You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by Fatima Khan <fa...@gmail.com> on 2018/03/26 13:02:36 UTC
Review Request 66279: RANGER-2039 : Allow access to Audit tab for all
users of role Keyadmin and KMS Auditor
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/66279/
-----------------------------------------------------------
Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and Sailaja Polavarapu.
Bugs: RANGER-2039
https://issues.apache.org/jira/browse/RANGER-2039
Repository: ranger
Description
-------
Currently by default users having Keyadmin or KMS auditor role doesn't get access to Audits tab in Ranger UI, but ideally it should have audit access right so that when we login through keyadmin and KMS Auditor we should be able to view the KMS related audits and user/groups tab.
Diffs
-----
security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java b3d3e96
security-admin/src/main/java/org/apache/ranger/patch/PatchGrantAuditPermissionToKeyRoleUser_J10013.java PRE-CREATION
Diff: https://reviews.apache.org/r/66279/diff/1/
Testing
-------
Tested the by creating Auditor and KMS Auditor role user's get default access to users/groups tab and Audit tab
Thanks,
Fatima Khan
Re: Review Request 66279: RANGER-2039 : Allow access to Audit tab for
all users of role Keyadmin and KMS Auditor
Posted by Mehul Parikh <me...@freestoneinfotech.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/66279/#review200279
-----------------------------------------------------------
Ship it!
Ship It!
- Mehul Parikh
On April 2, 2018, 7:39 a.m., Fatima Khan wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/66279/
> -----------------------------------------------------------
>
> (Updated April 2, 2018, 7:39 a.m.)
>
>
> Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and Sailaja Polavarapu.
>
>
> Bugs: RANGER-2039
> https://issues.apache.org/jira/browse/RANGER-2039
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Currently by default users having Keyadmin or KMS auditor role doesn't get access to Audits tab in Ranger UI, but ideally it should have audit access right so that when we login through keyadmin and KMS Auditor we should be able to view the KMS related audits and user/groups tab.
>
>
> Diffs
> -----
>
> security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 65fc51c
> security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql 0634776
> security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql 70f4bcc
> security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql d59788c
> security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql f67f109
> security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java b3d3e96
> security-admin/src/main/java/org/apache/ranger/patch/PatchGrantAuditPermissionToKeyRoleUser_J10014.java PRE-CREATION
>
>
> Diff: https://reviews.apache.org/r/66279/diff/2/
>
>
> Testing
> -------
>
> Tested the by creating Auditor and KMS Auditor role user's get default access to users/groups tab and Audit tab
>
>
> Thanks,
>
> Fatima Khan
>
>
Re: Review Request 66279: RANGER-2039 : Allow access to Audit tab for
all users of role Keyadmin and KMS Auditor
Posted by Qiang Zhang <zh...@zte.com.cn>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/66279/#review200277
-----------------------------------------------------------
Ship it!
Ship It!
- Qiang Zhang
On April 2, 2018, 7:39 a.m., Fatima Khan wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/66279/
> -----------------------------------------------------------
>
> (Updated April 2, 2018, 7:39 a.m.)
>
>
> Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and Sailaja Polavarapu.
>
>
> Bugs: RANGER-2039
> https://issues.apache.org/jira/browse/RANGER-2039
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Currently by default users having Keyadmin or KMS auditor role doesn't get access to Audits tab in Ranger UI, but ideally it should have audit access right so that when we login through keyadmin and KMS Auditor we should be able to view the KMS related audits and user/groups tab.
>
>
> Diffs
> -----
>
> security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 65fc51c
> security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql 0634776
> security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql 70f4bcc
> security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql d59788c
> security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql f67f109
> security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java b3d3e96
> security-admin/src/main/java/org/apache/ranger/patch/PatchGrantAuditPermissionToKeyRoleUser_J10014.java PRE-CREATION
>
>
> Diff: https://reviews.apache.org/r/66279/diff/2/
>
>
> Testing
> -------
>
> Tested the by creating Auditor and KMS Auditor role user's get default access to users/groups tab and Audit tab
>
>
> Thanks,
>
> Fatima Khan
>
>
Re: Review Request 66279: RANGER-2039 : Allow access to Audit tab for
all users of role Keyadmin and KMS Auditor
Posted by Velmurugan Periasamy <vp...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/66279/#review200365
-----------------------------------------------------------
Ship it!
Ship It!
- Velmurugan Periasamy
On April 3, 2018, 5:22 a.m., Fatima Khan wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/66279/
> -----------------------------------------------------------
>
> (Updated April 3, 2018, 5:22 a.m.)
>
>
> Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and Sailaja Polavarapu.
>
>
> Bugs: RANGER-2039
> https://issues.apache.org/jira/browse/RANGER-2039
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Currently by default users having Keyadmin or KMS auditor role doesn't get access to Audits tab in Ranger UI, but ideally it should have audit access right so that when we login through keyadmin and KMS Auditor we should be able to view the KMS related audits and user/groups tab.
>
>
> Diffs
> -----
>
> security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 65fc51c
> security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql 0634776
> security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql 70f4bcc
> security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql d59788c
> security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql f67f109
> security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java b3d3e96
> security-admin/src/main/java/org/apache/ranger/patch/PatchGrantAuditPermissionToKeyRoleUser_J10014.java PRE-CREATION
>
>
> Diff: https://reviews.apache.org/r/66279/diff/2/
>
>
> Testing
> -------
>
> Tested the by creating Auditor and KMS Auditor role user's get default access to users/groups tab and Audit tab
>
>
> Thanks,
>
> Fatima Khan
>
>
Re: Review Request 66279: RANGER-2039 : Allow access to Audit tab for
all users of role Keyadmin and KMS Auditor
Posted by Qiang Zhang <zh...@zte.com.cn>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/66279/#review200428
-----------------------------------------------------------
Ship it!
Ship It!
- Qiang Zhang
On April 3, 2018, 5:22 a.m., Fatima Khan wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/66279/
> -----------------------------------------------------------
>
> (Updated April 3, 2018, 5:22 a.m.)
>
>
> Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and Sailaja Polavarapu.
>
>
> Bugs: RANGER-2039
> https://issues.apache.org/jira/browse/RANGER-2039
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Currently by default users having Keyadmin or KMS auditor role doesn't get access to Audits tab in Ranger UI, but ideally it should have audit access right so that when we login through keyadmin and KMS Auditor we should be able to view the KMS related audits and user/groups tab.
>
>
> Diffs
> -----
>
> security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 65fc51c
> security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql 0634776
> security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql 70f4bcc
> security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql d59788c
> security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql f67f109
> security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java b3d3e96
> security-admin/src/main/java/org/apache/ranger/patch/PatchGrantAuditPermissionToKeyRoleUser_J10014.java PRE-CREATION
>
>
> Diff: https://reviews.apache.org/r/66279/diff/2/
>
>
> Testing
> -------
>
> Tested the by creating Auditor and KMS Auditor role user's get default access to users/groups tab and Audit tab
>
>
> Thanks,
>
> Fatima Khan
>
>
Re: Review Request 66279: RANGER-2039 : Allow access to Audit tab for
all users of role Keyadmin and KMS Auditor
Posted by Fatima Khan <fa...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/66279/
-----------------------------------------------------------
(Updated April 3, 2018, 5:22 a.m.)
Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and Sailaja Polavarapu.
Bugs: RANGER-2039
https://issues.apache.org/jira/browse/RANGER-2039
Repository: ranger
Description
-------
Currently by default users having Keyadmin or KMS auditor role doesn't get access to Audits tab in Ranger UI, but ideally it should have audit access right so that when we login through keyadmin and KMS Auditor we should be able to view the KMS related audits and user/groups tab.
Diffs
-----
security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 65fc51c
security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql 0634776
security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql 70f4bcc
security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql d59788c
security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql f67f109
security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java b3d3e96
security-admin/src/main/java/org/apache/ranger/patch/PatchGrantAuditPermissionToKeyRoleUser_J10014.java PRE-CREATION
Diff: https://reviews.apache.org/r/66279/diff/2/
Testing
-------
Tested the by creating Auditor and KMS Auditor role user's get default access to users/groups tab and Audit tab
Thanks,
Fatima Khan
Re: Review Request 66279: RANGER-2039 : Allow access to Audit tab for
all users of role Keyadmin and KMS Auditor
Posted by Velmurugan Periasamy <vp...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/66279/#review200315
-----------------------------------------------------------
Ship it!
security-admin/src/main/java/org/apache/ranger/patch/PatchGrantAuditPermissionToKeyRoleUser_J10014.java
Lines 1 (patched)
<https://reviews.apache.org/r/66279/#comment281012>
Please update the branch to be master.
- Velmurugan Periasamy
On April 2, 2018, 7:39 a.m., Fatima Khan wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/66279/
> -----------------------------------------------------------
>
> (Updated April 2, 2018, 7:39 a.m.)
>
>
> Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and Sailaja Polavarapu.
>
>
> Bugs: RANGER-2039
> https://issues.apache.org/jira/browse/RANGER-2039
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Currently by default users having Keyadmin or KMS auditor role doesn't get access to Audits tab in Ranger UI, but ideally it should have audit access right so that when we login through keyadmin and KMS Auditor we should be able to view the KMS related audits and user/groups tab.
>
>
> Diffs
> -----
>
> security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 65fc51c
> security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql 0634776
> security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql 70f4bcc
> security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql d59788c
> security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql f67f109
> security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java b3d3e96
> security-admin/src/main/java/org/apache/ranger/patch/PatchGrantAuditPermissionToKeyRoleUser_J10014.java PRE-CREATION
>
>
> Diff: https://reviews.apache.org/r/66279/diff/2/
>
>
> Testing
> -------
>
> Tested the by creating Auditor and KMS Auditor role user's get default access to users/groups tab and Audit tab
>
>
> Thanks,
>
> Fatima Khan
>
>
Re: Review Request 66279: RANGER-2039 : Allow access to Audit tab for
all users of role Keyadmin and KMS Auditor
Posted by Fatima Khan <fa...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/66279/
-----------------------------------------------------------
(Updated April 2, 2018, 7:39 a.m.)
Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and Sailaja Polavarapu.
Bugs: RANGER-2039
https://issues.apache.org/jira/browse/RANGER-2039
Repository: ranger
Description
-------
Currently by default users having Keyadmin or KMS auditor role doesn't get access to Audits tab in Ranger UI, but ideally it should have audit access right so that when we login through keyadmin and KMS Auditor we should be able to view the KMS related audits and user/groups tab.
Diffs (updated)
-----
security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 65fc51c
security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql 0634776
security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql 70f4bcc
security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql d59788c
security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql f67f109
security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java b3d3e96
security-admin/src/main/java/org/apache/ranger/patch/PatchGrantAuditPermissionToKeyRoleUser_J10014.java PRE-CREATION
Diff: https://reviews.apache.org/r/66279/diff/2/
Changes: https://reviews.apache.org/r/66279/diff/1-2/
Testing
-------
Tested the by creating Auditor and KMS Auditor role user's get default access to users/groups tab and Audit tab
Thanks,
Fatima Khan
Re: Review Request 66279: RANGER-2039 : Allow access to Audit tab for
all users of role Keyadmin and KMS Auditor
Posted by Fatima Khan <fa...@gmail.com>.
> On April 2, 2018, 5:40 a.m., Pradeep Agrawal wrote:
> > security-admin/src/main/java/org/apache/ranger/patch/PatchGrantAuditPermissionToKeyRoleUser_J10013.java
> > Lines 88 (patched)
> > <https://reviews.apache.org/r/66279/diff/1/?file=1987381#file1987381line88>
> >
> > Is it okay to continue the flow if either of them is null
Yes even if any one of the module object is null then it will go as per the flow and if both module's object is null then it will log an a warning and exit.
- Fatima
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/66279/#review200275
-----------------------------------------------------------
On April 2, 2018, 7:39 a.m., Fatima Khan wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/66279/
> -----------------------------------------------------------
>
> (Updated April 2, 2018, 7:39 a.m.)
>
>
> Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and Sailaja Polavarapu.
>
>
> Bugs: RANGER-2039
> https://issues.apache.org/jira/browse/RANGER-2039
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Currently by default users having Keyadmin or KMS auditor role doesn't get access to Audits tab in Ranger UI, but ideally it should have audit access right so that when we login through keyadmin and KMS Auditor we should be able to view the KMS related audits and user/groups tab.
>
>
> Diffs
> -----
>
> security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 65fc51c
> security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql 0634776
> security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql 70f4bcc
> security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql d59788c
> security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql f67f109
> security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java b3d3e96
> security-admin/src/main/java/org/apache/ranger/patch/PatchGrantAuditPermissionToKeyRoleUser_J10014.java PRE-CREATION
>
>
> Diff: https://reviews.apache.org/r/66279/diff/2/
>
>
> Testing
> -------
>
> Tested the by creating Auditor and KMS Auditor role user's get default access to users/groups tab and Audit tab
>
>
> Thanks,
>
> Fatima Khan
>
>
Re: Review Request 66279: RANGER-2039 : Allow access to Audit tab for
all users of role Keyadmin and KMS Auditor
Posted by Pradeep Agrawal <pr...@freestoneinfotech.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/66279/#review200275
-----------------------------------------------------------
security-admin/src/main/java/org/apache/ranger/patch/PatchGrantAuditPermissionToKeyRoleUser_J10013.java
Lines 35 (patched)
<https://reviews.apache.org/r/66279/#comment280943>
1) Patch Number J10013 is already in use now, Please change it to J10014.
2) Add entry of this patch in the ranger_core_db_schema.sql file of all DB flavors.
security-admin/src/main/java/org/apache/ranger/patch/PatchGrantAuditPermissionToKeyRoleUser_J10013.java
Lines 88 (patched)
<https://reviews.apache.org/r/66279/#comment280944>
Is it okay to continue the flow if either of them is null
- Pradeep Agrawal
On March 26, 2018, 1:02 p.m., Fatima Khan wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/66279/
> -----------------------------------------------------------
>
> (Updated March 26, 2018, 1:02 p.m.)
>
>
> Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and Sailaja Polavarapu.
>
>
> Bugs: RANGER-2039
> https://issues.apache.org/jira/browse/RANGER-2039
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Currently by default users having Keyadmin or KMS auditor role doesn't get access to Audits tab in Ranger UI, but ideally it should have audit access right so that when we login through keyadmin and KMS Auditor we should be able to view the KMS related audits and user/groups tab.
>
>
> Diffs
> -----
>
> security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java b3d3e96
> security-admin/src/main/java/org/apache/ranger/patch/PatchGrantAuditPermissionToKeyRoleUser_J10013.java PRE-CREATION
>
>
> Diff: https://reviews.apache.org/r/66279/diff/1/
>
>
> Testing
> -------
>
> Tested the by creating Auditor and KMS Auditor role user's get default access to users/groups tab and Audit tab
>
>
> Thanks,
>
> Fatima Khan
>
>