You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by bhavik patel <bh...@gmail.com> on 2019/05/16 10:48:31 UTC
Review Request 70654: RANGER-2430 Zoneadmin User is able to create
policy for those services which is not associated to zone
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/70654/
-----------------------------------------------------------
Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Oliver Szabo, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy.
Bugs: RANGER-2430
https://issues.apache.org/jira/browse/RANGER-2430
Repository: ranger
Description
-------
Steps to Reproduce:
1. Create a zone for HDFS service
Zone name: zone1
Zoneadmin user: zoneadmin1
2. Create a hbase policy with zone name as "zone1" through curl from zoneadmin user: zoneadmin1
3. It should not be allowed as hbase service is not associated with zone: zone1
Diffs
-----
agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java 3111037
agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java 990aab0
Diff: https://reviews.apache.org/r/70654/diff/1/
Testing
-------
User is no more able to create zone policy using curl command within service which are not associated to zone.
Thanks,
bhavik patel
Re: Review Request 70654: RANGER-2430 Zoneadmin User is able to create
policy for those services which is not associated to zone
Posted by bhavik patel <bh...@gmail.com>.
> On May 17, 2019, 5:01 p.m., Abhay Kulkarni wrote:
> > agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java
> > Lines 213 (patched)
> > <https://reviews.apache.org/r/70654/diff/1/?file=2145481#file2145481line213>
> >
> > Please add a unit test case to TestRangerPolicyValidator to cover this scenario.
Added couple of test cases around this change.
- bhavik
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/70654/#review215326
-----------------------------------------------------------
On May 16, 2019, 10:48 a.m., bhavik patel wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/70654/
> -----------------------------------------------------------
>
> (Updated May 16, 2019, 10:48 a.m.)
>
>
> Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Oliver Szabo, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-2430
> https://issues.apache.org/jira/browse/RANGER-2430
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Steps to Reproduce:
> 1. Create a zone for HDFS service
> Zone name: zone1
> Zoneadmin user: zoneadmin1
> 2. Create a hbase policy with zone name as "zone1" through curl from zoneadmin user: zoneadmin1
> 3. It should not be allowed as hbase service is not associated with zone: zone1
>
>
> Diffs
> -----
>
> agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java 3111037
> agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java 990aab0
>
>
> Diff: https://reviews.apache.org/r/70654/diff/1/
>
>
> Testing
> -------
>
> User is no more able to create zone policy using curl command within service which are not associated to zone.
>
>
> Thanks,
>
> bhavik patel
>
>
Re: Review Request 70654: RANGER-2430 Zoneadmin User is able to create
policy for those services which is not associated to zone
Posted by Abhay Kulkarni <ak...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/70654/#review215326
-----------------------------------------------------------
agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java
Lines 213 (patched)
<https://reviews.apache.org/r/70654/#comment301995>
Please add a unit test case to TestRangerPolicyValidator to cover this scenario.
- Abhay Kulkarni
On May 16, 2019, 10:48 a.m., bhavik patel wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/70654/
> -----------------------------------------------------------
>
> (Updated May 16, 2019, 10:48 a.m.)
>
>
> Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Oliver Szabo, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-2430
> https://issues.apache.org/jira/browse/RANGER-2430
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Steps to Reproduce:
> 1. Create a zone for HDFS service
> Zone name: zone1
> Zoneadmin user: zoneadmin1
> 2. Create a hbase policy with zone name as "zone1" through curl from zoneadmin user: zoneadmin1
> 3. It should not be allowed as hbase service is not associated with zone: zone1
>
>
> Diffs
> -----
>
> agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java 3111037
> agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java 990aab0
>
>
> Diff: https://reviews.apache.org/r/70654/diff/1/
>
>
> Testing
> -------
>
> User is no more able to create zone policy using curl command within service which are not associated to zone.
>
>
> Thanks,
>
> bhavik patel
>
>
Re: Review Request 70654: RANGER-2430 Zoneadmin User is able to create
policy for those services which is not associated to zone
Posted by Pradeep Agrawal <pr...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/70654/#review215398
-----------------------------------------------------------
Ship it!
Ship It!
- Pradeep Agrawal
On May 20, 2019, 12:08 p.m., bhavik patel wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/70654/
> -----------------------------------------------------------
>
> (Updated May 20, 2019, 12:08 p.m.)
>
>
> Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Oliver Szabo, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-2430
> https://issues.apache.org/jira/browse/RANGER-2430
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Steps to Reproduce:
> 1. Create a zone for HDFS service
> Zone name: zone1
> Zoneadmin user: zoneadmin1
> 2. Create a hbase policy with zone name as "zone1" through curl from zoneadmin user: zoneadmin1
> 3. It should not be allowed as hbase service is not associated with zone: zone1
>
>
> Diffs
> -----
>
> agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java 3111037
> agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java 990aab0
> agents-common/src/test/java/org/apache/ranger/plugin/model/validation/TestRangerPolicyValidator.java 2c1de4e
>
>
> Diff: https://reviews.apache.org/r/70654/diff/2/
>
>
> Testing
> -------
>
> User is no more able to create zone policy using curl command within service which are not associated to zone.
>
>
> Thanks,
>
> bhavik patel
>
>
Re: Review Request 70654: RANGER-2430 Zoneadmin User is able to create
policy for those services which is not associated to zone
Posted by Abhay Kulkarni <ak...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/70654/#review215365
-----------------------------------------------------------
Ship it!
Ship It!
- Abhay Kulkarni
On May 20, 2019, 12:08 p.m., bhavik patel wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/70654/
> -----------------------------------------------------------
>
> (Updated May 20, 2019, 12:08 p.m.)
>
>
> Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Oliver Szabo, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-2430
> https://issues.apache.org/jira/browse/RANGER-2430
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Steps to Reproduce:
> 1. Create a zone for HDFS service
> Zone name: zone1
> Zoneadmin user: zoneadmin1
> 2. Create a hbase policy with zone name as "zone1" through curl from zoneadmin user: zoneadmin1
> 3. It should not be allowed as hbase service is not associated with zone: zone1
>
>
> Diffs
> -----
>
> agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java 3111037
> agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java 990aab0
> agents-common/src/test/java/org/apache/ranger/plugin/model/validation/TestRangerPolicyValidator.java 2c1de4e
>
>
> Diff: https://reviews.apache.org/r/70654/diff/2/
>
>
> Testing
> -------
>
> User is no more able to create zone policy using curl command within service which are not associated to zone.
>
>
> Thanks,
>
> bhavik patel
>
>
Re: Review Request 70654: RANGER-2430 Zoneadmin User is able to create
policy for those services which is not associated to zone
Posted by bhavik patel <bh...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/70654/
-----------------------------------------------------------
(Updated May 20, 2019, 12:08 p.m.)
Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Oliver Szabo, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy.
Bugs: RANGER-2430
https://issues.apache.org/jira/browse/RANGER-2430
Repository: ranger
Description
-------
Steps to Reproduce:
1. Create a zone for HDFS service
Zone name: zone1
Zoneadmin user: zoneadmin1
2. Create a hbase policy with zone name as "zone1" through curl from zoneadmin user: zoneadmin1
3. It should not be allowed as hbase service is not associated with zone: zone1
Diffs (updated)
-----
agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java 3111037
agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java 990aab0
agents-common/src/test/java/org/apache/ranger/plugin/model/validation/TestRangerPolicyValidator.java 2c1de4e
Diff: https://reviews.apache.org/r/70654/diff/2/
Changes: https://reviews.apache.org/r/70654/diff/1-2/
Testing
-------
User is no more able to create zone policy using curl command within service which are not associated to zone.
Thanks,
bhavik patel