ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pradeep Agrawal <pradeep.agra...@freestoneinfotech.com>
Subject Review Request 48026: RANGER-999 : Delete Module REST API is failing as it is not removing assigned users and groups
Date Mon, 30 May 2016 06:31:18 GMT

This is an automatically generated e-mail. To reply, visit:

Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, Madhan
Neethiraj, Mehul Parikh, Ramesh Mani, Selvamohan Neethiraj, and Velmurugan Periasamy.

Bugs: RANGER-999

Repository: ranger


**Problem Statement:**
DELETE Module REST API is not working properly if any user or group has access permission
in the module. DELETE Module REST API should remove assigned users and groups references also.

**Proposed Solution:**
Before deleting a module; provided patch will delete user module mapping entry from 'x_user_module_perm'
and group module mapping from x_group_module_perm.


  security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java 96f2ee3 
  security-admin/src/main/java/org/apache/ranger/db/XXGroupPermissionDao.java f6444f8 
  security-admin/src/main/java/org/apache/ranger/db/XXUserPermissionDao.java 2db6fd6 
  security-admin/src/main/resources/META-INF/jpa_named_queries.xml 76d3f21 
  security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java 37dddee 

Diff: https://reviews.apache.org/r/48026/diff/


**Steps Performed(with patch)**
1. Installed and started Ranger Admin.
2. Added a module 'module1' using create module REST API.
curl -i -u admin:admin  --header "Accept:application/json" -H "Content-Type:application/json"
-X POST http://localhost:6080/service/xusers/permission -d '{"module":"module1","url":""}'
3. Visited Ranger admin permission page to verify whether 'module1' is added or not. 'module1'
was added there.
4. In 'module1' Added groups(group1,group2) and users(testuser1,testuser2) to allow access.
5. Visited 'x_user_module_perm' and 'x_group_module_perm' table to check whether mapping of
user module and group module is persisted or not. Mappings were persisted.
6. Called delete module REST API to delete module 'module1'.
curl -i -u admin:admin  --header "Accept:application/json" -H "Content-Type:application/json"
-X DELETE http://localhost:6080/service/xusers/permission/7

**Expected Behaviour :**
1. Entries of users having access on 'module1' should get deleted from 'x_user_module_perm'
2. Entries of groups having access on 'module1' should get deleted from 'x_group_module_perm'
3. Module should get deleted successfully.
**Actual Behaviour :**
1. Entries of users having access on 'module1' were removed from 'x_user_module_perm' table.
2. Entries of groups having access on 'module1' were removed from 'x_group_module_perm' table.
3. Module 'module1' was deleted successfully.


Pradeep Agrawal

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message