----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/54621/#review159805 -----------------------------------------------------------
Ship it! Ship It! - Gautam Borad On Dec. 17, 2016, 12:13 p.m., Pradeep Agrawal wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/54621/ > ----------------------------------------------------------- > > (Updated Dec. 17, 2016, 12:13 p.m.) > > > Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay > Kulkarni, Madhan Neethiraj, Mehul Parikh, Ramesh Mani, Selvamohan Neethiraj, > and Velmurugan Periasamy. > > > Bugs: RANGER-1259 > https://issues.apache.org/jira/browse/RANGER-1259 > > > Repository: ranger > > > Description > ------- > > **Problem Statement:** If Ranger admin password has been changed from UI and > Ranger admin default password change request is made via 'db_setup.py > -changepassword' command then password change request should not fail with > failure error message rather it should skip the password change request and > display appropriate message. > > **Proposed Solution:** ChangePasswordUtil.java can accept one optional > parameter '-default' for default password change request. if '-default' > switch is enabled then script shall check the provided old/default password > with existing password in db; if it matches then it will process the password > change request else it will skip the password change request and return the > status code 2 and will not throw failure message. > This shall require some modification in db_setup.py where it has to call java > utility with -default switch; receive the status code and if status code is 2 > then it will display appropriate skip password change request message. > > Please note that changepasswordutil.py doesn't required any changes as it is > not being called from any other script and '-default' switch/parameter is > optional in ChangePasswordUtil.java > > > Diffs > ----- > > security-admin/scripts/db_setup.py bb51cc7 > security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java 9885090 > security-admin/src/main/java/org/apache/ranger/entity/XXPortalUser.java > c9b907f > > security-admin/src/main/java/org/apache/ranger/patch/cliutil/ChangePasswordUtil.java > fd72e97 > > security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java > d5cab44 > security-admin/src/main/java/org/apache/ranger/view/VXPortalUser.java > ecdf756 > security-admin/src/main/java/org/apache/ranger/view/VXUser.java 85b7b2f > security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java 909ec9e > > Diff: https://reviews.apache.org/r/54621/diff/ > > > Testing > ------- > > **Steps Performed(with patch):** > 1. Installed ranger-admin from Build having changed of proposed patch. > 2. Changed current directory to ranger-admin installation directory. > 3. Started ranger-admin and was able to access ranger-admin home page/login > page by using default password 'admin' > 4. Logged out from Ranger-admin UI. > 5. Run below given command to change 'admin' user password from 'admin' to > 'admin123' > python db_setup.py -changepassword admin admin admin123. > 6. Password change request completed successfully with following message : > 'Ranger admin default password change request processed successfully..' > 7. On the login page of ranger-admin entered username 'admin' and password > 'admin123'; clicked on 'Sign In' button to login page. > > **Expected Behavior:** > 'admin' user should get authenticated successfully and ranger-admin dashboard > page for 'admin' user should appear. > > **Actual Behavior:** > 'admin' user was authenticated successfully and after authentication page was > redirected to ranger-admin dashboard page. > > > Deleted version='DEFAULT_ADMIN_UPDATE' entry from x_db_version_h table so > that db_setup.py script didn't know whether default password has been changed > or not. Run below given command to change 'admin' user default password from > 'admin' to 'admin12345' > python db_setup.py -changepassword admin admin admin12345 > > **Expected Behavior:** > Script should skip the change password request as password has been changed > once. Appropriate message should appear if password has already been changed. > > **Actual Behavior:** > Password change request finished with following message : 'Ranger admin > default password change request process skipped!' > > > Thanks, > > Pradeep Agrawal > >
