Re: Review Request 71126: RANGER-2325: Ranger Ozone plugin support

[Abhay Kulkarni]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71126/#review216775
---




agents-audit/pom.xml
Lines 45 (patched)


Please consider not adding more dependencies unless they are needed.



agents-common/pom.xml
Lines 57 (patched)


Same as the comment above.



agents-common/src/main/resources/service-defs/ranger-servicedef-ozone.json
Lines 27 (patched)


It appears that all accesses appear in all accessTypeRestrictions. This is 
the default anyway. Do they need to be specified at all?



agents-common/src/main/resources/service-defs/ranger-servicedef-ozone.json
Lines 103 (patched)


Please consider adding another access type "all" which implies all 
supported access-types. It could be useful for writing policies.


- Abhay Kulkarni


On July 19, 2019, 5:02 p.m., Sailaja Polavarapu wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/71126/
> ---
> 
> (Updated July 19, 2019, 5:02 p.m.)
> 
> 
> Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, 
> Nitin Galave, Ramesh Mani, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2325
> https://issues.apache.org/jira/browse/RANGER-2325
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Initial implementation of Ranger plugin for Ozone.
> 
> 
> Diffs
> -
> 
>   agents-audit/pom.xml 4aaec0996 
>   agents-common/pom.xml 27be45f9d 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/store/EmbeddedServiceDefsUtil.java
>  d82fd70ac 
>   agents-common/src/main/resources/service-defs/ranger-servicedef-ozone.json 
> PRE-CREATION 
>   plugin-ozone/conf/ozone-ranger-env.sh PRE-CREATION 
>   plugin-ozone/conf/ranger-ozone-audit-changes.cfg PRE-CREATION 
>   plugin-ozone/conf/ranger-ozone-audit.xml PRE-CREATION 
>   plugin-ozone/conf/ranger-ozone-security-changes.cfg PRE-CREATION 
>   plugin-ozone/conf/ranger-ozone-security.xml PRE-CREATION 
>   plugin-ozone/conf/ranger-policymgr-ssl-changes.cfg PRE-CREATION 
>   plugin-ozone/conf/ranger-policymgr-ssl.xml PRE-CREATION 
>   plugin-ozone/pom.xml PRE-CREATION 
>   plugin-ozone/scripts/install.properties PRE-CREATION 
>   
> plugin-ozone/src/main/java/org/apache/ranger/authorization/ozone/authorizer/RangerOzoneAuthorizer.java
>  PRE-CREATION 
>   
> plugin-ozone/src/main/java/org/apache/ranger/services/ozone/RangerServiceOzone.java
>  PRE-CREATION 
>   
> plugin-ozone/src/main/java/org/apache/ranger/services/ozone/client/OzoneClient.java
>  PRE-CREATION 
>   
> plugin-ozone/src/main/java/org/apache/ranger/services/ozone/client/OzoneConnectionMgr.java
>  PRE-CREATION 
>   
> plugin-ozone/src/main/java/org/apache/ranger/services/ozone/client/OzoneResourceMgr.java
>  PRE-CREATION 
>   pom.xml 7cf134ce5 
>   ranger-ozone-plugin-shim/pom.xml PRE-CREATION 
>   
> ranger-ozone-plugin-shim/src/main/java/org/apache/ranger/authorization/ozone/authorizer/RangerOzoneAuthorizer.java
>  PRE-CREATION 
>   src/main/assembly/admin-web.xml 39fb05414 
>   src/main/assembly/plugin-ozone.xml PRE-CREATION 
> 
> 
> Diff: https://reviews.apache.org/r/71126/diff/1/
> 
> 
> Testing
> ---
> 
> 1. Tested basic Ozone CLI commands like create/show volumne/bucket/key on a 
> test cluster.
> 2. Also tested basic commands using s3 api on test cluster
> 3. Verified audits in Ranger admin UI
> 
> 
> Thanks,
> 
> Sailaja Polavarapu
> 
>

Re: Review Request 71125: RANGER-2511: default tag based service is getting created for the tag based service

[Madhan Neethiraj]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71125/#review216768
---


Ship it!




Ship It!

- Madhan Neethiraj


On July 19, 2019, 4:55 p.m., Abhay Kulkarni wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/71125/
> ---
> 
> (Updated July 19, 2019, 4:55 p.m.)
> 
> 
> Review request for ranger, deepak sharma, Madhan Neethiraj, Ramesh Mani, and 
> Zsombor Gegesy.
> 
> 
> Bugs: RANGER-2511
> https://issues.apache.org/jira/browse/RANGER-2511
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> As part of RANER-2481 feature implementation if there is any resource based 
> service created then one tag based service is created and gets associated 
> with the resource based service, where tag based service name is string 
> before underscore + _tag. eg: cm_hive then tag service name is cm_tag.
> 
> The root of the problem was that id of the service-definition of service 
> being created was being compared with the name of the tag service-definition. 
> This condition always returned false, and triggered creation of tag service 
> irrespective of the type of service being created.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 
> 0c7d8527c 
> 
> 
> Diff: https://reviews.apache.org/r/71125/diff/1/
> 
> 
> Testing
> ---
> 
> Passed all unit tests. Pending testing with cluster.
> 
> 
> Thanks,
> 
> Abhay Kulkarni
> 
>

[jira] [Updated] (RANGER-2325) Implement ranger plugin for Ozone

[Sailaja Polavarapu (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2325?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sailaja Polavarapu updated RANGER-2325:
---
Attachment: 0001-RANGER-2325-Initial-implementation-of-Ranger-Ozone-p.patch

> Implement ranger plugin for Ozone
> -
>
> Key: RANGER-2325
> URL: https://issues.apache.org/jira/browse/RANGER-2325
> Project: Ranger
>  Issue Type: New Feature
>  Components: plugins, Ranger
>Reporter: Sailaja Polavarapu
>Assignee: Sailaja Polavarapu
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: 
> 0001-RANGER-2325-Initial-implementation-of-Ranger-Ozone-p.patch
>
>
> Ozone is an object store in HDFS. Implement ranger plugin for authorization.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

Review Request 71126: RANGER-2325: Ranger Ozone plugin support

[Sailaja Polavarapu]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71126/
---

Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, 
Nitin Galave, Ramesh Mani, and Velmurugan Periasamy.


Bugs: RANGER-2325
https://issues.apache.org/jira/browse/RANGER-2325


Repository: ranger


Description
---

Initial implementation of Ranger plugin for Ozone.


Diffs
-

  agents-audit/pom.xml 4aaec0996 
  agents-common/pom.xml 27be45f9d 
  
agents-common/src/main/java/org/apache/ranger/plugin/store/EmbeddedServiceDefsUtil.java
 d82fd70ac 
  agents-common/src/main/resources/service-defs/ranger-servicedef-ozone.json 
PRE-CREATION 
  plugin-ozone/conf/ozone-ranger-env.sh PRE-CREATION 
  plugin-ozone/conf/ranger-ozone-audit-changes.cfg PRE-CREATION 
  plugin-ozone/conf/ranger-ozone-audit.xml PRE-CREATION 
  plugin-ozone/conf/ranger-ozone-security-changes.cfg PRE-CREATION 
  plugin-ozone/conf/ranger-ozone-security.xml PRE-CREATION 
  plugin-ozone/conf/ranger-policymgr-ssl-changes.cfg PRE-CREATION 
  plugin-ozone/conf/ranger-policymgr-ssl.xml PRE-CREATION 
  plugin-ozone/pom.xml PRE-CREATION 
  plugin-ozone/scripts/install.properties PRE-CREATION 
  
plugin-ozone/src/main/java/org/apache/ranger/authorization/ozone/authorizer/RangerOzoneAuthorizer.java
 PRE-CREATION 
  
plugin-ozone/src/main/java/org/apache/ranger/services/ozone/RangerServiceOzone.java
 PRE-CREATION 
  
plugin-ozone/src/main/java/org/apache/ranger/services/ozone/client/OzoneClient.java
 PRE-CREATION 
  
plugin-ozone/src/main/java/org/apache/ranger/services/ozone/client/OzoneConnectionMgr.java
 PRE-CREATION 
  
plugin-ozone/src/main/java/org/apache/ranger/services/ozone/client/OzoneResourceMgr.java
 PRE-CREATION 
  pom.xml 7cf134ce5 
  ranger-ozone-plugin-shim/pom.xml PRE-CREATION 
  
ranger-ozone-plugin-shim/src/main/java/org/apache/ranger/authorization/ozone/authorizer/RangerOzoneAuthorizer.java
 PRE-CREATION 
  src/main/assembly/admin-web.xml 39fb05414 
  src/main/assembly/plugin-ozone.xml PRE-CREATION 


Diff: https://reviews.apache.org/r/71126/diff/1/


Testing
---

1. Tested basic Ozone CLI commands like create/show volumne/bucket/key on a 
test cluster.
2. Also tested basic commands using s3 api on test cluster
3. Verified audits in Ranger admin UI


Thanks,

Sailaja Polavarapu

Review Request 71125: RANGER-2511: default tag based service is getting created for the tag based service

[Abhay Kulkarni]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71125/
---

Review request for ranger, deepak sharma, Madhan Neethiraj, Ramesh Mani, and 
Zsombor Gegesy.


Bugs: RANGER-2511
https://issues.apache.org/jira/browse/RANGER-2511


Repository: ranger


Description
---

As part of RANER-2481 feature implementation if there is any resource based 
service created then one tag based service is created and gets associated with 
the resource based service, where tag based service name is string before 
underscore + _tag. eg: cm_hive then tag service name is cm_tag.

The root of the problem was that id of the service-definition of service being 
created was being compared with the name of the tag service-definition. This 
condition always returned false, and triggered creation of tag service 
irrespective of the type of service being created.


Diffs
-

  security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 
0c7d8527c 


Diff: https://reviews.apache.org/r/71125/diff/1/


Testing
---

Passed all unit tests. Pending testing with cluster.


Thanks,

Abhay Kulkarni

[jira] [Assigned] (RANGER-2511) default tag based service is getting created for the tag based service

[Abhay Kulkarni (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2511?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Abhay Kulkarni reassigned RANGER-2511:
--

Assignee: Abhay Kulkarni

> default tag based service is getting created for the tag based service
> --
>
> Key: RANGER-2511
> URL: https://issues.apache.org/jira/browse/RANGER-2511
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: master
>Reporter: Deepak Sharma
>Assignee: Abhay Kulkarni
>Priority: Critical
> Fix For: master
>
>
> as part of RANER-2481 feature implementation if there is any resource based 
> service created then one tag based service is created and gets associated 
> with the resource based service, where tag based service name is string 
> before underscore + _tag. eg: cm_hive then tag service name is cm_tag.
> but problem here is even if we create tag based service then another tag 
> based service getting created for it.
> cc [~abhayk]



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Created] (RANGER-2511) default tag based service is getting created for the tag based service

[Deepak Sharma (JIRA)]

Deepak Sharma created RANGER-2511:
-

 Summary: default tag based service is getting created for the tag 
based service
 Key: RANGER-2511
 URL: https://issues.apache.org/jira/browse/RANGER-2511
 Project: Ranger
  Issue Type: Bug
  Components: Ranger
Affects Versions: master
Reporter: Deepak Sharma
 Fix For: master


as part of RANER-2481 feature implementation if there is any resource based 
service created then one tag based service is created and gets associated with 
the resource based service, where tag based service name is string before 
underscore + _tag. eg: cm_hive then tag service name is cm_tag.
but problem here is even if we create tag based service then another tag based 
service getting created for it.

cc [~abhayk]



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2296) Enhance Ranger Audit framework to have security zone in the audit

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2296?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2296:
-
Fix Version/s: 2.0.0

> Enhance Ranger Audit framework to have security zone in the audit
> -
>
> Key: RANGER-2296
> URL: https://issues.apache.org/jira/browse/RANGER-2296
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 2.0.0
>Reporter: Ramesh Mani
>Assignee: Ramesh Mani
>Priority: Major
> Fix For: 2.0.0
>
>
> Enhance Ranger Audit framework to have security zone information in the audit 
> and related APIs



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2292) Test case fix for RANGER-2276

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2292?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2292:
-
Fix Version/s: 2.0.0

> Test case fix for RANGER-2276
> -
>
> Key: RANGER-2292
> URL: https://issues.apache.org/jira/browse/RANGER-2292
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: bhavik patel
>Assignee: bhavik patel
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: FailedTestCases.png, RANGER-2292.patch
>
>




--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2293) Create and update ref tables for security zone data

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2293?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2293:
-
Fix Version/s: 2.0.0

> Create and update ref tables for security zone data
> ---
>
> Key: RANGER-2293
> URL: https://issues.apache.org/jira/browse/RANGER-2293
> Project: Ranger
>  Issue Type: Sub-task
>  Components: Ranger
>Reporter: Nikhil Purbhe
>Assignee: Nikhil Purbhe
>Priority: Major
> Fix For: 2.0.0
>
>
> Security zones consist of services (with resource-specs) and admin/audit 
> users and groups. This data is store as a blob in JSON format in the 
> database. We need to ensure that the referential integrity is maintained for 
> this data by maintaining references to service, user and group ids in a 
> separate ref-table (as in policy reference tables).
>  



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2284) Unable to build image using docker

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2284?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2284:
-
Fix Version/s: 2.0.0

> Unable to build image using docker
> --
>
> Key: RANGER-2284
> URL: https://issues.apache.org/jira/browse/RANGER-2284
> Project: Ranger
>  Issue Type: Bug
>  Components: build-infra
>Affects Versions: master
>Reporter: Nelson Costa
>Assignee: Don Bosco Durai
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: build_ranger_using_docker.sh
>
>
> Running `./build_ranger_using_docker.sh -build_image` fails with error:
> {noformat}
>  ---> 62b699d731cb
> Step 11/27 : ADD 
> https://www.apache.org/dist/maven/maven-3/3.5.3/binaries/apache-maven-3.5.3-bin.tar.gz.sha1
>  /tools
> ADD failed: failed to GET 
> https://www.apache.org/dist/maven/maven-3/3.5.3/binaries/apache-maven-3.5.3-bin.tar.gz.sha1
>  with status 404 Not Found: 
> 
> 404 Not Found
> 
> Not Found
> The requested URL 
> /dist/maven/maven-3/3.5.3/binaries/apache-maven-3.5.3-bin.tar.gz.sha1 was not 
> found on this server.
> 
> {noformat}



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2324) Bootstrapping Solr in Ranger service start-up

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2324?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2324:
-
Fix Version/s: 2.0.0

> Bootstrapping Solr in Ranger service start-up
> -
>
> Key: RANGER-2324
> URL: https://issues.apache.org/jira/browse/RANGER-2324
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Reporter: bhavik patel
>Assignee: bhavik patel
>Priority: Minor
> Fix For: 2.0.0
>
> Attachments: RANGER-2324-09.patch, RANGER-2324.patch
>
>




--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2310) Record admin audits in Ranger during Create, Update and Delete operations on Zone

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2310?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2310:
-
Fix Version/s: 2.0.0

> Record admin audits in Ranger during Create, Update and Delete operations on 
> Zone
> -
>
> Key: RANGER-2310
> URL: https://issues.apache.org/jira/browse/RANGER-2310
> Project: Ranger
>  Issue Type: Sub-task
>  Components: Ranger
>Reporter: Nikhil Purbhe
>Assignee: Nikhil Purbhe
>Priority: Major
> Fix For: 2.0.0
>
>
> As we save Admin audits for any operation on Services and Policies. Need to 
> record Create, Update and Delete Security Zone admin audits.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2356) External user's email address can be edited

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2356?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2356:
-
Fix Version/s: 2.0.0

> External user's email address can be edited
> ---
>
> Key: RANGER-2356
> URL: https://issues.apache.org/jira/browse/RANGER-2356
> Project: Ranger
>  Issue Type: Bug
>  Components: admin
>Affects Versions: master
>Reporter: László Dénes Terjéki
>Priority: Major
>  Labels: email
> Fix For: 2.0.0
>
> Attachments: 
> 0001-RANGER-2356-Ranger-UI-disable-email-editing-for-Exte.patch, Screenshot 
> 2019-03-12 at 13.30.46.png
>
>
> In Settings -> Users/Groups clicking on an external user the email field is 
> editable while the "User Name", "First Name" and "Last Name" fields are 
> disabled.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2347) Restrict capabilities of security zone administrator and auditor

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2347?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2347:
-
Fix Version/s: 2.0.0

> Restrict capabilities of security zone administrator and auditor
> 
>
> Key: RANGER-2347
> URL: https://issues.apache.org/jira/browse/RANGER-2347
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Abhay Kulkarni
>Assignee: bhavik patel
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: RANGER-2347-01.patch, RANGER-2347.patch
>
>
> Security zone administrator needs to be able to perform management operations 
> where she is designated administrator, and should not have more comprehensive 
> admin privileges. Similarly, auditor needs to be able only to view audits 
> involving specific security zone for which she is auditor. In general, 
> zone-administrator has privileges closer to that of a user than to that of an 
> admin.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2376) Ranger Plugin ClassLoader Doesn't Restore Thread ClassLoader

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2376?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2376:
-
Fix Version/s: 2.0.0

> Ranger Plugin ClassLoader Doesn't Restore Thread ClassLoader
> 
>
> Key: RANGER-2376
> URL: https://issues.apache.org/jira/browse/RANGER-2376
> Project: Ranger
>  Issue Type: Bug
>  Components: plugins
>Reporter: Shawn Weeks
>Assignee: Ramesh Mani
>Priority: Minor
> Fix For: 2.0.0
>
> Attachments: 
> 0001-RANGER-2376-Ranger-Plugin-ClassLoader-Doesn-t-Restor.patch
>
>
> Same issue as ATLAS-3092. The RangerPluginClassLoader should restore the 
> current threads previous class loader instead of the classloader that 
> instantiated RangerPluginClassLoader. This is breaking Hive UDFs because the 
> class loader it restores isn't the one setup for the UDF.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2400) policy name needs to be unique within security zone and service

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2400?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2400:
-
Fix Version/s: 2.0.0

> policy name needs to be unique within security zone and service
> ---
>
> Key: RANGER-2400
> URL: https://issues.apache.org/jira/browse/RANGER-2400
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: master
>Reporter: Abhay Kulkarni
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 2.0.0
>
>
> Ranger enforces uniqueness of policy name within a service. However, with 
> introduction of security zones, policy name needs to be unique within a 
> security zone and a service. This will obviate the need for inventing unique 
> policy names if the policy is associated with the same service but different 
> security zones, as well as present security zone as a namespace in Ranger 
> admin as it does for making authorization decisions.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2377) Make solr bootstrapping configurable

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2377?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2377:
-
Fix Version/s: 2.0.0

> Make solr bootstrapping configurable
> 
>
> Key: RANGER-2377
> URL: https://issues.apache.org/jira/browse/RANGER-2377
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Reporter: bhavik patel
>Assignee: bhavik patel
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: RANGER-2377.patch
>
>
> Following things needs to be handle with this Jira
> 1.) Solr Bootstrap needs to be configurable on ranger side.
> 2.) Restrict the maximum tries to connect solr in case when no live solr node 
> is available.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2389) Ranger Hive Plugin enhancement for KILL query and Replication commands authorization

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2389?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2389:
-
Fix Version/s: 2.0.0

> Ranger Hive Plugin enhancement for KILL query and Replication commands 
> authorization
> 
>
> Key: RANGER-2389
> URL: https://issues.apache.org/jira/browse/RANGER-2389
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Ramesh Mani
>Assignee: Ramesh Mani
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: 
> 0001-RANGER-2389-Ranger-Hive-Plugin-enhancement-for-KILL-.patch
>
>
> 1) Hive KILL Query
> With the HIVE-17483 JIRA, Hive has introduced a way to kill query  and in 
> hive its a privileged action for Hive Admin Role. In order for the Ranger 
> Hive Authorizer to support authorization, we need to enhance the ranger hive 
> authorizer. Current Hive implementation is to Kill Query in a HiveService 
> which can be LLAP / HIVESERVER2 , later these HIVE SERVICEs can be grouped 
> into NAME SPACEs and kill query can be run against them. When 
> HiveServer2/LLAP Ranger Plugin sends the request to Ranger for Authorization, 
> it will be sending the HIVE SERVICE in the context with the COMMAND that is 
> executed. 
> With all the details proposal is to have 
> 1) In Ranger Hive Service Definition, we will have a new Resource "Hive 
> Service" to authorize.
> 2) In Ranger Hive Permission Model, we will have a new Permission "Service 
> Admin" to group Kill Query operation.
> "Service Admin" permission will enable hive ranger plugin to isolate various 
> admin operations in this case "Kill Query" and in future if hive introduces 
> other operations which are done at "HIVE SERVICE level" , group them under 
> this and authorize.
> "Service Admin" won't be able to do DATABASE / TABLE / COLUMN operations as 
> this will all be taken care by the existing DATABASE/TABLE/COLUMN level 
> permission model.
> 2) Replication Command
> Hive has enhanced it authorization for Replication Task 
> https://issues.apache.org/jira/browse/HIVE-17005. The proposal from Ranger 
> side is to have "Repl Admin" permission in RangerHive privilege model and 
> command REPL DUMP and REPL LOAD should be authorized for the users with 
> "ReplAdmin" privilege on Database / Table level.
> For REPL STATUS command, the user should have SELECT privilege on the 
> Database/ Table Level.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2391) Ranger authorization for ADD, COMPILE and CREATE TEMPORARY UDF operation in Hive

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2391?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2391:
-
Fix Version/s: 2.0.0

> Ranger authorization for ADD, COMPILE and CREATE TEMPORARY UDF operation in 
> Hive
> 
>
> Key: RANGER-2391
> URL: https://issues.apache.org/jira/browse/RANGER-2391
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Ramesh Mani
>Assignee: Ramesh Mani
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: 
> 0001-RANGER-2391-Ranger-authorization-for-ADD-COMPILE-and.patch
>
>
> Ranger authorization for ADD, COMPILE and CREATE TEMPORARY UDF operation in 
> Hive.
> Current the CREATE TEMPORARY UDF has a workaround solution of having a policy 
> with Database=* and UDF= specified since the temp udf is not associated to 
> any DB. Similarly, ADD JAR and COMPILE 

[jira] [Updated] (RANGER-2390) Ranger should add service admin privilege support for hive service objects - LLAP command sets

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2390?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2390:
-
Fix Version/s: 2.0.0

> Ranger should add service admin privilege support for hive service objects - 
> LLAP command sets
> --
>
> Key: RANGER-2390
> URL: https://issues.apache.org/jira/browse/RANGER-2390
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Ramesh Mani
>Assignee: Ramesh Mani
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: 
> 0001-RANGER-2390-Ranger-should-add-service-admin-privileg.patch
>
>
> Ranger should add service admin privilege support for hive service objects - 
> LLAP command sets
> Functionality for workload management commands being added in Hive with 
> HIVE-17481  and HIVE-19033



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2404) Delegate-admin permission granted by policy needs to be effective only within the zone to which the policy belongs

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2404?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2404:
-
Fix Version/s: 2.0.0

> Delegate-admin permission granted by policy needs to be effective only within 
> the zone to which the policy belongs 
> ---
>
> Key: RANGER-2404
> URL: https://issues.apache.org/jira/browse/RANGER-2404
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Abhay Kulkarni
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 2.0.0
>
>
> If user is marked as a delegated administrator for a resource by a policy 
> associated with a zone, then he/she is able to manipulate another policy 
> targeted to the same resource but not associated with any zone.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2422) Zone Admin and Zone Auditor can see only its associated audit access log

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2422?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2422:
-
Fix Version/s: 2.0.0

> Zone Admin and Zone Auditor can see only its associated audit access log
> 
>
> Key: RANGER-2422
> URL: https://issues.apache.org/jira/browse/RANGER-2422
> Project: Ranger
>  Issue Type: Task
>  Components: Ranger
>Reporter: bhavik patel
>Assignee: bhavik patel
>Priority: Major
> Fix For: 2.0.0
>
>
> Zone Admin and zone auditor can see their own zone specific audit access logs.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2420) Ranger spends 36% of CPU in ObjectMapper

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2420?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2420:
-
Fix Version/s: 2.0.0

> Ranger spends 36% of CPU in ObjectMapper
> 
>
> Key: RANGER-2420
> URL: https://issues.apache.org/jira/browse/RANGER-2420
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Reporter: Todd Lipcon
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 2.0.0
>
>
> Ranger uses ObjectMapper to convert to/from JSON. In a profile of a workload 
> (an Impala authorization test) I see that 36% of the ranger CPU is spent in 
> these functions. 26% of total CPU is in the '_findRootDeserializer' method, 
> which gets cached if a type is deserialized multiple times. However, the 
> caching is only effective if the ObjectMapper is reused. JSONUtil appears to 
> create a new ObjectMapper on every call, which defeats the caching.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2414) Enhancements to support roles in Ranger policies

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2414?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2414:
-
Fix Version/s: 2.0.0

> Enhancements to support roles in Ranger policies
> 
>
> Key: RANGER-2414
> URL: https://issues.apache.org/jira/browse/RANGER-2414
> Project: Ranger
>  Issue Type: New Feature
>  Components: admin, plugins
>Reporter: Madhan Neethiraj
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 2.0.0
>
>
> Current Ranger policy model supports 
> authorization/column-masking/row-filtering for users/user-groups based on 
> various criteria like accessed-resource, resource-classifications, IP-address 
> and custom conditions. Given the wide-spread use of role-based authorization 
> in traditional enterprise applications (like RDBMS, J2EE), it will be very 
> useful for Ranger policy model to support 'roles' i.e. to be able to specify 
> authorization/column-masking/row-filtering for roles as well - in addition to 
> existing support for users and user-groups.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2421) Solr audit fails in Atlas plugin

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2421?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2421:
-
Fix Version/s: 2.0.0

> Solr audit fails in Atlas plugin
> 
>
> Key: RANGER-2421
> URL: https://issues.apache.org/jira/browse/RANGER-2421
> Project: Ranger
>  Issue Type: Bug
>  Components: audit, plugins
>Reporter: Zsombor Gegesy
>Assignee: Zsombor Gegesy
>Priority: Major
>  Labels: atlas, audit, plugin
> Fix For: 2.0.0
>
> Attachments: RANGER-2421.patch
>
>
> Due to http client version difference, and the lack of httpclient-4.5.3.jar 
> inside the ranger-atlas-plugin/lib/ranger-atlas-plugin-impl/ folder, the 
> following exception can be seen:
> {code}
> ava.lang.NoSuchMethodError: 
> org.apache.http.impl.client.HttpClientBuilder.evictIdleConnections(JLjava/util/concurrent/TimeUnit;)Lorg/apache/http/impl/client/HttpClientBuilder;
> at 
> org.apache.solr.client.solrj.impl.HttpClientUtil.createClient(HttpClientUtil.java:311)
> at 
> org.apache.solr.client.solrj.impl.HttpClientUtil.createClient(HttpClientUtil.java:330)
> at 
> org.apache.solr.client.solrj.impl.HttpClientUtil.createClient(HttpClientUtil.java:268)
> at 
> org.apache.solr.client.solrj.impl.HttpClientUtil.createClient(HttpClientUtil.java:255)
> at 
> org.apache.solr.client.solrj.impl.CloudSolrClient.(CloudSolrClient.java:280)
> at 
> org.apache.solr.client.solrj.impl.CloudSolrClient$Builder.build(CloudSolrClient.java:1600)
> at 
> org.apache.ranger.audit.destination.SolrAuditDestination$1.run(SolrAuditDestination.java:126)
> at 
> org.apache.ranger.audit.destination.SolrAuditDestination$1.run(SolrAuditDestination.java:123)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.security.auth.Subject.doAs(Subject.java:422)
> at 
> org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1730)
> at 
> org.apache.ranger.audit.provider.MiscUtil.executePrivilegedAction(MiscUtil.java:516)
> at 
> org.apache.ranger.audit.destination.SolrAuditDestination.connect(SolrAuditDestination.java:123)
> at 
> org.apache.ranger.audit.destination.SolrAuditDestination.init(SolrAuditDestination.java:72)
> at 
> org.apache.ranger.audit.provider.AuditProviderFactory.init(AuditProviderFactory.java:179)
> at 
> org.apache.ranger.plugin.service.RangerBasePlugin.init(RangerBasePlugin.java:217)
> {code}
> Atlas has a httpclient-4.4.x, which lacks the needed method.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2430) Zoneadmin User is able to create policy for those services which is not associated to zone

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2430?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2430:
-
Fix Version/s: 2.0.0

> Zoneadmin User is able to create policy for those services which is not 
> associated to zone
> --
>
> Key: RANGER-2430
> URL: https://issues.apache.org/jira/browse/RANGER-2430
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: bhavik patel
>Assignee: bhavik patel
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: RANGER-2430-01.patch, RANGER-2430.patch
>
>
> Steps to Reproduce:
> 1. Create a zone for HDFS service
> Zone name: zone1
> Zoneadmin user: zoneadmin1
> 2. Create a hbase policy with zone name as "zone1" through curl from 
> zoneadmin user: zoneadmin1
> 3. It should not be allowed as hbase service is not associated with zone: 
> zone1



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2445) Import of Tag based policies for zone

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2445?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2445:
-
Fix Version/s: 2.0.0

> Import of Tag based policies for zone
> -
>
> Key: RANGER-2445
> URL: https://issues.apache.org/jira/browse/RANGER-2445
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Harshal Chavan
>Assignee: Nikhil Purbhe
>Priority: Major
> Fix For: 2.0.0
>
>
> Import of tag based policies is not working for zone.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2444) Admin logs are not getting generated when "policy level" policy condition is updated

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2444?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2444:
-
Fix Version/s: 2.0.0

> Admin logs are not getting generated when "policy level" policy condition is 
> updated
> 
>
> Key: RANGER-2444
> URL: https://issues.apache.org/jira/browse/RANGER-2444
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Harshal Chavan
>Assignee: Nitin Galave
>Priority: Major
> Fix For: 2.0.0
>
>
> Steps-
> 1.Create a Knox service.
> 2.Edit the "policy level" policy condition of default policy.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2455) When service created inside a zone landing page that service gets created in unzonned landing page.

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2455?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2455:
-
Fix Version/s: 2.0.0

> When service created inside a zone landing page that service gets created in 
> unzonned landing page.
> ---
>
> Key: RANGER-2455
> URL: https://issues.apache.org/jira/browse/RANGER-2455
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Nitin Galave
>Assignee: Nitin Galave
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: 0002-RANGER-2455.patch, RANGER-2455.png
>
>
> Steps -
> 1.Create a HDFS service "hdfsservice1" in unzonned landing page.
> 2.Create a zone "zone1" with HDFS service in it.
> 3.Select "zone1" and click on Add button in HDFS service 
> 4.Fill the details.
> 5.Click on save button.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2446) Suggestion - Include security zone details as part of admin audit for policy update

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2446?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2446:
-
Fix Version/s: 2.0.0

> Suggestion - Include security zone details as part of admin audit for policy 
> update
> ---
>
> Key: RANGER-2446
> URL: https://issues.apache.org/jira/browse/RANGER-2446
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Nitin Galave
>Assignee: Nitin Galave
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: 
> 0001-RANGER-2446-Suggestion-Include-security-zone-details.patch, 
> RANGER-2446.patch
>
>
> If a policy which is part of security zone is edited, it will be good to 
> include the zonename also along with policyid and policyname in the popup 
> where admin audit details are displayed.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2435) Add support for sticky breadcrumbs.

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2435?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2435:
-
Fix Version/s: 2.0.0

> Add support for sticky breadcrumbs.
> ---
>
> Key: RANGER-2435
> URL: https://issues.apache.org/jira/browse/RANGER-2435
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Nitin Galave
>Assignee: Nitin Galave
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: 0001-RANGER-2435-Add-support-for-sticky-breadcrumbs.patch
>
>
> The breadcrumb for Security zone name on policy creation/policy edit page 
> should be stagnant, and remain visible to user even if the page is scrolled 
> up/down.
> Currently, the security zone name goes out of view once the page is scrolled 
> down.
> This can be inconvenient to user who may want to check the zone under which 
> he is editing the policy.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2498) Improvement to plugin status tab.

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2498?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2498:
-
Fix Version/s: 2.0.0

> Improvement to plugin status tab.
> -
>
> Key: RANGER-2498
> URL: https://issues.apache.org/jira/browse/RANGER-2498
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Nitin Galave
>Assignee: Nitin Galave
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: 0001-RANGER-2498.patch, 0002-RANGER-2498.patch
>
>
> 1) Enable client sorting on all columns .
> 2) Add timestamp for active, last update and download column like (2:43 hours 
> ago), (1 day, 15:26 hours ago), (15 minutes ago).
> 3) Add Service Type column and also add it in the search filter.
> 4) Change Initial Service Type column to Application type.
> 5) Remove pagination in Plugin status tab (show all records without 
> pagination).



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2478) Exception in thread "main" java.lang.NoClassDefFoundError: com/google/common/base/Preconditions

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2478?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2478:
-
Fix Version/s: 2.0.0

> Exception in thread "main" java.lang.NoClassDefFoundError: 
> com/google/common/base/Preconditions
> ---
>
> Key: RANGER-2478
> URL: https://issues.apache.org/jira/browse/RANGER-2478
> Project: Ranger
>  Issue Type: Bug
>  Components: plugins
>Affects Versions: 2.0.0
>Reporter: David Berger
>Assignee: Pradeep Agrawal
>Priority: Major
> Fix For: 2.0.0
>
>
> When running ./enable-presto-plugin.sh I get the exception below
> presto@nquery-presto-coordinator-78576c75b7-rdfmq:/ranger-presto-plugin$ sudo 
> -E ./enable-presto-plugin.sh
> Custom user is available, using custom user and default group.
> INFO: Creating /presto/plugins/ranger
> + Wed Jun 19 15:30:36 UTC 2019 : presto: lib folder=/presto/plugins/ranger 
> conf folder=/presto/etc
> + Wed Jun 19 15:30:36 UTC 2019 : Saving current config file: 
> /presto/etc/ranger-policymgr-ssl.xml to 
> /presto/etc/.ranger-policymgr-ssl.xml.20190619-153036 ...
> + Wed Jun 19 15:30:37 UTC 2019 : Saving current config file: 
> /presto/etc/ranger-presto-audit.xml to 
> /presto/etc/.ranger-presto-audit.xml.20190619-153036 ...
> + Wed Jun 19 15:30:37 UTC 2019 : Saving current config file: 
> /presto/etc/ranger-presto-security.xml to 
> /presto/etc/.ranger-presto-security.xml.20190619-153036 ...
> Unable to store password in non-plain text format. Error: [SLF4J: Failed to 
> load class "org.slf4j.impl.StaticLoggerBinder".
> SLF4J: Defaulting to no-operation (NOP) logger implementation
> SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further 
> details.
> Exception in thread "main" java.lang.NoClassDefFoundError: 
> com/google/common/base/Preconditions
>  at 
> org.apache.hadoop.conf.Configuration$DeprecationDelta.(Configuration.java:429)
>  at 
> org.apache.hadoop.conf.Configuration$DeprecationDelta.(Configuration.java:442)
>  at org.apache.hadoop.conf.Configuration.(Configuration.java:524)
>  at 
> org.apache.ranger.credentialapi.CredentialReader.getDecryptedString(CredentialReader.java:38)
>  at org.apache.ranger.credentialapi.buildks.createCredential(buildks.java:80)
>  at org.apache.ranger.credentialapi.buildks.main(buildks.java:40)
> Caused by: java.lang.ClassNotFoundException: 
> com.google.common.base.Preconditions
>  at java.net.URLClassLoader.findClass(URLClassLoader.java:382)
>  at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
>  at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:349)
>  at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
>  ... 6 more]
>  



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2487) Resource policy names with a characters that are typically HTML escaped mutate and grow as they are saved.

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2487?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2487:
-
Fix Version/s: 2.0.0

> Resource policy names with a characters that are typically HTML escaped 
> mutate and grow as they are saved.
> --
>
> Key: RANGER-2487
> URL: https://issues.apache.org/jira/browse/RANGER-2487
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Nitin Galave
>Assignee: Nitin Galave
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: 0001-RANGER-2487.patch
>
>
> If a resource based policy is given a name that contains a character that is 
> typically HTML escape, such as the greater than sign '>', which is HTML 
> escaped '>', then whenever that policy is saved, the name of the policy will 
> be changed by the ranger you to contain the HTML escape characters.
> For example, if I name a policy mydb->mytable, then when that policy is 
> edited and saved in the UI, its name will change to mydb->mytable. Because 
> the ampersand is itself an HTML escaped character, if I save the policy 
> again, this name will be changed to mydb->mytable.Etc..



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2473) Upgrade of Ranger Admin to the current version fails in PatchForAtlasResourceAndAccessTypeUpdate_J10016

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2473?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2473:
-
Fix Version/s: 2.0.0

> Upgrade of Ranger Admin to the current version fails in 
> PatchForAtlasResourceAndAccessTypeUpdate_J10016
> ---
>
> Key: RANGER-2473
> URL: https://issues.apache.org/jira/browse/RANGER-2473
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Ramesh Mani
>Assignee: Ramesh Mani
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: 
> 0001-RANGER-2473-Upgrade-of-Ranger-Admin-to-the-current-v.patch
>
>
> Upgrade of Ranger Admin to the current version fails 
> PatchForAtlasResourceAndAccessTypeUpdate_J10016. This is similar to 
> RANGER-2456 issue



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2489) Missing dependencies in assembly for Presto plugin

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2489?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2489:
-
Fix Version/s: 2.0.0

> Missing dependencies in assembly for Presto plugin
> --
>
> Key: RANGER-2489
> URL: https://issues.apache.org/jira/browse/RANGER-2489
> Project: Ranger
>  Issue Type: Improvement
>  Components: plugins
>Reporter: Bolke de Bruin
>Assignee: Bolke de Bruin
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: 0001-RANGER-2489-Minor-updates-to-presto-plugin.patch
>
>
> If invoking with hostnames rather than ips extra dependencies are required by 
> the plugin for Presto.
> commons-codec commons-codec
>  com.kstruct gethostname4j
>  com.sun jna



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2216) Ranger Audit UI lacks the feature to search the audits using Policy Id

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2216?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2216:
-
Fix Version/s: (was: master)
   2.0.0

> Ranger Audit UI lacks the feature to search the audits using Policy Id
> --
>
> Key: RANGER-2216
> URL: https://issues.apache.org/jira/browse/RANGER-2216
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: master
>Reporter: Nitin Galave
>Assignee: Nitin Galave
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: RANGER-2216.patch
>
>
> Currently, we do not have a feature which answers the question "who made this 
> change to this policy" without scrolling through the 100s of pages of audit. 
> A search by Policy Id



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-1958) [HBase] Implement getUserPermissions API of AccessControlService.Interface to allow clients to access HBase permissions stored in Ranger

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1958?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-1958:
-
Fix Version/s: (was: master)
   2.0.0

> [HBase] Implement getUserPermissions API of AccessControlService.Interface to 
> allow clients to access HBase permissions stored in Ranger
> 
>
> Key: RANGER-1958
> URL: https://issues.apache.org/jira/browse/RANGER-1958
> Project: Ranger
>  Issue Type: Bug
>  Components: plugins
>Reporter: Ankit Singhal
>Assignee: Ankit Singhal
>Priority: Major
> Fix For: 2.0.0, 1.2.1
>
> Attachments: 
> 0001-RANGER-1958-HBase-Implement-getUserPermissions-API-o.patch, 
> RANGER-1958.patch
>
>
> We have added the support of ACLs in Phoenix as part of PHOENIX-4198. 
> Currently, the implementation relies on some of the APIs provided by 
> AccessControlService.Interface to get the user permission of the table but we 
> see that the API "AccessControlService.Interface#getUserPermissions"  is not 
> yet implemented in Ranger authorization module for HBase and thus, we are 
> unable to access permissions stored for HBase Table in Phoenix.
> In class RangerAuthorizationCoprocessor
> {code}
> @Override
>   public void getUserPermissions(RpcController controller, 
> AccessControlProtos.GetUserPermissionsRequest request, 
> RpcCallback done) {
>   LOG.debug("getUserPermissions(): ");
>   }
> {code}
> If we just implement this API, we can leverage the current HBase Ranger 
> plugin for Phoenix too.
> Although the long-term solution for Ranger could be to implement the 
> coprocessor hooks for Phoenix as how it has been done for HBase so that we 
> can also authorize new entities like VIEW, SEQUENCES, FUNCTIONs  (which can 
> not be supported with native HBase ACLs) along with Table and Schema. 
> Let me know your thoughts, I can try to put up a patch soon.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2269) Implement best coding practices for validating user input

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2269?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2269:
-
Fix Version/s: (was: master)
   2.0.0

> Implement best coding practices for validating user input
> -
>
> Key: RANGER-2269
> URL: https://issues.apache.org/jira/browse/RANGER-2269
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Nikhil Purbhe
>Assignee: Nikhil Purbhe
>Priority: Major
> Fix For: 2.0.0, 1.1.1, 1.2.1
>
> Attachments: 
> 0001-RANGER-2269-Implement-best-coding-practices-for-vali.patch
>
>
> Implement best coding practices for validating user input



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2268) Optimize policy and tags migration to new schema

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2268?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2268:
-
Fix Version/s: (was: master)
   2.0.0

> Optimize policy and tags migration to new schema
> 
>
> Key: RANGER-2268
> URL: https://issues.apache.org/jira/browse/RANGER-2268
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 1.0.0, 0.7.1, 1.2.0
>Reporter: Abhay Kulkarni
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 0.7.2, 2.0.0, 1.2.1
>
>
> Policies and tags are migrated to new schema introduced in RANGER-2203 using 
> java patches. The time for migration can increase very rapidly as number of 
> migrated policies/tags increase, and may take hours for a few thousand large 
> policies containing many users and groups.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2266) To make Id to ID in Audit Pages of Ranger Admin

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2266?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2266:
-
Fix Version/s: (was: master)
   2.0.0

> To make Id to ID in Audit Pages of Ranger Admin 
> 
>
> Key: RANGER-2266
> URL: https://issues.apache.org/jira/browse/RANGER-2266
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: master
>Reporter: Qiang Zhang
>Assignee: Qiang Zhang
>Priority: Minor
>  Labels: UI, web
> Fix For: 2.0.0
>
> Attachments: 
> 0001-RANGER-2266-To-make-Id-to-ID-in-Audit-Pages-of-Range.patch, 
> Access_PolicyID.jpg, Admin_SessionID.jpg, 
> LoginSeeions_LoginIDandSessionID.jpg, Plugins_PluginID.jpg
>
>
> The ID in the Audit web pages of Ranger Admin is not uniform.
> There are two ways to write in the pages: Id and ID.
> In Access, Table Head: Policy ID
> In Admin, Table Head and Search Options: Session Id
> In Login Sessions, Table Head and Search Options: Session Id, Login Id
> In Plugins, Table Head: Plugin Id, but Search Options: Plugin ID
> Please check the following screenshots:
> [Access|https://issues.apache.org/jira/secure/attachment/12945554/Access_PolicyID.jpg]
> [Admin|https://issues.apache.org/jira/secure/attachment/1294/Admin_SessionID.jpg]
> [Login 
> Sessions|https://issues.apache.org/jira/secure/attachment/12945556/LoginSeeions_LoginIDandSessionID.jpg]
> [Plugins|https://issues.apache.org/jira/secure/attachment/12945557/Plugins_PluginID.jpg]



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2272) Ensure that case of resource-definition names and access-type names in Ranger policy is the same as in service-definition after successful validation

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2272?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2272:
-
Fix Version/s: (was: master)
   2.0.0

> Ensure that case of resource-definition names and access-type names in Ranger 
> policy is the same as in service-definition after successful validation
> -
>
> Key: RANGER-2272
> URL: https://issues.apache.org/jira/browse/RANGER-2272
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 0.7.1, 1.1.0, 1.2.0
>Reporter: Abhay Kulkarni
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 0.7.2, 2.0.0, 1.1.1, 1.2.1
>
>
> Ranger Policy validation needs to ensure that  access type names and 
> resource-definition names specified in the Ranger policy are in the same case 
> as specified in service-definition before the policy is persisted in the 
> database.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2257) Add policyID to error message when click the Access log of Audit

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2257?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2257:
-
Fix Version/s: (was: master)
   2.0.0

> Add policyID to error message when click the Access log of Audit
> 
>
> Key: RANGER-2257
> URL: https://issues.apache.org/jira/browse/RANGER-2257
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: master
>Reporter: Qiang Zhang
>Assignee: Qiang Zhang
>Priority: Minor
>  Labels: ErrorMessage, UI
> Fix For: 2.0.0
>
> Attachments: 
> 0001-RANGER-2257-Add-policyID-to-error-message-when-click.patch, 
> IDandTime.png, OnlyTime.png
>
>   Original Estimate: 12h
>  Remaining Estimate: 12h
>
> Check the Access log of Audit in RangerAdmin,
> click on a log to see its corresponding policyID history,
> If the policyID does not exist, the following error will occur:
> No policy history found for given time: 2018-08-14T08:43:11Z
> Please check the following screenshots:
> https://issues.apache.org/jira/secure/attachment/12944645/OnlyTime.png
> The information given in the above error message does not give policyID 
> information, 
> which can lead to user confusion.
> Add policyID to modify the error message as follows:
> No policy history found for given policy ID: 1 and event time: 
> 2018-08-14T08:43:11Z
> Modified screenshots:
> https://issues.apache.org/jira/secure/attachment/12944644/IDandTime.png



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2263) Remove unnecessary explicit dependency for apache commons compress jar in Ranger

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2263?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2263:
-
Fix Version/s: (was: master)
   2.0.0

> Remove unnecessary explicit dependency for apache commons compress jar in 
> Ranger
> 
>
> Key: RANGER-2263
> URL: https://issues.apache.org/jira/browse/RANGER-2263
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 1.2.0
>Reporter: Sailaja Polavarapu
>Assignee: Sailaja Polavarapu
>Priority: Major
> Fix For: 1.0.1, 2.0.0, 1.2.1
>
> Attachments: 
> 0001-RANGER-2263-Removed-unnecessary-explicit-dependency-.patch
>
>
> Currently there are multiple versions of commons-compress jar files in Ranger 
> (1.8.1 & 1.4.1). Security-admin module is currently packaging 1.8.1 version 
> explicitly where as tagsync module is packaging 1.4.1 version.
> Ranger-kms module has 1.4.1 version which is a transitive dependency from 
> hadoop-commons. Since security-admin module doesn't have a direct usage of 
> commons-compress module, we can remove that and keep transitive dependency 
> from hadoop-commons for tagsync and kms modules.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2297) getContentSummary validation failure

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2297?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2297:
-
Fix Version/s: (was: master)
   2.0.0

> getContentSummary validation failure
> 
>
> Key: RANGER-2297
> URL: https://issues.apache.org/jira/browse/RANGER-2297
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 1.1.0, 1.2.0
>Reporter: Abhay Kulkarni
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 2.0.0, 1.1.1, 1.2.1
>
>
> Parameter values for authorization API call for getContentSummary have 
> changed with fix for 
> [HDFS-12130|https://issues.apache.org/jira/browse/HDFS-12130]. This causes 
> Ranger authorizer to fail.
> Ranger authorizer needs to be updated to accommodate for NameNode changes in 
> authorizing getContentSummary() use-case. Here are the details of the 
> proposed updates:
> Ranger authorizer currently constructs the path to authorize from the given 
> INodeAttributes
>  Ranger authorizer will use the following alternate approach to construct the 
> path - only when checkPermission() is called with single entry arrays for 
> inodes and inodeAttributes parameters, and the given inode has a parent.
>  – get path to authorize from the given inode by calling getFullPathName()
>  – if snapshotId != Snapshot.CURRENT_STATE_ID, remove "/.snapshot" from the 
> path obtained from getFullPathName()



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2318) Incorrect git url on the homepage

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2318?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2318:
-
Fix Version/s: (was: master)
   2.0.0

> Incorrect git url on the homepage
> -
>
> Key: RANGER-2318
> URL: https://issues.apache.org/jira/browse/RANGER-2318
> Project: Ranger
>  Issue Type: Bug
>  Components: documentation
>Reporter: Zsombor Gegesy
>Assignee: Zsombor Gegesy
>Priority: Minor
>  Labels: homepage
> Fix For: 2.0.0
>
> Attachments: RANGER-2318.patch
>
>
> On http://ranger.apache.org/ the link for the git repository is pointing to 
> https://git.apache.org/ranger.git/ instead of gitbox and github.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2317) Enable compilation on JDK11

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2317?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2317:
-
Fix Version/s: (was: master)
   2.0.0

> Enable compilation on JDK11
> ---
>
> Key: RANGER-2317
> URL: https://issues.apache.org/jira/browse/RANGER-2317
> Project: Ranger
>  Issue Type: Improvement
>  Components: admin, plugins
>Reporter: Zsombor Gegesy
>Assignee: Zsombor Gegesy
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: RANGER-2317-2.patch, RANGER-2317-3.patch
>
>
> Currently, Ranger can be compiled only with JDK 8, however JDK 11 is the 
> current LTS release for Java, it is essential to support it. As a first step, 
> we need to ensure that Ranger can be compiled on JDK 11.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2328) Time-based policies do not work correctly if access time is not set in the authorization request

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2328?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2328:
-
Fix Version/s: (was: master)
   2.0.0

> Time-based policies do not work correctly if access time is not set in the 
> authorization request
> 
>
> Key: RANGER-2328
> URL: https://issues.apache.org/jira/browse/RANGER-2328
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: master, 1.1.0, 1.2.0
>Reporter: Abhay Kulkarni
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 2.0.0
>
>
> Access authorization decision depends on the time of the access (which is 
> retrieved from the authorization request) when evaluating Time-based 
> policies. If access time is not set in the authorization request, current 
> time should be used for evaluating access request.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2330) Ensure that policy/resource based searches are security-zone aware

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2330?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2330:
-
Fix Version/s: (was: master)
   2.0.0

> Ensure that policy/resource based searches are security-zone aware
> --
>
> Key: RANGER-2330
> URL: https://issues.apache.org/jira/browse/RANGER-2330
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: master
>Reporter: Abhay Kulkarni
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 2.0.0
>
>
> Ranger Admin supports many APIs to browse and filter policies based on the 
> resource value or policy. The implementation of these APIs must return 
> results for only for the relevant security zone which contains specified 
> resource or policy. If the specified resource value does not correspond to a 
> unique security zone, then APIs must return result for all security zones 
> (including default security zone).



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2337) Context-Enrichers need to clean up completely when the policy-engine is destroyed

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2337?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2337:
-
Fix Version/s: (was: master)
   2.0.0

> Context-Enrichers need to clean up completely when the policy-engine is 
> destroyed
> -
>
> Key: RANGER-2337
> URL: https://issues.apache.org/jira/browse/RANGER-2337
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: master, 1.1.0, 1.2.0
>Reporter: Abhay Kulkarni
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 2.0.0, 1.1.1, 1.2.1
>
>
> An instance of context enricher is created when policy-engine is 
> instantiated. When policy-engine is destroyed, all references to context 
> enricher need to be cleaned up.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2335) Overlapping of 'include' toggle button on policy create/edit page.

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2335?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2335:
-
Fix Version/s: (was: master)
   2.0.0

> Overlapping of 'include' toggle button on policy create/edit page.
> --
>
> Key: RANGER-2335
> URL: https://issues.apache.org/jira/browse/RANGER-2335
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Nitin Galave
>Assignee: Nitin Galave
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: RANGER-2335.patch, include_toggle_overlap.png
>
>
> Steps to reproduce:
> 1) In HDFS service definition, for path resource field set exclude and 
> recursive support to true.
> 2) Go to HDFS-Policy creation/edit page.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2341) Support for Incremental policy updates to improve performance of ranger-admin and plugins by optimal building of policy-engine

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2341?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2341:
-
Fix Version/s: (was: master)
   2.0.0

> Support for Incremental policy updates to improve performance of ranger-admin 
> and plugins by optimal building of policy-engine
> --
>
> Key: RANGER-2341
> URL: https://issues.apache.org/jira/browse/RANGER-2341
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: master
>Reporter: Abhay Kulkarni
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 2.0.0
>
>
> Requirements:
> Currently, every change to any policy causes rebuilding of policy-engine from 
> scratch. There are several disadvantages:
> 1. Compute time for rebuilding
> 2. Large traffic from ranger-admin to each of the plugins
> 3. Large demand on JVM memory system resulting in frequent garbage collection 
> and pauses of JVM.
> It will be more optimal to communicate only the changes and apply them to 
> existing policy-engine.
> Design notes:
> Policy changes are logged into a new database table.
> Cache management in ranger-admin is enhanced to use this table to figure out 
> changes using a previously known version number (provided by module 
> requesting updated policies).
> Policy engine supports update operation that accepts policy-deltas and 
> returns a new policy engine with deltas applied.
> Resource Trie structures are copied from older policy-engine selectively, and 
> not rebuilt from scratch.
> Backward compatibility is maintained with older plugins by adding another 
> parameter to REST API for downloading policies.
> Ranger admin as well as component plugins may be configured to optionally use 
> policy deltas for its internal policy-engines. Policy deltas are disabled by 
> default. In ranger-admin, policy-deltas are enabled in the ranger-admin by 
> setting configuration variable 'ranger.admin.supports.policy.deltas' to true. 
> In individual plugins, policy-deltas are enabled by setting configuration 
> variable 'ranger.plugin..policy.rest.supports.policy.deltas' to 
> "true".
> Policy delta table is cleared of records older than a week on restart of 
> ranger-admin.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2343) Evaluate tag policies in the same security zone as accessed resource

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2343?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2343:
-
Fix Version/s: (was: master)
   2.0.0

> Evaluate tag policies in the same security zone as accessed resource
> 
>
> Key: RANGER-2343
> URL: https://issues.apache.org/jira/browse/RANGER-2343
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: master
>Reporter: Abhay Kulkarni
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 2.0.0
>
>
> When a resource, which belongs to a certain security zone, is accessed, 
> Ranger plugin should evaluates only those policies which are associated with 
> the security zone. Although resource-based policies to evaluate are selected 
> in this way, all tag policies belonging to the tag-service associated with 
> the resource-based service are currently evaluated - instead of only those 
> tag policies which are in the same security zone.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2344) Ranger HBase Test failure due to Mini HBase cluster start up issue.

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2344?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2344:
-
Fix Version/s: (was: master)

> Ranger HBase Test failure due to Mini HBase cluster start up issue.
> ---
>
> Key: RANGER-2344
> URL: https://issues.apache.org/jira/browse/RANGER-2344
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 2.0.0
>Reporter: Ramesh Mani
>Assignee: Ramesh Mani
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: 
> 0001-RANGER-2344-Ranger-HBase-Test-failure-due-to-Mini-HB.patch
>
>
> Ranger HBase Test failure due to Mini hbase cluster issue.
> This was caused by patch  RANGER-2342 including jackson-databind in the POM.
> Excluding it resolved this issue.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2345) Upgrade Apache Solr version to 7.7.0 or later

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2345?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2345:
-
Fix Version/s: (was: master)
   2.0.0

> Upgrade Apache Solr version to 7.7.0 or later
> -
>
> Key: RANGER-2345
> URL: https://issues.apache.org/jira/browse/RANGER-2345
> Project: Ranger
>  Issue Type: New Feature
>  Components: Ranger
>Reporter: Sailaja Polavarapu
>Assignee: Sailaja Polavarapu
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: 
> 0001-RANGER-2345-Upgrade-Solr-version-in-Ranger-to-7.7.1.patch
>
>
> Currently Ranger uses Solr 5.5.4 version which is pretty old. This needs to 
> be upgraded to 7.7.x to be compatible with new features and fixes.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2349) Provide an API to download policies and tags

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2349?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2349:
-
Fix Version/s: (was: master)
   2.0.0

> Provide an API to download policies and tags
> 
>
> Key: RANGER-2349
> URL: https://issues.apache.org/jira/browse/RANGER-2349
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: master
>Reporter: Abhay Kulkarni
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 2.0.0
>
>
> Ranger plugin may want to use the latest policies and tags available in 
> Ranger Admin for authorization, rather than wait for the next scheduled 
> download. Ranger needs to provide a way to achieve this.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2353) Upgrade Apache Thrift Java client library to 0.12.0

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2353?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2353:
-
Fix Version/s: (was: master)

> Upgrade Apache Thrift Java client library to 0.12.0
> ---
>
> Key: RANGER-2353
> URL: https://issues.apache.org/jira/browse/RANGER-2353
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: master, 2.0.0
>Reporter: Ramesh Mani
>Assignee: Ramesh Mani
>Priority: Major
> Fix For: 2.0.0
>
>
> Upgrade Apache Thrift Java client library to 0.12.0



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2351) Implement Import / Export of Policies by Zone

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2351?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2351:
-
Fix Version/s: (was: master)
   2.0.0

> Implement Import / Export of Policies by Zone
> -
>
> Key: RANGER-2351
> URL: https://issues.apache.org/jira/browse/RANGER-2351
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: master
>Reporter: Nikhil Purbhe
>Assignee: Nikhil Purbhe
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: RANGER-2351_1.patch
>
>
> Implement Import / Export of Policies by Zone.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2354) Add custom condition at policy level

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2354?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2354:
-
Fix Version/s: (was: master)

> Add custom condition at policy level
> 
>
> Key: RANGER-2354
> URL: https://issues.apache.org/jira/browse/RANGER-2354
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: master, 2.0.0
>Reporter: Ramesh Mani
>Assignee: Ramesh Mani
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: 
> 0001-RANGER-2354-Add-custom-condition-at-policy-level_04.patch, 
> RANGER-2354.02.patch
>
>
> Add custom conditions at policy level.
> Currently custom condition is at policy item level and having at policy level 
> also will give more flexible and intutive. Also policy evaluation doesn't 
> need to go the policy item level for checking conditions which are applicable 
> at policy level.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2350) Ranger UI: Clicking on zone edit Breadcrumb redirect to 404 page not found

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2350?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2350:
-
Fix Version/s: (was: master)
   2.0.0

> Ranger UI: Clicking on zone edit Breadcrumb redirect to 404 page not found
> --
>
> Key: RANGER-2350
> URL: https://issues.apache.org/jira/browse/RANGER-2350
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Nitin Galave
>Assignee: Nitin Galave
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: 
> 0001-RANGER-2350-Ranger-UI-Clicking-on-zone-edit-Breadcru.patch, Screen Shot 
> 2019-03-07 at 11.56.04 AM.png
>
>
> clicking on zone edit Breadcrumb redirect to 404 page not found



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2379) Support for associating a tag service with security zone and relevant authorization logic

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2379?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2379:
-
Fix Version/s: (was: master)
   2.0.0

> Support for associating a tag service with security zone and relevant 
> authorization logic 
> --
>
> Key: RANGER-2379
> URL: https://issues.apache.org/jira/browse/RANGER-2379
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: master
>Reporter: Abhay Kulkarni
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 2.0.0
>
>
> Currently, tag service is associated with a security zone if and only if any 
> service-resource (that is, a tuple  ) in the 
> Security Zone is contained in resource-service that is associated with the 
> tag service. However, consider the following use case:
> 1) No zone exists. Tag-based policies are in-place, say for PII, EXPIRES_ON, 
> etc.
> 2) Few tables in finance DB were tagged with EXPIRES_ON; few columns within 
> this DB were tagged with PII. So tag-based access enforcement/masking 
> policies are in effect for these objects.
> 3) An admin creates 'Finance' zone and moves 'finance' DB to this zone.
> 4) All tag-based policy enforcement is lost; as there is no tag-based policy 
> in 'finance' zone, as the policies still belong to “unzoned” zone. 
> Given this, it is a better design to not automatically create 
> tag-service->zone association. Instead, the association between 
> zone->tag-service needs to supported directly similar to how 
> zone->resource-service association is established, with one difference; when 
> a tag service is associated with a Security Zone, user should not be able to 
> include any resource (tag-name, to be specific). This requires GUI changes 
> for Security Zone CRUD, but no other changes, especially to tag service 
> browser as well as tag policy creation.
> On the access evaluation perspective, if accessed resource falls in a 
> Security Zone, then there are two cases:
> 1) Tag-service associated with the Resource-service is in the Security Zone.
>  2) Tag-service associated with the Resource-service is not in the Security 
> Zone.
> Tag policies in associated Tag-service in the default ("unzoned") Security 
> Zone need to be considered for evaluation in case 2.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2359) Show zone association with tag based service.

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2359?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2359:
-
Fix Version/s: (was: master)
   2.0.0

> Show zone association with tag based service.
> -
>
> Key: RANGER-2359
> URL: https://issues.apache.org/jira/browse/RANGER-2359
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Nitin Galave
>Assignee: Nitin Galave
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: 
> 0001-RANGER-2359-Show-zone-association-with-tag-based-ser.patch
>
>
> Show zone association with tag-based service.
> Under Tag Based Policies Menu - there is no zone related information that are 
> associated with tag-based service.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2355) Reports page: policy listing to have column of Zone name

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2355?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2355:
-
Fix Version/s: (was: master)
   2.0.0

> Reports page: policy listing to have column of Zone name
> 
>
> Key: RANGER-2355
> URL: https://issues.apache.org/jira/browse/RANGER-2355
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Nitin Galave
>Assignee: Nitin Galave
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: RANGER-2355.patch
>
>
> As Security zone feature has been added. Add Zone name column in policy 
> listing for Reports page.
> Also add a filter to search policies for a Zone.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2371) Security Zone policies do not work correctly when incremental policy updates are enabled

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2371?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2371:
-
Fix Version/s: (was: master)
   2.0.0

> Security Zone policies do not work correctly when incremental policy updates 
> are enabled
> 
>
> Key: RANGER-2371
> URL: https://issues.apache.org/jira/browse/RANGER-2371
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: master
>Reporter: Abhay Kulkarni
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 2.0.0
>
>
> 1. When a zone policy is changed, the plugin doesn’t refresh policies.
> 2. When a unzoned policy changes, the plugin downloaded the policies – but 
> all zone information is lost (authz didn’t honor zone policies and I checked 
> the cached file as well)



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2375) RangerAuthContext is not correctly initialized

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2375?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2375:
-
Fix Version/s: (was: master)

> RangerAuthContext is not correctly initialized
> --
>
> Key: RANGER-2375
> URL: https://issues.apache.org/jira/browse/RANGER-2375
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: master
>Reporter: Abhay Kulkarni
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 2.0.0
>
>
> RangerAuthContext object may be used to provide consistent view of 
> authorization policies database across multiple authorization API calls. It 
> maintains a list of context enrichers, if defined, to provide context 
> enrichment for access requests. When this list is not maintained correctly, 
> context for authorization will not be initialized correctly, and 
> authorization calls made with RangerAuthContext will fail.
> This seems to a regression introduced by 
> [RANGER-2341|https://issues.apache.org/jira/browse/RANGER-2341].



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2357) Improvement on getServices API

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2357?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2357:
-
Fix Version/s: (was: master)
   2.0.0

> Improvement on getServices API
> --
>
> Key: RANGER-2357
> URL: https://issues.apache.org/jira/browse/RANGER-2357
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: master
>Reporter: Nikhil Purbhe
>Assignee: Nikhil Purbhe
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: RANGER-2357.patch
>
>
> Ranger user should be able to get plugin services based on its associated tag 
> service.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2383) Incorrect response when trying to delete user attached to a security zone

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2383?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2383:
-
Fix Version/s: (was: master)
   2.0.0

> Incorrect response when trying to delete user attached to a security zone
> -
>
> Key: RANGER-2383
> URL: https://issues.apache.org/jira/browse/RANGER-2383
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: master
>Reporter: suja s
>Assignee: Nikhil Purbhe
>Priority: Major
> Fix For: 2.0.0
>
>
> Scenario:
> Create a test user (user role is USER)
> Create a security zone with the above user as admin user
> Try to delete the user
> Delete operation fails, but there is no reason for the failure, api response 
> gives a 404 error
> The same occurs if that user is tagged as auditor for security zone
> The scenario is applicable for group also
> Expected: If user delete is not allowed, proper response indicating the 
> reason for failure should be displayed
> Note: This behaviour is different from user assigned as delegated admin for a 
> policy, even if a user is delegated admin for a policy, user delete is 
> successful
> {noformat}
> Request URL: 
> http://:/service/xusers/secure/users/id/?forceDelete=true
> Request Method: DELETE
> Status Code: 404 Not Found
> {noformat}



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2382) Improvement to Access Audit page-Add ‘agentHostname’ column to audit log table, which records IP-address/hostname of the plugin

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2382?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2382:
-
Fix Version/s: (was: master)
   2.0.0

> Improvement to Access Audit page-Add ‘agentHostname’ column to audit log 
> table, which records IP-address/hostname of the plugin
> ---
>
> Key: RANGER-2382
> URL: https://issues.apache.org/jira/browse/RANGER-2382
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: master
>Reporter: Nikhil Purbhe
>Assignee: Nikhil Purbhe
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: 
> 0001-RANGER-2382-Improvement-to-Access-Audit-page-Add-agentHostname-c.patch, 
> RANGER-2382_4.patch
>
>
> In Audit Page
>  * Access tab:
>  ** Add ‘agentHostname’ column to audit log table, which records 
> IP-address/hostname of the plugin. Having this field in audit UI can avoid 
> having to scan all the hosts.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2384) Get All Zones API is returning response in raw format,proper response object is required.

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2384?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2384:
-
Fix Version/s: (was: master)
   2.0.0

> Get All Zones API is returning response in raw format,proper response object 
> is required.
> -
>
> Key: RANGER-2384
> URL: https://issues.apache.org/jira/browse/RANGER-2384
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Nitin Galave
>Assignee: Nikhil Purbhe
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: RANGER-2384.patch
>
>
> Get All Zones API is returning response in raw format,proper response object 
> is required.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2385) Improvement to Audit page -> Plugin status tab

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2385?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2385:
-
Fix Version/s: (was: master)
   2.0.0

> Improvement to Audit page -> Plugin status tab
> --
>
> Key: RANGER-2385
> URL: https://issues.apache.org/jira/browse/RANGER-2385
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Nitin Galave
>Assignee: Nitin Galave
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: 
> 0001-RANGER-2385-Improvement-to-Audit-page-Plugin-status-.patch, 
> RANGER-2385.patch
>
>
> Plugin Status Tab:
>  * Add sorting to Active/Download TIme column
> This will help quickly compare the hosts and pick the ones having stale 
> policies.
> Also, the labels ‘Active’, ‘Download’, ‘Last Update’ need help to interpret; 
> consider rewording them and/or add tool tips with a short description.
>  * It should render the number of entries displayed in the results. This can 
> help identify servers that haven’t downloaded policies yet.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2128) Implement SparkSQL plugin

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2128?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2128:
-
Fix Version/s: (was: 2.0.0)

> Implement SparkSQL plugin
> -
>
> Key: RANGER-2128
> URL: https://issues.apache.org/jira/browse/RANGER-2128
> Project: Ranger
>  Issue Type: New Feature
>  Components: plugins, Ranger
>Affects Versions: 1.1.0
>Reporter: t oo
>Assignee: Kent Yao
>Priority: Major
> Attachments: support_ranger11.tgz
>
>  Time Spent: 40m
>  Remaining Estimate: 0h
>
> Implement SparkSQL plugin



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2312) Internal users should have permission to modify their personal information in User Profile page.

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2312:
-
Fix Version/s: (was: 2.0.0)

> Internal users should have permission to modify their personal information in 
> User Profile page.
> 
>
> Key: RANGER-2312
> URL: https://issues.apache.org/jira/browse/RANGER-2312
> Project: Ranger
>  Issue Type: Bug
>  Components: admin
>Affects Versions: master
>Reporter: Qiang Zhang
>Assignee: Qiang Zhang
>Priority: Minor
>  Labels: patch
> Attachments: 
> 0001-RANGER-2312-Internal-users-should-have-permission-to.patch
>
>
> Auditor role users cannot modify their personal user profile.
> User role and KMSAuditor role users have the same problem.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Commented] (RANGER-2509) Add validation message for Importing non JSON file on import action.

[Nitin Galave (JIRA)]

[ 
https://issues.apache.org/jira/browse/RANGER-2509?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=1663#comment-1663
 ] 

Nitin Galave commented on RANGER-2509:
--

Committed to apache 
[master|*[https://github.com/apache/ranger/commit/1aa4a4b15f1474f6beee72fb6ba7ac178eddc34d]*]
 branch.

> Add validation message for Importing non JSON file on import action.
> 
>
> Key: RANGER-2509
> URL: https://issues.apache.org/jira/browse/RANGER-2509
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Nitin Galave
>Assignee: Nitin Galave
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: 0001-RANGER-2509.patch
>
>
> Step to reproduce :
> 1. Goto Service Manager Page, Click on "import" button.
> 2. Select Import file format other than JSON.
> Expected result :
> 1. Show validation message 'Please select json file'.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (RANGER-2509) Add validation message for Importing non JSON file on import action.

[Velmurugan Periasamy (JIRA)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2509?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2509:
-
Fix Version/s: 2.0.0

> Add validation message for Importing non JSON file on import action.
> 
>
> Key: RANGER-2509
> URL: https://issues.apache.org/jira/browse/RANGER-2509
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Nitin Galave
>Assignee: Nitin Galave
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: 0001-RANGER-2509.patch
>
>
> Step to reproduce :
> 1. Goto Service Manager Page, Click on "import" button.
> 2. Select Import file format other than JSON.
> Expected result :
> 1. Show validation message 'Please select json file'.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

Re: Review Request 71116: RANGER-2509 : Add validation message for Importing non JSON file on import action.

[Velmurugan Periasamy]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71116/#review216763
---


Ship it!




Ship It!

- Velmurugan Periasamy


On July 18, 2019, 1:59 p.m., Nitin Galave wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/71116/
> ---
> 
> (Updated July 18, 2019, 1:59 p.m.)
> 
> 
> Review request for ranger, Gautam Borad, Mehul Parikh, Pradeep Agrawal, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2509
> https://issues.apache.org/jira/browse/RANGER-2509
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Step to reproduce :
> 
> 1. Goto Service Manager Page, Click on "import" button.
> 2. Select Import file format other than JSON.
> 
> Expected result :
> 1. Show validation message 'Please select json file'.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/webapp/scripts/views/UploadServicePolicy.js 7371c2b 
>   
> security-admin/src/main/webapp/templates/common/uploadservicepolicy_tmpl.html 
> 1e4621a 
> 
> 
> Diff: https://reviews.apache.org/r/71116/diff/1/
> 
> 
> Testing
> ---
> 
> Tested with different file formats.
> 
> 
> Thanks,
> 
> Nitin Galave
> 
>

Re: Review Request 71116: RANGER-2509 : Add validation message for Importing non JSON file on import action.

[Mehul Parikh]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71116/#review216762
---


Ship it!




Ship It!

- Mehul Parikh


On July 18, 2019, 1:59 p.m., Nitin Galave wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/71116/
> ---
> 
> (Updated July 18, 2019, 1:59 p.m.)
> 
> 
> Review request for ranger, Gautam Borad, Mehul Parikh, Pradeep Agrawal, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2509
> https://issues.apache.org/jira/browse/RANGER-2509
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Step to reproduce :
> 
> 1. Goto Service Manager Page, Click on "import" button.
> 2. Select Import file format other than JSON.
> 
> Expected result :
> 1. Show validation message 'Please select json file'.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/webapp/scripts/views/UploadServicePolicy.js 7371c2b 
>   
> security-admin/src/main/webapp/templates/common/uploadservicepolicy_tmpl.html 
> 1e4621a 
> 
> 
> Diff: https://reviews.apache.org/r/71116/diff/1/
> 
> 
> Testing
> ---
> 
> Tested with different file formats.
> 
> 
> Thanks,
> 
> Nitin Galave
> 
>