ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mehul Parikh <xsme...@gmail.com>
Subject Re: Review Request 73432: RANGER-3259 : [Ranger Audit Filter] Ranger role is allowed to delete, even if its used in audit filters
Date Fri, 30 Jul 2021 05:40:48 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73432/#review223294
-----------------------------------------------------------


Ship it!




Ship It!

- Mehul Parikh


On July 29, 2021, 6:45 a.m., Dineshkumar Yadav wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73432/
> -----------------------------------------------------------
> 
> (Updated July 29, 2021, 6:45 a.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Jayendra Parab, Kishor Gollapalliwar, Abhay
Kulkarni, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, and Vishal Suvagia.
> 
> 
> Bugs: RANGER-3259
>     https://issues.apache.org/jira/browse/RANGER-3259
> 
> 
> Repository: ranger
> 
> 
> Description
> -------
> 
> Observed that we are able to delete ranger role, even if the role is used in ranger audit
filters in some service plugin.
> Similar observation was found for User & Group.
> 
> 
> Diffs
> -----
> 
>   security-admin/src/main/java/org/apache/ranger/biz/RoleDBStore.java df3fabb0b 
>   security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java a888d91ce 
>   security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java 624232644 
>   security-admin/src/main/java/org/apache/ranger/db/XXServiceConfigMapDao.java 00d1a32b7

>   security-admin/src/main/resources/META-INF/jpa_named_queries.xml 3ef8ba32f 
> 
> 
> Diff: https://reviews.apache.org/r/73432/diff/5/
> 
> 
> Testing
> -------
> 
> Testing  Done
>  use case :1 
>  Delete User when that user is present in ranger audit filters in some service plugin.
>  use case :2 
>  Delete Group when that group is present in ranger audit filters in some service plugin.
>  use case :3 
>  Delete Role when that role is present in ranger audit filters in some service plugin.
> 
> 
> Thanks,
> 
> Dineshkumar Yadav
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message