Re: Review Request 74528: RANGER-4325: GDS: Need api for collective search of user/group/roles

2023-08-01 Thread Prashant Satam 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74528/
---

(Updated Aug. 1, 2023, 7:07 a.m.)


Review request for ranger, Madhan Neethiraj and Subhrat Chaudhary.


Summary (updated)
-

RANGER-4325: GDS: Need api for collective search of user/group/roles


Bugs: RANGER-4325
https://issues.apache.org/jira/browse/RANGER-4325


Repository: ranger


Description
---

We get users,groups,roles all we get in response from one API 
(/xusers/users/groups/roles) we can also pass Query Params like name,isVisible 
Also we can PartialSearch Name for users,groups,roles


Diffs (updated)
-

  security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java 9a2253a3d 


Diff: https://reviews.apache.org/r/74528/diff/2/

Changes: https://reviews.apache.org/r/74528/diff/1-2/


Testing
---

We get users,groups,roles combined in response from API 
(/xusers/users/groups/roles) we can pass query params like name(PartialSearch 
Available),isVisible to filter the users,groups,roles we get in response


Thanks,

Prashant Satam

Review Request 74532: RANGER:4323 GDS: Need new api to get details of dataset listing page.

2023-08-01 Thread Prashant Satam 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74532/
---

Review request for ranger, Madhan Neethiraj and Subhrat Chaudhary.


Bugs: RANGER-4323
https://issues.apache.org/jira/browse/RANGER-4323


Repository: ranger


Description
---

The API /gds/mydataset gives List of Dataset with  
(dataSharesActiveCount,dataSharesPendingCount,usersCount,groupsCount,rolesCount,projectsCount,LoggedInUsers
 GDS permission) for a particular Dataset


Diffs
-

  security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java 817bc3d38 
  
security-admin/src/main/java/org/apache/ranger/db/XXGdsDataShareInDatasetDao.java
 52c441104 
  
security-admin/src/main/java/org/apache/ranger/db/XXGdsDatasetInProjectDao.java 
06bf67105 
  security-admin/src/main/java/org/apache/ranger/rest/GdsREST.java 653e397d4 
  security-admin/src/main/java/org/apache/ranger/view/RangerDatasetHeader.java 
PRE-CREATION 
  security-admin/src/main/resources/META-INF/jpa_named_queries.xml 59a20a25e 


Diff: https://reviews.apache.org/r/74532/diff/1/


Testing
---

Done Testing we get in response at (/gds/mydataset) RangerDatasetHeader list 
1)need to add a dataset with users/groups/roles in acl of dataset 
2)then add a datashare
3)Assign datashare to dataset 
4)Add Projects
5)Assign projects to Dataset 
then will get a populated Object for DatasetHeader


Thanks,

Prashant Satam

[jira] [Created] (RANGER-4338) [Ranger React UI] Multiple resources in policy creation/modification/deletion admin audits must be separated by a ","

2023-08-01 Thread Abhishek (Jira) 
Abhishek created RANGER-4338:


 Summary: [Ranger React UI] Multiple resources in policy 
creation/modification/deletion admin audits must be separated by a ","
 Key: RANGER-4338
 URL: https://issues.apache.org/jira/browse/RANGER-4338
 Project: Ranger
  Issue Type: Bug
  Components: Ranger
Reporter: Abhishek


{color:#172b4d}In the latest ranger react UI, if the admin audits for policy 
crud operations are viewed,{color}
{color:#172b4d}and if the policy contains multiple resources, for e.g, multiple 
databases, the database names are attached together in the display.{color}
{color:#172b4d}Ideally, the multiple resource names must be separated by a "," 
, like in the case of the old backbone UI.{color}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Assigned] (RANGER-4338) [Ranger React UI] Multiple resources in policy creation/modification/deletion admin audits must be separated by a ","

2023-08-01 Thread Abhishek (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-4338?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Abhishek reassigned RANGER-4338:


Assignee: Abhishek

> [Ranger React UI] Multiple resources in policy creation/modification/deletion 
> admin audits must be separated by a ","
> -
>
> Key: RANGER-4338
> URL: https://issues.apache.org/jira/browse/RANGER-4338
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Abhishek
>Assignee: Abhishek
>Priority: Major
>
> {color:#172b4d}In the latest ranger react UI, if the admin audits for policy 
> crud operations are viewed,{color}
> {color:#172b4d}and if the policy contains multiple resources, for e.g, 
> multiple databases, the database names are attached together in the 
> display.{color}
> {color:#172b4d}Ideally, the multiple resource names must be separated by a 
> "," , like in the case of the old backbone UI.{color}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Assigned] (RANGER-4323) GDS: Need new api to get details of dataset listing page.

2023-08-01 Thread Prashant Satam (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-4323?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Prashant Satam reassigned RANGER-4323:
--

Assignee: Prashant Satam

> GDS: Need new api to get details of dataset listing page.
> -
>
> Key: RANGER-4323
> URL: https://issues.apache.org/jira/browse/RANGER-4323
> Project: Ranger
>  Issue Type: Task
>  Components: Ranger
>Reporter: Anand Nadar
>Assignee: Prashant Satam
>Priority: Major
>
> Need an api which gives the below details:
>  * dataset id
>  * dataset name
>  * created time
>  * updated time
>  * count of datashares active and pending in dataset
>  * count of users/groups/roles/projects with whom dataset is shared.
> This api should filter out the list of datasets according to the permission 
> available for the logged in user.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Assigned] (RANGER-4338) [Ranger React UI] Multiple resources in policy creation/modification/deletion admin audits must be separated by a ","

2023-08-01 Thread Abhishek (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-4338?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Abhishek reassigned RANGER-4338:


Assignee: Mugdha Varadkar  (was: Abhishek)

> [Ranger React UI] Multiple resources in policy creation/modification/deletion 
> admin audits must be separated by a ","
> -
>
> Key: RANGER-4338
> URL: https://issues.apache.org/jira/browse/RANGER-4338
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Abhishek
>Assignee: Mugdha Varadkar
>Priority: Major
>
> {color:#172b4d}In the latest ranger react UI, if the admin audits for policy 
> crud operations are viewed,{color}
> {color:#172b4d}and if the policy contains multiple resources, for e.g, 
> multiple databases, the database names are attached together in the 
> display.{color}
> {color:#172b4d}Ideally, the multiple resource names must be separated by a 
> "," , like in the case of the old backbone UI.{color}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (RANGER-4338) [Ranger React UI] Multiple resources in policy creation/modification/deletion admin audits must be separated by a ","

2023-08-01 Thread Mugdha Varadkar (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-4338?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Mugdha Varadkar updated RANGER-4338:

Labels: ranger-react  (was: )

> [Ranger React UI] Multiple resources in policy creation/modification/deletion 
> admin audits must be separated by a ","
> -
>
> Key: RANGER-4338
> URL: https://issues.apache.org/jira/browse/RANGER-4338
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Abhishek
>Assignee: Mugdha Varadkar
>Priority: Major
>  Labels: ranger-react
>
> {color:#172b4d}In the latest ranger react UI, if the admin audits for policy 
> crud operations are viewed,{color}
> {color:#172b4d}and if the policy contains multiple resources, for e.g, 
> multiple databases, the database names are attached together in the 
> display.{color}
> {color:#172b4d}Ideally, the multiple resource names must be separated by a 
> "," , like in the case of the old backbone UI.{color}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (RANGER-4337) Upgrade spring framework and spring-security

2023-08-01 Thread Pradeep Agrawal (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-4337?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Pradeep Agrawal updated RANGER-4337:

Attachment: 0001-RANGER-4337-Upgrade-spring-framework-and-spring-secu.patch

> Upgrade spring framework and spring-security
> 
>
> Key: RANGER-4337
> URL: https://issues.apache.org/jira/browse/RANGER-4337
> Project: Ranger
>  Issue Type: Task
>  Components: Ranger
>Affects Versions: 3.0.0
>Reporter: Pradeep Agrawal
>Assignee: Pradeep Agrawal
>Priority: Major
> Fix For: 3.0.0
>
> Attachments: 
> 0001-RANGER-4337-Upgrade-spring-framework-and-spring-secu.patch
>
>
> Currently ranger is pulling spring-security version-5.7.8, upgrade it to 
> 5.7.10



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Review Request 74533: RANGER-4337: Upgrade spring framework and spring-security

2023-08-01 Thread Pradeep Agrawal 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74533/
---

Review request for ranger, bhavik patel, Abhay Kulkarni, Madhan Neethiraj, 
Nikhil P, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
Polavarapu, and Velmurugan Periasamy.


Bugs: RANGER-4337
https://issues.apache.org/jira/browse/RANGER-4337


Repository: ranger


Description
---

Here I am proposing to Upgrade Spring Security version to 5.7.8 and spring 
framework version to 5.3.27


Diffs
-

  pom.xml d4f626202 


Diff: https://reviews.apache.org/r/74533/diff/1/


Testing
---

Tested ranger admin installation, password change, CRUD operation on Ranger 
service, policy, users and group.


Thanks,

Pradeep Agrawal

[jira] [Commented] (RANGER-2704) Support browser login using kerberized authentication

2023-08-01 Thread Dineshkumar Yadav (Jira) 


[ 
https://issues.apache.org/jira/browse/RANGER-2704?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17749610#comment-17749610
 ] 

Dineshkumar Yadav commented on RANGER-2704:
---

Hi [~vishalsuvagia], can you please confirm out of 4 patches attached above 
which one intended to merge in the branch.


> Support browser login using kerberized authentication
> -
>
> Key: RANGER-2704
> URL: https://issues.apache.org/jira/browse/RANGER-2704
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 3.0.0, 2.3.0
>Reporter: Vishal Suvagia
>Assignee: Vishal Suvagia
>Priority: Minor
> Fix For: 3.0.0, 2.3.0
>
> Attachments: RANGER-2704.01.patch, RANGER-2704.02.patch, 
> RANGER-2704.03.patch, RANGER-2704.patch
>
>
> Need to support browser login using kerberos authentication.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Re: Review Request 74533: RANGER-4337: Upgrade spring framework and spring-security

2023-08-01 Thread Ramachandran Krishnan 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74533/#review225620
---


Ship it!




Ship It!

- Ramachandran Krishnan


On Aug. 1, 2023, 10:25 a.m., Pradeep Agrawal wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/74533/
> ---
> 
> (Updated Aug. 1, 2023, 10:25 a.m.)
> 
> 
> Review request for ranger, bhavik patel, Abhay Kulkarni, Madhan Neethiraj, 
> Nikhil P, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
> Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-4337
> https://issues.apache.org/jira/browse/RANGER-4337
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Here I am proposing to Upgrade Spring Security version to 5.7.10 and spring 
> framework version to 5.3.29
> 
> 
> Diffs
> -
> 
>   pom.xml d4f626202 
> 
> 
> Diff: https://reviews.apache.org/r/74533/diff/1/
> 
> 
> Testing
> ---
> 
> Tested ranger admin installation, password change, CRUD operation on Ranger 
> service, policy, users and group.
> 
> 
> Thanks,
> 
> Pradeep Agrawal
> 
>

[jira] [Updated] (RANGER-4338) [Ranger React UI] Multiple resources in policy deletion admin audits must be separated by a ","

2023-08-01 Thread Mugdha Varadkar (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-4338?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Mugdha Varadkar updated RANGER-4338:

Summary: [Ranger React UI] Multiple resources in policy deletion admin 
audits must be separated by a ","  (was: [Ranger React UI] Multiple resources 
in policy creation/modification/deletion admin audits must be separated by a 
",")

> [Ranger React UI] Multiple resources in policy deletion admin audits must be 
> separated by a ","
> ---
>
> Key: RANGER-4338
> URL: https://issues.apache.org/jira/browse/RANGER-4338
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Abhishek
>Assignee: Mugdha Varadkar
>Priority: Major
>  Labels: ranger-react
>
> {color:#172b4d}In the latest ranger react UI, if the admin audits for policy 
> crud operations are viewed,{color}
> {color:#172b4d}and if the policy contains multiple resources, for e.g, 
> multiple databases, the database names are attached together in the 
> display.{color}
> {color:#172b4d}Ideally, the multiple resource names must be separated by a 
> "," , like in the case of the old backbone UI.{color}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Re: Review Request 74528: RANGER-4325: GDS: Need api for collective search of user/group/roles

2023-08-01 Thread Madhan Neethiraj 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74528/#review225621
---




security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java
Lines 530 (patched)


Following calls would result in at least 3 database queries (or 6 queries 
when getCount=true):
- getUsersLookup()
- getGroupsLookup()
- roleStore.getRoles()

Is it possible to retrieve user/group/role names in a single query, with 
something like the following:

(SELECT user_name AS principal_name, 0 AS principal_type FROM x_user WHERE 
user_name LIKE 'r%' AND is_visible = 1 ORDER BY user_name LIMIT 5)
UNION
(SELECT group_name AS principal_name, 1 AS principal_type FROM x_group 
WHERE group_name LIKE 'r%' AND is_visible = 1 ORDER BY group_name LIMIT 5)
UNION
(SELECT name AS principal_name, 2 AS principal_type FROM x_role WHERE name 
LIKE 'r%' ORDER BY name LIMIT 5)
ORDER BY principal_name
LIMIT 5;


- Madhan Neethiraj


On Aug. 1, 2023, 7:07 a.m., Prashant Satam wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/74528/
> ---
> 
> (Updated Aug. 1, 2023, 7:07 a.m.)
> 
> 
> Review request for ranger, Madhan Neethiraj and Subhrat Chaudhary.
> 
> 
> Bugs: RANGER-4325
> https://issues.apache.org/jira/browse/RANGER-4325
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> We get users,groups,roles all we get in response from one API 
> (/xusers/users/groups/roles) we can also pass Query Params like 
> name,isVisible Also we can PartialSearch Name for users,groups,roles
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java 
> 9a2253a3d 
> 
> 
> Diff: https://reviews.apache.org/r/74528/diff/2/
> 
> 
> Testing
> ---
> 
> We get users,groups,roles combined in response from API 
> (/xusers/users/groups/roles) we can pass query params like name(PartialSearch 
> Available),isVisible to filter the users,groups,roles we get in response
> 
> 
> Thanks,
> 
> Prashant Satam
> 
>

Re: Review Request 74530: RANGER-4336: added configurations to enable status logging in audit framework

2023-08-01 Thread Selvamohan Neethiraj 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74530/#review225622
---


Ship it!




Ship It!

- Selvamohan Neethiraj


On July 27, 2023, 8:07 p.m., Madhan Neethiraj wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/74530/
> ---
> 
> (Updated July 27, 2023, 8:07 p.m.)
> 
> 
> Review request for ranger, Don Bosco Durai, Abhay Kulkarni, Monika 
> Kachhadiya, Pradeep Agrawal, Ramesh Mani, Siddhesh Phatak, and Subhrat 
> Chaudhary.
> 
> 
> Bugs: RANGER-4336
> https://issues.apache.org/jira/browse/RANGER-4336
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> - added configurations to enable status logging in audit framework
> - audit status are logged at INFO level
> - updated unit test to avoid retaining of unncessary objects in memory
> 
> 
> Diffs
> -
> 
>   
> agents-audit/src/main/java/org/apache/ranger/audit/provider/BaseAuditHandler.java
>  8511ce9cb 
>   
> agents-audit/src/main/java/org/apache/ranger/audit/queue/AuditAsyncQueue.java 
> 68527d37d 
>   security-admin/src/test/java/org/apache/ranger/audit/TestConsumer.java 
> 579485663 
> 
> 
> Diff: https://reviews.apache.org/r/74530/diff/1/
> 
> 
> Testing
> ---
> 
> - verified that audit status is logged when 
> xasecure.audit.log.status.log.enabled is set to true
> - verified that all unit tests pass successfully
> 
> 
> Thanks,
> 
> Madhan Neethiraj
> 
>