date:20210817

[ranger] branch ranger-2.2 updated (9c69c0b -> bc42f47)

2021-08-17 Thread mehul

This is an automated email from the ASF dual-hosted git repository.

mehul pushed a change to branch ranger-2.2
in repository https://gitbox.apache.org/repos/asf/ranger.git.


from 9c69c0b  RANGER-3371: Update algorithm to build Ranger policy-database 
object from Ranger policy-view object
 add bc42f47  RANGER-3361 : Improve error message while deleting users and 
groups associated with role

No new revisions were added by this update.

Summary of changes:
 .../main/java/org/apache/ranger/biz/XUserMgr.java  | 64 +-
 .../java/org/apache/ranger/biz/TestXUserMgr.java   | 20 +++
 2 files changed, 70 insertions(+), 14 deletions(-)

[ranger] branch ranger-2.2 updated: RANGER-3371: Update algorithm to build Ranger policy-database object from Ranger policy-view object

2021-08-17 Thread abhay

This is an automated email from the ASF dual-hosted git repository.

abhay pushed a commit to branch ranger-2.2
in repository https://gitbox.apache.org/repos/asf/ranger.git


The following commit(s) were added to refs/heads/ranger-2.2 by this push:
 new 9c69c0b  RANGER-3371: Update algorithm to build Ranger policy-database 
object from Ranger policy-view object
9c69c0b is described below

commit 9c69c0b25812ef977bb5d351ed312437ca3e53cd
Author: Abhay Kulkarni 
AuthorDate: Tue Aug 17 10:51:26 2021 -0700

RANGER-3371: Update algorithm to build Ranger policy-database object from 
Ranger policy-view object
---
 .../ranger/plugin/util/RangerPolicyDeltaUtil.java  |  2 +-
 .../java/org/apache/ranger/biz/ServiceDBStore.java | 61 +++---
 .../ranger/common/RangerServicePoliciesCache.java  |  6 +--
 .../RangerTransactionSynchronizationAdapter.java   | 27 +++---
 .../org/apache/ranger/db/XXPolicyChangeLogDao.java | 15 +++---
 .../ranger/service/RangerPolicyServiceBase.java| 28 +++---
 6 files changed, 94 insertions(+), 45 deletions(-)

diff --git 
a/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerPolicyDeltaUtil.java
 
b/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerPolicyDeltaUtil.java
index f040a66..42143d0 100644
--- 
a/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerPolicyDeltaUtil.java
+++ 
b/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerPolicyDeltaUtil.java
@@ -90,7 +90,7 @@ public class RangerPolicyDeltaUtil {
 
 while (iter.hasNext()) {
 RangerPolicy policy = iter.next();
-if (policyId.equals(policy.getId())) {
+if (policyId.equals(policy.getId()) && changeType 
== RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE) {
 deletedPolicies.add(policy);
 iter.remove();
 }
diff --git 
a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 
b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
index c5add3a..b9a926b 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
@@ -1401,7 +1401,7 @@ public class ServiceDBStore extends AbstractServiceStore {
}
 
if (LOG.isDebugEnabled()) {
-   LOG.debug("== ServiceDBStore.getServiceDefByName(" + 
name + "): " + ret);
+   LOG.debug("== ServiceDBStore.getServiceDefByName(" + 
name + "): " );
}
 
return  ret;
@@ -3139,7 +3139,7 @@ public class ServiceDBStore extends AbstractServiceStore {
 
boolean isValid;
 
-   resourcePolicyDeltas = 
daoMgr.getXXPolicyChangeLog().findLaterThan(policyService, lastKnownVersion, 
service.getId());
+   resourcePolicyDeltas = 
daoMgr.getXXPolicyChangeLog().findLaterThan(lastKnownVersion, service.getId());
if (CollectionUtils.isNotEmpty(resourcePolicyDeltas)) {
isValid = 
RangerPolicyDeltaUtil.isValidDeltas(resourcePolicyDeltas, componentServiceType);
 
@@ -3151,7 +3151,7 @@ public class ServiceDBStore extends AbstractServiceStore {
 
if (isValid && tagService != null) {
Long id = 
resourcePolicyDeltas.get(0).getId();
-   tagPolicyDeltas = 
daoMgr.getXXPolicyChangeLog().findGreaterThan(policyService, id, 
tagService.getId());
+   tagPolicyDeltas = 
daoMgr.getXXPolicyChangeLog().findGreaterThan(id, tagService.getId());
 
 
if 
(CollectionUtils.isNotEmpty(tagPolicyDeltas)) {
@@ -3542,46 +3542,53 @@ public class ServiceDBStore extends 
AbstractServiceStore {
XXServiceVersionInfo serviceVersionInfoDbObj = 
serviceVersionInfoDao.findByServiceId(id);
XXService service = daoMgr.getXXService().getById(id);
 
-   Long nextPolicyVersion = 1L;
+   Long nextVersion = 1L;
Date now = new Date();
 
if (serviceVersionInfoDbObj != null) {
if (versionType == VERSION_TYPE.POLICY_VERSION) {
-   nextPolicyVersion = 
getNextVersion(serviceVersionInfoDbObj.getPolicyVersion());
-
-   
serviceVersionInfoDbObj.setPolicyVersion(nextPolicyVersion);
+   nextVersion = 
getNextVersion(serviceVersionInfoDbObj.getPolicyVersion());
+   
serviceVersionInfoDbObj.setPolicyVersion(nextVersion);

serviceVersionInfoDbObj.setPolicyUpdateTime(now);
-   }
-   if

[ranger] branch master updated: RANGER-3371: Update algorithm to build Ranger policy-database object from Ranger policy-view object

2021-08-17 Thread abhay

This is an automated email from the ASF dual-hosted git repository.

abhay pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git


The following commit(s) were added to refs/heads/master by this push:
 new 6030613  RANGER-3371: Update algorithm to build Ranger policy-database 
object from Ranger policy-view object
6030613 is described below

commit 6030613254ae628b924b2337a59c6ddb1fba1155
Author: Abhay Kulkarni 
AuthorDate: Tue Aug 17 10:51:26 2021 -0700

RANGER-3371: Update algorithm to build Ranger policy-database object from 
Ranger policy-view object
---
 .../ranger/plugin/util/RangerPolicyDeltaUtil.java  |  2 +-
 .../java/org/apache/ranger/biz/ServiceDBStore.java | 61 +++---
 .../ranger/common/RangerServicePoliciesCache.java  |  6 +--
 .../RangerTransactionSynchronizationAdapter.java   | 27 +++---
 .../org/apache/ranger/db/XXPolicyChangeLogDao.java | 15 +++---
 .../ranger/service/RangerPolicyServiceBase.java| 28 +++---
 6 files changed, 94 insertions(+), 45 deletions(-)

diff --git 
a/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerPolicyDeltaUtil.java
 
b/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerPolicyDeltaUtil.java
index f040a66..42143d0 100644
--- 
a/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerPolicyDeltaUtil.java
+++ 
b/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerPolicyDeltaUtil.java
@@ -90,7 +90,7 @@ public class RangerPolicyDeltaUtil {
 
 while (iter.hasNext()) {
 RangerPolicy policy = iter.next();
-if (policyId.equals(policy.getId())) {
+if (policyId.equals(policy.getId()) && changeType 
== RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE) {
 deletedPolicies.add(policy);
 iter.remove();
 }
diff --git 
a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 
b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
index c5add3a..b9a926b 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
@@ -1401,7 +1401,7 @@ public class ServiceDBStore extends AbstractServiceStore {
}
 
if (LOG.isDebugEnabled()) {
-   LOG.debug("== ServiceDBStore.getServiceDefByName(" + 
name + "): " + ret);
+   LOG.debug("== ServiceDBStore.getServiceDefByName(" + 
name + "): " );
}
 
return  ret;
@@ -3139,7 +3139,7 @@ public class ServiceDBStore extends AbstractServiceStore {
 
boolean isValid;
 
-   resourcePolicyDeltas = 
daoMgr.getXXPolicyChangeLog().findLaterThan(policyService, lastKnownVersion, 
service.getId());
+   resourcePolicyDeltas = 
daoMgr.getXXPolicyChangeLog().findLaterThan(lastKnownVersion, service.getId());
if (CollectionUtils.isNotEmpty(resourcePolicyDeltas)) {
isValid = 
RangerPolicyDeltaUtil.isValidDeltas(resourcePolicyDeltas, componentServiceType);
 
@@ -3151,7 +3151,7 @@ public class ServiceDBStore extends AbstractServiceStore {
 
if (isValid && tagService != null) {
Long id = 
resourcePolicyDeltas.get(0).getId();
-   tagPolicyDeltas = 
daoMgr.getXXPolicyChangeLog().findGreaterThan(policyService, id, 
tagService.getId());
+   tagPolicyDeltas = 
daoMgr.getXXPolicyChangeLog().findGreaterThan(id, tagService.getId());
 
 
if 
(CollectionUtils.isNotEmpty(tagPolicyDeltas)) {
@@ -3542,46 +3542,53 @@ public class ServiceDBStore extends 
AbstractServiceStore {
XXServiceVersionInfo serviceVersionInfoDbObj = 
serviceVersionInfoDao.findByServiceId(id);
XXService service = daoMgr.getXXService().getById(id);
 
-   Long nextPolicyVersion = 1L;
+   Long nextVersion = 1L;
Date now = new Date();
 
if (serviceVersionInfoDbObj != null) {
if (versionType == VERSION_TYPE.POLICY_VERSION) {
-   nextPolicyVersion = 
getNextVersion(serviceVersionInfoDbObj.getPolicyVersion());
-
-   
serviceVersionInfoDbObj.setPolicyVersion(nextPolicyVersion);
+   nextVersion = 
getNextVersion(serviceVersionInfoDbObj.getPolicyVersion());
+   
serviceVersionInfoDbObj.setPolicyVersion(nextVersion);

serviceVersionInfoDbObj.setPolicyUpdateTime(now);
-   }
-   if (versionType ==

[ranger] branch master updated: RANGER-3361 : Improve error message while deleting users and groups associated with role

2021-08-17 Thread mehul

This is an automated email from the ASF dual-hosted git repository.

mehul pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git


The following commit(s) were added to refs/heads/master by this push:
 new 8f177b0  RANGER-3361 : Improve error message while deleting users and 
groups associated with role
8f177b0 is described below

commit 8f177b03b22875ba46537371136d3bd6a330fa48
Author: mateenmansoori 
AuthorDate: Thu Aug 12 14:50:15 2021 +0530

RANGER-3361 : Improve error message while deleting users and groups 
associated with role

Signed-off-by: Mehul Parikh 
---
 .../main/java/org/apache/ranger/biz/XUserMgr.java  | 64 +-
 .../java/org/apache/ranger/biz/TestXUserMgr.java   | 20 +++
 2 files changed, 70 insertions(+), 14 deletions(-)

diff --git a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java 
b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
index 38b06d1..6596bac 100755
--- a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
@@ -74,6 +74,9 @@ import org.apache.ranger.entity.XXPermMap;
 import org.apache.ranger.entity.XXPolicy;
 import org.apache.ranger.entity.XXPortalUser;
 import org.apache.ranger.entity.XXResource;
+import org.apache.ranger.entity.XXRole;
+import org.apache.ranger.entity.XXRoleRefGroup;
+import org.apache.ranger.entity.XXRoleRefUser;
 import org.apache.ranger.entity.XXSecurityZone;
 import org.apache.ranger.entity.XXSecurityZoneRefGroup;
 import org.apache.ranger.entity.XXSecurityZoneRefUser;
@@ -98,6 +101,8 @@ import 
org.springframework.transaction.support.TransactionTemplate;
 public class XUserMgr extends XUserMgrBase {
 
private static final String RANGER_USER_GROUP_GLOBAL_STATE_NAME = 
"RangerUserStore";
+   private static final String USER = "User";
+   private static final String GROUP = "Group";
private static final int MAX_DB_TRANSACTION_RETRIES = 5;
 
@Autowired
@@ -2031,6 +2036,7 @@ public class XUserMgr extends XUserMgrBase {
public void deleteXGroup(Long id, boolean force) {
checkAdminAccess();
blockIfZoneGroup(id);
+   this.blockIfRoleGroup(id);
xaBizUtil.blockAuditorRoleUser();
XXGroupDao xXGroupDao = daoManager.getXXGroup();
XXGroup xXGroup = xXGroupDao.getById(id);
@@ -2207,14 +2213,9 @@ public class XUserMgr extends XUserMgrBase {
for(XXSecurityZoneRefGroup zoneRefGrp : zoneRefGrpList) 
{
XXSecurityZone 
xSecZone=daoManager.getXXSecurityZoneDao().getById(zoneRefGrp.getZoneId());
if(zones.indexOf(xSecZone.getName())<0)
-   zones.append(", " + xSecZone.getName());
+   zones.append(xSecZone.getName() + ",");
}
-   logger.info("Can Not Delete Group :" + 
zoneRefGrpList.get(0).getGroupName() + "' as its already present in Zone " 
+zones);
-   VXResponse vXResponse = new VXResponse();
-   
vXResponse.setStatusCode(HttpServletResponse.SC_BAD_REQUEST);
-   vXResponse.setMsgDesc(
-   "Can Not Delete Group '" + 
zoneRefGrpList.get(0).getGroupName() + "' as its already present in Zone " 
+zones);
-   throw restErrorUtil.generateRESTException(vXResponse);
+   
this.prepareAndThrow(zoneRefGrpList.get(0).getGroupName(), 
RangerConstants.MODULE_SECURITY_ZONE, zones, GROUP);
}
}
 
@@ -2241,6 +2242,7 @@ public class XUserMgr extends XUserMgrBase {
}
restrictSelfAccountDeletion(vXUser.getName().trim());
blockIfZoneUser(id);
+   this.blockIfRoleUser(id);
SearchCriteria searchCriteria = new SearchCriteria();
searchCriteria.addParam("xUserId", id);
VXGroupUserList vxGroupUserList = 
searchXGroupUsers(searchCriteria);
@@ -2414,17 +2416,51 @@ public class XUserMgr extends XUserMgrBase {
for(XXSecurityZoneRefUser zoneRefUser :zoneRefUserList 
) {
XXSecurityZone xSecZone = 
daoManager.getXXSecurityZoneDao().getById(zoneRefUser.getZoneId());
if(zones.indexOf(xSecZone.getName())<0)
-   zones.append(", " + xSecZone.getName());
+   zones.append(xSecZone.getName() + ",");
}
-   logger.info("Can Not Delete User :" + 
zoneRefUserList.get(0).getUserName());
-   VXResponse vXResponse = new VXResponse();
-

[ranger] branch ranger-2.2 updated (7dc0950 -> 30730b1)

2021-08-17 Thread mehul

This is an automated email from the ASF dual-hosted git repository.

mehul pushed a change to branch ranger-2.2
in repository https://gitbox.apache.org/repos/asf/ranger.git.


from 7dc0950  RANGER-3362 : UI Improvements.
 add 30730b1  RANGER-3367: [Intermittent] Ranger Admin perf logs are not 
getting logged after Spring Security upgrade

No new revisions were added by this update.

Summary of changes:
 security-admin/pom.xml | 6 ++
 1 file changed, 6 insertions(+)

[ranger] branch master updated: RANGER-3367: [Intermittent] Ranger Admin perf logs are not getting logged after Spring Security upgrade

2021-08-17 Thread mehul

This is an automated email from the ASF dual-hosted git repository.

mehul pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git


The following commit(s) were added to refs/heads/master by this push:
 new 10d0a83  RANGER-3367: [Intermittent] Ranger Admin perf logs are not 
getting logged after Spring Security upgrade
10d0a83 is described below

commit 10d0a833eedba764e60ac1012f8371764a2468dd
Author: Mahesh Bandal 
AuthorDate: Mon Aug 16 13:58:15 2021 +0530

RANGER-3367: [Intermittent] Ranger Admin perf logs are not getting logged 
after Spring Security upgrade

Signed-off-by: Mehul Parikh 
---
 security-admin/pom.xml | 6 ++
 1 file changed, 6 insertions(+)

diff --git a/security-admin/pom.xml b/security-admin/pom.xml
index f64e747..032b79f 100644
--- a/security-admin/pom.xml
+++ b/security-admin/pom.xml
@@ -190,6 +190,12 @@
 org.springframework
 spring-core
 ${springframework.version}
+
+   
+   org.springframework
+   spring-jcl
+   
+
 
 
 org.springframework

[ranger] branch ranger-2.2 updated (9c69c0b -> bc42f47)

[ranger] branch ranger-2.2 updated: RANGER-3371: Update algorithm to build Ranger policy-database object from Ranger policy-view object

[ranger] branch master updated: RANGER-3371: Update algorithm to build Ranger policy-database object from Ranger policy-view object

[ranger] branch master updated: RANGER-3361 : Improve error message while deleting users and groups associated with role

[ranger] branch ranger-2.2 updated (7dc0950 -> 30730b1)

[ranger] branch master updated: RANGER-3367: [Intermittent] Ranger Admin perf logs are not getting logged after Spring Security upgrade

6 matches

Site Navigation

Mail list logo

Footer information