> On Nov. 8, 2017, 7:06 a.m., bhavik patel wrote:
> > could you please mention what testing you had done?
>
> wang yuan wrote:
> I do some functional testing ,such as:
>
> old :Gson gson = new Gson()
>
> {"metaDataInfo":{"Host name":"d29-183","Exported by":"admin","Export
> time":"Nov 8, 2017 2:10:10 AM","Ranger apache
> version":"1.0.0-SNAPSHOT"},"policies":[{"service":"hdfs_dev","name":"all -
> path","policyType":0,"description":"Policy for all -
> path","isAuditEnabled":true,"resources":{"path":{"values":["/*"],"isExcludes":false,"isRecursive":true}},"policyItems":[{"accesses":[{"type":"read","isAllowed":true},{"type":"write","isAllowed":true},{"type":"execute","isAllowed":true}],"users":["mr"],"groups":[],"conditions":[],"delegateAdmin":true}],"denyPolicyItems":[],"allowExceptions":[],"denyExceptions":[],"dataMaskPolicyItems":[],"rowFilterPolicyItems":[],"id":54,"isEnabled":true,"version":12},{"service":"hdfs_dev","name":"kms-audit-path","policyType":0,"description":"Policy
> for
> kms-audit-path","isAuditEnabled":true,"resources":{"path":{"values":["/ranger/audit/kms"],"isExcludes":false,"isRecursive":true}},"policyItems":[{"accesses":[{"type":"read","isAllowed":true},{"type":"write",
"isAllowed":true},{"type":"execute","isAllowed":true}],"users":["keyadmin"],"groups":[],"conditions":[],"delegateAdmin":false}],"denyPolicyItems":[],"allowExceptions":[],"denyExceptions":[],"dataMaskPolicyItems":[],"rowFilterPolicyItems":[],"id":55,"isEnabled":true,"version":1},{"service":"hdfs_dev","name":"111","policyType":0,"description":"","isAuditEnabled":true,"resources":{"path":{"values":["/aaa"],"isExcludes":false,"isRecursive":true}},"policyItems":[{"accesses":[{"type":"read","isAllowed":true},{"type":"write","isAllowed":true},{"type":"execute","isAllowed":true}],"users":["wyread2"],"groups":[],"conditions":[],"delegateAdmin":true}],"denyPolicyItems":[],"allowExceptions":[],"denyExceptions":[{"accesses":[{"type":"read","isAllowed":true},{"type":"write","isAllowed":true},{"type":"execute","isAllowed":true}],"users":["wy"],"groups":[],"conditions":[],"delegateAdmin":false}],"dataMaskPolicyItems":[],"rowFilterPolicyItems":[],"id":65,"isEnabled":true,"version":8}],"startIndex":
0,"pageSize":0,"totalCount":0,"resultSize":0,"queryTimeMS":1510107010382}
>
> new format json: Gson gson = new
> GsonBuilder().setPrettyPrinting().create();
>
> {
> "metaDataInfo": {
> "Host name": "d29-183",
> "Exported by": "admin",
> "Export time": "Nov 8, 2017 2:34:30 AM",
> "Ranger apache version": "1.0.0-SNAPSHOT"
> },
> "policies": [
> {
> "service": "hbase_dev",
> "name": "all - table, column-family, column",
> "policyType": 0,
> "description": "Policy for all - table, column-family, column",
> "isAuditEnabled": true,
> "resources": {
> "column": {
> "values": [
> "*"
> ],
> "isExcludes": false,
> "isRecursive": false
> },
> "column-family": {
> "values": [
> "*"
> ],
> "isExcludes": false,
> "isRecursive": false
> },
> "table": {
> "values": [
> "*"
> ],
> "isExcludes": false,
> "isRecursive": false
> }
> },
> "policyItems": [
> {
> "accesses": [
> {
> "type": "read",
> "isAllowed": true
> },
> {
> "type": "write",
> "isAllowed": true
> },
> {
> "type": "create",
> "isAllowed": true
> },
> {
> "type": "admin",
> "isAllowed": true
> }
> ],
> "users": [
> "wy"
> ],
> "groups": [],
> "conditions": [],
> "delegateAdmin": true
> },
> {
> "accesses": [
> {
> "type": "read",
> "isAllowed": true
> }
> ],
> "users": [
> "wyread"
> ],
> "groups": [],
> "conditions": [],
> "delegateAdmin": true
> },
> {
> "accesses": [
> {
> "type": "write",
> "isAllowed": true
> }
> ],
> "users": [
> "wywrite"
> ],
> "groups": [],
> "conditions": [],
> "delegateAdmin": true
> },
> {
> "accesses": [
> {
> "type": "create",
> "isAllowed": true
> }
> ],
> "users": [
> "wycreate"
> ],
> "groups": [],
> "conditions": [],
> "delegateAdmin": true
> },
> {
> "accesses": [
> {
> "type": "admin",
> "isAllowed": true
> }
> ],
> "users": [
> "wyadmin"
> ],
> "groups": [],
> "conditions": [],
> "delegateAdmin": true
> },
> {
> "accesses": [
> {
> "type": "read",
> "isAllowed": true
> },
> {
> "type": "write",
> "isAllowed": true
> },
> {
> "type": "create",
> "isAllowed": true
> },
> {
> "type": "admin",
> "isAllowed": true
> }
> ],
> "users": [
> "mr"
> ],
> "groups": [],
> "conditions": [],
> "delegateAdmin": true
> }
> ],
> "denyPolicyItems": [],
> "allowExceptions": [],
> "denyExceptions": [],
> "dataMaskPolicyItems": [],
> "rowFilterPolicyItems": [],
> "id": 1,
> "isEnabled": true,
> "version": 15
> },
> {
> "service": "hbase_dev",
> "name": "wy123",
> "policyType": 0,
> "description": "",
> "isAuditEnabled": true,
> "resources": {
> "column": {
> "values": [
> "*"
> ],
> "isExcludes": false,
> "isRecursive": false
> },
> "column-family": {
> "values": [
> "*"
> ],
> "isExcludes": false,
> "isRecursive": false
> },
> "table": {
> "values": [
> "ns1:*"
> ],
> "isExcludes": false,
> "isRecursive": false
> }
> },
> "policyItems": [
> {
> "accesses": [
> {
> "type": "read",
> "isAllowed": true
> },
> {
> "type": "write",
> "isAllowed": true
> },
> {
> "type": "create",
> "isAllowed": true
> },
> {
> "type": "admin",
> "isAllowed": true
> }
> ],
> "users": [
> "ccc"
> ],
> "groups": [],
> "conditions": [],
> "delegateAdmin": false
> }
> ],
> "denyPolicyItems": [],
> "allowExceptions": [],
> "denyExceptions": [],
> "dataMaskPolicyItems": [],
> "rowFilterPolicyItems": [],
> "id": 57,
> "isEnabled": true,
> "version": 3
> },
> {
> "service": "hbase_dev",
> "name": "wyread2",
> "policyType": 0,
> "description": "",
> "isAuditEnabled": true,
> "resources": {
> "column": {
> "values": [
> "*"
> ],
> "isExcludes": false,
> "isRecursive": false
> },
> "column-family": {
> "values": [
> "*"
> ],
> "isExcludes": false,
> "isRecursive": false
> },
> "table": {
> "values": [
> "pag"
> ],
> "isExcludes": false,
> "isRecursive": false
> }
> },
> "policyItems": [
> {
> "accesses": [
> {
> "type": "read",
> "isAllowed": true
> }
> ],
> "users": [
> "wyread2"
> ],
> "groups": [],
> "conditions": [],
> "delegateAdmin": false
> }
> ],
> "denyPolicyItems": [],
> "allowExceptions": [],
> "denyExceptions": [],
> "dataMaskPolicyItems": [],
> "rowFilterPolicyItems": [],
> "id": 61,
> "isEnabled": true,
> "version": 4
> },
> {
> "service": "hbase_dev2",
> "name": "all - table, column-family, column",
> "policyType": 0,
> "description": "Policy for all - table, column-family, column",
> "isAuditEnabled": true,
> "resources": {
> "column": {
> "values": [
> "*"
> ],
> "isExcludes": false,
> "isRecursive": false
> },
> "column-family": {
> "values": [
> "*"
> ],
> "isExcludes": false,
> "isRecursive": false
> },
> "table": {
> "values": [
> "*"
> ],
> "isExcludes": false,
> "isRecursive": false
> }
> },
> "policyItems": [
> {
> "accesses": [
> {
> "type": "read",
> "isAllowed": true
> },
> {
> "type": "write",
> "isAllowed": true
> },
> {
> "type": "create",
> "isAllowed": true
> },
> {
> "type": "admin",
> "isAllowed": true
> }
> ],
> "users": [
> "mr"
> ],
> "groups": [
> "public",
> "wy"
> ],
> "conditions": [],
> "delegateAdmin": true
> }
> ],
> "denyPolicyItems": [],
> "allowExceptions": [],
> "denyExceptions": [
> {
> "accesses": [
> {
> "type": "write",
> "isAllowed": true
> }
> ],
> "users": [
> "wy"
> ],
> "groups": [],
> "conditions": [],
> "delegateAdmin": false
> }
> ],
> "dataMaskPolicyItems": [],
> "rowFilterPolicyItems": [],
> "id": 62,
> "isEnabled": true,
> "version": 4
> },
> {
> "service": "hbase_dev",
> "name": "adsf",
> "policyType": 0,
> "description": "",
> "isAuditEnabled": true,
> "resources": {
> "column": {
> "values": [
> "sdaf"
> ],
> "isExcludes": false,
> "isRecursive": false
> },
> "column-family": {
> "values": [
> "dsaf"
> ],
> "isExcludes": false,
> "isRecursive": false
> },
> "table": {
> "values": [
> "sdaf"
> ],
> "isExcludes": false,
> "isRecursive": false
> }
> },
> "policyItems": [],
> "denyPolicyItems": [],
> "allowExceptions": [],
> "denyExceptions": [],
> "dataMaskPolicyItems": [],
> "rowFilterPolicyItems": [],
> "id": 68,
> "isEnabled": true,
> "version": 1
> },
> {
> "service": "hbase_dev",
> "name": "sdaf",
> "policyType": 0,
> "description": "",
> "isAuditEnabled": true,
> "resources": {
> "column": {
> "values": [
> "asdf"
> ],
> "isExcludes": false,
> "isRecursive": false
> },
> "column-family": {
> "values": [
> "asdf"
> ],
> "isExcludes": false,
> "isRecursive": false
> },
> "table": {
> "values": [
> "sdfa"
> ],
> "isExcludes": false,
> "isRecursive": false
> }
> },
> "policyItems": [
> {
> "accesses": [
> {
> "type": "read",
> "isAllowed": true
> },
> {
> "type": "write",
> "isAllowed": true
> },
> {
> "type": "create",
> "isAllowed": true
> },
> {
> "type": "admin",
> "isAllowed": true
> }
> ],
> "users": [
> "wy"
> ],
> "groups": [],
> "conditions": [],
> "delegateAdmin": false
> }
> ],
> "denyPolicyItems": [],
> "allowExceptions": [],
> "denyExceptions": [],
> "dataMaskPolicyItems": [],
> "rowFilterPolicyItems": [],
> "id": 69,
> "isEnabled": true,
> "version": 4
> }
> ],
> "startIndex": 0,
> "pageSize": 0,
> "totalCount": 0,
> "resultSize": 0,
> "queryTimeMS": 1510108470793
> }
>
> bhavik patel wrote:
> Can you please confirm that import functionality is working.
>
> wang yuan wrote:
> I test import ,it looks like ok .
>
> And you ? The Import functionality is not working? I think you can see
> the ranger admin log.
I had not tested that, just to make sure it's not breaking that funtionality.
- bhavik
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/63657/#review190430
-----------------------------------------------------------
On Nov. 8, 2017, 6:31 a.m., wang yuan wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/63657/
> -----------------------------------------------------------
>
> (Updated Nov. 8, 2017, 6:31 a.m.)
>
>
> Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O
> hEigeartaigh, Gautam Borad, Madhan Neethiraj, pengjianhua, Ramesh Mani,
> Selvamohan Neethiraj, Velmurugan Periasamy, and Qiang Zhang.
>
>
> Bugs: RANGER-1877
> https://issues.apache.org/jira/browse/RANGER-1877
>
>
> Repository: ranger
>
>
> Description
> -------
>
> The ranger policies json file should be formatted when exported at ranger
> service manager.
> I found it's difficult to edit the unformatted json file.
>
> {code:title=ServiceDBStore.java|borderStyle=solid}
> private void writeJson(List<RangerPolicy> policies, String jsonFileName,
> HttpServletResponse response) throws JSONException,
> IOException {
> ... ...
> //Gson gson = new Gson(); //shoud be replaced:
> Gson gson = new GsonBuilder().setPrettyPrinting().create();
>
> String json = gson.toJson(rangerExportPolicyList,
> RangerExportPolicyList.class);
> ... ...
> {code}
>
>
> Diffs
> -----
>
> security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
> 195510dc
>
>
> Diff: https://reviews.apache.org/r/63657/diff/1/
>
>
> Testing
> -------
>
>
> Thanks,
>
> wang yuan
>
>
