSecurityZoneDao.java c0f06668f
> security-admin/src/main/resources/META-INF/jpa_named_queries.xml 54e34d5bb
>
>
> Diff: https://reviews.apache.org/r/70953/diff/1/
>
>
> Testing
> -------
>
> Tested the ranger access audit page from admin,service admin, keyadmin , user, security-zone admin users and its working fine.
>
>
> Thanks,
>
> Pradeep Agrawal
>
>