Re: Review Request 70389: RANGER-2394 - filter multiple users or exclude multiple users in audit search

Zsombor Gegesy Thu, 30 May 2019 03:24:44 -0700

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/70389/
-----------------------------------------------------------


(Updated May 30, 2019, 10:24 a.m.)


Review request for ranger.


Changes
-------

Fix js issues


Bugs: RANGER-2394
    https://issues.apache.org/jira/browse/RANGER-2394


Repository: ranger


Description
-------

Currently the audit search only allows to:

* filter to one user's activity
* exclude all 'service users' from every user's activity.

If there were way to search for multiple users or exclude multiple users from 
the search list, it would make debugging complex interactions simpler, for 
example only look for actions for 'alice' and 'hive' and 'yarn'

The frontend tweaked a bit, so if multiple users are passed to the jquery 
layer, the user names are always converted as 
requestUser=aaa&requestUser=bbb&requestUser=ccc instead of changing to 
requestUser[]=aaa&requestUser[]=bbb&requestUser[]=ccc, which would be an 
incompatible change between the server and to any potential client code.


Diffs (updated)
-----

  security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java 037888e8c 
  security-admin/src/main/java/org/apache/ranger/rest/XAuditREST.java fdf5ad86b 
  
security-admin/src/main/java/org/apache/ranger/solr/SolrAccessAuditsService.java
 a517d7627 
  security-admin/src/main/webapp/scripts/utils/XAUtils.js 18e86c9cc 
  security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js 18dba7ace 
  security-admin/src/test/java/org/apache/ranger/rest/TestAssetREST.java 
ef149d5fa 


Diff: https://reviews.apache.org/r/70389/diff/5/

Changes: https://reviews.apache.org/r/70389/diff/4-5/


Testing
-------

Tested on a live cluster that:
* searching for one user
* searching for multiple users
* excluding one user
* excluding multiple users
* searching for one user + 'excluding service users'
* searching for multiple users + 'excluding service users'
* excluding one user + 'excluding service users'
* excluding multiple users + 'excluding service users'

works as expected.


Thanks,

Zsombor Gegesy

Re: Review Request 70389: RANGER-2394 - filter multiple users or exclude multiple users in audit search

Reply via email to