----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74818/#review226102 -----------------------------------------------------------
security-admin/src/main/java/org/apache/ranger/rest/GdsREST.java Lines 224 (patched) <https://reviews.apache.org/r/74818/#comment314385> Is @Produces annotation necessary for methods that return void? If not, please remove #224, #583, #908, #1099. security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java Lines 319 (patched) <https://reviews.apache.org/r/74818/#comment314386> existingSharedResourceNameId could be same as existing.getId() - in which case, it is not an error condition. Please review and update. - Madhan Neethiraj On Jan. 4, 2024, 1:09 p.m., Prashant Satam wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/74818/ > ----------------------------------------------------------- > > (Updated Jan. 4, 2024, 1:09 p.m.) > > > Review request for ranger, Akshay Tupe, Anand Nadar, Ankita Sinha, Madhan > Neethiraj, Siddhesh Phatak, Subhrat Chaudhary, and Vanita Ubale. > > > Bugs: RANGER-4448 > https://issues.apache.org/jira/browse/RANGER-4448 > > > Repository: ranger > > > Description > ------- > > Description: We need to handle following cases and return proper error > message and response: # In many cases 400 or 500 is thrown, in case the use > does not have permissions to execute the API. We need to handle such cases > and throw 403 and return proper error message. > > In case where user is trying to enter duplicate records, the error is thrown > with SQL query in response. In such cases, we need to throw 400 and return > proper error message. > > > Diffs > ----- > > > agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java > 03de8e023 > security-admin/src/main/java/org/apache/ranger/common/RESTErrorUtil.java > 4aaf36442 > > security-admin/src/main/java/org/apache/ranger/db/XXGdsSharedResourceDao.java > d3bd4d65b > security-admin/src/main/java/org/apache/ranger/rest/GdsREST.java 043d00b59 > > security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidationDBProvider.java > da41daaaa > > security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidationDataProvider.java > ab74e90e4 > > security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java > c5a3f38ff > security-admin/src/main/resources/META-INF/jpa_named_queries.xml 0502512eb > > > Diff: https://reviews.apache.org/r/74818/diff/1/ > > > Testing > ------- > > We get proper error messages in response > 1)When user is not ADMIN for dataset/datashare/shared-resource we now get 403 > status code > Error message > { > "statusCode": 1, > "msgDesc": "[ Validation failure: error code[4106], reason[User > [Test-User-1] is not an admin for dataset [Test_GDS_Dataset112]], > field[null], subfield[null], type[]]", > "messageList": [ > { > "name": "OPER_NO_PERMISSION", > "rbKey": "xa.error.oper_no_permission", > "message": "User doesn't have permission to perform this > operation" > } > ] > } > > 2)When user renames dataset/datashare/shared-resource with pre-existing name ' > Error message > { > "statusCode": 1, > "msgDesc": "[ Validation failure: error code[4108], reason[Dataset with > name [Test_GDS_Dataset1] already exists. ID=[2]], field[name], > subfield[null], type[]]", > "messageList": [ > { > "name": "INVALID_INPUT_DATA", > "rbKey": "xa.validation.invalid_input_data", > "message": "Invalid input data" > } > ] > } > > 3)When user tries to add duplicate entry for shared-resource > Error messsage > { > "statusCode": 1, > "msgDesc": "[ Validation failure: error code[4121], reason[Shared > resource with name [res2] already exists in data share [RangerDataShare2]. > ID=[9]], field[name], subfield[null], type[]]", > "messageList": [ > { > "name": "INVALID_INPUT_DATA", > "rbKey": "xa.validation.invalid_input_data", > "message": "Invalid input data" > } > ] > } > > > Thanks, > > Prashant Satam > >