ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sailaja Polavarapu <spolavar...@hortonworks.com>
Subject Re: Review Request 65739: RANGER-1985: Auditing for Ranger usersync operations
Date Thu, 01 Mar 2018 01:03:44 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/65739/
-----------------------------------------------------------

(Updated March 1, 2018, 1:03 a.m.)


Review request for ranger, Ankita Sinha, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Pradeep
Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy.


Changes
-------

Incorporated review comments as well as updated patch file with latest sources from master


Bugs: RANGER-1985
    https://issues.apache.org/jira/browse/RANGER-1985


Repository: ranger


Description
-------

Added code to support auditing for Ranger Usersync operations. This includes auditing for
all the sync sources (unix, file, and LDAP/AD) for every sync interval. Also includes Rest
API for showing these audits in Ranger UI.


Diffs (updated)
-----

  security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql d516d64e 
  security-admin/db/mysql/patches/031-create-schema-for-usersync-audit-info.sql PRE-CREATION

  security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql abc7d593 
  security-admin/db/oracle/patches/031-create-schema-for-usersync-audit-info.sql PRE-CREATION

  security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql 88629463 
  security-admin/db/postgres/patches/031-create-schema-for-usersync-audit-info.sql PRE-CREATION

  security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql bf3d954b

  security-admin/db/sqlanywhere/patches/031-create-schema-for-usersync-audit-info.sql PRE-CREATION

  security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql 56e2e99a 
  security-admin/db/sqlserver/patches/031-create-schema-for-usersync-audit-info.sql PRE-CREATION

  security-admin/src/main/java/org/apache/ranger/biz/AssetMgr.java 034053d2 
  security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java 71298a41 
  security-admin/src/main/java/org/apache/ranger/common/AppConstants.java 4a02e26b 
  security-admin/src/main/java/org/apache/ranger/db/RangerDaoManagerBase.java d61cbc7b 
  security-admin/src/main/java/org/apache/ranger/db/XXUgsyncAuditInfoDao.java PRE-CREATION

  security-admin/src/main/java/org/apache/ranger/entity/XXUgsyncAuditInfo.java PRE-CREATION

  security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java 3c274e3f 
  security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java a07c243a 
  security-admin/src/main/java/org/apache/ranger/security/context/RangerAPIList.java 460c7fda

  security-admin/src/main/java/org/apache/ranger/service/XUgsyncAuditInfoService.java PRE-CREATION

  security-admin/src/main/java/org/apache/ranger/service/XUgsyncAuditInfoServiceBase.java
PRE-CREATION 
  security-admin/src/main/java/org/apache/ranger/view/VXFileSyncSourceInfo.java PRE-CREATION

  security-admin/src/main/java/org/apache/ranger/view/VXLdapSyncSourceInfo.java PRE-CREATION

  security-admin/src/main/java/org/apache/ranger/view/VXUgsyncAuditInfo.java PRE-CREATION

  security-admin/src/main/java/org/apache/ranger/view/VXUgsyncAuditInfoList.java PRE-CREATION

  security-admin/src/main/java/org/apache/ranger/view/VXUnixSyncSourceInfo.java PRE-CREATION

  security-admin/src/main/resources/META-INF/jpa_named_queries.xml 35ba30d9 
  security-admin/src/main/resources/META-INF/persistence.xml 20f5bbac 
  ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapDeltaUserGroupBuilder.java
2852b320 
  ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapPolicyMgrUserGroupBuilder.java
18366ef1 
  ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapUserGroupBuilder.java 6b2648d9

  ugsync/src/main/java/org/apache/ranger/unixusersync/model/FileSyncSourceInfo.java PRE-CREATION

  ugsync/src/main/java/org/apache/ranger/unixusersync/model/LdapSyncSourceInfo.java PRE-CREATION

  ugsync/src/main/java/org/apache/ranger/unixusersync/model/UgsyncAuditInfo.java PRE-CREATION

  ugsync/src/main/java/org/apache/ranger/unixusersync/model/UnixSyncSourceInfo.java PRE-CREATION

  ugsync/src/main/java/org/apache/ranger/unixusersync/process/FileSourceUserGroupBuilder.java
713c8688 
  ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java
864d884d 
  ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java 60ce08d1

  ugsync/src/main/java/org/apache/ranger/usergroupsync/UserGroupSink.java 494efc21 


Diff: https://reviews.apache.org/r/65739/diff/4/

Changes: https://reviews.apache.org/r/65739/diff/3-4/


Testing
-------

1. Tested with different types of sync sources (Unix, File, and LDAP/AD)
2. Also tested with incremental sync enabled for AD sync source.
3. Tested the Rest API for showing audits in Ranger UI.


Thanks,

Sailaja Polavarapu


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message