Bharat Viswanadham created AMBARI-20697:
-------------------------------------------

             Summary: Stack advisor code in 2.3 refactor logic for ranger Kafka 
Plugin
                 Key: AMBARI-20697
                 URL: https://issues.apache.org/jira/browse/AMBARI-20697
             Project: Ambari
          Issue Type: Bug
            Reporter: Bharat Viswanadham


 if ranger_plugin_enabled:
      # If ranger-kafka-plugin-properties/ranger-kafka-plugin-enabled,
      # determine if the Ranger/Kafka plug-in enabled enabled or not
      if 'ranger-kafka-plugin-properties' in configurations and \
          'ranger-kafka-plugin-enabled' in 
configurations['ranger-kafka-plugin-properties']['properties']:
        ranger_plugin_enabled = 
configurations['ranger-kafka-plugin-properties']['properties']['ranger-kafka-plugin-enabled'].lower()
 == 'yes'
      # If ranger-kafka-plugin-properties/ranger-kafka-plugin-enabled was not 
changed,
      # determine if the Ranger/Kafka plug-in enabled enabled or not
      elif 'ranger-kafka-plugin-properties' in services['configurations'] and \
          'ranger-kafka-plugin-enabled' in 
services['configurations']['ranger-kafka-plugin-properties']['properties']:
        ranger_plugin_enabled = 
services['configurations']['ranger-kafka-plugin-properties']['properties']['ranger-kafka-plugin-enabled'].lower()
 == 'yes'

    # Determine the value for kafka-broker/authorizer.class.name
    if ranger_plugin_enabled:
      # If the Ranger plugin for Kafka is enabled, set authorizer.class.name to
      # 
"org.apache.ranger.authorization.kafka.authorizer.RangerKafkaAuthorizer" 
whether Kerberos is
      # enabled or not.
      putKafkaBrokerProperty("authorizer.class.name", 
'org.apache.ranger.authorization.kafka.authorizer.RangerKafkaAuthorizer')
    elif security_enabled:
      putKafkaBrokerProperty("authorizer.class.name", 
'kafka.security.auth.SimpleAclAuthorizer')
    else:
      putKafkaBrokerAttributes('authorizer.class.name', 'delete', 'true')

In the above code after ranger_plugin_enabled is true and inside conditions 
don't match then also we set authorizer.class.name to RangerKafakAuthorizer.  
So, to avoid this after checking ranger_plugin_enabled set to false and then 
continue with code checking



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Reply via email to