[jira] [Created] (RANGER-3962) Add preload directive to HSTS header
Mahesh Hanumant Bandal created RANGER-3962: -- Summary: Add preload directive to HSTS header Key: RANGER-3962 URL: https://issues.apache.org/jira/browse/RANGER-3962 Project: Ranger Issue Type: Improvement Components: kms, Ranger Affects Versions: 2.3.0, 3.0.0 Reporter: Mahesh Hanumant Bandal Assignee: Mahesh Hanumant Bandal "Preload" directive is absent in HSTS header. As security its recommended to have within HSTS header. ref: [https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html] -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (RANGER-3961) AuditFileSpool logs out all events that were not audited successfully
Mahesh Hanumant Bandal created RANGER-3961:
--
Summary: AuditFileSpool logs out all events that were not audited
successfully
Key: RANGER-3961
URL: https://issues.apache.org/jira/browse/RANGER-3961
Project: Ranger
Issue Type: Improvement
Components: Ranger
Affects Versions: 2.3.0, 3.0.0
Reporter: Mahesh Hanumant Bandal
Assignee: Mahesh Hanumant Bandal
In AuditFileSpool.java from line 901-905, there is this code:
{code:java}
} catch (Throwable t) {
logger.error("Error while sending logs to consumer. provider="
+ queueProvider.getName() + ", consumer="
+ consumerProvider.getName() + ", log=" + lines, t);
} {code}
Here the variable *lines* holds all the events that are in current batch, that
is 1000 by default (~0.5MB of strings). The batch can be configured even higher
that makes things worse.
If there is an issue in audit, a lot of huge strings will be logged out.
Suggesting to remove *lines* variable and/or add lines.size() to know how many
events were not sent.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Updated] (RANGER-3903) Bug in RangerPolicyDeltaUtil--> applyDeltas method
[
https://issues.apache.org/jira/browse/RANGER-3903?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ramachandran updated RANGER-3903:
-
Description:
After going through the below code snippets in the master branch
!screenshot-1.png!
>From the above code, we iterate delta policies and check if this policy exists
>in the existing policy, we add that to deletePolicies list.
If a delta change type is created, we expect that it should be in the
deletedPolicies list which will not happen.
So we need to add changeType == RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE as
part of the below block of code
!image-2022-11-08-09-22-05-188.png!
was:
After going through the below code snippets in the master branch
!screenshot-1.png!
while (iter.hasNext()) {
RangerPolicy policy = iter.next();
if (policyId.equals(policy.getId()) && (changeType ==
RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE || changeType ==
RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE))
{ deletedPolicies.add(policy); iter.remove(); }
}
switch (changeType) {
case RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE:
{
if (CollectionUtils.isNotEmpty(deletedPolicies))
{ LOG.warn("Unexpected: found existing policy for
CHANGE_TYPE_POLICY_CREATE: " + Arrays.toString(deletedPolicies.toArray()));
}
break;
}
case RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE:
{
if (CollectionUtils.isEmpty(deletedPolicies) ||
deletedPolicies.size() > 1)
{ LOG.warn("Unexpected: found no policy or multiple policies
for CHANGE_TYPE_POLICY_UPDATE: " + Arrays.toString(deletedPolicies.toArray()));
}
break;
}
case RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE:
{
if (CollectionUtils.isEmpty(deletedPolicies) ||
deletedPolicies.size() > 1)
{ LOG.warn("Unexpected: found no policy or multiple policies
for CHANGE_TYPE_POLICY_DELETE: " + Arrays.toString(deletedPolicies.toArray()));
}
break;
}
default:
break;
}
>From the above code, we iterate delta policies and check if this policy exists
>in the existing policy, we add that to deletePolicies list.
If a delta change type is created, we expect that it should be in the
deletedPolicies list which will not happen.
So we need to add changeType == RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE as
part of the below block of code
!image-2022-11-08-09-22-05-188.png!
> Bug in RangerPolicyDeltaUtil--> applyDeltas method
> --
>
> Key: RANGER-3903
> URL: https://issues.apache.org/jira/browse/RANGER-3903
> Project: Ranger
> Issue Type: Improvement
> Components: Ranger
>Affects Versions: 3.0.0
>Reporter: Ramachandran
>Assignee: Ramachandran
>Priority: Major
> Attachments:
> 0001-RANGER-3903-Bug-in-RangerPolicyDeltaUtil-applyDeltas.patch,
> image-2022-11-08-09-22-05-188.png, screenshot-1.png
>
>
> After going through the below code snippets in the master branch
> !screenshot-1.png!
> From the above code, we iterate delta policies and check if this policy
> exists in the existing policy, we add that to deletePolicies list.
> If a delta change type is created, we expect that it should be in the
> deletedPolicies list which will not happen.
> So we need to add changeType == RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE
> as part of the below block of code
> !image-2022-11-08-09-22-05-188.png!
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Updated] (RANGER-3903) Bug in RangerPolicyDeltaUtil--> applyDeltas method
[
https://issues.apache.org/jira/browse/RANGER-3903?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ramachandran updated RANGER-3903:
-
Attachment: screenshot-1.png
> Bug in RangerPolicyDeltaUtil--> applyDeltas method
> --
>
> Key: RANGER-3903
> URL: https://issues.apache.org/jira/browse/RANGER-3903
> Project: Ranger
> Issue Type: Improvement
> Components: Ranger
>Affects Versions: 3.0.0
>Reporter: Ramachandran
>Assignee: Ramachandran
>Priority: Major
> Attachments:
> 0001-RANGER-3903-Bug-in-RangerPolicyDeltaUtil-applyDeltas.patch,
> image-2022-11-08-09-22-05-188.png, screenshot-1.png
>
>
> After going through the below code snippets in the master branch
> while (iter.hasNext()) {
> RangerPolicy policy = iter.next();
> if (policyId.equals(policy.getId()) && (changeType ==
> RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE || changeType ==
> RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE))
> { deletedPolicies.add(policy); iter.remove(); }
> }
> switch (changeType) {
> case RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE:
> {
> if (CollectionUtils.isNotEmpty(deletedPolicies))
> { LOG.warn("Unexpected: found existing policy for
> CHANGE_TYPE_POLICY_CREATE: " + Arrays.toString(deletedPolicies.toArray()));
> }
> break;
> }
> case RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE:
> {
> if (CollectionUtils.isEmpty(deletedPolicies) ||
> deletedPolicies.size() > 1)
> { LOG.warn("Unexpected: found no policy or multiple policies
> for CHANGE_TYPE_POLICY_UPDATE: " +
> Arrays.toString(deletedPolicies.toArray())); }
> break;
> }
> case RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE:
> {
> if (CollectionUtils.isEmpty(deletedPolicies) ||
> deletedPolicies.size() > 1)
> { LOG.warn("Unexpected: found no policy or multiple policies
> for CHANGE_TYPE_POLICY_DELETE: " +
> Arrays.toString(deletedPolicies.toArray())); }
> break;
> }
> default:
> break;
> }
> From the above code, we iterate delta policies and check if this policy
> exists in the existing policy, we add that to deletePolicies list.
> If a delta change type is created, we expect that it should be in the
> deletedPolicies list which will not happen.
> So we need to add changeType == RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE
> as part of the below block of code
> !image-2022-11-08-09-22-05-188.png!
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Updated] (RANGER-3903) Bug in RangerPolicyDeltaUtil--> applyDeltas method
[
https://issues.apache.org/jira/browse/RANGER-3903?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ramachandran updated RANGER-3903:
-
Description:
After going through the below code snippets in the master branch
!screenshot-1.png!
while (iter.hasNext()) {
RangerPolicy policy = iter.next();
if (policyId.equals(policy.getId()) && (changeType ==
RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE || changeType ==
RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE))
{ deletedPolicies.add(policy); iter.remove(); }
}
switch (changeType) {
case RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE:
{
if (CollectionUtils.isNotEmpty(deletedPolicies))
{ LOG.warn("Unexpected: found existing policy for
CHANGE_TYPE_POLICY_CREATE: " + Arrays.toString(deletedPolicies.toArray()));
}
break;
}
case RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE:
{
if (CollectionUtils.isEmpty(deletedPolicies) ||
deletedPolicies.size() > 1)
{ LOG.warn("Unexpected: found no policy or multiple policies
for CHANGE_TYPE_POLICY_UPDATE: " + Arrays.toString(deletedPolicies.toArray()));
}
break;
}
case RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE:
{
if (CollectionUtils.isEmpty(deletedPolicies) ||
deletedPolicies.size() > 1)
{ LOG.warn("Unexpected: found no policy or multiple policies
for CHANGE_TYPE_POLICY_DELETE: " + Arrays.toString(deletedPolicies.toArray()));
}
break;
}
default:
break;
}
>From the above code, we iterate delta policies and check if this policy exists
>in the existing policy, we add that to deletePolicies list.
If a delta change type is created, we expect that it should be in the
deletedPolicies list which will not happen.
So we need to add changeType == RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE as
part of the below block of code
!image-2022-11-08-09-22-05-188.png!
was:
After going through the below code snippets in the master branch
while (iter.hasNext()) {
RangerPolicy policy = iter.next();
if (policyId.equals(policy.getId()) && (changeType ==
RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE || changeType ==
RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE))
{ deletedPolicies.add(policy); iter.remove(); }
}
switch (changeType) {
case RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE:
{
if (CollectionUtils.isNotEmpty(deletedPolicies))
{ LOG.warn("Unexpected: found existing policy for
CHANGE_TYPE_POLICY_CREATE: " + Arrays.toString(deletedPolicies.toArray()));
}
break;
}
case RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE:
{
if (CollectionUtils.isEmpty(deletedPolicies) ||
deletedPolicies.size() > 1)
{ LOG.warn("Unexpected: found no policy or multiple policies
for CHANGE_TYPE_POLICY_UPDATE: " + Arrays.toString(deletedPolicies.toArray()));
}
break;
}
case RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE:
{
if (CollectionUtils.isEmpty(deletedPolicies) ||
deletedPolicies.size() > 1)
{ LOG.warn("Unexpected: found no policy or multiple policies
for CHANGE_TYPE_POLICY_DELETE: " + Arrays.toString(deletedPolicies.toArray()));
}
break;
}
default:
break;
}
>From the above code, we iterate delta policies and check if this policy exists
>in the existing policy, we add that to deletePolicies list.
If a delta change type is created, we expect that it should be in the
deletedPolicies list which will not happen.
So we need to add changeType == RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE as
part of the below block of code
!image-2022-11-08-09-22-05-188.png!
> Bug in RangerPolicyDeltaUtil--> applyDeltas method
> --
>
> Key: RANGER-3903
> URL: https://issues.apache.org/jira/browse/RANGER-3903
> Project: Ranger
> Issue Type: Improvement
> Components: Ranger
>Affects Versions: 3.0.0
>Reporter: Ramachandran
>Assignee: Ramachandran
>Priority: Major
> Attachments:
> 0001-RANGER-3903-Bug-in-RangerPolicyDeltaUtil-applyDeltas.patch,
> image-2022-11-08-09-22-05-188.png, screenshot-1.png
>
>
> After going through the below code snippets in the master branch
> !screenshot-1.png!
> while (iter.hasNext()) {
> RangerPolicy policy = iter.next();
> if (policyId.equals(policy.getId()) && (changeType ==
> RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE || changeType ==
> RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE))
> { deletedPolicies.add(policy); iter.remove(); }
> }
> switch
[jira] [Comment Edited] (RANGER-3903) Bug in RangerPolicyDeltaUtil--> applyDeltas method
[
https://issues.apache.org/jira/browse/RANGER-3903?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17603469#comment-17603469
]
Ramachandran edited comment on RANGER-3903 at 11/8/22 3:57 AM:
---
The review is available here -[https://reviews.apache.org/r/74112/]
cc >> [~mad...@apache.org] [~abhayk]
was (Author: JIRAUSER295265):
The review is available here -[https://reviews.apache.org/r/74112/]
cc >> [~mad...@apache.org] [~abhayk]
> Bug in RangerPolicyDeltaUtil--> applyDeltas method
> --
>
> Key: RANGER-3903
> URL: https://issues.apache.org/jira/browse/RANGER-3903
> Project: Ranger
> Issue Type: Improvement
> Components: Ranger
>Affects Versions: 3.0.0
>Reporter: Ramachandran
>Assignee: Ramachandran
>Priority: Major
> Attachments:
> 0001-RANGER-3903-Bug-in-RangerPolicyDeltaUtil-applyDeltas.patch,
> image-2022-11-08-09-22-05-188.png
>
>
> After going through the below code snippets in the master branch
> while (iter.hasNext()) {
> RangerPolicy policy = iter.next();
> if (policyId.equals(policy.getId()) && (changeType ==
> RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE || changeType ==
> RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE))
> { deletedPolicies.add(policy); iter.remove(); }
> }
> switch (changeType) {
> case RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE:
> {
> if (CollectionUtils.isNotEmpty(deletedPolicies))
> { LOG.warn("Unexpected: found existing policy for
> CHANGE_TYPE_POLICY_CREATE: " + Arrays.toString(deletedPolicies.toArray()));
> }
> break;
> }
> case RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE:
> {
> if (CollectionUtils.isEmpty(deletedPolicies) ||
> deletedPolicies.size() > 1)
> { LOG.warn("Unexpected: found no policy or multiple policies
> for CHANGE_TYPE_POLICY_UPDATE: " +
> Arrays.toString(deletedPolicies.toArray())); }
> break;
> }
> case RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE:
> {
> if (CollectionUtils.isEmpty(deletedPolicies) ||
> deletedPolicies.size() > 1)
> { LOG.warn("Unexpected: found no policy or multiple policies
> for CHANGE_TYPE_POLICY_DELETE: " +
> Arrays.toString(deletedPolicies.toArray())); }
> break;
> }
> default:
> break;
> }
> From the above code, we iterate delta policies and check if this policy
> exists in the existing policy, we add that to deletePolicies list.
> If a delta change type is created, we expect that it should be in the
> deletedPolicies list which will not happen.
> So we need to add changeType == RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE
> as part of the below block of code
> !image-2022-11-08-09-22-05-188.png!
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Updated] (RANGER-3903) Bug in RangerPolicyDeltaUtil--> applyDeltas method
[
https://issues.apache.org/jira/browse/RANGER-3903?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ramachandran updated RANGER-3903:
-
Attachment: 0001-RANGER-3903-Bug-in-RangerPolicyDeltaUtil-applyDeltas.patch
> Bug in RangerPolicyDeltaUtil--> applyDeltas method
> --
>
> Key: RANGER-3903
> URL: https://issues.apache.org/jira/browse/RANGER-3903
> Project: Ranger
> Issue Type: Improvement
> Components: Ranger
>Affects Versions: 3.0.0
>Reporter: Ramachandran
>Assignee: Ramachandran
>Priority: Major
> Attachments:
> 0001-RANGER-3903-Bug-in-RangerPolicyDeltaUtil-applyDeltas.patch,
> image-2022-11-08-09-22-05-188.png
>
>
> After going through the below code snippets in the master branch
> while (iter.hasNext()) {
> RangerPolicy policy = iter.next();
> if (policyId.equals(policy.getId()) && (changeType ==
> RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE || changeType ==
> RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE))
> { deletedPolicies.add(policy); iter.remove(); }
> }
> switch (changeType) {
> case RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE:
> {
> if (CollectionUtils.isNotEmpty(deletedPolicies))
> { LOG.warn("Unexpected: found existing policy for
> CHANGE_TYPE_POLICY_CREATE: " + Arrays.toString(deletedPolicies.toArray()));
> }
> break;
> }
> case RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE:
> {
> if (CollectionUtils.isEmpty(deletedPolicies) ||
> deletedPolicies.size() > 1)
> { LOG.warn("Unexpected: found no policy or multiple policies
> for CHANGE_TYPE_POLICY_UPDATE: " +
> Arrays.toString(deletedPolicies.toArray())); }
> break;
> }
> case RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE:
> {
> if (CollectionUtils.isEmpty(deletedPolicies) ||
> deletedPolicies.size() > 1)
> { LOG.warn("Unexpected: found no policy or multiple policies
> for CHANGE_TYPE_POLICY_DELETE: " +
> Arrays.toString(deletedPolicies.toArray())); }
> break;
> }
> default:
> break;
> }
> From the above code, we iterate delta policies and check if this policy
> exists in the existing policy, we add that to deletePolicies list.
> If a delta change type is created, we expect that it should be in the
> deletedPolicies list which will not happen.
> So we need to add changeType == RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE
> as part of the below block of code
> !image-2022-11-08-09-22-05-188.png!
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Updated] (RANGER-3903) Bug in RangerPolicyDeltaUtil--> applyDeltas method
[
https://issues.apache.org/jira/browse/RANGER-3903?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ramachandran updated RANGER-3903:
-
Attachment: (was:
0001-RANGER-3897-Improvements-in-RangerPolicyDeltaUtil-ap.patch)
> Bug in RangerPolicyDeltaUtil--> applyDeltas method
> --
>
> Key: RANGER-3903
> URL: https://issues.apache.org/jira/browse/RANGER-3903
> Project: Ranger
> Issue Type: Improvement
> Components: Ranger
>Affects Versions: 3.0.0
>Reporter: Ramachandran
>Assignee: Ramachandran
>Priority: Major
> Attachments:
> 0001-RANGER-3903-Bug-in-RangerPolicyDeltaUtil-applyDeltas.patch,
> image-2022-11-08-09-22-05-188.png
>
>
> After going through the below code snippets in the master branch
> while (iter.hasNext()) {
> RangerPolicy policy = iter.next();
> if (policyId.equals(policy.getId()) && (changeType ==
> RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE || changeType ==
> RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE))
> { deletedPolicies.add(policy); iter.remove(); }
> }
> switch (changeType) {
> case RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE:
> {
> if (CollectionUtils.isNotEmpty(deletedPolicies))
> { LOG.warn("Unexpected: found existing policy for
> CHANGE_TYPE_POLICY_CREATE: " + Arrays.toString(deletedPolicies.toArray()));
> }
> break;
> }
> case RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE:
> {
> if (CollectionUtils.isEmpty(deletedPolicies) ||
> deletedPolicies.size() > 1)
> { LOG.warn("Unexpected: found no policy or multiple policies
> for CHANGE_TYPE_POLICY_UPDATE: " +
> Arrays.toString(deletedPolicies.toArray())); }
> break;
> }
> case RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE:
> {
> if (CollectionUtils.isEmpty(deletedPolicies) ||
> deletedPolicies.size() > 1)
> { LOG.warn("Unexpected: found no policy or multiple policies
> for CHANGE_TYPE_POLICY_DELETE: " +
> Arrays.toString(deletedPolicies.toArray())); }
> break;
> }
> default:
> break;
> }
> From the above code, we iterate delta policies and check if this policy
> exists in the existing policy, we add that to deletePolicies list.
> If a delta change type is created, we expect that it should be in the
> deletedPolicies list which will not happen.
> So we need to add changeType == RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE
> as part of the below block of code
> !image-2022-11-08-09-22-05-188.png!
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
Re: Review Request 74112: Bug in RangerPolicyDeltaUtil--> applyDeltas method
---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74112/
---
(Updated Nov. 8, 2022, 3:56 a.m.)
Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, Nikhil P, Pradeep
Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja Polavarapu, and Velmurugan
Periasamy.
Bugs: RANGER-3903
https://issues.apache.org/jira/browse/RANGER-3903
Repository: ranger
Description
---
After going through the below code snippets in the master branch
while (iter.hasNext()) {
RangerPolicy policy = iter.next();
if (policyId.equals(policy.getId()) && (changeType ==
RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE || changeType ==
RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE)) {
deletedPolicies.add(policy);
iter.remove();
}
}
switch (changeType) {
case RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE:
{
if (CollectionUtils.isNotEmpty(deletedPolicies)) {
LOG.warn("Unexpected: found existing policy for
CHANGE_TYPE_POLICY_CREATE: " + Arrays.toString(deletedPolicies.toArray()));
}
break;
}
case RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE:
{
if (CollectionUtils.isEmpty(deletedPolicies) ||
deletedPolicies.size() > 1) {
LOG.warn("Unexpected: found no policy or multiple policies for
CHANGE_TYPE_POLICY_UPDATE: " + Arrays.toString(deletedPolicies.toArray()));
}
break;
}
case RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE:
{
if (CollectionUtils.isEmpty(deletedPolicies) ||
deletedPolicies.size() > 1) {
LOG.warn("Unexpected: found no policy or multiple policies for
CHANGE_TYPE_POLICY_DELETE: " + Arrays.toString(deletedPolicies.toArray()));
}
break;
}
default:
break;
}
>From the above code, we iterate delta policies and check if this policy exists
>in the existing policy, we add that to deletePolicies list.
If a delta change type is created, we expect that it should not be in the
existing old policy which should not have happened. So the below block code is
not needed
case RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE: {
if
(CollectionUtils.isNotEmpty(deletedPolicies)) {
LOG.warn("Unexpected: found existing policy
for CHANGE_TYPE_POLICY_CREATE: " + Arrays.toString(deletedPolicies.toArray()));
}
break;
}
Diffs (updated)
-
agents-common/src/main/java/org/apache/ranger/plugin/util/RangerPolicyDeltaUtil.java
e9223fe69
Diff: https://reviews.apache.org/r/74112/diff/3/
Changes: https://reviews.apache.org/r/74112/diff/2-3/
Testing
---
Tested the below Rest API's to make sure everything works fine
1. ServiceREST Rest API :GET /plugins/policies/download/{serviceName}
2. ServiceREST Rest API :GET /plugins/secure/policies/download/{serviceName}
Thanks,
Ramachandran Krishnan
[jira] [Updated] (RANGER-3903) Bug in RangerPolicyDeltaUtil--> applyDeltas method
[
https://issues.apache.org/jira/browse/RANGER-3903?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ramachandran updated RANGER-3903:
-
Attachment: image-2022-11-08-09-22-05-188.png
> Bug in RangerPolicyDeltaUtil--> applyDeltas method
> --
>
> Key: RANGER-3903
> URL: https://issues.apache.org/jira/browse/RANGER-3903
> Project: Ranger
> Issue Type: Improvement
> Components: Ranger
>Affects Versions: 3.0.0
>Reporter: Ramachandran
>Assignee: Ramachandran
>Priority: Major
> Attachments:
> 0001-RANGER-3897-Improvements-in-RangerPolicyDeltaUtil-ap.patch,
> image-2022-11-08-09-22-05-188.png
>
>
> After going through the below code snippets in the master branch
> while (iter.hasNext()) {
> RangerPolicy policy = iter.next();
> if (policyId.equals(policy.getId()) && (changeType ==
> RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE || changeType ==
> RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE)) {
> deletedPolicies.add(policy);
> iter.remove();
> }
> }
> switch (changeType) {
> case RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE:
> {
> if (CollectionUtils.isNotEmpty(deletedPolicies)) {
> LOG.warn("Unexpected: found existing policy for
> CHANGE_TYPE_POLICY_CREATE: " + Arrays.toString(deletedPolicies.toArray()));
> }
> break;
> }
> case RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE:
> {
> if (CollectionUtils.isEmpty(deletedPolicies) ||
> deletedPolicies.size() > 1) {
> LOG.warn("Unexpected: found no policy or multiple policies
> for CHANGE_TYPE_POLICY_UPDATE: " +
> Arrays.toString(deletedPolicies.toArray()));
> }
> break;
> }
> case RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE:
> {
> if (CollectionUtils.isEmpty(deletedPolicies) ||
> deletedPolicies.size() > 1) {
> LOG.warn("Unexpected: found no policy or multiple policies
> for CHANGE_TYPE_POLICY_DELETE: " +
> Arrays.toString(deletedPolicies.toArray()));
> }
> break;
> }
> default:
> break;
> }
> From the above code, we iterate delta policies and check if this policy
> exists in the existing policy, we add that to deletePolicies list.
> If a delta change type is created, we expect that it should be in the
> deletedPolicies list which will not happen.
> So we need to add changeType == RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE
> as part of the below block of code
> if (policyId.equals(policy.getId()) && (changeType ==
> RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE
> ||
> changeType == RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE
> ||
> changeType == RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE)) {
> deletedPolicies.add(policy);
> iter.remove();
> }
> }
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Updated] (RANGER-3903) Bug in RangerPolicyDeltaUtil--> applyDeltas method
[
https://issues.apache.org/jira/browse/RANGER-3903?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ramachandran updated RANGER-3903:
-
Description:
After going through the below code snippets in the master branch
while (iter.hasNext()) {
RangerPolicy policy = iter.next();
if (policyId.equals(policy.getId()) && (changeType ==
RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE || changeType ==
RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE))
{ deletedPolicies.add(policy); iter.remove(); }
}
switch (changeType) {
case RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE:
{
if (CollectionUtils.isNotEmpty(deletedPolicies))
{ LOG.warn("Unexpected: found existing policy for
CHANGE_TYPE_POLICY_CREATE: " + Arrays.toString(deletedPolicies.toArray()));
}
break;
}
case RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE:
{
if (CollectionUtils.isEmpty(deletedPolicies) ||
deletedPolicies.size() > 1)
{ LOG.warn("Unexpected: found no policy or multiple policies
for CHANGE_TYPE_POLICY_UPDATE: " + Arrays.toString(deletedPolicies.toArray()));
}
break;
}
case RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE:
{
if (CollectionUtils.isEmpty(deletedPolicies) ||
deletedPolicies.size() > 1)
{ LOG.warn("Unexpected: found no policy or multiple policies
for CHANGE_TYPE_POLICY_DELETE: " + Arrays.toString(deletedPolicies.toArray()));
}
break;
}
default:
break;
}
>From the above code, we iterate delta policies and check if this policy exists
>in the existing policy, we add that to deletePolicies list.
If a delta change type is created, we expect that it should be in the
deletedPolicies list which will not happen.
So we need to add changeType == RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE as
part of the below block of code
!image-2022-11-08-09-22-05-188.png!
was:
After going through the below code snippets in the master branch
while (iter.hasNext()) {
RangerPolicy policy = iter.next();
if (policyId.equals(policy.getId()) && (changeType ==
RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE || changeType ==
RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE)) {
deletedPolicies.add(policy);
iter.remove();
}
}
switch (changeType) {
case RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE:
{
if (CollectionUtils.isNotEmpty(deletedPolicies)) {
LOG.warn("Unexpected: found existing policy for
CHANGE_TYPE_POLICY_CREATE: " + Arrays.toString(deletedPolicies.toArray()));
}
break;
}
case RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE:
{
if (CollectionUtils.isEmpty(deletedPolicies) ||
deletedPolicies.size() > 1) {
LOG.warn("Unexpected: found no policy or multiple policies for
CHANGE_TYPE_POLICY_UPDATE: " + Arrays.toString(deletedPolicies.toArray()));
}
break;
}
case RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE:
{
if (CollectionUtils.isEmpty(deletedPolicies) ||
deletedPolicies.size() > 1) {
LOG.warn("Unexpected: found no policy or multiple policies for
CHANGE_TYPE_POLICY_DELETE: " + Arrays.toString(deletedPolicies.toArray()));
}
break;
}
default:
break;
}
>From the above code, we iterate delta policies and check if this policy exists
>in the existing policy, we add that to deletePolicies list.
If a delta change type is created, we expect that it should be in the
deletedPolicies list which will not happen.
So we need to add changeType == RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE as
part of the below block of code
if (policyId.equals(policy.getId()) && (changeType ==
RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE
||
changeType == RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE
||
changeType == RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE)) {
deletedPolicies.add(policy);
iter.remove();
}
}
> Bug in RangerPolicyDeltaUtil--> applyDeltas method
> --
>
> Key: RANGER-3903
> URL: https://issues.apache.org/jira/browse/RANGER-3903
> Project: Ranger
> Issue Type: Improvement
> Components: Ranger
>Affects Versions: 3.0.0
>Reporter: Ramachandran
>Assignee: Ramachandran
>Priority: Major
> Attachments:
> 0001-RANGER-3897-Improvements-in-RangerPolicyDeltaUtil-ap.patch,
>
[jira] [Updated] (RANGER-3903) Bug in RangerPolicyDeltaUtil--> applyDeltas method
[
https://issues.apache.org/jira/browse/RANGER-3903?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ramachandran updated RANGER-3903:
-
Description:
After going through the below code snippets in the master branch
while (iter.hasNext()) {
RangerPolicy policy = iter.next();
if (policyId.equals(policy.getId()) && (changeType ==
RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE || changeType ==
RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE)) {
deletedPolicies.add(policy);
iter.remove();
}
}
switch (changeType) {
case RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE:
{
if (CollectionUtils.isNotEmpty(deletedPolicies)) {
LOG.warn("Unexpected: found existing policy for
CHANGE_TYPE_POLICY_CREATE: " + Arrays.toString(deletedPolicies.toArray()));
}
break;
}
case RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE:
{
if (CollectionUtils.isEmpty(deletedPolicies) ||
deletedPolicies.size() > 1) {
LOG.warn("Unexpected: found no policy or multiple policies for
CHANGE_TYPE_POLICY_UPDATE: " + Arrays.toString(deletedPolicies.toArray()));
}
break;
}
case RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE:
{
if (CollectionUtils.isEmpty(deletedPolicies) ||
deletedPolicies.size() > 1) {
LOG.warn("Unexpected: found no policy or multiple policies for
CHANGE_TYPE_POLICY_DELETE: " + Arrays.toString(deletedPolicies.toArray()));
}
break;
}
default:
break;
}
>From the above code, we iterate delta policies and check if this policy exists
>in the existing policy, we add that to deletePolicies list.
If a delta change type is created, we expect that it should be in the
deletedPolicies list which will not happen.
So we need to add changeType == RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE as
part of the below block of code
if (policyId.equals(policy.getId()) && (changeType ==
RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE
||
changeType == RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE
||
changeType == RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE)) {
deletedPolicies.add(policy);
iter.remove();
}
}
was:
{code:java}
while (iter.hasNext()) {
RangerPolicy policy = iter.next();
if (policyId.equals(policy.getId()) && (changeType ==
RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE || changeType ==
RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE)) {
deletedPolicies.add(policy);
iter.remove();
}
}
switch (changeType) {
case RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE:
{
if (CollectionUtils.isNotEmpty(deletedPolicies)) {
LOG.warn("Unexpected: found existing policy for
CHANGE_TYPE_POLICY_CREATE: " + Arrays.toString(deletedPolicies.toArray()));
}
break;
}
case RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE:
{
if (CollectionUtils.isEmpty(deletedPolicies) ||
deletedPolicies.size() > 1) {
LOG.warn("Unexpected: found no policy or multiple policies for
CHANGE_TYPE_POLICY_UPDATE: " + Arrays.toString(deletedPolicies.toArray()));
}
break;
}
case RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE:
{
if (CollectionUtils.isEmpty(deletedPolicies) ||
deletedPolicies.size() > 1) {
LOG.warn("Unexpected: found no policy or multiple policies for
CHANGE_TYPE_POLICY_DELETE: " + Arrays.toString(deletedPolicies.toArray()));
}
break;
}
default:
break;
}{code}
>From the above code, we iterate delta policies and check if this policy exists
>in the existing policy, we add that to deletePolicies list.
If a delta change type is created, we expect that it should not be in the
existing old policy which should not have happened. So the below block code is
not needed
{code:java}
case RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE: {
if
(CollectionUtils.isNotEmpty(deletedPolicies)) {
LOG.warn("Unexpected: found existing policy
for CHANGE_TYPE_POLICY_CREATE: " + Arrays.toString(deletedPolicies.toArray()));
}
break;
}{code}
> Bug in RangerPolicyDeltaUtil--> applyDeltas method
> --
>
> Key: RANGER-3903
> URL: https://issues.apache.org/jira/browse/RANGER-3903
> Project: Ranger
> Issue Type: Improvement
>
[jira] [Updated] (RANGER-3903) Bug in RangerPolicyDeltaUtil--> applyDeltas method
[
https://issues.apache.org/jira/browse/RANGER-3903?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ramachandran updated RANGER-3903:
-
Summary: Bug in RangerPolicyDeltaUtil--> applyDeltas method (was:
Improvements in RangerPolicyDeltaUtil--> applyDeltas method)
> Bug in RangerPolicyDeltaUtil--> applyDeltas method
> --
>
> Key: RANGER-3903
> URL: https://issues.apache.org/jira/browse/RANGER-3903
> Project: Ranger
> Issue Type: Improvement
> Components: Ranger
>Affects Versions: 3.0.0
>Reporter: Ramachandran
>Assignee: Ramachandran
>Priority: Major
> Attachments:
> 0001-RANGER-3897-Improvements-in-RangerPolicyDeltaUtil-ap.patch
>
>
>
> {code:java}
> while (iter.hasNext()) {
> RangerPolicy policy = iter.next();
> if (policyId.equals(policy.getId()) && (changeType ==
> RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE || changeType ==
> RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE)) {
> deletedPolicies.add(policy);
> iter.remove();
> }
> }
> switch (changeType) {
> case RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE:
> {
> if (CollectionUtils.isNotEmpty(deletedPolicies)) {
> LOG.warn("Unexpected: found existing policy for
> CHANGE_TYPE_POLICY_CREATE: " + Arrays.toString(deletedPolicies.toArray()));
> }
> break;
> }
> case RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE:
> {
> if (CollectionUtils.isEmpty(deletedPolicies) ||
> deletedPolicies.size() > 1) {
> LOG.warn("Unexpected: found no policy or multiple policies
> for CHANGE_TYPE_POLICY_UPDATE: " +
> Arrays.toString(deletedPolicies.toArray()));
> }
> break;
> }
> case RangerPolicyDelta.CHANGE_TYPE_POLICY_DELETE:
> {
> if (CollectionUtils.isEmpty(deletedPolicies) ||
> deletedPolicies.size() > 1) {
> LOG.warn("Unexpected: found no policy or multiple policies
> for CHANGE_TYPE_POLICY_DELETE: " +
> Arrays.toString(deletedPolicies.toArray()));
> }
> break;
> }
> default:
> break;
> }{code}
> From the above code, we iterate delta policies and check if this policy
> exists in the existing policy, we add that to deletePolicies list.
> If a delta change type is created, we expect that it should not be in the
> existing old policy which should not have happened. So the below block code
> is not needed
> {code:java}
> case RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE: {
> if
> (CollectionUtils.isNotEmpty(deletedPolicies)) {
> LOG.warn("Unexpected: found existing
> policy for CHANGE_TYPE_POLICY_CREATE: " +
> Arrays.toString(deletedPolicies.toArray()));
> }
> break;
> }{code}
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Updated] (RANGER-3960) RANGER - Upgrade spring-security version to 5.7.5
[ https://issues.apache.org/jira/browse/RANGER-3960?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Pradeep Agrawal updated RANGER-3960: Description: Currently ranger is pulling spring-security version-5.7.2, upgrade it to 5.7.5 (was: Currently ranger is pulling spring-security version-5.6.5, upgrade it to 5.6.9) > RANGER - Upgrade spring-security version to 5.7.5 > - > > Key: RANGER-3960 > URL: https://issues.apache.org/jira/browse/RANGER-3960 > Project: Ranger > Issue Type: Task > Components: Ranger >Affects Versions: 3.0.0 >Reporter: Pradeep Agrawal >Assignee: Pradeep Agrawal >Priority: Major > Fix For: 3.0.0, 2.4.0 > > > Currently ranger is pulling spring-security version-5.7.2, upgrade it to 5.7.5 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (RANGER-3960) RANGER - Upgrade spring-security version to 5.7.5
[ https://issues.apache.org/jira/browse/RANGER-3960?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Pradeep Agrawal updated RANGER-3960: Summary: RANGER - Upgrade spring-security version to 5.7.5 (was: RANGER - Upgrade spring-security version to 5.6.9) > RANGER - Upgrade spring-security version to 5.7.5 > - > > Key: RANGER-3960 > URL: https://issues.apache.org/jira/browse/RANGER-3960 > Project: Ranger > Issue Type: Task > Components: Ranger >Affects Versions: 3.0.0 >Reporter: Pradeep Agrawal >Assignee: Pradeep Agrawal >Priority: Major > Fix For: 3.0.0, 2.4.0 > > > Currently ranger is pulling spring-security version-5.6.5, upgrade it to 5.6.9 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Assigned] (RANGER-3960) RANGER - Upgrade spring-security version to 5.6.9
[ https://issues.apache.org/jira/browse/RANGER-3960?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Pradeep Agrawal reassigned RANGER-3960: --- Assignee: Pradeep Agrawal (was: Mateen Mansoori) > RANGER - Upgrade spring-security version to 5.6.9 > - > > Key: RANGER-3960 > URL: https://issues.apache.org/jira/browse/RANGER-3960 > Project: Ranger > Issue Type: Task > Components: Ranger >Affects Versions: 3.0.0 >Reporter: Pradeep Agrawal >Assignee: Pradeep Agrawal >Priority: Major > Fix For: 3.0.0, 2.4.0 > > > Currently ranger is pulling spring-security version-5.6.5, upgrade it to 5.6.9 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (RANGER-3960) RANGER - Upgrade spring-security version to 5.6.9
[ https://issues.apache.org/jira/browse/RANGER-3960?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Pradeep Agrawal updated RANGER-3960: Description: Currently ranger is pulling spring-security version-5.6.5, upgrade it to 5.6.9 (was: Currently ranger is pulling spring-security version-5.6.3, upgrade it to 5.6.5) > RANGER - Upgrade spring-security version to 5.6.9 > - > > Key: RANGER-3960 > URL: https://issues.apache.org/jira/browse/RANGER-3960 > Project: Ranger > Issue Type: Task > Components: Ranger >Affects Versions: 3.0.0 >Reporter: Pradeep Agrawal >Assignee: Mateen Mansoori >Priority: Major > Fix For: 3.0.0, 2.4.0 > > > Currently ranger is pulling spring-security version-5.6.5, upgrade it to 5.6.9 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (RANGER-3960) RANGER - Upgrade spring-security version to 5.6.9
Pradeep Agrawal created RANGER-3960: --- Summary: RANGER - Upgrade spring-security version to 5.6.9 Key: RANGER-3960 URL: https://issues.apache.org/jira/browse/RANGER-3960 Project: Ranger Issue Type: Task Components: Ranger Affects Versions: 3.0.0 Reporter: Pradeep Agrawal Assignee: Mateen Mansoori Fix For: 3.0.0, 2.4.0 Currently ranger is pulling spring-security version-5.6.3, upgrade it to 5.6.5 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (RANGER-2128) Implement SparkSQL plugin
[ https://issues.apache.org/jira/browse/RANGER-2128?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17629736#comment-17629736 ] Bhavik Patel commented on RANGER-2128: -- Anyone got chance to review updated patch? > Implement SparkSQL plugin > - > > Key: RANGER-2128 > URL: https://issues.apache.org/jira/browse/RANGER-2128 > Project: Ranger > Issue Type: New Feature > Components: plugins, Ranger >Affects Versions: 1.1.0 >Reporter: t oo >Assignee: Kent Yao >Priority: Major > Attachments: image-2022-10-10-14-25-30-218.png, support_ranger11.tgz > > Time Spent: 1h 20m > Remaining Estimate: 0h > > Implement SparkSQL plugin -- This message was sent by Atlassian Jira (v8.20.10#820010)
