[ranger] branch master updated: RANGER-2516 : addednum change
This is an automated email from the ASF dual-hosted git repository. nikhil pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/ranger.git The following commit(s) were added to refs/heads/master by this push: new 9fec38f RANGER-2516 : addednum change 9fec38f is described below commit 9fec38f6b77648268c5473aada56c2c1a2c7d08a Author: Nikhil P AuthorDate: Thu Aug 1 11:10:30 2019 +0530 RANGER-2516 : addednum change --- .../main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java b/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java index 501a6b5..77a626e 100644 --- a/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java +++ b/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java @@ -71,7 +71,7 @@ public class RangerServiceAtlas extends RangerBaseService { public static final String RESOURCE_END_TWO_ENTITY_TYPE = "end-two-entity-type"; public static final String RESOURCE_END_TWO_ENTITY_CLASSIFICATION = "end-two-entity-classification"; public static final String RESOURCE_END_TWO_ENTITY_ID = "end-two-entity"; - public static final String SEARCH_FEATURE_POLICY_NAME = " Allow users to manage favorite searches"; + public static final String SEARCH_FEATURE_POLICY_NAME = "Allow users to manage favorite searches"; public static final String ACCESS_TYPE_ENTITY_READ = "entity-read"; public static final String ACCESS_TYPE_ENTITY_CREATE = "entity-create";
[ranger] branch master updated: RANGER-2523 : Ranger Admin debug config improvement
This is an automated email from the ASF dual-hosted git repository. pradeep pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/ranger.git The following commit(s) were added to refs/heads/master by this push: new 147c28c RANGER-2523 : Ranger Admin debug config improvement 147c28c is described below commit 147c28c11896edfd8e52ce275b28ede6204ac695 Author: Nikhil P AuthorDate: Wed Jul 31 16:37:45 2019 +0530 RANGER-2523 : Ranger Admin debug config improvement Signed-off-by: Pradeep --- embeddedwebserver/scripts/ranger-admin-services.sh | 2 +- security-admin/src/main/webapp/WEB-INF/web.xml | 4 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/embeddedwebserver/scripts/ranger-admin-services.sh b/embeddedwebserver/scripts/ranger-admin-services.sh index 8f148a7..0bc06e1 100755 --- a/embeddedwebserver/scripts/ranger-admin-services.sh +++ b/embeddedwebserver/scripts/ranger-admin-services.sh @@ -85,7 +85,7 @@ fi SERVER_NAME=rangeradmin start() { SLEEP_TIME_AFTER_START=5 - nohup java -Dproc_rangeradmin ${JAVA_OPTS} -Duser=${USER} -Dhostname=${HOSTNAME} ${DB_SSL_PARAM} -Dservername=${SERVER_NAME} -Dlogdir=${RANGER_ADMIN_LOG_DIR} -Dcatalina.base=${XAPOLICYMGR_EWS_DIR} -cp "${XAPOLICYMGR_EWS_DIR}/webapp/WEB-INF/classes/conf:${XAPOLICYMGR_EWS_DIR}/lib/*:${RANGER_JAAS_LIB_DIR}/*:${RANGER_JAAS_CONF_DIR}:${JAVA_HOME}/lib/*:${RANGER_HADOOP_CONF_DIR}/*:$CLASSPATH" org.apache.ranger.server.tomcat.EmbeddedServer > ${RANGER_ADMIN_LOG_DIR}/catalina.out 2>&1 & + nohup java -Dproc_rangeradmin ${JAVA_OPTS} -Dlog4j.configuration=file:${XAPOLICYMGR_EWS_DIR}/webapp/WEB-INF/log4j.properties -Duser=${USER} -Dhostname=${HOSTNAME} ${DB_SSL_PARAM} -Dservername=${SERVER_NAME} -Dlogdir=${RANGER_ADMIN_LOG_DIR} -Dcatalina.base=${XAPOLICYMGR_EWS_DIR} -cp "${XAPOLICYMGR_EWS_DIR}/webapp/WEB-INF/classes/conf:${XAPOLICYMGR_EWS_DIR}/lib/*:${RANGER_JAAS_LIB_DIR}/*:${RANGER_JAAS_CONF_DIR}:${JAVA_HOME}/lib/*:${RANGER_HADOOP_CONF_DIR}/*:$CLASSPATH" org.apache.ranger [...] VALUE_OF_PID=$! echo "Starting Apache Ranger Admin Service" sleep $SLEEP_TIME_AFTER_START diff --git a/security-admin/src/main/webapp/WEB-INF/web.xml b/security-admin/src/main/webapp/WEB-INF/web.xml index 806a066..c788268 100644 --- a/security-admin/src/main/webapp/WEB-INF/web.xml +++ b/security-admin/src/main/webapp/WEB-INF/web.xml @@ -27,10 +27,6 @@ WEB-INF/classes/conf/security-applicationContext.xml META-INF/scheduler-applicationContext.xml - -log4jConfigLocation -/WEB-INF/log4j.properties - org.springframework.web.util.Log4jConfigListener
[ranger] branch ranger-2.0 updated: RANGER-2518: RANGER-2518: Allow service creator to delete the service
This is an automated email from the ASF dual-hosted git repository. abhay pushed a commit to branch ranger-2.0 in repository https://gitbox.apache.org/repos/asf/ranger.git The following commit(s) were added to refs/heads/ranger-2.0 by this push: new 06b4659 RANGER-2518: RANGER-2518: Allow service creator to delete the service 06b4659 is described below commit 06b46597108132316ccfc9bf4af0805454e26aec Author: Pradeep AuthorDate: Wed Jul 31 15:37:49 2019 -0700 RANGER-2518: RANGER-2518: Allow service creator to delete the service --- .../java/org/apache/ranger/biz/RangerBizUtil.java | 9 ++- .../java/org/apache/ranger/biz/ServiceDBStore.java | 2 +- .../java/org/apache/ranger/rest/ServiceREST.java | 64 -- .../apache/ranger/service/XResourceService.java| 2 +- .../ranger/service/XUgsyncAuditInfoService.java| 2 +- .../org/apache/ranger/rest/TestServiceREST.java| 12 6 files changed, 58 insertions(+), 33 deletions(-) diff --git a/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java b/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java index 0ad7df2..d49ea98 100644 --- a/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java @@ -1339,13 +1339,17 @@ public class RangerBizUtil { if (!session.isKeyAdmin() && !session.isUserAdmin()) { throw restErrorUtil.createRESTException( - "User is not allowed to update service-def, only Admin can create/update/delete " + objType, + "This user is not allowed this operation. Only users with Admin permission have access to this operation " + objType, MessageEnums.OPER_NO_PERMISSION); } } public void hasKMSPermissions(String objType, String implClassName) { UserSessionBase session = ContextUtil.getCurrentUserSession(); + if (session == null) { + throw restErrorUtil.createRESTException("UserSession cannot be null, only KeyAdmin can create/update/delete " + + objType, MessageEnums.OPER_NO_PERMISSION); + } if (session.isKeyAdmin() && !EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME.equals(implClassName)) { throw restErrorUtil.createRESTException("KeyAdmin can create/update/delete only KMS " + objType, @@ -1461,6 +1465,9 @@ public class RangerBizUtil { public boolean hasModuleAccess(String moduleName) { UserSessionBase currentUserSession = ContextUtil.getCurrentUserSession(); + if(currentUserSession == null) { + return false; + } if(!currentUserSession.isUserAdmin() && !currentUserSession.isAuditUserAdmin()) { if(!currentUserSession.getRangerUserPermission().getUserPermissions().contains(moduleName)) { return false; diff --git a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java index 8420233..ef22354 100644 --- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java @@ -3981,7 +3981,7 @@ public class ServiceDBStore extends AbstractServiceStore { public void putMetaDataInfo(RangerExportPolicyList rangerExportPolicyList){ Map metaDataInfo = new LinkedHashMap(); UserSessionBase usb = ContextUtil.getCurrentUserSession(); - String userId = usb.getLoginId(); + String userId = usb!=null ? usb.getLoginId() : null; metaDataInfo.put(HOSTNAME, LOCAL_HOSTNAME); metaDataInfo.put(USER_NAME, userId); diff --git a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java index b06273c..348d072 100644 --- a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java +++ b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java @@ -798,40 +798,46 @@ public class ServiceREST { } RangerServiceValidator validator = validatorFactory.getServiceValidator(svcStore); validator.validate(id, Action.DELETE); - - bizUtil.hasAdminPermissions("Services"); - - // TODO: As of now we are allowing SYS_ADMIN to create all the - // services including KMS - - XXService service = daoManager.getXXService().getById(id); - if (service != null) { -
[ranger] branch master updated: RANGER-2518: RANGER-2518: Allow service creator to delete the service
This is an automated email from the ASF dual-hosted git repository. abhay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/ranger.git The following commit(s) were added to refs/heads/master by this push: new 399cf81 RANGER-2518: RANGER-2518: Allow service creator to delete the service 399cf81 is described below commit 399cf813cafb09d1ae54cb7cfa61044167f8805c Author: Pradeep AuthorDate: Wed Jul 31 15:37:49 2019 -0700 RANGER-2518: RANGER-2518: Allow service creator to delete the service --- .../java/org/apache/ranger/biz/RangerBizUtil.java | 9 ++- .../java/org/apache/ranger/biz/ServiceDBStore.java | 2 +- .../java/org/apache/ranger/rest/ServiceREST.java | 64 -- .../apache/ranger/service/XResourceService.java| 2 +- .../ranger/service/XUgsyncAuditInfoService.java| 2 +- .../org/apache/ranger/rest/TestServiceREST.java| 12 6 files changed, 58 insertions(+), 33 deletions(-) diff --git a/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java b/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java index 0ad7df2..d49ea98 100644 --- a/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java @@ -1339,13 +1339,17 @@ public class RangerBizUtil { if (!session.isKeyAdmin() && !session.isUserAdmin()) { throw restErrorUtil.createRESTException( - "User is not allowed to update service-def, only Admin can create/update/delete " + objType, + "This user is not allowed this operation. Only users with Admin permission have access to this operation " + objType, MessageEnums.OPER_NO_PERMISSION); } } public void hasKMSPermissions(String objType, String implClassName) { UserSessionBase session = ContextUtil.getCurrentUserSession(); + if (session == null) { + throw restErrorUtil.createRESTException("UserSession cannot be null, only KeyAdmin can create/update/delete " + + objType, MessageEnums.OPER_NO_PERMISSION); + } if (session.isKeyAdmin() && !EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME.equals(implClassName)) { throw restErrorUtil.createRESTException("KeyAdmin can create/update/delete only KMS " + objType, @@ -1461,6 +1465,9 @@ public class RangerBizUtil { public boolean hasModuleAccess(String moduleName) { UserSessionBase currentUserSession = ContextUtil.getCurrentUserSession(); + if(currentUserSession == null) { + return false; + } if(!currentUserSession.isUserAdmin() && !currentUserSession.isAuditUserAdmin()) { if(!currentUserSession.getRangerUserPermission().getUserPermissions().contains(moduleName)) { return false; diff --git a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java index 8420233..ef22354 100644 --- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java @@ -3981,7 +3981,7 @@ public class ServiceDBStore extends AbstractServiceStore { public void putMetaDataInfo(RangerExportPolicyList rangerExportPolicyList){ Map metaDataInfo = new LinkedHashMap(); UserSessionBase usb = ContextUtil.getCurrentUserSession(); - String userId = usb.getLoginId(); + String userId = usb!=null ? usb.getLoginId() : null; metaDataInfo.put(HOSTNAME, LOCAL_HOSTNAME); metaDataInfo.put(USER_NAME, userId); diff --git a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java index b06273c..348d072 100644 --- a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java +++ b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java @@ -798,40 +798,46 @@ public class ServiceREST { } RangerServiceValidator validator = validatorFactory.getServiceValidator(svcStore); validator.validate(id, Action.DELETE); - - bizUtil.hasAdminPermissions("Services"); - - // TODO: As of now we are allowing SYS_ADMIN to create all the - // services including KMS - - XXService service = daoManager.getXXService().getById(id); - if (service != null) { -
[ranger] branch master updated: RANGER-2452: Updated version to 2.1.0-SNAPSHOT in master branch
This is an automated email from the ASF dual-hosted git repository. vel pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/ranger.git The following commit(s) were added to refs/heads/master by this push: new fa58e98 RANGER-2452: Updated version to 2.1.0-SNAPSHOT in master branch fa58e98 is described below commit fa58e9878c4e1bcfa48d6532dec9d47306c199cc Author: Velmurugan Periasamy AuthorDate: Wed Jul 31 13:25:49 2019 -0400 RANGER-2452: Updated version to 2.1.0-SNAPSHOT in master branch --- agents-audit/pom.xml | 2 +- agents-common/pom.xml | 2 +- agents-cred/pom.xml| 2 +- agents-installer/pom.xml | 2 +- credentialbuilder/pom.xml | 2 +- embeddedwebserver/pom.xml | 2 +- hbase-agent/pom.xml| 2 +- hdfs-agent/pom.xml | 2 +- hive-agent/pom.xml | 2 +- jisql/pom.xml | 2 +- kms/pom.xml| 2 +- knox-agent/pom.xml | 2 +- plugin-atlas/pom.xml | 2 +- plugin-elasticsearch/pom.xml | 2 +- plugin-kafka/pom.xml | 2 +- plugin-kms/pom.xml | 2 +- plugin-kylin/pom.xml | 2 +- plugin-nifi-registry/pom.xml | 2 +- plugin-nifi/pom.xml| 2 +- plugin-ozone/pom.xml | 2 +- plugin-presto/pom.xml | 2 +- plugin-solr/pom.xml| 2 +- plugin-sqoop/pom.xml | 2 +- plugin-yarn/pom.xml| 2 +- pom.xml| 2 +- ranger-atlas-plugin-shim/pom.xml | 2 +- ranger-elasticsearch-plugin-shim/pom.xml | 2 +- ranger-examples/conditions-enrichers/pom.xml | 2 +- ranger-examples/plugin-sampleapp/pom.xml | 2 +- ranger-examples/pom.xml| 2 +- ranger-examples/sampleapp/pom.xml | 2 +- ranger-hbase-plugin-shim/pom.xml | 2 +- ranger-hdfs-plugin-shim/pom.xml| 2 +- ranger-hive-plugin-shim/pom.xml| 2 +- ranger-kafka-plugin-shim/pom.xml | 2 +- ranger-kms-plugin-shim/pom.xml | 2 +- ranger-knox-plugin-shim/pom.xml| 2 +- ranger-kylin-plugin-shim/pom.xml | 2 +- ranger-ozone-plugin-shim/pom.xml | 2 +- ranger-plugin-classloader/pom.xml | 2 +- ranger-presto-plugin-shim/pom.xml | 2 +- ranger-solr-plugin-shim/pom.xml| 2 +- ranger-sqoop-plugin-shim/pom.xml | 2 +- ranger-storm-plugin-shim/pom.xml | 2 +- ranger-tools/pom.xml | 2 +- ranger-util/pom.xml| 2 +- ranger-yarn-plugin-shim/pom.xml| 2 +- security-admin/pom.xml | 2 +- storm-agent/pom.xml| 2 +- tagsync/pom.xml| 2 +- ugsync/ldapconfigchecktool/ldapconfigcheck/pom.xml | 2 +- ugsync/pom.xml | 2 +- unixauthclient/pom.xml | 2 +- unixauthnative/pom.xml | 2 +- unixauthpam/pom.xml| 2 +- unixauthservice/pom.xml| 2 +- 56 files changed, 56 insertions(+), 56 deletions(-) diff --git a/agents-audit/pom.xml b/agents-audit/pom.xml index 4aaec09..8ac1edf 100644 --- a/agents-audit/pom.xml +++ b/agents-audit/pom.xml @@ -27,7 +27,7 @@ org.apache.ranger ranger -2.0.0-SNAPSHOT +2.1.0-SNAPSHOT .. diff --git a/agents-common/pom.xml b/agents-common/pom.xml index 27be45f..c78dc5f 100644 --- a/agents-common/pom.xml +++ b/agents-common/pom.xml @@ -39,7 +39,7 @@ org.apache.ranger ranger -2.0.0-SNAPSHOT +2.1.0-SNAPSHOT .. diff --git a/agents-cred/pom.xml b/agents-cred/pom.xml index c622683..cd1b8f3 100644 --- a/agents-cred/pom.xml +++ b/agents-cred/pom.xml @@ -27,7 +27,7 @@ org.apache.ranger ranger -2.0.0-SNAPSHOT +2.1.0-SNAPSHOT .. diff --git a/agents-installer/pom.xml b/agents-installer/pom.xml index 20902cb..cbda5dd 100644 --- a/agents-installer/pom.xml +++ b/agents-installer/pom.xml @@ -24,7 +24,7 @@ org.apache.ranger ranger -2.0.0-SNAPSHOT +
[ranger] branch ranger-2.0 updated: RANGER-2452: Updating version to 2.0.0
This is an automated email from the ASF dual-hosted git repository. vel pushed a commit to branch ranger-2.0 in repository https://gitbox.apache.org/repos/asf/ranger.git The following commit(s) were added to refs/heads/ranger-2.0 by this push: new 89c5ac6 RANGER-2452: Updating version to 2.0.0 89c5ac6 is described below commit 89c5ac6b48b9f4adf68e90b116906932667512fd Author: Velmurugan Periasamy AuthorDate: Wed Jul 31 13:21:20 2019 -0400 RANGER-2452: Updating version to 2.0.0 --- agents-audit/pom.xml | 2 +- agents-common/pom.xml | 2 +- agents-cred/pom.xml| 2 +- agents-installer/pom.xml | 2 +- credentialbuilder/pom.xml | 2 +- embeddedwebserver/pom.xml | 2 +- hbase-agent/pom.xml| 2 +- hdfs-agent/pom.xml | 2 +- hive-agent/pom.xml | 2 +- jisql/pom.xml | 2 +- kms/pom.xml| 2 +- knox-agent/pom.xml | 2 +- plugin-atlas/pom.xml | 2 +- plugin-elasticsearch/pom.xml | 2 +- plugin-kafka/pom.xml | 2 +- plugin-kms/pom.xml | 2 +- plugin-kylin/pom.xml | 2 +- plugin-nifi-registry/pom.xml | 2 +- plugin-nifi/pom.xml| 2 +- plugin-ozone/pom.xml | 2 +- plugin-presto/pom.xml | 2 +- plugin-solr/pom.xml| 2 +- plugin-sqoop/pom.xml | 2 +- plugin-yarn/pom.xml| 2 +- pom.xml| 2 +- ranger-atlas-plugin-shim/pom.xml | 2 +- ranger-elasticsearch-plugin-shim/pom.xml | 2 +- ranger-examples/conditions-enrichers/pom.xml | 2 +- ranger-examples/plugin-sampleapp/pom.xml | 2 +- ranger-examples/pom.xml| 2 +- ranger-examples/sampleapp/pom.xml | 2 +- ranger-hbase-plugin-shim/pom.xml | 2 +- ranger-hdfs-plugin-shim/pom.xml| 2 +- ranger-hive-plugin-shim/pom.xml| 2 +- ranger-kafka-plugin-shim/pom.xml | 2 +- ranger-kms-plugin-shim/pom.xml | 2 +- ranger-knox-plugin-shim/pom.xml| 2 +- ranger-kylin-plugin-shim/pom.xml | 2 +- ranger-ozone-plugin-shim/pom.xml | 2 +- ranger-plugin-classloader/pom.xml | 2 +- ranger-presto-plugin-shim/pom.xml | 2 +- ranger-solr-plugin-shim/pom.xml| 2 +- ranger-sqoop-plugin-shim/pom.xml | 2 +- ranger-storm-plugin-shim/pom.xml | 2 +- ranger-tools/pom.xml | 2 +- ranger-util/pom.xml| 2 +- ranger-yarn-plugin-shim/pom.xml| 2 +- security-admin/pom.xml | 2 +- storm-agent/pom.xml| 2 +- tagsync/pom.xml| 2 +- ugsync/ldapconfigchecktool/ldapconfigcheck/pom.xml | 2 +- ugsync/pom.xml | 2 +- unixauthclient/pom.xml | 2 +- unixauthnative/pom.xml | 2 +- unixauthpam/pom.xml| 2 +- unixauthservice/pom.xml| 2 +- 56 files changed, 56 insertions(+), 56 deletions(-) diff --git a/agents-audit/pom.xml b/agents-audit/pom.xml index 4aaec09..866b29c 100644 --- a/agents-audit/pom.xml +++ b/agents-audit/pom.xml @@ -27,7 +27,7 @@ org.apache.ranger ranger -2.0.0-SNAPSHOT +2.0.0 .. diff --git a/agents-common/pom.xml b/agents-common/pom.xml index 27be45f..13c16f5 100644 --- a/agents-common/pom.xml +++ b/agents-common/pom.xml @@ -39,7 +39,7 @@ org.apache.ranger ranger -2.0.0-SNAPSHOT +2.0.0 .. diff --git a/agents-cred/pom.xml b/agents-cred/pom.xml index c622683..df260ac 100644 --- a/agents-cred/pom.xml +++ b/agents-cred/pom.xml @@ -27,7 +27,7 @@ org.apache.ranger ranger -2.0.0-SNAPSHOT +2.0.0 .. diff --git a/agents-installer/pom.xml b/agents-installer/pom.xml index 20902cb..eaa3ceb 100644 --- a/agents-installer/pom.xml +++ b/agents-installer/pom.xml @@ -24,7 +24,7 @@ org.apache.ranger ranger -2.0.0-SNAPSHOT +2.0.0 .. diff --git a/credentialbuilder/pom.xml b
[ranger] branch ranger-2.0 created (now 0ffdf13)
This is an automated email from the ASF dual-hosted git repository. vel pushed a change to branch ranger-2.0 in repository https://gitbox.apache.org/repos/asf/ranger.git. at 0ffdf13 RANGER-2406 : rangerusersync open too many session for ldap sync No new revisions were added by this update.