----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74818/ -----------------------------------------------------------
(Updated Jan. 5, 2024, 9:21 a.m.) Review request for ranger, Akshay Tupe, Anand Nadar, Ankita Sinha, Madhan Neethiraj, Siddhesh Phatak, Subhrat Chaudhary, and Vanita Ubale. Bugs: RANGER-4448 https://issues.apache.org/jira/browse/RANGER-4448 Repository: ranger Description ------- Description: We need to handle following cases and return proper error message and response: # In many cases 400 or 500 is thrown, in case the use does not have permissions to execute the API. We need to handle such cases and throw 403 and return proper error message. In case where user is trying to enter duplicate records, the error is thrown with SQL query in response. In such cases, we need to throw 400 and return proper error message. Diffs (updated) ----- agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java 03de8e023 security-admin/src/main/java/org/apache/ranger/common/RESTErrorUtil.java 4aaf36442 security-admin/src/main/java/org/apache/ranger/db/XXGdsSharedResourceDao.java d3bd4d65b security-admin/src/main/java/org/apache/ranger/rest/GdsREST.java 043d00b59 security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidationDBProvider.java da41daaaa security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidationDataProvider.java ab74e90e4 security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java c5a3f38ff security-admin/src/main/resources/META-INF/jpa_named_queries.xml 0502512eb Diff: https://reviews.apache.org/r/74818/diff/2/ Changes: https://reviews.apache.org/r/74818/diff/1-2/ Testing ------- We get proper error messages in response 1)When user is not ADMIN for dataset/datashare/shared-resource we now get 403 status code Error message | STATUS CODE : 403 { "statusCode": 1, "msgDesc": "[ Validation failure: error code[4106], reason[User [Test-User-1] is not an admin for dataset [Test_GDS_Dataset112]], field[null], subfield[null], type[]]", "messageList": [ { "name": "OPER_NO_PERMISSION", "rbKey": "xa.error.oper_no_permission", "message": "User doesn't have permission to perform this operation" } ] } 2)When user renames dataset/datashare/shared-resource with pre-existing name ' Error message | STATUS CODE : 400 { "statusCode": 1, "msgDesc": "[ Validation failure: error code[4108], reason[Dataset with name [Test_GDS_Dataset1] already exists. ID=[2]], field[name], subfield[null], type[]]", "messageList": [ { "name": "INVALID_INPUT_DATA", "rbKey": "xa.validation.invalid_input_data", "message": "Invalid input data" } ] } 3)When user tries to add duplicate entry for shared-resource Error messsage | STATUS CODE : 400 { "statusCode": 1, "msgDesc": "[ Validation failure: error code[4121], reason[Shared resource with name [res2] already exists in data share [RangerDataShare2]. ID=[9]], field[name], subfield[null], type[]]", "messageList": [ { "name": "INVALID_INPUT_DATA", "rbKey": "xa.validation.invalid_input_data", "message": "Invalid input data" } ] } Thanks, Prashant Satam