Author: vel Date: Tue Jul 30 19:29:10 2024 New Revision: 70628 Log: added ranger 2.5.0-rc3
Added: dev/ranger/2.5.0-rc3/ dev/ranger/2.5.0-rc3/Apache Ranger 2.5.0 Release Notes dev/ranger/2.5.0-rc3/apache-ranger-2.5.0.tar.gz (with props) dev/ranger/2.5.0-rc3/apache-ranger-2.5.0.tar.gz.asc dev/ranger/2.5.0-rc3/apache-ranger-2.5.0.tar.gz.sha256 dev/ranger/2.5.0-rc3/apache-ranger-2.5.0.tar.gz.sha512 Added: dev/ranger/2.5.0-rc3/Apache Ranger 2.5.0 Release Notes ============================================================================== --- dev/ranger/2.5.0-rc3/Apache Ranger 2.5.0 Release Notes (added) +++ dev/ranger/2.5.0-rc3/Apache Ranger 2.5.0 Release Notes Tue Jul 30 19:29:10 2024 @@ -0,0 +1,416 @@ +New Feature +RANGER-3815 PolicyItem supports validity period setting +RANGER-4025 Ranger improvement - Roles Import/export API for ranger admin +RANGER-4047 Ranger KMS health metrics +RANGER-4221 Enable File Sync Source for Ranger Usersync in Docker +RANGER-4230 New REST APIs for force deletes of users & groups +RANGER-4255 Introduce option in Ranger to control retention period of x_auth_sess table data +RANGER-4303 plugin memory sizing + +Task +RANGER-4072 setup CI using Github action +RANGER-4116 Define description/topics/merge strategy for the github repository with .asf.yaml +RANGER-4138 Build ranger-react UI and backbone UI code base in webapp +RANGER-4164 Adding contributor name into ranger-site +RANGER-4169 Add pull request template +RANGER-4209 Blog: Adventures in ABAC - part 1 +RANGER-4231 Blog: Apache Ranger policy model +RANGER-4350 Remove use of @Xml annotations as Ranger REST APIs only support Json format serde +RANGER-4587 Blog: Apache Ranger - dynamic expressions +RANGER-4616 Updated to committer info +RANGER-4746 Clean up modules in ranger-jdk11 profile +RANGER-4752 Enable JDK 11 and 17 builds on GitHub PRs and merges to master + +Improvement +RANGER-2846 Add support for resource[volume, bucket, key] look up in ozone plugin +RANGER-2895 Replace c3p0 connection pool with HikariCP, upgrading MySQL connector +RANGER-3100 Upgrade httpclient version from 4.5.6 to 4.5.13+ due to CVE-2020-13956 +RANGER-3231 Ranger should use kafka Authorizer from KIP-504 +RANGER-3283 Ranger Audit Filter: Basic Default Audit Filter for yarn, kudu, nifi, nifi-registry & schema-registry +RANGER-3359 Upgrade json-smart and nimbus-jose-jwt libraries +RANGER-3409 Update Jackson and remove Codehaus version +RANGER-3470 Ranger - Upgrade commons-io to 2.11.0 +RANGER-3471 Upgrade Jetty-client, commons-compress, poi-ooxml jar. +RANGER-3478 Remove INFO level auditing logs in the Ranger audit frame to reduce verbosity +RANGER-3520 Upgrade Netty version +RANGER-3537 Find a viable replacement of Backbone JS for Ranger UI. +RANGER-3622 Docker: Enable Hive MetaStore in ranger-hive image +RANGER-3717 Add surefire report plugin +RANGER-3727 Create common module for handling authentication +RANGER-3729 Upgrade Jackson-core and Jackson-databind +RANGER-3733 owasp-java-html-sanitizer impacted with CVE-2021-42575 +RANGER-3739 Add JWT filter in Ranger Admin +RANGER-3758 Decrease log-level when no HBase remote client address is found +RANGER-3821 Update commons-codec version to 1.15 +RANGER-3861 Allow service creator user to create users/groups/roles in default policies +RANGER-3896 Update Ozone dependency version to latest 1.3.0 +RANGER-3913 Reduce number of calls to FilenameUtils.wildcardMatch() when evaluating resource matching +RANGER-3927 Ranger KMS generates master key on every restart before inserting into DB +RANGER-3937 Docker: Add capability to run ranger plugins and services with their own versions +RANGER-3972 Upgrade jettison version to 1.5.2 +RANGER-3974 Upgrade jackson version to 2.14.0 +RANGER-3975 Upgrade netty-all version to 4.1.85.Final +RANGER-3981 Upgrade jetty-client version to "9.4.49.v20220914" +RANGER-3998 Support Ranger KMS integration with AWS KMS +RANGER-3999 Implement more efficient way to handle _any access authorization +RANGER-4007 HDFS Authorizer changes to take advantage of support for multiple access-types in the Ranger Access Request +RANGER-4009 Open read access to some Policy Engine objects and metrics +RANGER-4010 Update policy UI to support multiple resource-sets for react ranger. +RANGER-4016 Add row draggable feature for policy Item table in policy form in react UI. +RANGER-4017 Complete Apache Ranger Stack on Docker - automation of existing README.md +RANGER-4026 Provide option to update group memberships when same users/groups are synced from different sync sources +RANGER-4030 Updating content loader for Ranger React +RANGER-4032 Create node_modules directory under target directory for Ranger react build +RANGER-4033 Upgrade React version to 18.2.0 +RANGER-4050 Session Inactivity Timeout: Ranger react UI part. +RANGER-4058 Improvement in Ranger React +RANGER-4063 Editable Search Filter (tokenizer) in Ranger React +RANGER-4066 Add row draggable feature for audit filter table in service form in Ranger React. +RANGER-4069 Add performance tracing instrumentation to Tag Enricher +RANGER-4070 Provide mechanism to manage potentially multiple enrichment of an access request +RANGER-4071 Support for LDAP/AD usernames and group names with special chars +RANGER-4124 Value of -Dlogback.configurationFile in ranger-tagsync-services.sh is not configurable +RANGER-4128 serviceName, if not specified in the resource, should be taken from the ServiceTags.serviceName +RANGER-4130 Improve performance of event processing in agsync by optimizing number of commits to Kafka broker +RANGER-4137 Add yarn and impala users to audit filter for solr servicedef to avoid logging of audits +RANGER-4139 DOC SITE: ranger.apache.org - revamp site's look and feel +RANGER-4152 Create common module for metrics and add metrics in Admin +RANGER-4156 Unit test cases are missing for RoleDBStore.java +RANGER-4158 Update python client README +RANGER-4163 Upgrade spring framework to 5.3.26 and jettison to 1.5.4 +RANGER-4165 Support SELF_OR_PREFIX resource matching scope in Ranger Authorization +RANGER-4168 Improvement :Adding Unit test cases are some of the missing classes +RANGER-4172 Move base and thirdparty image versions to .env +RANGER-4175 REST API to find the security-zone for a given resource +RANGER-4181 Add support for ranger-docker and build to run on java11 using the "ranger_in_docker" dev-support script +RANGER-4182 Ranger Admin - Enable isRecursive option to additional default policies while service creation +RANGER-4185 Improve debugging messages when policy-deltas are enabled +RANGER-4196 Tomcat metrics collection +RANGER-4204 Upgrade Kerby to 2.0.3 +RANGER-4205 Upgrade commons-net to 3.9.0 +RANGER-4206 Upgrade Woodstox to 5.4.0 +RANGER-4208 Recording DB Read Time while downloading policies,roles and users +RANGER-4212 Upgrade json-smart to 2.4.10 +RANGER-4218 enable users to be designated as service admin via their groups +RANGER-4220 Upgrade spring framework to 5.3.27 +RANGER-4226 Upgrade Nimbus-JOSE-JWT and bcpkix-jdk15 +RANGER-4229 Add flag based support for mounting db volume in dev-support scripts +RANGER-4232 Upgrade spring-security version to 5.7.8 +RANGER-4234 Eliminate need for splitting delimited strings into arrays in policy conditions +RANGER-4235 Optimize security-zone create/update to avoid unnecessary ref table entries +RANGER-4240 Optimize deletion of XXAuthSession while deleting user +RANGER-4245 Upgrade derby, spring-ldap and testng libraries +RANGER-4248 Remove unused conf files for solr audit setup +RANGER-4253 Left Sidebar layout for Ranger Admin UI in react code base +RANGER-4257 Upgrade tomcat to 8.5.89 +RANGER-4262 Upgrade aws-java-sdk to 1.12.481 +RANGER-4274 Security zone support for using roles to designate admin and audit users +RANGER-4280 Update security-zone UI with addition of admin-roles and audit-roles +RANGER-4284 Additional logging messages to help with debugging when policy deltas are enabled +RANGER-4285 Ranger Java Patch for adding uiHint in policy condition for upgrade scenario +RANGER-4286 allow security-zone to exist without any services/resources assigned yet +RANGER-4290 Adding uiHint attribute in policy condition +RANGER-4308 Upgrade netty to 4.1.94-final +RANGER-4319 Restricting policy name character to configurable length +RANGER-4336 Configuration to enable audit stats logging +RANGER-4337 Upgrade spring framework and spring-security +RANGER-4347 User name with comma split in old Ranger admin UI +RANGER-4348 Filter audits for cc_metric_reporter user on Kafka service repo +RANGER-4353 Introduce config within Ranger to control retention period of x_trx_log data +RANGER-4354 Improve ChangePassword utility for multiple default password change request +RANGER-4357 Enabling ORC audit for hdfs destination should not require 2 separate configurations +RANGER-4371 Ranger authn - add doAs support for JWT authentication +RANGER-4375 Plugin download activity should be logged asynchronously +RANGER-4378 Expand implied grants in the policy-items for being able to compare policy-cache dumps from server and client +RANGER-4379 Assorted debugging help : save policy-cache at Ranger-admin and policy-cache as well as downloaded policy-deltas on plugin side +RANGER-4380 support purging of policy download logs +RANGER-4382 Improve exportCSV download time +RANGER-4387 optimize loading of userstore from the database +RANGER-4389 extend ABAC to use few internal attributes of users and groups, like syncSource, isInternal, emailAddress +RANGER-4391 updated plugins to support using user-groups from Ranger admin +RANGER-4398 Security-zone API enhancements to support incremental updates and resource pagination +RANGER-4401 Configurable Graalvm features +RANGER-4403 update security-zone validation to prevent duplicate resource entries +RANGER-4421 Ranger - Upgrade Tomcat to 8.5.93/9.0.80 due to CVE-2023-41080 +RANGER-4424 [Ranger React UI] Security zone: Should be able to create security zone without any resource +RANGER-4440 option to store compressed json text in x_security_zone.jsonData +RANGER-4451 RANGER-4286 allows security-zone to exist without any services/resources assigned yet, so when the last service is removed from zone, the zone should not get deleted +RANGER-4461 Implement best coding practices for validating user input +RANGER-4465 Python client update with APIs to manage users/groups/user-group associations +RANGER-4482 Upgrade Tomcat to 8.5.94 (for CVE fixes) in all Ranger services +RANGER-4483 SearchField to support NOT_EQUALS search-type +RANGER-4484 security-zones for the resource should be available in the request context +RANGER-4485 refactor condition evaluator instantiation to avoid duplicate code +RANGER-4492 Optimize "plugins/definitions" API Call for Initial Load in Multiple Ranger-React Modules +RANGER-4495 Upgrade netty to 4.1.100-final +RANGER-4507 refactor PolicyEngine to move out methods that find security-zone for a resource +RANGER-4511 Enable Parallel Compilation for Multiple Modules in Ranger +RANGER-4515 Enhance perf-tracer to get CPU time when possible +RANGER-4516 move getResourceACLs() implementation from RangerPolicyEngineImpl to RangerPolicyEvaluator +RANGER-4519 Update ServiceDef icons in service manager page +RANGER-4524 FIx TestRangerMetricsContainerSource class UT +RANGER-4525 Upgrade spotbugs plugin to 4.7.3.5 +RANGER-4526 RangerBasePlugin configuration to optionally disable GDS refresher +RANGER-4529 optimize script evaluator to avoid creation of multiple bindings +RANGER-4532 Optimize policy listing loader after session timeout and Audit Admin session ID modal loader +RANGER-4533 REST API to retrieve service-headers, with optional prefix-filter +RANGER-4561 Adding the mechanism to eanble/disable Ranager Access logs based on property +RANGER-4565 Enhance Ranger's performance tracing module to optionally collect statistical information +RANGER-4568 Upgrade Spring Security to 5.7.11 and spring framework to 5.3.32 +RANGER-4571 update handling of expressions that return null +RANGER-4585 Support multiple columns policy creation in ranger for Grant / Revoke request +RANGER-4593 Upgrade react-bootstrap library +RANGER-4604 Need to add query param createdBy for security-zone GET API +RANGER-4609 Support in File-based Tag Retriever to provide tag-deltas +RANGER-4613 GDS : Need filter of objectId in /assets/report api to filter out history specific to a dataset/datashare +RANGER-4618 Need to add displayName field in zoneSummary Object +RANGER-4630 Need to add pagination support and searchFilters for tag related APIs +RANGER-4639 Provide an option to bypass evaluation of chained plugin if the parent plugin has applicable policy +RANGER-4641 Handling empty values while displaying ActivationTime & implementing Column Hide/Show functionality in Audit Plugin Status Module +RANGER-4650 Column type should be available in Hive masking expression +RANGER-4656 Filtering the resources in the search filter options on the policy listing page based on policy type. +RANGER-4659 Add eye icon for password visibility in Ranger Login Page +RANGER-4672 Tagsync log file name is not containing hostname and user +RANGER-4684 Need to update createdBy ,updatedBy field for gds objects in case the creator is deleted +RANGER-4687 Updating the "Something went wrong" page in Ranger React UI +RANGER-4729 Upgrade commons-compress to 1.26.0 +RANGER-4734 Docker setup for trino plugin +RANGER-4741 Hive plugin optimization to avoid excessive metastore API calls +RANGER-4745 Enhance handling of subAccess authorization in Ranger HDFS plugin +RANGER-4749 Tag: Create an api to check if a resource is already available in database by resource input. And send tag list along with the resource list in response of GET /service/tags/resources/paginated API +RANGER-4753 Upgrade Spring Security to 5.7.12 and spring framework to 5.3.33 +RANGER-4760 Implement case insensitive search filter for Security Zone name in Data Domain summary API +RANGER-4761 Reduce memory footprint of hbase plugin +RANGER-4763 Send user friendly message in Test Connection response if validateConfig is not implemented for the serviceDef +RANGER-4780 Ranger - Upgrade json-smart to 2.4.10 +RANGER-4783 Prevent duplicate users/groups/roles in policy items while creating/updating policies via REST +RANGER-4787 reduce plugin memory footprint by avoiding creation of unnecessary collections +RANGER-4805 Disable Atlas service under the policy permission of Tag-based policy +RANGER-4807 Upgrade Hadoop to 3.3.3 +RANGER-4817 Optimize Ranger HDFS Authorization by combining multiple authorization calls +RANGER-4819 Proposal to Upgrade All React.js Dependent Libraries +RANGER-4820 Support authorization of multiple accesses grouped by access groups in one policy engine call +RANGER-4821 Fix bugs and code smell reported by sonarqube +RANGER-4824 Remove ACL-based policy engine unit test code +RANGER-4831 Replace dependency on large aws-java-sdk-bundle with smaller libraries +RANGER-4835 RangerHiveAuthorizer audit enhancement for metadata operation like show table and databases +RANGER-4845 Remove guava dependency with use of guava included in hadoop-common +RANGER-4849 [dependabot] update Python library versions referenced in ranger-tools module +RANGER-4855 Update logback to 1.3.14 +RANGER-4857 Upgrade HBASE version to 2.6.0 +RANGER-4858 Remove usage of htrace-core4 +RANGER-4866 Dependabot suggested version updates: testng, json-path, jetty-server, jettison +RANGER-4870 update version of libthrift 0.14.0, protobuf -> 3.19.6, Solr -> 8.11.3 +RANGER-4871 update shim modules to remove unnecessary dependencies +RANGER-4873 update zookeeper version from 3.5.5 to 3.9.2 +RANGER-4878 Upgrade webpack version to latest 5.93.0 + +Bug +RANGER-2847 Add support/Fix Test connection with Ozone service +RANGER-3136 NullPointException found when import policies form web side and "isOverride" is selected +RANGER-3137 Lookup user should has 'Select' permission for all resource in hive-agent +RANGER-3421 Key getting logged in RangerMasterKey.java +RANGER-3452 Other attributes and sync source are not shown when user is converted from internal to external +RANGER-3453 Avoid logging sensitive information in UserMgr.java +RANGER-3457 [Session Timeout-Ranger]With multiple tabs if one tab encounters session idle timeout other active tab still continues with old/invalid session cookie. +RANGER-3463 Use apt logger to log messages +RANGER-3503 Make "hadoop.security.authorization" config as an optional config in cm_ozone service definition +RANGER-3718 Script exceptions are not considered in ranger-docker +RANGER-3722 Fix Test-case failure +RANGER-3748 Fix healthcheck in postgres docker compose file +RANGER-3749 Fix healthcheck in mysql docker compose file +RANGER-3752 Restrict duplicate access types entries in policy creation +RANGER-3754 Chained plugins access evaluation result is not considered in some cases +RANGER-3795 Fix java patch J10033 and J10046 failure +RANGER-3797 Not able to create security zone for solr service after upgrade +RANGER-3858 On dev-support, service creation and ranger-kafka-plugin setup are failed +RANGER-3864 Spurious creation of service-resource objects in Ranger +RANGER-3916 Ranger UI fails to open when the Ranger admin domain name includes "service" keyword in it. +RANGER-3932 Modifying the security zone name should also change the resourcesignature of their policy. +RANGER-3947 Thread leak because of retry loop in SolrCollectionBootstrapper +RANGER-3967 Service creation failing for Trino +RANGER-4023 UserStoreEnricher is not enabled if only mask conditon has attribute based expression +RANGER-4034 Start and End date fix in validity schedule of Policy Form in Ranger React +RANGER-4042 Cleanup unused usersync poc package +RANGER-4052 Zone filter not getting cleared in landing page after deleting the zone from zone listing page in Ranger React +RANGER-4073 Groups are not visible in mask and row level policy listing tables. +RANGER-4074 assignPermissionToUser in XUserMgr creates entries with NULL moduleId in x_user_module_perm +RANGER-4078 [Ranger UI] [React JS] Error displayed on page when navigating to audits tab and clicking on clear search button +RANGER-4081 [Ranger UI] [React JS] If the url to edit a policy, service or permissions for a module, and the url to view user/group/roles contains an invalid id, then page should display an error +RANGER-4084 Login id which is available on left most corner coming as Camel case +RANGER-4085 Search filter hint is not available where you search for policy +RANGER-4087 Loader is still loading for resource field for policy creation even after Resource lookup API gives 200/204 +RANGER-4088 While editing policy All permissions & and other resource fields are getting disappered +RANGER-4089 Getting browser specific pop-up message if try to delete policy after edit +RANGER-4090 Resouce lookup exception message is not available in react UI +RANGER-4091 Policy condition & Permission window should close by any click events +RANGER-4092 [Ranger UI] [React JS] Showing multiple msg prompts for multiple users/groups visibility toggle with same msg. +RANGER-4094 [Ranger UI] [React JS] User_name/ group_name/ roles field of their tables clipping names more that 14-15 characters long. +RANGER-4095 [Ranger UI] [React JS] On users/groups/roles page in settings - The page number can be decreased to zero and negative and can be increased beyond max pages available to show. +RANGER-4096 [Ranger UI] [React JS] "show all users" button is not available in the show users prompt of groups table even if the users list is longer than 100. +RANGER-4097 [Ranger UI] [React JS] Deletion of all services inside a zone in resource based policy page leads to disappearance of all the other services before refreshing the page. +RANGER-4099 [Ranger UI] [React JS] Focus remains on last hovered element in the dropdown of security zone search bar of resource based policy page. +RANGER-4103 [Ranger-react] Fix for improving logout mechanism in Ranger react code base. +RANGER-4115 Tags containing attributes not processed correctly by tagsync +RANGER-4119 [UI] Syntax check button missing in policy level condition +RANGER-4129 ArrayIndexOutOfBounds exception may be thrown while processing events +RANGER-4131 clientIP is not logged for create/grant/revoke role operations via hive beeline +RANGER-4132 [Ranger UI] If view policy button is clicked for a policy which is deleted, then the page gets stuck in loading state +RANGER-4135 Regression caused by Ranger-3920 +RANGER-4136 Incorrect processing of tag-deltas by RangerTagEnricher +RANGER-4146 [Ranger UI] [React JS] Tag-based policy UI to not show permissions in deny/exception for services that don't support deny/exception +RANGER-4157 implicit expression condition not added to service-defs having existing conditions +RANGER-4167 Kafka Test Suite Issues (RANGER-4144 on 3.0.0 branch) +RANGER-4173 Ozone_key tag based policies are not working +RANGER-4176 Failed to collect dependencies at org.apache.hbase:hbase-server:jar:2.4.6 -> org.glassfish.web:javax.servlet.jsp:jar:2.3.2 -> org.glassfish:javax.el:jar:3.0.1-b06-SNAPSHOT +RANGER-4177 policy create/update should fail when it references non-existing user/group/role +RANGER-4178 NoClassDefFoundError: org/apache/hadoop/hive/ql/exec/vector/ColumnVector +RANGER-4180 Log Dir for gc-worker.log is not using same VAR as logs dir for other ranger logs +RANGER-4183 Upon creating a zone, in zone details under Service section table, Service Type column value loads after some millisecond +RANGER-4187 Not able to search using multiple user filter in access audit tab +RANGER-4192 A higher priority Data-masking policy is not considered when computing Datamask type +RANGER-4193 ServiceTagsProcessor fails to handle update of an existing Service-Resource +RANGER-4194 For Hive service def resources not supporting exclude and recursive are showing this option in service view detail +RANGER-4197 Encryption Tab's key manager table show blank data. +RANGER-4198 [BUILD] [JDK11] - failed - ranger-master-snapshot-publish : Unix Native Authenticator #773' does not have a result yet. +RANGER-4199 RangerPluginClassLoader.java has log error +RANGER-4214 Build broken on JDK11 - +RANGER-4219 Grant permission in Impala engine not working with {user} in ranger policy +RANGER-4225 Possible Jackson serialization issue due to not comply with Java bean standards +RANGER-4233 DOC SITE : Recent revamp of doc site has some issues when accessed via mobile or ipad +RANGER-4241 Fix sql patch 65 syntax issue for oracle db +RANGER-4242 Ranger Upgrade is failing while executing the PatchPreSql_057_ForUpdateToUniqueGUID_J10052 +RANGER-4244 security zone REST API status code +RANGER-4250 Ranger throws BAD Request Error when we are not passing exec user to the getRoles (/public/v2/api/roles/name/{name}) +RANGER-4258 Ranger: Instead of limiting the listing to only 25, Ranger should provide a comprehensive list of maximum service definitions, services, and zones. +RANGER-4260 In trino service while creating policy add permission is rendering incorrectly. +RANGER-4261 Support for DEBUG logs in admin, usersync and tagsync +RANGER-4263 LookupResource give blank response in new react UI +RANGER-4273 Fix to maintain the zone search while editing the filtered policy on Report page +RANGER-4276 Millions of logs getting generated with text "No context-enrichers!!!" +RANGER-4288 User with ROLE_ADMIN_AUDITOR not able to view zone policy on Ranger Admin UI +RANGER-4291 If a ROW_FILTER type policy resources match, then an audit log record with Result=Denied is created +RANGER-4292 [Ranger UI] [React JS] Long zone names are not showing perfectly in the zone search dropdown of service manager +RANGER-4293 [Ranger UI] [React JS] Long User/group/role name overflowing from delete confirmation dialog box +RANGER-4294 Delete message alert box should have message specific to delete activity +RANGER-4295 [Ranger UI] [React JS] Option might require to clear all filter at once for resource policy side bars +RANGER-4296 [Ranger UI] [React JS] Dropdown option in the access audits must display "User" instead of "Users" +RANGER-4297 [Ranger UI] [React JS] Scroll to Newly added row functionality in listing tables is not working. +RANGER-4299 Zone resource validator handling of resources at different levels +RANGER-4301 Ranger Access Audit doesn't show callerContext in the audit as hover over button for HDFS audits +RANGER-4305 Two api requests for single export request triggered from Reports page +RANGER-4316 Path resource matcher handling of resource ending with separator +RANGER-4317 [Ranger UI] Error message displayed when resource lookup fails is not formatted properly +RANGER-4320 createPrincipalsIfAbsent parameter is not recognized by importPoliciesFromFile REST API +RANGER-4322 enable-atlas-plugin.sh fails due to missing commons-lang3 jar +RANGER-4328 matching scope SELF_OR_PREFIX doesn't handle few wildcard cases +RANGER-4329 Tagsync fails to start due to missing jars +RANGER-4331 Fixes for search filter on Audits tabs +RANGER-4332 AuditBatchQueue.log() should block instead of throwing 'Queue full' exception +RANGER-4339 [Ranger React UI] Spelling of delegate admin has to be corrected in policy form +RANGER-4341 Logout api call through idle timeout gets aborted +RANGER-4342 RangerJSONAuditWriter creates new log file for writing ranger audits as JSON every time there is an Error/Exception +RANGER-4343 Atlas default policy is showing 2 "admin" users in policy items +RANGER-4349 AtlasTagSource is hardcoded to commit offset to ATLAS_ENTITIES +RANGER-4356 Ranger CSV Report extract may fail with Null pointer exception +RANGER-4358 Keep the usersync details popup names same as the backbone js names +RANGER-4360 Error page 'Go back' button not redirecting to the right page +RANGER-4367 [Ranger React UI] User with access on Key manager tab not able to view the "Encryption" tab on the React UI +RANGER-4368 Audit filter in Tag base service display wrong value for resources +RANGER-4369 [Ranger React UI] Options for permissions pop up for knox policies are not the same in Backbone UI and React JS +RANGER-4370 [Ranger UI] [React JS]"Select All permissions for all components." checkbox missing in tag based policy permission popup +RANGER-4373 Deleting a role which is already present in policy is giving incorrect message. +RANGER-4374 Getting page not found when wrong password is send in 'Old Password' +RANGER-4376 Need to show Tag Policies for user when it has permission in "Tag Based Policies" module +RANGER-4377 Fix to use "public/v2/api/zone-headers" api to get list of zones in Access Logs and Report pages +RANGER-4381 [Ranger React UI] Difference in user lookup API request in permissions module page between React UI and BackBone UI +RANGER-4383 In Audit, Plugin Status tab if the record of respective service is in second page then Service Type filter for that service would show no result +RANGER-4390 ORC audit fails with null pointer exception when filequeue buffer size and orc buffer size are not equal +RANGER-4392 Tag based policy with boolean expression is not working +RANGER-4399 Need to fix zone drop-down option in policy listing for user not having 'Security Zone' module permission +RANGER-4400 RangerKafkaAuditHandler broken and multiple authorizations audited +RANGER-4402 Active role version is not updated while plugin download +RANGER-4407 Add server side validation for service audit filter +RANGER-4419 In Tag-based policy from Ranger Admin UI, Allow Conditions permissions item is not showing services permissions which have enableDenyAndExceptionsInPolicies flag false. +RANGER-4422 Searching for users/groups with Sync source filter on the users/groups page leads to error on Oracle DB +RANGER-4437 incorrect error log from ResourceMatcher.isMatch() +RANGER-4438 Read JAVA_OPTS in ranger db setup python script +RANGER-4439 Duplicate resource IDs are create while updating security zone +RANGER-4467 User Agent info not logged under "Login sessions" when login fails +RANGER-4472 getResourceACL() API updates +RANGER-4475 Security-Zone summary API ranger Admin should have access for all zones +RANGER-4477 RangerOzoneAuthorizer doesn't set the resource owner +RANGER-4478 Incorrect trie updates when processing deltas +RANGER-4486 ZoneV2 partial update allows duplicate principals and tagServices +RANGER-4493 Keep the UI behaviour for tag based and resource based services filtering for zone without any service +RANGER-4502 Getting Error to load backbone.js latest UI. +RANGER-4513 Policy listing page experiences an unexpected reset to Access tab when attempting to filter the service and zone dropdown options +RANGER-4542 Need to add support of search by zoneNamePartial and sort by zoneName,createTime query params in zone-summary api +RANGER-4544 Implement best coding practices for policy resources +RANGER-4556 policy creation without resource is being allowed through rest api +RANGER-4584 Default EXPIRES_ON policy is not loading while editing +RANGER-4600 Add improvement for /xaudit/access_audit API based on user role +RANGER-4601 /xaudit/access_audit/count API does not return the proper value +RANGER-4605 /assets/resources/count does not return proper count if policies are greater than 200 +RANGER-4606 /assets/assets/count API does not return the proper count if the number of services is greater than 200 +RANGER-4610 API calls for zones and services on initial landing in ZoneListing page is being called twice +RANGER-4611 Security zone form not populate resources value properly while creating and editing zone. +RANGER-4612 Fix to use correct service for resource lookup API in security zone +RANGER-4615 Keep the LDAP usersync details popup names same as the backbone js names +RANGER-4625 Need to add required dependencies for plugin-yarn +RANGER-4628 Need to add Validations for Security-Zone partial update API +RANGER-4632 Security Zone policies version increases by +2 when we update its policy +RANGER-4636 /public/api/repository/count does not return the proper value if the number of repositories is greater than 200 +RANGER-4645 Unit test failures in TestSecurityZoneDBStore +RANGER-4653 [Ranger React UI] Add inline assertions for displayName length in service creation / update form +RANGER-4655 Execute and read permissions granted to a user in different HDFS policies does not take effect. +RANGER-4660 While creating service, ranger logs show error if service name does not have underscore ('_') in it. +RANGER-4663 Though tag service is selected while creating new service , it will get override with the new tag service created +RANGER-4666 getResourceACL() API does not account for tags assigned to ANCESTOR resource +RANGER-4668 Need to have new local storage item for column show hide functionality in plugin status table +RANGER-4673 Pagination on the Ranger Admin - Plugin Status page +RANGER-4675 Checkbox selection issue when clicking on permission label in tag-based permissions policy +RANGER-4680 Inconsistent resource lookup behaviour with newly created service +RANGER-4681 Audit logs for Mask & Row policy does not show policy condition under policy item +RANGER-4688 Display query information for show roles/databases/schemas/grant role commands on Ranger Admin UI +RANGER-4689 Fix Ranger Javapatch failure even if service-defs do not exist in ranger DB +RANGER-4690 Access Audits - Resource policy version used for mask policy leading to Error page +RANGER-4695 API to find zones for a resource doesn't handle deleted service +RANGER-4698 [Ranger React UI] Audit UI improvements with respect to values overflowing into other columns +RANGER-4699 Update the execution of setServiceDef call in App.jsx +RANGER-4700 Audit logs for Masking policy is missing data mask type entry +RANGER-4711 Show grant on table command is not audited by ranger +RANGER-4717 Skip showing 'Page not found' for wrong value is provided to a api parameter in Login Session Tab +RANGER-4718 Skip showing 'Page not found' page for INVALID_INPUT_DATA validation in User Profile +RANGER-4719 Policy condition expressions are split by the Ranger UI on commas +RANGER-4720 Ranger Admin server gives empty response when user with user-role tries to update lastname or email address +RANGER-4722 HDFS authorization logic for directory hierarchy rooted at "/" is incorrect +RANGER-4723 USE <database> fails even when the user has permission on some tables in the database +RANGER-4724 ImportServiceTags api fails when the response json from tags/download/{serviceName} is used +RANGER-4727 When tagDef delete fails, error message is not returned +RANGER-4737 The inactivityTimeout is getting reset when user updates its profile from UserProfile page +RANGER-4747 [docker]: Exception handling in create-ranger-services.py +RANGER-4762 REST endpoints do not prevent duplicate values for a resource resulting in multiple policies for a resource +RANGER-4767 Deleted policies are still taking effect if all policies for a security zone are deleted +RANGER-4774 Ranger react UI some modules shown hardcoded time zone string "Indian Standard Time" +RANGER-4782 Implement best coding practices for validating service configs +RANGER-4784 Tag-Based - default policy is not created for tag added to security zone +RANGER-4786 Ranger override policy is not working +RANGER-4804 Encountering a '404 Not Found' page when assigning two or more groups to a user during editing +RANGER-4806 With java 17 the audit spool exception is seen if solr is not reachable. +RANGER-4818 [usersync] Users undergoing role reset to ROLE_USER from ROLE_SYS_ADMIN +RANGER-4822 Policy creation/updation fails when validity period is added +RANGER-4823 Incorrect processing of downloaded policies in plugin when policy-deltas are enabled +RANGER-4830 Ranger KMS startup failure in database initialization +RANGER-4834 Remove "Switch to latest UI" option from Ranger Admin Backbone classic UI +RANGER-4836 Ranger Usersync failing due to java.lang.NoClassDefFoundError +RANGER-4837 Intermittent test failures in org.apache.ranger.audit.TestAuditQueue +RANGER-4851 Upon editing an User we are seeing some discrepancy in its Audit Admin logs +RANGER-4852 De-duplicated tags do not work correctly when tag-deltas are enabled. +RANGER-4853 Some code changes are missing during commit merge to ranger-2.5 branch +RANGER-4854 Policy Import from UI is failing. +RANGER-4862 HBase plugin initialization failure in HBase 2.6.0 +RANGER-4864 Upon performing Policy Import some of Audit Admin logs are improper +RANGER-4868 ranger-mem-sizing fails with NoClassDefFoundError: com/google/gson/GsonBuilder +RANGER-4874 Ranger UI inaccessible after login + Added: dev/ranger/2.5.0-rc3/apache-ranger-2.5.0.tar.gz ============================================================================== Binary file - no diff available. Propchange: dev/ranger/2.5.0-rc3/apache-ranger-2.5.0.tar.gz ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: dev/ranger/2.5.0-rc3/apache-ranger-2.5.0.tar.gz.asc ============================================================================== --- dev/ranger/2.5.0-rc3/apache-ranger-2.5.0.tar.gz.asc (added) +++ dev/ranger/2.5.0-rc3/apache-ranger-2.5.0.tar.gz.asc Tue Jul 30 19:29:10 2024 @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- + +iQJNBAABCgA3FiEEwBEUtjzAC4haOPq9faDi4ixncMMFAmapM9QZHGJoYXZpa3Bh +dGVsNTUyQGdtYWlsLmNvbQAKCRB9oOLiLGdww8GnD/98xI/M49CGbVs8tsf99Zah +/KU85qc2iAgsk2JRlJy1a6RWhwnZOX1GDxDPSJkVdrRp4BV+tXJVy7hIQFZ475EG +Zd8IDQfMWIv366u9SKgqgdYUWq4ElWjmQLXiSJpM0znBTxpihUe+VCMhfWPVyjQN +DUbHAoqqLQw9gqwEXm/XKwsRC/ViJZ3P/JcZbRyiAEdQIuuWyZ9vPVgkKlmCp6jS +yz6n6AvlrMp2fodEUc9Jx3DZyJqj2xtF5cSwhvLbuZ8Ns9x8t6OrflvDXpIjKDKn +9yeG04irus6JjS/zsVUurh/8dKSPjf858PP7SR2IcnyelwzVjxxweRYY2all2lfB +PfvGp7pDy7t3yNjWuD54P88HpCwzpX+yr/wLtqExHdcW5KXAKBT0QWXOkNjk4tvk +X7C+ju/HEPbz5TgsjpP6mIAxC4qPAABvELdW5QVC6tkfBwfvIdRR7n+J445eQq80 +l+Sa1+nBmMnQSXXkQNoytKkDJI5tVKcZx0gZBL/IRu2uM1JJ7rCJzfoZ2ejEWTQr +vEx7ZGY4tiATY0qztGGV4ypc6a82QAGuCx7ZZ6kF29XBRc4uOgnRk7t8Ub8L3sEP +Fkc7gmvQxYusj/rIQ1kXIFo+kxHI13YuUMTWbNtSAIhiTtQwx5Lb0NUK+SOtmAxQ +8LaSIKVCp0fhNWt0snIMzQ== +=ZI5e +-----END PGP SIGNATURE----- Added: dev/ranger/2.5.0-rc3/apache-ranger-2.5.0.tar.gz.sha256 ============================================================================== --- dev/ranger/2.5.0-rc3/apache-ranger-2.5.0.tar.gz.sha256 (added) +++ dev/ranger/2.5.0-rc3/apache-ranger-2.5.0.tar.gz.sha256 Tue Jul 30 19:29:10 2024 @@ -0,0 +1 @@ +d580003fc94b75a6f4343dd38eeb73f7ea8fa99e5be169face4b4bf7d106d8d5 apache-ranger-2.5.0.tar.gz Added: dev/ranger/2.5.0-rc3/apache-ranger-2.5.0.tar.gz.sha512 ============================================================================== --- dev/ranger/2.5.0-rc3/apache-ranger-2.5.0.tar.gz.sha512 (added) +++ dev/ranger/2.5.0-rc3/apache-ranger-2.5.0.tar.gz.sha512 Tue Jul 30 19:29:10 2024 @@ -0,0 +1 @@ +36ffcbc619ca5a45a37df1108c97aece7360effe51752238013429fd72ee41d1cff580845db1486f7ace56d931081255c52452d6c8bb8e3c38b03f243dfd9a51 apache-ranger-2.5.0.tar.gz