ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alok Lal <al...@ebay.com>
Subject Re: Review Request 54968: RANGER-1276 : User/Group search is failing due to encoding issues
Date Wed, 28 Dec 2016 22:30:45 GMT


> On Dec. 22, 2016, 10:42 a.m., Alok Lal wrote:
> > ugsync/src/main/java/org/apache/ranger/usersync/util/UserSyncUtil.java, line 32
> > <https://reviews.apache.org/r/54968/diff/1/?file=1591085#file1591085line32>
> >
> >     Pradeep, I'm a bit uncomfortable with us not using a library to do this.  [This
discussions](http://stackoverflow.com/questions/4737841/urlencoder-not-able-to-translate-space-character)
presents a couple of alternatives.  For example, UrlEscapers is a part of guava and is quite
well documented.  Importantly, it is likely to keep in step with any future changes in the
standards.
> >     
> >     I know it is a bear to test these things, so I cring as I suggest this nitpicky
change to you.
> 
> Pradeep Agrawal wrote:
>     Alok, I Went through Guava library, Apache common, Tomcat Catalina and Spring library;
but to find the best one i will need more time; i could not get the list of other characters
which can cause issue, To me only space was causing problem so i proposed this patch as it
involves less testing. Also we can always fix it in better way later whenever we will have
few more set of characters which can cause issue and alternate APIs covers them.

Fair enough.  ship it!


- Alok


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/54968/#review159994
-----------------------------------------------------------


On Dec. 22, 2016, 2:01 a.m., Pradeep Agrawal wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/54968/
> -----------------------------------------------------------
> 
> (Updated Dec. 22, 2016, 2:01 a.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay Kulkarni,
Madhan Neethiraj, Mehul Parikh, Ramesh Mani, Selvamohan Neethiraj, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1276
>     https://issues.apache.org/jira/browse/RANGER-1276
> 
> 
> Repository: ranger
> 
> 
> Description
> -------
> 
> ** Problem Statement :** if usersync process add groups with spaces in ranger admin and
to remove a user from a group it calls REST: /group/{groupName}/user/{userName}
> In this REST call if a group name contains spaces then URLEncoder.encode(s, "UTF-8")
method replace these spaces with + symbol and request is forwarded to ranger-admin. Whenever
Ranger receives group name with + character (rather spaces) it tries to search the received
group name in db but fails to find any rows as the group name with '+' character does not
exist. At Ranger admin end this process is considered as a failure of the request and ranger-admin
sends the error message to the log file.
> 
> ** Proposed Solution :** Ranger admin server expect that if spaces are there in URL path
segment then they should be send with encoding '%20' so that it can decode those encoded characters
internally. 
> During encoding of path segment usersync process usage UserSyncUtil.encodeURIParam(String
s) which calls java.net.URLEncoder.encode(String s, String enc) method. After encoding of
the provided string using java.net.URLEncoder.encode(String s, String enc) method we need
to replace + symbol with %20 characters, so that request can be forwarded to ranger admin
with %20 for spaces rather + symbol.
> 
> 
> Diffs
> -----
> 
>   ugsync/src/main/java/org/apache/ranger/usersync/util/UserSyncUtil.java a33576b 
> 
> Diff: https://reviews.apache.org/r/54968/diff/
> 
> 
> Testing
> -------
> 
> **Steps performed(with patch) :**
> 1. Installed and started Ranger admin.
> 2. Created a group with spaces 'my personal group'
> 3. Created a user with spaces 'public user1' and assigned it to group 'my personal group'
> 4. Tried to delete mapping of user 'public user1' from group 'my personal group'
> 
> **Sample Request after encoding:** curl -u admin:admin -v -i -s -X DELETE -H "Accept:
application/json" -H "Content-Type: application/json" http://localhost:6080/service/xusers/group/my%20personal%20group/user/public%20user1
> 5. Visited user tab from user/group menu.
> 
> **Expected Behaviour :** User 'public user1' mapping from group 'my personal group' should
get deleted and it should not show mapping of user 'public user1' in group 'my personal group'.
> **Actual Behaviour :** User 'public user1' got removed from group 'my personal group',
group column of user 'public user1' was empty.
> 
> 
> Thanks,
> 
> Pradeep Agrawal
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message