Review Request 63867: RANGER-1848:Implement getLinkList/getJobList in SqoopClient for Ranger Sqoop2 plugin
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/63867/ --- Review request for ranger, Ankita Sinha, Don Bosco Durai, Colm O hEigeartaigh, Gautam Borad, Madhan Neethiraj, pengjianhua, Ramesh Mani, Selvamohan Neethiraj, sam rome, Venkat Ranganathan, and Velmurugan Periasamy. Bugs: RANGER-1848 https://issues.apache.org/jira/browse/RANGER-1848 Repository: ranger Description --- Implement getLinkList/getJobList in SqoopClient for Ranger Sqoop2 plugin. It affects link and job resource lookup when creating sqoop policy in RangerAdmin. Diffs - plugin-sqoop/pom.xml 58d10a4 plugin-sqoop/src/main/java/org/apache/ranger/services/sqoop/client/SqoopClient.java 640d5db plugin-sqoop/src/main/java/org/apache/ranger/services/sqoop/client/json/model/SqoopJobResponse.java PRE-CREATION plugin-sqoop/src/main/java/org/apache/ranger/services/sqoop/client/json/model/SqoopJobsResponse.java PRE-CREATION plugin-sqoop/src/main/java/org/apache/ranger/services/sqoop/client/json/model/SqoopLinkResponse.java PRE-CREATION plugin-sqoop/src/main/java/org/apache/ranger/services/sqoop/client/json/model/SqoopLinksResponse.java PRE-CREATION pom.xml 589cd6a src/main/assembly/admin-web.xml aa37426 Diff: https://reviews.apache.org/r/63867/diff/1/ Testing --- Tested sqoop link and job resource lookup. Thanks, Qiang Zhang
[jira] [Commented] (RANGER-1892) Latest Hive Plugin Error
[ https://issues.apache.org/jira/browse/RANGER-1892?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16254756#comment-16254756 ] Amithsha commented on RANGER-1892: -- 2017-11-16T10:27:16,258 ERROR [Thread-9]: util.PolicyRefresher (:()) - PolicyRefresher(serviceName=hivedev): failed to refresh policies. Will continue to use last known version of policies (14) com.sun.jersey.api.client.ClientHandlerException: java.net.ConnectException: Connection refused > Latest Hive Plugin Error > - > > Key: RANGER-1892 > URL: https://issues.apache.org/jira/browse/RANGER-1892 > Project: Ranger > Issue Type: Bug > Components: plugins >Affects Versions: 0.7.1 >Reporter: Amithsha >Priority: Critical > > I installed ranger via hdp package of ranger-2-6-2-0-205-hive-plugin > this will install the latest ranger version of 0.7.* > after the setup is done i added my username in ranger hive policy and > selected all. > while executing select query from beeline i am getting this error for my user > , as well as for the admin. > WARN [HiveServer2-Handler-Pool: Thread-85]: thrift.ThriftCLIService (:()) - > Error executing statement: > org.apache.hive.service.cli.HiveSQLException: Error running query: > java.lang.AbstractMethodError: > org.apache.ranger.authorization.hive.authorizer.RangerHiveAuthorizer.needTransform()Z -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (RANGER-1892) Latest Hive Plugin Error
[ https://issues.apache.org/jira/browse/RANGER-1892?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Amithsha updated RANGER-1892: - Priority: Critical (was: Major) > Latest Hive Plugin Error > - > > Key: RANGER-1892 > URL: https://issues.apache.org/jira/browse/RANGER-1892 > Project: Ranger > Issue Type: Bug > Components: plugins >Affects Versions: 0.7.1 >Reporter: Amithsha >Priority: Critical > > I installed ranger via hdp package of ranger-2-6-2-0-205-hive-plugin > this will install the latest ranger version of 0.7.* > after the setup is done i added my username in ranger hive policy and > selected all. > while executing select query from beeline i am getting this error for my user > , as well as for the admin. > WARN [HiveServer2-Handler-Pool: Thread-85]: thrift.ThriftCLIService (:()) - > Error executing statement: > org.apache.hive.service.cli.HiveSQLException: Error running query: > java.lang.AbstractMethodError: > org.apache.ranger.authorization.hive.authorizer.RangerHiveAuthorizer.needTransform()Z -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (RANGER-1738) RangerYarnAuthorizer not compatible with Hadoop-3.0.0
[ https://issues.apache.org/jira/browse/RANGER-1738?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16253609#comment-16253609 ] Velmurugan Periasamy commented on RANGER-1738: -- bq. Velmurugan Periasamy, It's not possible to have RangerYarnAuthorizer work with multiple versions, as with Hadoop 3.0.0 you have to implement methods that take arguments that are only available in Hadoop 3.0.0. bq. [~coheigea] - Agreed. In that case, I think it is better to keep the compatibility matrix simple. But I don't think we can make ranger release depending on a beta hadoop version. Based on this https://cwiki.apache.org/confluence/display/HADOOP/Hadoop+3.0.0+release Hadoop 3.0 should be GA by now or pretty soon. > RangerYarnAuthorizer not compatible with Hadoop-3.0.0 > - > > Key: RANGER-1738 > URL: https://issues.apache.org/jira/browse/RANGER-1738 > Project: Ranger > Issue Type: Bug > Components: plugins >Affects Versions: 0.7.1 >Reporter: Hong Shen >Assignee: Colm O hEigeartaigh > Fix For: 1.0.0 > > Attachments: > 0001-RANGER-1738-RangerYarnAuthorizer-not-compatible-with.patch > > > In the newest hadoop version 3.0.0, YarnAuthorizationProvider has changed. > The new YarnAuthorizationProvider.java has change the methods checkPermission > and setPermission, > {code:title=YarnAuthorizationProvider.java|borderStyle=solid} > /** >* Check if user has the permission to access the target object. >* >* @param accessRequest >* the request object which contains all the access context info. >* @return true if user can access the object, otherwise false. >*/ > public abstract boolean checkPermission(AccessRequest accessRequest); > /** >* Set permissions for the target object. >* >* @param permissions >*A list of permissions on the target object. >* @param ugi User who sets the permissions. >*/ > public abstract void setPermission(List permissions, > UserGroupInformation ugi); > {code} > But the RangerYarnAuthorizer extends YarnAuthorizationProvider impletement > the old method. > {code:title=RangerYarnAuthorizer.java|borderStyle=solid} > @Override > public void setPermission(PrivilegedEntity entity, MapAccessControlList> permission, UserGroupInformation ugi) { >... > @Override > public boolean checkPermission(AccessType accessType, PrivilegedEntity > entity, UserGroupInformation ugi) { > {code} > I think yarn plugin should also impletement the new method. I will add a > patch for it. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Comment Edited] (RANGER-1738) RangerYarnAuthorizer not compatible with Hadoop-3.0.0
[ https://issues.apache.org/jira/browse/RANGER-1738?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16253609#comment-16253609 ] Velmurugan Periasamy edited comment on RANGER-1738 at 11/15/17 3:28 PM: bq. Velmurugan Periasamy, It's not possible to have RangerYarnAuthorizer work with multiple versions, as with Hadoop 3.0.0 you have to implement methods that take arguments that are only available in Hadoop 3.0.0. [~coheigea] - Agreed. In that case, I think it is better to keep the compatibility matrix simple. But I don't think we can make ranger release depending on a beta hadoop version. Based on this https://cwiki.apache.org/confluence/display/HADOOP/Hadoop+3.0.0+release Hadoop 3.0 should be GA by now or pretty soon. was (Author: vperiasamy): bq. Velmurugan Periasamy, It's not possible to have RangerYarnAuthorizer work with multiple versions, as with Hadoop 3.0.0 you have to implement methods that take arguments that are only available in Hadoop 3.0.0. bq. [~coheigea] - Agreed. In that case, I think it is better to keep the compatibility matrix simple. But I don't think we can make ranger release depending on a beta hadoop version. Based on this https://cwiki.apache.org/confluence/display/HADOOP/Hadoop+3.0.0+release Hadoop 3.0 should be GA by now or pretty soon. > RangerYarnAuthorizer not compatible with Hadoop-3.0.0 > - > > Key: RANGER-1738 > URL: https://issues.apache.org/jira/browse/RANGER-1738 > Project: Ranger > Issue Type: Bug > Components: plugins >Affects Versions: 0.7.1 >Reporter: Hong Shen >Assignee: Colm O hEigeartaigh > Fix For: 1.0.0 > > Attachments: > 0001-RANGER-1738-RangerYarnAuthorizer-not-compatible-with.patch > > > In the newest hadoop version 3.0.0, YarnAuthorizationProvider has changed. > The new YarnAuthorizationProvider.java has change the methods checkPermission > and setPermission, > {code:title=YarnAuthorizationProvider.java|borderStyle=solid} > /** >* Check if user has the permission to access the target object. >* >* @param accessRequest >* the request object which contains all the access context info. >* @return true if user can access the object, otherwise false. >*/ > public abstract boolean checkPermission(AccessRequest accessRequest); > /** >* Set permissions for the target object. >* >* @param permissions >*A list of permissions on the target object. >* @param ugi User who sets the permissions. >*/ > public abstract void setPermission(List permissions, > UserGroupInformation ugi); > {code} > But the RangerYarnAuthorizer extends YarnAuthorizationProvider impletement > the old method. > {code:title=RangerYarnAuthorizer.java|borderStyle=solid} > @Override > public void setPermission(PrivilegedEntity entity, MapAccessControlList> permission, UserGroupInformation ugi) { >... > @Override > public boolean checkPermission(AccessType accessType, PrivilegedEntity > entity, UserGroupInformation ugi) { > {code} > I think yarn plugin should also impletement the new method. I will add a > patch for it. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
Re: Review Request 63834: RANGER-1893 - Update HBase dependency to 1.2.6
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/63834/ --- (Updated Nov. 15, 2017, 3:14 p.m.) Review request for ranger. Changes --- Also removing some unused properties Bugs: RANGER-1893 https://issues.apache.org/jira/browse/RANGER-1893 Repository: ranger Description --- We currently rely on an old HBase dependency (1.1.3). This task is to upgrade it to 1.2.6. The plugin works correctly with no changes since 1.1.x. Diffs (updated) - pom.xml 589cd6ac Diff: https://reviews.apache.org/r/63834/diff/2/ Changes: https://reviews.apache.org/r/63834/diff/1-2/ Testing --- Thanks, Colm O hEigeartaigh
[jira] [Updated] (RANGER-1893) Update HBase dependency to 1.2.6
[ https://issues.apache.org/jira/browse/RANGER-1893?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh updated RANGER-1893: Attachment: (was: 0001-RANGER-1893-Update-HBase-dependency-to-1.2.6.patch) > Update HBase dependency to 1.2.6 > > > Key: RANGER-1893 > URL: https://issues.apache.org/jira/browse/RANGER-1893 > Project: Ranger > Issue Type: Improvement > Components: plugins >Reporter: Colm O hEigeartaigh >Assignee: Colm O hEigeartaigh > Fix For: 1.0.0 > > Attachments: 0001-RANGER-1893-Update-HBase-dependency-to-1.2.6.patch > > > We currently rely on an old HBase dependency (1.1.3). This task is to upgrade > it to 1.2.6. The plugin works correctly with no changes since 1.1.x. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (RANGER-1893) Update HBase dependency to 1.2.6
[ https://issues.apache.org/jira/browse/RANGER-1893?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh updated RANGER-1893: Attachment: 0001-RANGER-1893-Update-HBase-dependency-to-1.2.6.patch Also removing some unused properties > Update HBase dependency to 1.2.6 > > > Key: RANGER-1893 > URL: https://issues.apache.org/jira/browse/RANGER-1893 > Project: Ranger > Issue Type: Improvement > Components: plugins >Reporter: Colm O hEigeartaigh >Assignee: Colm O hEigeartaigh > Fix For: 1.0.0 > > Attachments: 0001-RANGER-1893-Update-HBase-dependency-to-1.2.6.patch > > > We currently rely on an old HBase dependency (1.1.3). This task is to upgrade > it to 1.2.6. The plugin works correctly with no changes since 1.1.x. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
Review Request 63834: RANGER-1893 - Update HBase dependency to 1.2.6
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/63834/ --- Review request for ranger. Bugs: RANGER-1893 https://issues.apache.org/jira/browse/RANGER-1893 Repository: ranger Description --- We currently rely on an old HBase dependency (1.1.3). This task is to upgrade it to 1.2.6. The plugin works correctly with no changes since 1.1.x. Diffs - pom.xml 589cd6ac Diff: https://reviews.apache.org/r/63834/diff/1/ Testing --- Thanks, Colm O hEigeartaigh
[jira] [Updated] (RANGER-1893) Update HBase dependency to 1.2.6
[ https://issues.apache.org/jira/browse/RANGER-1893?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh updated RANGER-1893: Attachment: 0001-RANGER-1893-Update-HBase-dependency-to-1.2.6.patch > Update HBase dependency to 1.2.6 > > > Key: RANGER-1893 > URL: https://issues.apache.org/jira/browse/RANGER-1893 > Project: Ranger > Issue Type: Improvement > Components: plugins >Reporter: Colm O hEigeartaigh >Assignee: Colm O hEigeartaigh > Fix For: 1.0.0 > > Attachments: 0001-RANGER-1893-Update-HBase-dependency-to-1.2.6.patch > > > We currently rely on an old HBase dependency (1.1.3). This task is to upgrade > it to 1.2.6. The plugin works correctly with no changes since 1.1.x. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Created] (RANGER-1893) Update HBase dependency to 1.2.6
Colm O hEigeartaigh created RANGER-1893: --- Summary: Update HBase dependency to 1.2.6 Key: RANGER-1893 URL: https://issues.apache.org/jira/browse/RANGER-1893 Project: Ranger Issue Type: Improvement Components: plugins Reporter: Colm O hEigeartaigh Assignee: Colm O hEigeartaigh Fix For: 1.0.0 We currently rely on an old HBase dependency (1.1.3). This task is to upgrade it to 1.2.6. The plugin works correctly with no changes since 1.1.x. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Created] (RANGER-1892) Latest Hive Plugin Error
Amithsha created RANGER-1892: Summary: Latest Hive Plugin Error Key: RANGER-1892 URL: https://issues.apache.org/jira/browse/RANGER-1892 Project: Ranger Issue Type: Bug Components: plugins Affects Versions: 0.7.1 Reporter: Amithsha I installed ranger via hdp package of ranger-2-6-2-0-205-hive-plugin this will install the latest ranger version of 0.7.* after the setup is done i added my username in ranger hive policy and selected all. while executing select query from beeline i am getting this error for my user , as well as for the admin. WARN [HiveServer2-Handler-Pool: Thread-85]: thrift.ThriftCLIService (:()) - Error executing statement: org.apache.hive.service.cli.HiveSQLException: Error running query: java.lang.AbstractMethodError: org.apache.ranger.authorization.hive.authorizer.RangerHiveAuthorizer.needTransform()Z -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (RANGER-1738) RangerYarnAuthorizer not compatible with Hadoop-3.0.0
[ https://issues.apache.org/jira/browse/RANGER-1738?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16253284#comment-16253284 ] Colm O hEigeartaigh commented on RANGER-1738: - [~rmani], [~vperiasamy], OK so what you are suggesting here is to drop the Hadoop 2.7.x dependency from Ranger altogether? This could work, but 3.0.0 is currently a "beta" - I'm not sure when the plans are to ship a final 3.0.0 version. Would we be happy to release Ranger 1.0.0 off a beta Hadoop version? It might be less risky just to leave the dependency on Hadoop 2.7.x, but add some exclusions in the Yarn 3.0.0 plugin to exclude 2.7.x jars. The distribution for the new plugin doesn't include any Hadoop jars in the "lib" directory. [~vperiasamy], It's not possible to have RangerYarnAuthorizer work with multiple versions, as with Hadoop 3.0.0 you have to implement methods that take arguments that are only available in Hadoop 3.0.0. > RangerYarnAuthorizer not compatible with Hadoop-3.0.0 > - > > Key: RANGER-1738 > URL: https://issues.apache.org/jira/browse/RANGER-1738 > Project: Ranger > Issue Type: Bug > Components: plugins >Affects Versions: 0.7.1 >Reporter: Hong Shen >Assignee: Colm O hEigeartaigh > Fix For: 1.0.0 > > Attachments: > 0001-RANGER-1738-RangerYarnAuthorizer-not-compatible-with.patch > > > In the newest hadoop version 3.0.0, YarnAuthorizationProvider has changed. > The new YarnAuthorizationProvider.java has change the methods checkPermission > and setPermission, > {code:title=YarnAuthorizationProvider.java|borderStyle=solid} > /** >* Check if user has the permission to access the target object. >* >* @param accessRequest >* the request object which contains all the access context info. >* @return true if user can access the object, otherwise false. >*/ > public abstract boolean checkPermission(AccessRequest accessRequest); > /** >* Set permissions for the target object. >* >* @param permissions >*A list of permissions on the target object. >* @param ugi User who sets the permissions. >*/ > public abstract void setPermission(List permissions, > UserGroupInformation ugi); > {code} > But the RangerYarnAuthorizer extends YarnAuthorizationProvider impletement > the old method. > {code:title=RangerYarnAuthorizer.java|borderStyle=solid} > @Override > public void setPermission(PrivilegedEntity entity, MapAccessControlList> permission, UserGroupInformation ugi) { >... > @Override > public boolean checkPermission(AccessType accessType, PrivilegedEntity > entity, UserGroupInformation ugi) { > {code} > I think yarn plugin should also impletement the new method. I will add a > patch for it. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (RANGER-1890) The permission of "Kafka Admin" can not support "Select/Deselect All" when add/edit Kafka policy
[ https://issues.apache.org/jira/browse/RANGER-1890?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Qiang Zhang updated RANGER-1890: Description: The current logic is as following: 1. Other checkbox will not be selected when the "Kafka Admin" was selected. 2. Other checkbox will not be deselected when the "Kafka Admin“ checkbox" was deselected. The right logic should be as following: 1. Other checkbox will be selected when the "Kafka Admin" was selected. 2. Other checkbox will be deselected when the "Kafka Admin" was deselected. was: The current logic is as following: 1. Other checkbox will not be selected when the "Kafka Admin" was selected. 2. Other checkbox will not be deselected when the "Kafka Admin“ checkbox" was deselected. The right logic should be as following: 1. Other checkbox will be selected when the "Select checkbox" was selected. 2. Other checkbox will be deselected when the "Deselect checkbox" was deselected. > The permission of "Kafka Admin" can not support "Select/Deselect All" when > add/edit Kafka policy > - > > Key: RANGER-1890 > URL: https://issues.apache.org/jira/browse/RANGER-1890 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Reporter: Qiang Zhang >Assignee: Qiang Zhang >Priority: Minor > > The current logic is as following: > 1. Other checkbox will not be selected when the "Kafka Admin" was selected. > 2. Other checkbox will not be deselected when the "Kafka Admin“ checkbox" was > deselected. > The right logic should be as following: > 1. Other checkbox will be selected when the "Kafka Admin" was selected. > 2. Other checkbox will be deselected when the "Kafka Admin" was deselected. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Created] (RANGER-1891) The permission of "All" can not support "Select/Deselect All" when add/edit Hive policy
WangYuan created RANGER-1891: Summary: The permission of "All" can not support "Select/Deselect All" when add/edit Hive policy Key: RANGER-1891 URL: https://issues.apache.org/jira/browse/RANGER-1891 Project: Ranger Issue Type: Bug Components: admin, Ranger Reporter: WangYuan Assignee: WangYuan Priority: Minor The current logic is as following: 1. Other checkbox will not be selected when the "All" was selected. 2. Other checkbox will not be deselected when the "All“ checkbox" was deselected. The right logic should be as following: 1. Other checkbox will be selected when the "All" was selected. 2. Other checkbox will be deselected when the "All" was deselected. -- This message was sent by Atlassian JIRA (v6.4.14#64029)