ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dineshkumar Yadav <dineshkumar.ya...@outlook.com>
Subject Re: Review Request 73432: RANGER-3259 : [Ranger Audit Filter] Ranger role is allowed to delete, even if its used in audit filters
Date Thu, 29 Jul 2021 06:45:01 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73432/
-----------------------------------------------------------

(Updated July 29, 2021, 6:45 a.m.)


Review request for ranger, Ankita Sinha, Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni,
Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, and Vishal Suvagia.


Bugs: RANGER-3259
    https://issues.apache.org/jira/browse/RANGER-3259


Repository: ranger


Description
-------

Observed that we are able to delete ranger role, even if the role is used in ranger audit
filters in some service plugin.
Similar observation was found for User & Group.


Diffs (updated)
-----

  security-admin/src/main/java/org/apache/ranger/biz/RoleDBStore.java df3fabb0b 
  security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java a888d91ce 
  security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java 624232644 
  security-admin/src/main/java/org/apache/ranger/db/XXServiceConfigMapDao.java 00d1a32b7 
  security-admin/src/main/resources/META-INF/jpa_named_queries.xml 3ef8ba32f 


Diff: https://reviews.apache.org/r/73432/diff/5/

Changes: https://reviews.apache.org/r/73432/diff/4-5/


Testing
-------

Testing  Done
 use case :1 
 Delete User when that user is present in ranger audit filters in some service plugin.
 use case :2 
 Delete Group when that group is present in ranger audit filters in some service plugin.
 use case :3 
 Delete Role when that role is present in ranger audit filters in some service plugin.


Thanks,

Dineshkumar Yadav


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message