> On Sept. 1, 2015, 5:58 a.m., Alok Lal wrote: > > security-admin/src/main/java/org/apache/ranger/security/context/RangerPreAuthSecurityHandler.java, > > lines 70-71 > > <https://reviews.apache.org/r/37943/diff/1/?file=1060272#file1060272line70> > > > > Do we want to log these at WARN? If it is only so someone can diagnose > > a one-off problem then it consider leaving it at DEBUG level.
Eventually Admin is not supposed to access KMS related APIs but here due to some reason had to allow read/create/update operations on KMS services/policies, hence the WARN message. Let me know if you think otherwise. - Gautam ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/37943/#review97260 ----------------------------------------------------------- On Aug. 31, 2015, 11:16 a.m., Gautam Borad wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/37943/ > ----------------------------------------------------------- > > (Updated Aug. 31, 2015, 11:16 a.m.) > > > Review request for ranger, Alok Lal, Don Bosco Durai, Madhan Neethiraj, > Ramesh Mani, Selvamohan Neethiraj, and Velmurugan Periasamy. > > > Bugs: RANGER-630 > https://issues.apache.org/jira/browse/RANGER-630 > > > Repository: ranger > > > Description > ------- > > Make data access consistent across REST API and UI. > > > Diffs > ----- > > security-admin/src/main/java/org/apache/ranger/db/XXModuleDefDao.java > 611eaf8 > security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java e5de160 > security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java > 3d2e8b0 > security-admin/src/main/java/org/apache/ranger/rest/UserREST.java a9d0059 > security-admin/src/main/java/org/apache/ranger/rest/XKeyREST.java 1c0f9fc > security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java 93980b4 > > security-admin/src/main/java/org/apache/ranger/security/context/RangerPreAuthSecurityHandler.java > PRE-CREATION > security-admin/src/main/resources/META-INF/jpa_named_queries.xml 7761756 > security-admin/src/main/resources/conf.dist/security-applicationContext.xml > a648809 > > Diff: https://reviews.apache.org/r/37943/diff/ > > > Testing > ------- > > 1) Tested on Ranger UI working of permission model. > 2) Test REST calls to reflect access conrol based on Permission model. > 3) Checked cases like revoking access to 'user1' (having user role) from > Audit tab (using permission model) and making curl call to Audit tab's REST > APIs. > > > Thanks, > > Gautam Borad > >
