ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sailaja Polavarapu <spolavar...@hortonworks.com>
Subject Re: Review Request 65739: RANGER-1985: Auditing for Ranger usersync operations
Date Thu, 01 Mar 2018 01:05:55 GMT


> On Feb. 28, 2018, 8:14 a.m., Ramesh Mani wrote:
> > security-admin/src/main/java/org/apache/ranger/service/XUgsyncAuditInfoServiceBase.java
> > Lines 70 (patched)
> > <https://reviews.apache.org/r/65739/diff/3/?file=1967105#file1967105line70>
> >
> >     Can the resultList be null?

removed unused method


> On Feb. 28, 2018, 8:14 a.m., Ramesh Mani wrote:
> > ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapPolicyMgrUserGroupBuilder.java
> > Lines 507 (patched)
> > <https://reviews.apache.org/r/65739/diff/3/?file=1967114#file1967114line512>
> >
> >     this doesnt throw exception? Please review this part restructure?

There is some cleanup/restructuring need to be done. So will track in a separate review request.


> On Feb. 28, 2018, 8:14 a.m., Ramesh Mani wrote:
> > ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java
> > Lines 1220 (patched)
> > <https://reviews.apache.org/r/65739/diff/3/?file=1967121#file1967121line1232>
> >
> >     return ret?
> >     Assign ret with necessary value and also if possible return once at the end
of the method, which is less error prone and readble.

There is some cleanup/restructuring need to be done. So will track in a separate review request.


- Sailaja


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/65739/#review198379
-----------------------------------------------------------


On March 1, 2018, 1:03 a.m., Sailaja Polavarapu wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/65739/
> -----------------------------------------------------------
> 
> (Updated March 1, 2018, 1:03 a.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj,
Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1985
>     https://issues.apache.org/jira/browse/RANGER-1985
> 
> 
> Repository: ranger
> 
> 
> Description
> -------
> 
> Added code to support auditing for Ranger Usersync operations. This includes auditing
for all the sync sources (unix, file, and LDAP/AD) for every sync interval. Also includes
Rest API for showing these audits in Ranger UI.
> 
> 
> Diffs
> -----
> 
>   security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql d516d64e 
>   security-admin/db/mysql/patches/031-create-schema-for-usersync-audit-info.sql PRE-CREATION

>   security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql abc7d593 
>   security-admin/db/oracle/patches/031-create-schema-for-usersync-audit-info.sql PRE-CREATION

>   security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql 88629463 
>   security-admin/db/postgres/patches/031-create-schema-for-usersync-audit-info.sql PRE-CREATION

>   security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql bf3d954b

>   security-admin/db/sqlanywhere/patches/031-create-schema-for-usersync-audit-info.sql
PRE-CREATION 
>   security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql 56e2e99a

>   security-admin/db/sqlserver/patches/031-create-schema-for-usersync-audit-info.sql PRE-CREATION

>   security-admin/src/main/java/org/apache/ranger/biz/AssetMgr.java 034053d2 
>   security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java 71298a41 
>   security-admin/src/main/java/org/apache/ranger/common/AppConstants.java 4a02e26b 
>   security-admin/src/main/java/org/apache/ranger/db/RangerDaoManagerBase.java d61cbc7b

>   security-admin/src/main/java/org/apache/ranger/db/XXUgsyncAuditInfoDao.java PRE-CREATION

>   security-admin/src/main/java/org/apache/ranger/entity/XXUgsyncAuditInfo.java PRE-CREATION

>   security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java 3c274e3f 
>   security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java a07c243a 
>   security-admin/src/main/java/org/apache/ranger/security/context/RangerAPIList.java
460c7fda 
>   security-admin/src/main/java/org/apache/ranger/service/XUgsyncAuditInfoService.java
PRE-CREATION 
>   security-admin/src/main/java/org/apache/ranger/service/XUgsyncAuditInfoServiceBase.java
PRE-CREATION 
>   security-admin/src/main/java/org/apache/ranger/view/VXFileSyncSourceInfo.java PRE-CREATION

>   security-admin/src/main/java/org/apache/ranger/view/VXLdapSyncSourceInfo.java PRE-CREATION

>   security-admin/src/main/java/org/apache/ranger/view/VXUgsyncAuditInfo.java PRE-CREATION

>   security-admin/src/main/java/org/apache/ranger/view/VXUgsyncAuditInfoList.java PRE-CREATION

>   security-admin/src/main/java/org/apache/ranger/view/VXUnixSyncSourceInfo.java PRE-CREATION

>   security-admin/src/main/resources/META-INF/jpa_named_queries.xml 35ba30d9 
>   security-admin/src/main/resources/META-INF/persistence.xml 20f5bbac 
>   ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapDeltaUserGroupBuilder.java
2852b320 
>   ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapPolicyMgrUserGroupBuilder.java
18366ef1 
>   ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapUserGroupBuilder.java
6b2648d9 
>   ugsync/src/main/java/org/apache/ranger/unixusersync/model/FileSyncSourceInfo.java PRE-CREATION

>   ugsync/src/main/java/org/apache/ranger/unixusersync/model/LdapSyncSourceInfo.java PRE-CREATION

>   ugsync/src/main/java/org/apache/ranger/unixusersync/model/UgsyncAuditInfo.java PRE-CREATION

>   ugsync/src/main/java/org/apache/ranger/unixusersync/model/UnixSyncSourceInfo.java PRE-CREATION

>   ugsync/src/main/java/org/apache/ranger/unixusersync/process/FileSourceUserGroupBuilder.java
713c8688 
>   ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java
864d884d 
>   ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java
60ce08d1 
>   ugsync/src/main/java/org/apache/ranger/usergroupsync/UserGroupSink.java 494efc21 
> 
> 
> Diff: https://reviews.apache.org/r/65739/diff/4/
> 
> 
> Testing
> -------
> 
> 1. Tested with different types of sync sources (Unix, File, and LDAP/AD)
> 2. Also tested with incremental sync enabled for AD sync source.
> 3. Tested the Rest API for showing audits in Ranger UI.
> 
> 
> Thanks,
> 
> Sailaja Polavarapu
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message