[jira] [Commented] (RANGER-4539) Plugin status UI should render GDS download details

2024-01-05 Thread Madhan Neethiraj (Jira) 


[ 
https://issues.apache.org/jira/browse/RANGER-4539?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17803737#comment-17803737
 ] 

Madhan Neethiraj commented on RANGER-4539:
--

[~brijesh.bhalala] - gdsActiveVersion and gdsActiationTime will be populated 
only on subsequent download request from the plugin. Here is from my local 
deployment:

!image-2024-01-05-17-19-35-660.png|width=682,height=832!

> Plugin status UI should render GDS download details
> ---
>
> Key: RANGER-4539
> URL: https://issues.apache.org/jira/browse/RANGER-4539
> Project: Ranger
>  Issue Type: Sub-task
>  Components: admin
>Reporter: Madhan Neethiraj
>Assignee: Brijesh Bhalala
>Priority: Major
>  Labels: ranger-react
> Attachments: GDSpluginstatusserverresp.png, GdspluginStatus.png, 
> image-2024-01-05-17-19-35-660.png
>
>
> Plugin status UI currently shows details of policy/tag and downloads, which 
> helps to quickly see if a plugin is out of sync with the status of 
> policies/tags in Ranger. UI should be extended to render details for the 
> following downloads as well:
>  * GDS
>  * Role
> CC: [~Dhaval.Rajpara], [~brijesh.bhalala], [~mugdha.varadkar], [~mehul], 
> [~ankita], [~suchnit], [~anandNadar] 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (RANGER-4539) Plugin status UI should render GDS download details

2024-01-05 Thread Madhan Neethiraj (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-4539?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Madhan Neethiraj updated RANGER-4539:
-
Attachment: image-2024-01-05-17-19-35-660.png

> Plugin status UI should render GDS download details
> ---
>
> Key: RANGER-4539
> URL: https://issues.apache.org/jira/browse/RANGER-4539
> Project: Ranger
>  Issue Type: Sub-task
>  Components: admin
>Reporter: Madhan Neethiraj
>Assignee: Brijesh Bhalala
>Priority: Major
>  Labels: ranger-react
> Attachments: GDSpluginstatusserverresp.png, GdspluginStatus.png, 
> image-2024-01-05-17-19-35-660.png
>
>
> Plugin status UI currently shows details of policy/tag and downloads, which 
> helps to quickly see if a plugin is out of sync with the status of 
> policies/tags in Ranger. UI should be extended to render details for the 
> following downloads as well:
>  * GDS
>  * Role
> CC: [~Dhaval.Rajpara], [~brijesh.bhalala], [~mugdha.varadkar], [~mehul], 
> [~ankita], [~suchnit], [~anandNadar] 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Resolved] (RANGER-4448) GDS CRUD APIs should return proper response and message in case of failure

2024-01-05 Thread Madhan Neethiraj (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-4448?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Madhan Neethiraj resolved RANGER-4448.
--
Fix Version/s: 3.0.0
   Resolution: Fixed

{noformat}
commit fb0d1d53dec11ea54e8e780e10e60ad78b081d68 (HEAD -> RANGER-3923, 
origin/RANGER-3923)
Author: prashant 
Date:   Fri Jan 5 14:49:52 2024 +0530

RANGER-4448: updated GDS CRUD APIs to return appropriate status code on 
failure

Signed-off-by: Madhan Neethiraj 
{noformat}

> GDS CRUD APIs should return proper response and message in case of failure
> --
>
> Key: RANGER-4448
> URL: https://issues.apache.org/jira/browse/RANGER-4448
> Project: Ranger
>  Issue Type: Sub-task
>  Components: admin
>Reporter: Subhrat Chaudhary
>Assignee: Prashant Satam
>Priority: Major
> Fix For: 3.0.0
>
>
> Description: We need to handle following cases and return proper error 
> message and response: # In many cases 400 or 500 is thrown, in case the use 
> does not have permissions to execute the API. We need to handle such cases 
> and throw 403 and return proper error message.
>  # In case where user is trying to enter duplicate records, the error is 
> thrown with SQL query in response. In such cases, we need to throw 400 and 
> return proper error message.
>  
> Example : 
> 1)On the POST API call /service/gds/resource with duplicate resources 
> following error is thrown:
> {code:java}
> {"statusCode": 1,"msgDesc": "Exception [EclipseLink-4002] (Eclipse 
> Persistence Services - 2.7.12.v20230209-e5c4074ef3): 
> org.eclipse.persistence.exceptions.DatabaseException\nInternal Exception: 
> org.postgresql.util.PSQLException: ERROR: duplicate key value violates unique 
> constraint \"x_gds_shared_resource_uk_resource_signature\"\n  Detail: Key 
> (data_share_id, resource_signature)=(3, 
> c5bd97fc0b8eaeb302f7498693f509178a134534cf7eb46d9edd55de71f7ab6c) already 
> exists.\nError Code: 0\nCall: INSERT INTO x_gds_shared_resource (id, 
> access_types, ADDED_BY_ID, additional_info, condition_expr, CREATE_TIME, 
> data_share_id, description, guid, is_enabled, name, options, profiles, 
> resource, resource_signature, row_filter, sub_resource_masks, 
> sub_resource_names, UPDATE_TIME, UPD_BY_ID, version) VALUES (?, ?, ?, ?, ?, 
> ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)\n\tbind => [21 parameters 
> bound]"} {code}
> We need to catch such exception in create API calls and return proper 
> response.
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Re: Review Request 74818: RANGER-4448 : GDS CRUD APIs should return proper response and message in case of failure

2024-01-05 Thread Madhan Neethiraj 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74818/#review226107
---


Ship it!




Ship It!

- Madhan Neethiraj


On Jan. 5, 2024, 9:21 a.m., Prashant Satam wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/74818/
> ---
> 
> (Updated Jan. 5, 2024, 9:21 a.m.)
> 
> 
> Review request for ranger, Akshay Tupe, Anand Nadar, Ankita Sinha, Madhan 
> Neethiraj, Siddhesh Phatak, Subhrat Chaudhary, and Vanita Ubale.
> 
> 
> Bugs: RANGER-4448
> https://issues.apache.org/jira/browse/RANGER-4448
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Description: We need to handle following cases and return proper error 
> message and response: # In many cases 400 or 500 is thrown, in case the use 
> does not have permissions to execute the API. We need to handle such cases 
> and throw 403 and return proper error message.
> 
> In case where user is trying to enter duplicate records, the error is thrown 
> with SQL query in response. In such cases, we need to throw 400 and return 
> proper error message.
> 
> 
> Diffs
> -
> 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java
>  03de8e023 
>   security-admin/src/main/java/org/apache/ranger/common/RESTErrorUtil.java 
> 4aaf36442 
>   
> security-admin/src/main/java/org/apache/ranger/db/XXGdsSharedResourceDao.java 
> d3bd4d65b 
>   security-admin/src/main/java/org/apache/ranger/rest/GdsREST.java 043d00b59 
>   
> security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidationDBProvider.java
>  da41d 
>   
> security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidationDataProvider.java
>  ab74e90e4 
>   
> security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java
>  c5a3f38ff 
>   security-admin/src/main/resources/META-INF/jpa_named_queries.xml 0502512eb 
> 
> 
> Diff: https://reviews.apache.org/r/74818/diff/2/
> 
> 
> Testing
> ---
> 
> We get proper error messages in response 
> 1)When user is not ADMIN for dataset/datashare/shared-resource we now get 403 
> status code 
> Error message | STATUS CODE : 403
> {
> "statusCode": 1,
> "msgDesc": "[ Validation failure: error code[4106], reason[User 
> [Test-User-1] is not an admin for dataset [Test_GDS_Dataset112]], 
> field[null], subfield[null], type[]]",
> "messageList": [
> {
> "name": "OPER_NO_PERMISSION",
> "rbKey": "xa.error.oper_no_permission",
> "message": "User doesn't have permission to perform this 
> operation"
> }
>  ]
> }
> 
> 2)When user renames dataset/datashare/shared-resource with pre-existing name '
> Error message | STATUS CODE : 400
> {
> "statusCode": 1,
> "msgDesc": "[ Validation failure: error code[4108], reason[Dataset with 
> name [Test_GDS_Dataset1] already exists. ID=[2]], field[name], 
> subfield[null], type[]]",
> "messageList": [
> {
> "name": "INVALID_INPUT_DATA",
> "rbKey": "xa.validation.invalid_input_data",
> "message": "Invalid input data"
> }
> ]
> }
> 
> 3)When user tries to add duplicate entry for shared-resource
> Error messsage | STATUS CODE : 400
> {
> "statusCode": 1,
> "msgDesc": "[ Validation failure: error code[4121], reason[Shared 
> resource with name [res2] already exists in data share [RangerDataShare2]. 
> ID=[9]], field[name], subfield[null], type[]]",
> "messageList": [
> {
> "name": "INVALID_INPUT_DATA",
> "rbKey": "xa.validation.invalid_input_data",
> "message": "Invalid input data"
> }
> ]
> }
> 
> 
> Thanks,
> 
> Prashant Satam
> 
>

[jira] [Commented] (RANGER-3409) Update Jackson and remove Codehaus version

2024-01-05 Thread Sercan Tekin (Jira) 


[ 
https://issues.apache.org/jira/browse/RANGER-3409?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17803551#comment-17803551
 ] 

Sercan Tekin commented on RANGER-3409:
--

Please be aware of this Jira https://issues.apache.org/jira/browse/RANGER-4225. 
Upgrading to Jackson-2 will cause the issue described in there

> Update Jackson and remove Codehaus version
> --
>
> Key: RANGER-3409
> URL: https://issues.apache.org/jira/browse/RANGER-3409
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: 3.0.0
>Reporter: Andrew Charneski
>Priority: Blocker
>
> An old version of Jackson (Codehaus Jackson 1.9.13) is still being used. 
> Jackson has since moved namespaces with a reorganized library structure. 
> Update all references to the older version to use the newer version (which is 
> currently used in some modules).



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (RANGER-4539) Plugin status UI should render GDS download details

2024-01-05 Thread Brijesh Bhalala (Jira) 


[ 
https://issues.apache.org/jira/browse/RANGER-4539?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17803541#comment-17803541
 ] 

Brijesh Bhalala commented on RANGER-4539:
-

Hi [~madhan],

 !GdspluginStatus.png! 
 !GDSpluginstatusserverresp.png! 
please refer to the above screenshort,
I checked the server is giving the gdsActivationTime as "0",
is this  the expected  value from server?



> Plugin status UI should render GDS download details
> ---
>
> Key: RANGER-4539
> URL: https://issues.apache.org/jira/browse/RANGER-4539
> Project: Ranger
>  Issue Type: Sub-task
>  Components: admin
>Reporter: Madhan Neethiraj
>Assignee: Brijesh Bhalala
>Priority: Major
>  Labels: ranger-react
> Attachments: GDSpluginstatusserverresp.png, GdspluginStatus.png
>
>
> Plugin status UI currently shows details of policy/tag and downloads, which 
> helps to quickly see if a plugin is out of sync with the status of 
> policies/tags in Ranger. UI should be extended to render details for the 
> following downloads as well:
>  * GDS
>  * Role
> CC: [~Dhaval.Rajpara], [~brijesh.bhalala], [~mugdha.varadkar], [~mehul], 
> [~ankita], [~suchnit], [~anandNadar] 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (RANGER-4539) Plugin status UI should render GDS download details

2024-01-05 Thread Brijesh Bhalala (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-4539?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Brijesh Bhalala updated RANGER-4539:

Attachment: GDSpluginstatusserverresp.png

> Plugin status UI should render GDS download details
> ---
>
> Key: RANGER-4539
> URL: https://issues.apache.org/jira/browse/RANGER-4539
> Project: Ranger
>  Issue Type: Sub-task
>  Components: admin
>Reporter: Madhan Neethiraj
>Assignee: Brijesh Bhalala
>Priority: Major
>  Labels: ranger-react
> Attachments: GDSpluginstatusserverresp.png, GdspluginStatus.png
>
>
> Plugin status UI currently shows details of policy/tag and downloads, which 
> helps to quickly see if a plugin is out of sync with the status of 
> policies/tags in Ranger. UI should be extended to render details for the 
> following downloads as well:
>  * GDS
>  * Role
> CC: [~Dhaval.Rajpara], [~brijesh.bhalala], [~mugdha.varadkar], [~mehul], 
> [~ankita], [~suchnit], [~anandNadar] 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (RANGER-4539) Plugin status UI should render GDS download details

2024-01-05 Thread Brijesh Bhalala (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-4539?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Brijesh Bhalala updated RANGER-4539:

Attachment: GdspluginStatus.png

> Plugin status UI should render GDS download details
> ---
>
> Key: RANGER-4539
> URL: https://issues.apache.org/jira/browse/RANGER-4539
> Project: Ranger
>  Issue Type: Sub-task
>  Components: admin
>Reporter: Madhan Neethiraj
>Assignee: Brijesh Bhalala
>Priority: Major
>  Labels: ranger-react
> Attachments: GdspluginStatus.png
>
>
> Plugin status UI currently shows details of policy/tag and downloads, which 
> helps to quickly see if a plugin is out of sync with the status of 
> policies/tags in Ranger. UI should be extended to render details for the 
> following downloads as well:
>  * GDS
>  * Role
> CC: [~Dhaval.Rajpara], [~brijesh.bhalala], [~mugdha.varadkar], [~mehul], 
> [~ankita], [~suchnit], [~anandNadar] 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (RANGER-4613) GDS : Need filter of objectId in /assets/report api to filter out history specific to a dataset/datashare

2024-01-05 Thread Dineshkumar Yadav (Jira) 


[ 
https://issues.apache.org/jira/browse/RANGER-4613?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17803510#comment-17803510
 ] 

Dineshkumar Yadav commented on RANGER-4613:
---

Hi [~madhan] I have committed the patch,  can you please close the jira.

Thanks

> GDS : Need filter of objectId in /assets/report api to filter out history 
> specific to a dataset/datashare
> -
>
> Key: RANGER-4613
> URL: https://issues.apache.org/jira/browse/RANGER-4613
> Project: Ranger
>  Issue Type: Improvement
>  Components: admin
>Reporter: Anand Nadar
>Assignee: Madhan Neethiraj
>Priority: Major
> Fix For: 3.0.0
>
> Attachments: RANGER-4613.patch
>
>
> We are creating a tab inside dataset/datashare detail layout to should the 
> history of changes done in that particular dataset/datashare.
> The current api - /assets/report only filters the result on the basic of 
> objectClassType which will give result of all datasets/datashare history.
> Therefore we need an additional filter of objectId, and then we can use 
> objectClassType and objectId together to filter out the history of a 
> particular dataset/datashare.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (RANGER-4613) GDS : Need filter of objectId in /assets/report api to filter out history specific to a dataset/datashare

2024-01-05 Thread Dineshkumar Yadav (Jira) 


[ 
https://issues.apache.org/jira/browse/RANGER-4613?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17803507#comment-17803507
 ] 

Dineshkumar Yadav commented on RANGER-4613:
---

Apache patch 1  : [commit 
link|https://github.com/apache/ranger/commit/c18743d779a16c1687de63b9242fa068f5e5868a]
Apache patch 2 : [commit 
link|https://github.com/apache/ranger/commit/8ef4e516feb5abc303c103fbf93f6adb8e342fc1]

> GDS : Need filter of objectId in /assets/report api to filter out history 
> specific to a dataset/datashare
> -
>
> Key: RANGER-4613
> URL: https://issues.apache.org/jira/browse/RANGER-4613
> Project: Ranger
>  Issue Type: Improvement
>  Components: admin
>Reporter: Anand Nadar
>Assignee: Madhan Neethiraj
>Priority: Major
> Fix For: 3.0.0
>
> Attachments: RANGER-4613.patch
>
>
> We are creating a tab inside dataset/datashare detail layout to should the 
> history of changes done in that particular dataset/datashare.
> The current api - /assets/report only filters the result on the basic of 
> objectClassType which will give result of all datasets/datashare history.
> Therefore we need an additional filter of objectId, and then we can use 
> objectClassType and objectId together to filter out the history of a 
> particular dataset/datashare.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (RANGER-3409) Update Jackson and remove Codehaus version

2024-01-05 Thread kirby zhou (Jira) 


[ 
https://issues.apache.org/jira/browse/RANGER-3409?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17803502#comment-17803502
 ] 

kirby zhou commented on RANGER-3409:


Is there any progress in this matter? 

The security Commissioner is asking to avoid Codehaus Jackson. :(

> Update Jackson and remove Codehaus version
> --
>
> Key: RANGER-3409
> URL: https://issues.apache.org/jira/browse/RANGER-3409
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: 3.0.0
>Reporter: Andrew Charneski
>Priority: Blocker
>
> An old version of Jackson (Codehaus Jackson 1.9.13) is still being used. 
> Jackson has since moved namespaces with a reorganized library structure. 
> Update all references to the older version to use the newer version (which is 
> currently used in some modules).



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Assigned] (RANGER-4633) Need to generate Admin Audits for tag and tagdef

2024-01-05 Thread Prashant Satam (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-4633?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Prashant Satam reassigned RANGER-4633:
--

Assignee: Prashant Satam

> Need to generate Admin Audits for tag and tagdef 
> -
>
> Key: RANGER-4633
> URL: https://issues.apache.org/jira/browse/RANGER-4633
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Reporter: Prashant Satam
>Assignee: Prashant Satam
>Priority: Major
>
> Currently when we ADD/UPDATE/DELETE tag and tagdef we dont generate 
> Transaction logs for it so we dont get Admin Audits for this operations it 
> will be helpful if we generate them



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Review Request 74819: RANGER-4633 : Need to generate Admin Audits for tag and tagdef

2024-01-05 Thread Prashant Satam 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74819/
---

Review request for ranger, Akshay Tupe, Anand Nadar, Ankita Sinha, Madhan 
Neethiraj, Monika Kachhadiya, Siddhesh Phatak, Subhrat Chaudhary, and Vanita 
Ubale.


Bugs: RANGER-4633
https://issues.apache.org/jira/browse/RANGER-4633


Repository: ranger


Description
---

Currently when we ADD/UPDATE/DELETE tag and tagdef we dont generate Transaction 
logs for it so we dont get Admin Audits for this operations it will be helpful 
if we generate them


Diffs
-

  security-admin/src/main/java/org/apache/ranger/biz/TagDBStore.java fb912d4f8 
  
security-admin/src/main/java/org/apache/ranger/service/RangerTagDefService.java 
8f677995b 
  security-admin/src/main/java/org/apache/ranger/service/RangerTagService.java 
3a90bd8a9 


Diff: https://reviews.apache.org/r/74819/diff/1/


Testing
---

Tested we get transaction logs during ADD/UPDATE/DELETE of tag and tagdef

1)Tag = we get transaction logs for UPDATE operation for fields 
owner,attributes,options,validityPeriods
2)TagDef = we get transaction logs for UPDATE operation for fields 
source,attributeDefs


Thanks,

Prashant Satam

[jira] [Updated] (RANGER-4633) Need to generate Admin Audits for tag and tagdef

2024-01-05 Thread Prashant Satam (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-4633?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Prashant Satam updated RANGER-4633:
---
Description: Currently when we ADD/UPDATE/DELETE tag and tagdef we dont 
generate Transaction logs for it so we dont get Admin Audits for this 
operations it will be helpful if we generate them

> Need to generate Admin Audits for tag and tagdef 
> -
>
> Key: RANGER-4633
> URL: https://issues.apache.org/jira/browse/RANGER-4633
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Reporter: Prashant Satam
>Priority: Major
>
> Currently when we ADD/UPDATE/DELETE tag and tagdef we dont generate 
> Transaction logs for it so we dont get Admin Audits for this operations it 
> will be helpful if we generate them



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (RANGER-4633) Need to generate Admin Audits for tag and tagdef

2024-01-05 Thread Prashant Satam (Jira) 
Prashant Satam created RANGER-4633:
--

 Summary: Need to generate Admin Audits for tag and tagdef 
 Key: RANGER-4633
 URL: https://issues.apache.org/jira/browse/RANGER-4633
 Project: Ranger
  Issue Type: Improvement
  Components: Ranger
Reporter: Prashant Satam






--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Re: Review Request 74818: RANGER-4448 : GDS CRUD APIs should return proper response and message in case of failure

2024-01-05 Thread Prashant Satam 


> On Jan. 4, 2024, 9:49 p.m., Madhan Neethiraj wrote:
> > security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java
> > Lines 319 (patched)
> > 
> >
> > existingSharedResourceNameId could be same as existing.getId() - in 
> > which case, it is not an error condition. Please review and update.

have done accordingly please review


- Prashant


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74818/#review226102
---


On Jan. 5, 2024, 9:21 a.m., Prashant Satam wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/74818/
> ---
> 
> (Updated Jan. 5, 2024, 9:21 a.m.)
> 
> 
> Review request for ranger, Akshay Tupe, Anand Nadar, Ankita Sinha, Madhan 
> Neethiraj, Siddhesh Phatak, Subhrat Chaudhary, and Vanita Ubale.
> 
> 
> Bugs: RANGER-4448
> https://issues.apache.org/jira/browse/RANGER-4448
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Description: We need to handle following cases and return proper error 
> message and response: # In many cases 400 or 500 is thrown, in case the use 
> does not have permissions to execute the API. We need to handle such cases 
> and throw 403 and return proper error message.
> 
> In case where user is trying to enter duplicate records, the error is thrown 
> with SQL query in response. In such cases, we need to throw 400 and return 
> proper error message.
> 
> 
> Diffs
> -
> 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java
>  03de8e023 
>   security-admin/src/main/java/org/apache/ranger/common/RESTErrorUtil.java 
> 4aaf36442 
>   
> security-admin/src/main/java/org/apache/ranger/db/XXGdsSharedResourceDao.java 
> d3bd4d65b 
>   security-admin/src/main/java/org/apache/ranger/rest/GdsREST.java 043d00b59 
>   
> security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidationDBProvider.java
>  da41d 
>   
> security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidationDataProvider.java
>  ab74e90e4 
>   
> security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java
>  c5a3f38ff 
>   security-admin/src/main/resources/META-INF/jpa_named_queries.xml 0502512eb 
> 
> 
> Diff: https://reviews.apache.org/r/74818/diff/2/
> 
> 
> Testing
> ---
> 
> We get proper error messages in response 
> 1)When user is not ADMIN for dataset/datashare/shared-resource we now get 403 
> status code 
> Error message | STATUS CODE : 403
> {
> "statusCode": 1,
> "msgDesc": "[ Validation failure: error code[4106], reason[User 
> [Test-User-1] is not an admin for dataset [Test_GDS_Dataset112]], 
> field[null], subfield[null], type[]]",
> "messageList": [
> {
> "name": "OPER_NO_PERMISSION",
> "rbKey": "xa.error.oper_no_permission",
> "message": "User doesn't have permission to perform this 
> operation"
> }
>  ]
> }
> 
> 2)When user renames dataset/datashare/shared-resource with pre-existing name '
> Error message | STATUS CODE : 400
> {
> "statusCode": 1,
> "msgDesc": "[ Validation failure: error code[4108], reason[Dataset with 
> name [Test_GDS_Dataset1] already exists. ID=[2]], field[name], 
> subfield[null], type[]]",
> "messageList": [
> {
> "name": "INVALID_INPUT_DATA",
> "rbKey": "xa.validation.invalid_input_data",
> "message": "Invalid input data"
> }
> ]
> }
> 
> 3)When user tries to add duplicate entry for shared-resource
> Error messsage | STATUS CODE : 400
> {
> "statusCode": 1,
> "msgDesc": "[ Validation failure: error code[4121], reason[Shared 
> resource with name [res2] already exists in data share [RangerDataShare2]. 
> ID=[9]], field[name], subfield[null], type[]]",
> "messageList": [
> {
> "name": "INVALID_INPUT_DATA",
> "rbKey": "xa.validation.invalid_input_data",
> "message": "Invalid input data"
> }
> ]
> }
> 
> 
> Thanks,
> 
> Prashant Satam
> 
>

Re: Review Request 74818: RANGER-4448 : GDS CRUD APIs should return proper response and message in case of failure

2024-01-05 Thread Prashant Satam 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74818/
---

(Updated Jan. 5, 2024, 9:21 a.m.)


Review request for ranger, Akshay Tupe, Anand Nadar, Ankita Sinha, Madhan 
Neethiraj, Siddhesh Phatak, Subhrat Chaudhary, and Vanita Ubale.


Bugs: RANGER-4448
https://issues.apache.org/jira/browse/RANGER-4448


Repository: ranger


Description
---

Description: We need to handle following cases and return proper error message 
and response: # In many cases 400 or 500 is thrown, in case the use does not 
have permissions to execute the API. We need to handle such cases and throw 403 
and return proper error message.

In case where user is trying to enter duplicate records, the error is thrown 
with SQL query in response. In such cases, we need to throw 400 and return 
proper error message.


Diffs (updated)
-

  
agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java
 03de8e023 
  security-admin/src/main/java/org/apache/ranger/common/RESTErrorUtil.java 
4aaf36442 
  security-admin/src/main/java/org/apache/ranger/db/XXGdsSharedResourceDao.java 
d3bd4d65b 
  security-admin/src/main/java/org/apache/ranger/rest/GdsREST.java 043d00b59 
  
security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidationDBProvider.java
 da41d 
  
security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidationDataProvider.java
 ab74e90e4 
  
security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java
 c5a3f38ff 
  security-admin/src/main/resources/META-INF/jpa_named_queries.xml 0502512eb 


Diff: https://reviews.apache.org/r/74818/diff/2/

Changes: https://reviews.apache.org/r/74818/diff/1-2/


Testing
---

We get proper error messages in response 
1)When user is not ADMIN for dataset/datashare/shared-resource we now get 403 
status code 
Error message | STATUS CODE : 403
{
"statusCode": 1,
"msgDesc": "[ Validation failure: error code[4106], reason[User 
[Test-User-1] is not an admin for dataset [Test_GDS_Dataset112]], 
field[null], subfield[null], type[]]",
"messageList": [
{
"name": "OPER_NO_PERMISSION",
"rbKey": "xa.error.oper_no_permission",
"message": "User doesn't have permission to perform this operation"
}
 ]
}

2)When user renames dataset/datashare/shared-resource with pre-existing name '
Error message | STATUS CODE : 400
{
"statusCode": 1,
"msgDesc": "[ Validation failure: error code[4108], reason[Dataset with 
name [Test_GDS_Dataset1] already exists. ID=[2]], field[name], subfield[null], 
type[]]",
"messageList": [
{
"name": "INVALID_INPUT_DATA",
"rbKey": "xa.validation.invalid_input_data",
"message": "Invalid input data"
}
]
}

3)When user tries to add duplicate entry for shared-resource
Error messsage | STATUS CODE : 400
{
"statusCode": 1,
"msgDesc": "[ Validation failure: error code[4121], reason[Shared resource 
with name [res2] already exists in data share [RangerDataShare2]. ID=[9]], 
field[name], subfield[null], type[]]",
"messageList": [
{
"name": "INVALID_INPUT_DATA",
"rbKey": "xa.validation.invalid_input_data",
"message": "Invalid input data"
}
]
}


Thanks,

Prashant Satam

Re: Review Request 74818: RANGER-4448 : GDS CRUD APIs should return proper response and message in case of failure

2024-01-05 Thread Prashant Satam 


> On Jan. 4, 2024, 9:49 p.m., Madhan Neethiraj wrote:
> > security-admin/src/main/java/org/apache/ranger/rest/GdsREST.java
> > Lines 224 (patched)
> > 
> >
> > Is @Produces annotation necessary for methods that return void? If not, 
> > please remove #224, #583, #908, #1099.

Yes @Produce will be needed for DELETE methods to show any validation Errors 
that occured during the delete operation


- Prashant


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74818/#review226102
---


On Jan. 4, 2024, 1:09 p.m., Prashant Satam wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/74818/
> ---
> 
> (Updated Jan. 4, 2024, 1:09 p.m.)
> 
> 
> Review request for ranger, Akshay Tupe, Anand Nadar, Ankita Sinha, Madhan 
> Neethiraj, Siddhesh Phatak, Subhrat Chaudhary, and Vanita Ubale.
> 
> 
> Bugs: RANGER-4448
> https://issues.apache.org/jira/browse/RANGER-4448
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Description: We need to handle following cases and return proper error 
> message and response: # In many cases 400 or 500 is thrown, in case the use 
> does not have permissions to execute the API. We need to handle such cases 
> and throw 403 and return proper error message.
> 
> In case where user is trying to enter duplicate records, the error is thrown 
> with SQL query in response. In such cases, we need to throw 400 and return 
> proper error message.
> 
> 
> Diffs
> -
> 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java
>  03de8e023 
>   security-admin/src/main/java/org/apache/ranger/common/RESTErrorUtil.java 
> 4aaf36442 
>   
> security-admin/src/main/java/org/apache/ranger/db/XXGdsSharedResourceDao.java 
> d3bd4d65b 
>   security-admin/src/main/java/org/apache/ranger/rest/GdsREST.java 043d00b59 
>   
> security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidationDBProvider.java
>  da41d 
>   
> security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidationDataProvider.java
>  ab74e90e4 
>   
> security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java
>  c5a3f38ff 
>   security-admin/src/main/resources/META-INF/jpa_named_queries.xml 0502512eb 
> 
> 
> Diff: https://reviews.apache.org/r/74818/diff/1/
> 
> 
> Testing
> ---
> 
> We get proper error messages in response 
> 1)When user is not ADMIN for dataset/datashare/shared-resource we now get 403 
> status code 
> Error message | STATUS CODE : 403
> {
> "statusCode": 1,
> "msgDesc": "[ Validation failure: error code[4106], reason[User 
> [Test-User-1] is not an admin for dataset [Test_GDS_Dataset112]], 
> field[null], subfield[null], type[]]",
> "messageList": [
> {
> "name": "OPER_NO_PERMISSION",
> "rbKey": "xa.error.oper_no_permission",
> "message": "User doesn't have permission to perform this 
> operation"
> }
>  ]
> }
> 
> 2)When user renames dataset/datashare/shared-resource with pre-existing name '
> Error message | STATUS CODE : 400
> {
> "statusCode": 1,
> "msgDesc": "[ Validation failure: error code[4108], reason[Dataset with 
> name [Test_GDS_Dataset1] already exists. ID=[2]], field[name], 
> subfield[null], type[]]",
> "messageList": [
> {
> "name": "INVALID_INPUT_DATA",
> "rbKey": "xa.validation.invalid_input_data",
> "message": "Invalid input data"
> }
> ]
> }
> 
> 3)When user tries to add duplicate entry for shared-resource
> Error messsage | STATUS CODE : 400
> {
> "statusCode": 1,
> "msgDesc": "[ Validation failure: error code[4121], reason[Shared 
> resource with name [res2] already exists in data share [RangerDataShare2]. 
> ID=[9]], field[name], subfield[null], type[]]",
> "messageList": [
> {
> "name": "INVALID_INPUT_DATA",
> "rbKey": "xa.validation.invalid_input_data",
> "message": "Invalid input data"
> }
> ]
> }
> 
> 
> Thanks,
> 
> Prashant Satam
> 
>