Re: Review Request 72941: RANGER-3030 : Replace Findbugs with Spotbugs maven plugin

2021-12-08 Thread bhavik patel 


> On Jan. 5, 2021, 5:33 p.m., Velmurugan Periasamy wrote:
> > pom.xml
> > Line 116 (original), 116 (patched)
> > 
> >
> > Can you please make sure this is not packaged? I see 
> > spotbugs-annotations-3.1.9.jar is getting packaged.
> 
> bhavik patel wrote:
> This jar is getting packaged without this patch and after analyzing it is 
> found that it is pulled by "zookeeper" dependency.
> 
> Velmurugan Periasamy wrote:
> Thanks for the analysis. My suggestion is to exclude 
> spotbugs-annotations-3.1.9.jar - either in is this patch or via a separate 
> jira.
> 
> bhavik patel wrote:
> Will create separate jira to exclude spotbugs-annotations-3.1.9.jar file.

created https://issues.apache.org/jira/browse/RANGER-3543 to exlude 
spotbugs-annotations-3.1.9.jar file.


- bhavik


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72941/#review222406
---


On Dec. 8, 2021, 8:03 a.m., bhavik patel wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/72941/
> ---
> 
> (Updated Dec. 8, 2021, 8:03 a.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Dhaval Shah, Dineshkumar Yadav, 
> Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Pradeep 
> Agrawal, Ramesh Mani, Sailaja Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-3030
> https://issues.apache.org/jira/browse/RANGER-3030
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Since Findbugs is no longer maintained, so it will be good to use the latest 
> version of the Spotbugs Maven plugin as a part of good coding practice.
> 
> 
> Diffs
> -
> 
>   dev-support/findbugsIncludeFile.xml 8623906bd 
>   dev-support/spotbugsIncludeFile.xml PRE-CREATION 
>   pom.xml 11a695065 
> 
> 
> Diff: https://reviews.apache.org/r/72941/diff/3/
> 
> 
> Testing
> ---
> 
> erified "mvn spotbugs:check" successful.
> 
> 
> Thanks,
> 
> bhavik patel
> 
>

[jira] [Created] (RANGER-3543) Remove spotbugs-annotations-3.1.9 from classpath

2021-12-08 Thread Bhavik Patel (Jira) 
Bhavik Patel created RANGER-3543:


 Summary: Remove spotbugs-annotations-3.1.9 from classpath 
 Key: RANGER-3543
 URL: https://issues.apache.org/jira/browse/RANGER-3543
 Project: Ranger
  Issue Type: Bug
  Components: Ranger
Affects Versions: 3.0.0
Reporter: Bhavik Patel
Assignee: Bhavik Patel


Exclude spotbugs-annotations-3.1.9 jar is coming with Zookeeper dependency’s.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (RANGER-3490) Make policy resource signature is unique in a service

2021-12-08 Thread Pradeep Agrawal (Jira) 


[ 
https://issues.apache.org/jira/browse/RANGER-3490?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17456139#comment-17456139
 ] 

Pradeep Agrawal commented on RANGER-3490:
-

Patch 2 commit link : 
https://github.com/apache/ranger/commit/65543320e43b94e09b07eba647bf347b8b64fe14

> Make policy resource signature is unique in a service
> -
>
> Key: RANGER-3490
> URL: https://issues.apache.org/jira/browse/RANGER-3490
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Abhay Kulkarni
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 3.0.0
>
>
> There may be multiple policies with the same resource signature within a 
> service (at most one enabled policy and potentially any number of disabled 
> policies).  Therefore, the resource-signature uniqueness within a service 
> cannot be enforced at the database level.
> The proposal is to encode GUID of a disabled policy within the resource 
> signature, thus making the resource signature unique within a service.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (RANGER-3298) Add coarse URI check for Hive Agent

2021-12-08 Thread Pradeep Agrawal (Jira) 


[ 
https://issues.apache.org/jira/browse/RANGER-3298?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17456136#comment-17456136
 ] 

Pradeep Agrawal commented on RANGER-3298:
-

PMD fix RR link : https://reviews.apache.org/r/73750/

Commits Link : 

https://github.com/apache/ranger/commit/fcea57497766576c97591801fcd81e63b9a532b0

https://github.com/apache/ranger/commit/00dd3fcd88aa6e10bf1f2e3a68c76a85c7218de2

> Add coarse URI check for Hive Agent
> ---
>
> Key: RANGER-3298
> URL: https://issues.apache.org/jira/browse/RANGER-3298
> Project: Ranger
>  Issue Type: Improvement
>  Components: plugins
>Reporter: Janus Chow
>Priority: Major
> Fix For: 3.0.0
>
>  Time Spent: 40m
>  Remaining Estimate: 0h
>
> In `RangerHiveAuthorizer`, the function of `checkPrivileges` will check the 
> permission for the `HivePrivilegeObject` with 
> `FileUtils.isActionPermittedForFileHierarchy`, and this method will check the 
> permission for all the files under the related directory by default.
> For a large table with thousands of files, this operation will take a long 
> time, leading to breaking the SLA. Besides, in the default implementation of 
> `StorageBasedAuthorizationProvider` in Hive, only the directories will be 
> checked too. 
> This ticket is to add a config for users to do a coarse check for URI 
> permission check. 



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

Re: Review Request 73750: RANGER-3298:Add coarse URI check for Hive Agent-PMD fix

2021-12-08 Thread Pradeep Agrawal 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73750/#review223823
---


Ship it!




Ship It!

- Pradeep Agrawal


On Dec. 8, 2021, 6:47 p.m., Ramesh Mani wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73750/
> ---
> 
> (Updated Dec. 8, 2021, 6:47 p.m.)
> 
> 
> Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, 
> Pradeep Agrawal, Sailaja Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-3298
> https://issues.apache.org/jira/browse/RANGER-3298
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> RANGER-3298:Add coarse URI check for Hive Agent-PMD fix
> 
> 
> Diffs
> -
> 
>   
> hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
>  ad857e424 
> 
> 
> Diff: https://reviews.apache.org/r/73750/diff/1/
> 
> 
> Testing
> ---
> 
> - There is a PMD in the previous patch for this jira.
> - Fixed the PMD and verified in local vm
> 
> 
> Thanks,
> 
> Ramesh Mani
> 
>

Re: Review Request 73744: RANGER-3490 : Make policy resource signature is unique in a service part 2

2021-12-08 Thread Pradeep Agrawal 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73744/#review223822
---


Ship it!




Ship It!

- Pradeep Agrawal


On Dec. 8, 2021, 12:09 p.m., Dineshkumar Yadav wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73744/
> ---
> 
> (Updated Dec. 8, 2021, 12:09 p.m.)
> 
> 
> Review request for ranger, Jayendra Parab, Kishor Gollapalliwar, Abhay 
> Kulkarni, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, Vishal Suvagia, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-3490
> https://issues.apache.org/jira/browse/RANGER-3490
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Make policy resource signature is unique in a service part 2
> added condition for disabled policy having empty guid.
> 
> 
> Diffs
> -
> 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicyResourceSignature.java
>  77b274e90 
> 
> 
> Diff: https://reviews.apache.org/r/73744/diff/1/
> 
> 
> Testing
> ---
> 
> Testing done in local culster.
> 
> 
> Thanks,
> 
> Dineshkumar Yadav
> 
>

Re: Review Request 73748: RANGER-3541 : Fix PMD violation

2021-12-08 Thread Pradeep Agrawal 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73748/#review223821
---


Ship it!




Ship It!

- Pradeep Agrawal


On Dec. 8, 2021, 7:44 a.m., bhavik patel wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73748/
> ---
> 
> (Updated Dec. 8, 2021, 7:44 a.m.)
> 
> 
> Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad, 
> Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, 
> Sailaja Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-3514
> https://issues.apache.org/jira/browse/RANGER-3514
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> There are couple of PMD violation due to recent commit of RANGER-3298
> 
> 
> Diffs
> -
> 
>   
> hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
>  ad857e424 
> 
> 
> Diff: https://reviews.apache.org/r/73748/diff/1/
> 
> 
> Testing
> ---
> 
> After updating the changes, able to build the Package.
> 
> 
> Thanks,
> 
> bhavik patel
> 
>

Re: Review Request 73744: RANGER-3490 : Make policy resource signature is unique in a service part 2

2021-12-08 Thread Abhay Kulkarni 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73744/#review223820
---


Ship it!




Ship It!

- Abhay Kulkarni


On Dec. 8, 2021, 12:09 p.m., Dineshkumar Yadav wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73744/
> ---
> 
> (Updated Dec. 8, 2021, 12:09 p.m.)
> 
> 
> Review request for ranger, Jayendra Parab, Kishor Gollapalliwar, Abhay 
> Kulkarni, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, Vishal Suvagia, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-3490
> https://issues.apache.org/jira/browse/RANGER-3490
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Make policy resource signature is unique in a service part 2
> added condition for disabled policy having empty guid.
> 
> 
> Diffs
> -
> 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicyResourceSignature.java
>  77b274e90 
> 
> 
> Diff: https://reviews.apache.org/r/73744/diff/1/
> 
> 
> Testing
> ---
> 
> Testing done in local culster.
> 
> 
> Thanks,
> 
> Dineshkumar Yadav
> 
>

Re: Review Request 73677: RANGER-3469: Off-By-One Error in XUser Syncing

2021-12-08 Thread Sailaja Polavarapu 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73677/#review223819
---




ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java
Line 932 (original), 932 (patched)


Also while going through the code, I noticed that similar check is missing 
for getGroups, getGroupUsers, and updateUserRoles. Can you please add?


- Sailaja Polavarapu


On Nov. 22, 2021, 9:40 p.m., David Mollitor wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73677/
> ---
> 
> (Updated Nov. 22, 2021, 9:40 p.m.)
> 
> 
> Review request for ranger.
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> RANGER-3285: Off-By-One Error in XUser Syncing
> 
> 
> Diffs
> -
> 
>   
> ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java
>  60445043f 
> 
> 
> Diff: https://reviews.apache.org/r/73677/diff/1/
> 
> 
> Testing
> ---
> 
> 
> Thanks,
> 
> David Mollitor
> 
>

Re: Review Request 73677: RANGER-3469: Off-By-One Error in XUser Syncing

2021-12-08 Thread Sailaja Polavarapu 


> On Nov. 22, 2021, 10:35 p.m., Abhishek  Kumar wrote:
> > ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java
> > Lines 919 (patched)
> > 
> >
> > Why is max required here ?
> 
> David Mollitor wrote:
> Hello, I am not sure, but this was the behavior of the original code and 
> I did not want to change behavior in this way for this particular issue.
> 
> David Mollitor wrote:
> Any additional questions or thoughts on this matter?

David,
 I agree that this behavior is from the original code. you can drop this 
comment. But please make similar changes for getGroups, getGroupUsers, and 
updateUserRoles where needed as commented by Abhishek.


- Sailaja


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73677/#review223761
---


On Nov. 22, 2021, 9:40 p.m., David Mollitor wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73677/
> ---
> 
> (Updated Nov. 22, 2021, 9:40 p.m.)
> 
> 
> Review request for ranger.
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> RANGER-3285: Off-By-One Error in XUser Syncing
> 
> 
> Diffs
> -
> 
>   
> ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java
>  60445043f 
> 
> 
> Diff: https://reviews.apache.org/r/73677/diff/1/
> 
> 
> Testing
> ---
> 
> 
> Thanks,
> 
> David Mollitor
> 
>

[jira] [Created] (RANGER-3542) Invalid HTTPS Check

2021-12-08 Thread David Mollitor (Jira) 
David Mollitor created RANGER-3542:
--

 Summary: Invalid HTTPS Check
 Key: RANGER-3542
 URL: https://issues.apache.org/jira/browse/RANGER-3542
 Project: Ranger
  Issue Type: Bug
  Components: plugins
Reporter: David Mollitor


[https://github.com/apache/ranger/blob/0258fcf7ab25473b056fffc103840806c18fdcad/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRESTClient.java#L243]

 

{code:java|title=RangerRESTClient.java}
mIsSSL = StringUtils.containsIgnoreCase(mUrl, "https");
{code}

This can trigger inadvertently if the host name just happens to have "https" in 
the name.  Better/safer to use Java URL to parse {{mUrl}} and look at the 
protocol explicitly.

For example: {{http://my.serverhttps.com}} would trigger as an ssl enabled 
endpoint.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

Review Request 73750: RANGER-3298:Add coarse URI check for Hive Agent-PMD fix

2021-12-08 Thread Ramesh Mani 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73750/
---

Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, 
Pradeep Agrawal, Sailaja Polavarapu, and Velmurugan Periasamy.


Bugs: RANGER-3298
https://issues.apache.org/jira/browse/RANGER-3298


Repository: ranger


Description
---

RANGER-3298:Add coarse URI check for Hive Agent-PMD fix


Diffs
-

  
hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
 ad857e424 


Diff: https://reviews.apache.org/r/73750/diff/1/


Testing
---

- There is a PMD in the previous patch for this jira.
- Fixed the PMD and verified in local vm


Thanks,

Ramesh Mani

[jira] [Commented] (RANGER-3490) Make policy resource signature is unique in a service

2021-12-08 Thread Dineshkumar Yadav (Jira) 


[ 
https://issues.apache.org/jira/browse/RANGER-3490?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17455203#comment-17455203
 ] 

Dineshkumar Yadav commented on RANGER-3490:
---

Patch 2 is available here -[[link 
title|http://example.com]|https://reviews.apache.org/r/73744/]

> Make policy resource signature is unique in a service
> -
>
> Key: RANGER-3490
> URL: https://issues.apache.org/jira/browse/RANGER-3490
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Abhay Kulkarni
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 3.0.0
>
>
> There may be multiple policies with the same resource signature within a 
> service (at most one enabled policy and potentially any number of disabled 
> policies).  Therefore, the resource-signature uniqueness within a service 
> cannot be enforced at the database level.
> The proposal is to encode GUID of a disabled policy within the resource 
> signature, thus making the resource signature unique within a service.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3167) security-admin build failed for apache-ranger-2.1.0

2021-12-08 Thread Ramesh Mani (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-3167?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-3167:

Fix Version/s: 2.1.0

> security-admin build failed for apache-ranger-2.1.0
> ---
>
> Key: RANGER-3167
> URL: https://issues.apache.org/jira/browse/RANGER-3167
> Project: Ranger
>  Issue Type: Task
>  Components: Ranger
>Reporter: zhu jing
>Priority: Major
> Fix For: 2.1.0
>
>
> I faced below exception while package security-admin for apache-ranger-2.1.0. 
> by command  mvn clean install -DskipTests=true
> [INFO] Running 'npm install --https-proxy=http://:1081 
> --proxy=http://xxx:1081' in 
> /root/apache-ranger-2.1.0/security-admin/target/jsmain
> [WARNING] npm WARN security-admin@2.0.0 No description
> [WARNING] npm WARN security-admin@2.0.0 No repository field.
> [WARNING] npm WARN security-admin@2.0.0 No license field.
> [ERROR]
> [INFO] Uglify file: 
> /root/apache-ranger-2.1.0/security-admin/target/security-admin-web-2.1.0/scripts/Main.min.js
> [ERROR] WARN: Output exceeds 32000 characters
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-1737) Fix potential performance issue introduced by RANGER-1181

2021-12-08 Thread Ramesh Mani (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-1737?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-1737:

Fix Version/s: 0.7.0

> Fix potential performance issue introduced by RANGER-1181 
> --
>
> Key: RANGER-1737
> URL: https://issues.apache.org/jira/browse/RANGER-1737
> Project: Ranger
>  Issue Type: Bug
>  Components: plugins
>Affects Versions: 0.7.0, 0.7.1
>Reporter: Madhan Neethiraj
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 0.7.0
>
>
> Fix in RANGER-1181 added fallback to native authorizer for each level - 
> parent/ancestor/self/subAccess. In the newly added fallback cases, 
> FsAction.NONE was sent to the default authorizer - which caused the default 
> authorizer to traverse the entire sub-tree to validate subAccess. This can 
> cause performance issues, if the subtree has large number of 
> files/directories.
> Calls to default authorizer should send null, instead of FsAction.NONE - this 
> will eliminate the unnecessary subtree traversal.
> CC: [~arpitagarwal]



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-1841) Audit log record for 'use dbName' hive command contains large number of tags

2021-12-08 Thread Ramesh Mani (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-1841?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-1841:

Fix Version/s: 0.7.0

> Audit log record for 'use dbName' hive command contains large number of tags
> 
>
> Key: RANGER-1841
> URL: https://issues.apache.org/jira/browse/RANGER-1841
> Project: Ranger
>  Issue Type: Bug
>  Components: plugins
>Reporter: Madhan Neethiraj
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 0.7.0
>
>
> When a Hive service is configured for tag-based authorization, the audit log 
> generated for  ‘use dbName’ command would contain all the tags associated 
> with: the database, all tables in the database, all the columns in the 
> database. The number of tags in this audit log could be too many; and having 
> such large number of tags in audit logs of 'use ' command may not be 
> useful. It will be better not to log tags in audit logs for 'use ' 
> commands. Policy-id recorded in the audit log can be used to identity the 
> tag, if a tag-based policy  authorized the command.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-1843) Tag enricher performance improvement in identifying tags for resource being accessed

2021-12-08 Thread Ramesh Mani (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-1843?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-1843:

Fix Version/s: 0.7.0

> Tag enricher performance improvement in identifying tags for resource being 
> accessed
> 
>
> Key: RANGER-1843
> URL: https://issues.apache.org/jira/browse/RANGER-1843
> Project: Ranger
>  Issue Type: Bug
>  Components: plugins
>Reporter: Madhan Neethiraj
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 0.7.0
>
>
> Performance improvements in RANGER-1771, in finding the policies for a given 
> resource, should be made in tag-enricher as well - to optimize finding of 
> tags applicable for a given resource,



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-2847) Add support/Fix Test connection with Ozone service

2021-12-08 Thread Ramesh Mani (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-2847?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-2847:

Fix Version/s: 3.0.0

> Add support/Fix Test connection with Ozone service
> --
>
> Key: RANGER-2847
> URL: https://issues.apache.org/jira/browse/RANGER-2847
> Project: Ranger
>  Issue Type: Bug
>  Components: plugins
>Affects Versions: 2.1.0
>Reporter: Abhishek Shukla
>Assignee: Abhishek Kumar
>Priority: Major
>  Labels: ozone
> Fix For: 3.0.0
>
>
> Currently, Test Connection with Ozone Service is failing with this error.
> {noformat}
> java.lang.NoClassDefFoundError: 
> org/apache/hadoop/ozone/client/OzoneClientFactory.{noformat}



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-2910) Add kerberos and SSL support for client libraries

2021-12-08 Thread Ramesh Mani (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-2910?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-2910:

Fix Version/s: 3.0.0
   2.2.0

> Add kerberos and SSL support for client libraries
> -
>
> Key: RANGER-2910
> URL: https://issues.apache.org/jira/browse/RANGER-2910
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Reporter: Abhishek Kumar
>Assignee: Abhishek Kumar
>Priority: Major
> Fix For: 3.0.0, 2.2.0
>
>   Original Estimate: 48h
>  Remaining Estimate: 48h
>




--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3030) Replace Findbugs with Spotbugs maven plugin

2021-12-08 Thread Bhavik Patel (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-3030?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Bhavik Patel updated RANGER-3030:
-
Priority: Major  (was: Minor)

> Replace Findbugs with Spotbugs maven plugin
> ---
>
> Key: RANGER-3030
> URL: https://issues.apache.org/jira/browse/RANGER-3030
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: 3.0.0
>Reporter: Bhavik Patel
>Assignee: Bhavik Patel
>Priority: Major
> Fix For: 3.0.0
>
> Attachments: 
> RANGER-3030-Replace-Findbugs-with-Spotbugs-maven-plu-1.patch, 
> RANGER-3030-Replace-Findbugs-with-Spotbugs-maven-plu.patch, 
> RANGER-3030-Replace-Findbugs-with-Spotbugs-maven-plu.patch
>
>
> Since Findbugs is no longer maintained, so it will be good to use the latest 
> version of the Spotbugs Maven plugin as a part of good coding practice.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (RANGER-3030) Replace Findbugs with Spotbugs maven plugin

2021-12-08 Thread Bhavik Patel (Jira) 


[ 
https://issues.apache.org/jira/browse/RANGER-3030?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17455027#comment-17455027
 ] 

Bhavik Patel commented on RANGER-3030:
--

[~rmani] [~madhan]  [~kulkabhay]  [~pradeepagrawal8184]  please review.

> Replace Findbugs with Spotbugs maven plugin
> ---
>
> Key: RANGER-3030
> URL: https://issues.apache.org/jira/browse/RANGER-3030
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: 3.0.0
>Reporter: Bhavik Patel
>Assignee: Bhavik Patel
>Priority: Minor
> Fix For: 3.0.0
>
> Attachments: 
> RANGER-3030-Replace-Findbugs-with-Spotbugs-maven-plu-1.patch, 
> RANGER-3030-Replace-Findbugs-with-Spotbugs-maven-plu.patch, 
> RANGER-3030-Replace-Findbugs-with-Spotbugs-maven-plu.patch
>
>
> Since Findbugs is no longer maintained, so it will be good to use the latest 
> version of the Spotbugs Maven plugin as a part of good coding practice.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3014) fix for RANGER-2789 breaks current functionality

2021-12-08 Thread Ramesh Mani (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-3014?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-3014:

Fix Version/s: 3.0.0
   2.2.0

> fix for RANGER-2789 breaks current functionality
> 
>
> Key: RANGER-3014
> URL: https://issues.apache.org/jira/browse/RANGER-3014
> Project: Ranger
>  Issue Type: Bug
>  Components: admin
>Reporter: Georgi Ivanov
>Assignee: Mahesh Hanumant Bandal
>Priority: Major
> Fix For: 3.0.0, 2.2.0
>
> Attachments: 
> 0001-RANGER-3014-fix-for-RANGER-2789-breaks-current-funct.patch, After 
> Reverting RANGER-2789.png, Reverted RANGER-2789- userlookup in permission 
> tab.png, add-a-query-condition.png, cpu_utilization_for_user_lookup.png, 
> ranger-crashed while user-lookup in permission tab.png, with RANGER-2789 and 
> RANGER-3014 .png
>
>  Time Spent: 10m
>  Remaining Estimate: 0h
>
> Since we upgraded to Ranger 2.1.0 in our dev env, we've noticed that user 
> list page in Ranger Admin UI is not showing (or it is very very slow - in the 
> order of tens of minutes).
> Looking at the commit history we found that the reason was commit 
> *f45054d1b9* which was meant as a performance improvement for RANGER-2789. 
> Our ranger usersync fetches users and groups from AD. Our tree is huge, here 
> are some stats:
> {code:java}
> select count(*) from x_user;
> 43368
> select count(*) from x_portal_user;
> 43366
> select count(*) from x_group;
> 17865
> select count(*) from x_group_users;
> 366180 {code}
>  
> Looking at the commit *f45054d1b9* what it meant to solve is perform a user 
> lookup and fetching user info such as attributes and group membership in 
> bulk, instead of doing it in a loop, one by one. In order to do that it 
> provided couple of methods and also an override for searchXUsers in 
> service/XUserService.java (before we used the parent method in 
> service/XUserServiceBase.java).
>  
> The new searchXUsers method (which gets invoked when we call 
> /service/xusers/users REST API, calls populateViewBeans (another new method). 
> It calls the parent method populateViewBeans in XUserServiceBase.java which 
> build a hashmap or users and calls an override of populateViewBeans with 
> input hashmap
> {code:java}
> +   public List populateViewBeans(List resources) {
> +   List viewBeans = new ArrayList<>();
> +   if (CollectionUtils.isNotEmpty(resources)) {
> +   Map resourceViewBeanMap = new 
> HashMap<>(resources.size());
> +   Map viewBeanResourceMap = new 
> HashMap<>(resources.size());
> +   for (XXUser resource : resources) {
> +   VXUser viewBean = createViewObject();
> +   
> viewBean.setCredStoreId(resource.getCredStoreId());
> +   
> viewBean.setDescription(resource.getDescription());
> +   viewBean.setName(resource.getName());
> +   viewBean.setStatus(resource.getStatus());
> +   resourceViewBeanMap.put(resource, viewBean);
> +   viewBeanResourceMap.put(viewBean, resource);
> +   viewBeans.add(viewBean);
> +   }
> +   populateViewBeans(resourceViewBeanMap);
> +   mapEntityToViewBeans(viewBeanResourceMap);
> +   }
> +   return viewBeans;
> +   }
> +
> +   protected void populateViewBeans(Map 
> resourceViewBeanMap) {
> +   mapBaseAttributesToViewBeans(resourceViewBeanMap);
> +   } {code}
>  
> This in turns calls mapBaseAttributesToViewBeans, which calls 
> daoManager.getXXPortalUser().findAllXPortalUser() and it pulls all users (no 
> matter that we limit the users with a REST call to 25 by default)
> That's one thing that hampers performance. However the biggest issue is this:
> {code:java}
> +   @Override
> +   public List populateViewBeans(List xUsers) {
> +   List vObjList = super.populateViewBeans(xUsers);
> +   if (CollectionUtils.isNotEmpty(vObjList) && 
> CollectionUtils.isNotEmpty(xUsers) && xUsers.size() == vObjList.size()) {
> +   Map xUserIdVObjMap = new 
> HashMap<>(xUsers.size());
> +   for (int i = 0; i < xUsers.size(); ++i) {
> +   VXUser vObj = vObjList.get(i);
> +   XXUser xUser = xUsers.get(i);
> +   vObj.setIsVisible(xUser.getIsVisible());
> +   xUserIdVObjMap.put(xUser.getId(), vObj);
> +   }
> +   populateGroupList(xUserIdVObjMap

[jira] [Updated] (RANGER-2940) Removing a user from a group is not reflected in Ranger

2021-12-08 Thread Ramesh Mani (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-2940?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-2940:

Fix Version/s: 3.0.0
   2.2.0

> Removing a user from a group is not reflected in Ranger
> ---
>
> Key: RANGER-2940
> URL: https://issues.apache.org/jira/browse/RANGER-2940
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger, usersync
>Affects Versions: 2.0.0
>Reporter: Sailaja Polavarapu
>Assignee: Sailaja Polavarapu
>Priority: Major
> Fix For: 3.0.0, 2.2.0
>
> Attachments: 
> 0001-RANGER-2940-Added-code-to-update-user-roles-when-gro.patch
>
>
> Ranger usersync is configured to use AD/LDAP as sync source with incremental 
> sync option enabled and "ranger.usersync.group.based.role.assignment.rules" 
> with value ""&ROLE_SYS_ADMIN:g:".
> In this case,  even after removing a user from an ADMIN privilege group, 
> ranger UI still shows an admin role for that user.
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (RANGER-3030) Replace Findbugs with Spotbugs maven plugin

2021-12-08 Thread Bhavik Patel (Jira) 


[ 
https://issues.apache.org/jira/browse/RANGER-3030?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17455025#comment-17455025
 ] 

Bhavik Patel commented on RANGER-3030:
--

Updated spotbugs.plugin.version to "4.5.0.0" and updated RR for the same.

 

> Replace Findbugs with Spotbugs maven plugin
> ---
>
> Key: RANGER-3030
> URL: https://issues.apache.org/jira/browse/RANGER-3030
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: 3.0.0
>Reporter: Bhavik Patel
>Assignee: Bhavik Patel
>Priority: Minor
> Fix For: 3.0.0
>
> Attachments: 
> RANGER-3030-Replace-Findbugs-with-Spotbugs-maven-plu-1.patch, 
> RANGER-3030-Replace-Findbugs-with-Spotbugs-maven-plu.patch, 
> RANGER-3030-Replace-Findbugs-with-Spotbugs-maven-plu.patch
>
>
> Since Findbugs is no longer maintained, so it will be good to use the latest 
> version of the Spotbugs Maven plugin as a part of good coding practice.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3055) Make Ranger source code FIPS complaint

2021-12-08 Thread Ramesh Mani (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-3055?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-3055:

Fix Version/s: 3.0.0
   2.2.0

> Make Ranger source code FIPS complaint
> --
>
> Key: RANGER-3055
> URL: https://issues.apache.org/jira/browse/RANGER-3055
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Reporter: Dhaval Shah
>Assignee: Dhaval Shah
>Priority: Major
> Fix For: 3.0.0, 2.2.0
>
> Attachments: RANGER-3055.patch
>
>
> We need to check and make the following components FIPS compliant.
>  1.) Admin
>  2.) KMS
>  3.) UserSync
>  4.) TagSync



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3030) Replace Findbugs with Spotbugs maven plugin

2021-12-08 Thread Bhavik Patel (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-3030?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Bhavik Patel updated RANGER-3030:
-
Attachment: RANGER-3030-Replace-Findbugs-with-Spotbugs-maven-plu-1.patch

> Replace Findbugs with Spotbugs maven plugin
> ---
>
> Key: RANGER-3030
> URL: https://issues.apache.org/jira/browse/RANGER-3030
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: 3.0.0
>Reporter: Bhavik Patel
>Assignee: Bhavik Patel
>Priority: Minor
> Fix For: 3.0.0
>
> Attachments: 
> RANGER-3030-Replace-Findbugs-with-Spotbugs-maven-plu-1.patch, 
> RANGER-3030-Replace-Findbugs-with-Spotbugs-maven-plu.patch, 
> RANGER-3030-Replace-Findbugs-with-Spotbugs-maven-plu.patch
>
>
> Since Findbugs is no longer maintained, so it will be good to use the latest 
> version of the Spotbugs Maven plugin as a part of good coding practice.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

Re: Review Request 72941: RANGER-3030 : Replace Findbugs with Spotbugs maven plugin

2021-12-08 Thread bhavik patel 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72941/
---

(Updated Dec. 8, 2021, 8:03 a.m.)


Review request for ranger, Ankita Sinha, Dhaval Shah, Dineshkumar Yadav, Gautam 
Borad, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh 
Mani, Sailaja Polavarapu, and Velmurugan Periasamy.


Changes
---

updated to latest version.


Bugs: RANGER-3030
https://issues.apache.org/jira/browse/RANGER-3030


Repository: ranger


Description
---

Since Findbugs is no longer maintained, so it will be good to use the latest 
version of the Spotbugs Maven plugin as a part of good coding practice.


Diffs (updated)
-

  dev-support/findbugsIncludeFile.xml 8623906bd 
  dev-support/spotbugsIncludeFile.xml PRE-CREATION 
  pom.xml 11a695065 


Diff: https://reviews.apache.org/r/72941/diff/3/

Changes: https://reviews.apache.org/r/72941/diff/2-3/


Testing
---

erified "mvn spotbugs:check" successful.


Thanks,

bhavik patel