-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74818/
-----------------------------------------------------------
(Updated Jan. 5, 2024, 9:21 a.m.)
Review request for ranger, Akshay Tupe, Anand Nadar, Ankita Sinha, Madhan
Neethiraj, Siddhesh Phatak, Subhrat Chaudhary, and Vanita Ubale.
Bugs: RANGER-4448
https://issues.apache.org/jira/browse/RANGER-4448
Repository: ranger
Description
-------
Description: We need to handle following cases and return proper error message
and response: # In many cases 400 or 500 is thrown, in case the use does not
have permissions to execute the API. We need to handle such cases and throw 403
and return proper error message.
In case where user is trying to enter duplicate records, the error is thrown
with SQL query in response. In such cases, we need to throw 400 and return
proper error message.
Diffs (updated)
-----
agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java
03de8e023
security-admin/src/main/java/org/apache/ranger/common/RESTErrorUtil.java
4aaf36442
security-admin/src/main/java/org/apache/ranger/db/XXGdsSharedResourceDao.java
d3bd4d65b
security-admin/src/main/java/org/apache/ranger/rest/GdsREST.java 043d00b59
security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidationDBProvider.java
da41daaaa
security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidationDataProvider.java
ab74e90e4
security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java
c5a3f38ff
security-admin/src/main/resources/META-INF/jpa_named_queries.xml 0502512eb
Diff: https://reviews.apache.org/r/74818/diff/2/
Changes: https://reviews.apache.org/r/74818/diff/1-2/
Testing
-------
We get proper error messages in response
1)When user is not ADMIN for dataset/datashare/shared-resource we now get 403
status code
Error message | STATUS CODE : 403
{
"statusCode": 1,
"msgDesc": "[ Validation failure: error code[4106], reason[User
[Test-User-1] is not an admin for dataset [Test_GDS_Dataset112]],
field[null], subfield[null], type[]]",
"messageList": [
{
"name": "OPER_NO_PERMISSION",
"rbKey": "xa.error.oper_no_permission",
"message": "User doesn't have permission to perform this operation"
}
]
}
2)When user renames dataset/datashare/shared-resource with pre-existing name '
Error message | STATUS CODE : 400
{
"statusCode": 1,
"msgDesc": "[ Validation failure: error code[4108], reason[Dataset with
name [Test_GDS_Dataset1] already exists. ID=[2]], field[name], subfield[null],
type[]]",
"messageList": [
{
"name": "INVALID_INPUT_DATA",
"rbKey": "xa.validation.invalid_input_data",
"message": "Invalid input data"
}
]
}
3)When user tries to add duplicate entry for shared-resource
Error messsage | STATUS CODE : 400
{
"statusCode": 1,
"msgDesc": "[ Validation failure: error code[4121], reason[Shared resource
with name [res2] already exists in data share [RangerDataShare2]. ID=[9]],
field[name], subfield[null], type[]]",
"messageList": [
{
"name": "INVALID_INPUT_DATA",
"rbKey": "xa.validation.invalid_input_data",
"message": "Invalid input data"
}
]
}
Thanks,
Prashant Satam
