From dev-return-16936-archive-asf-public=cust-asf.ponee.io@ranger.apache.org Tue Mar 6 07:34:38 2018 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx-eu-01.ponee.io (Postfix) with SMTP id AC510180652 for ; Tue, 6 Mar 2018 07:34:37 +0100 (CET) Received: (qmail 86446 invoked by uid 500); 6 Mar 2018 06:34:36 -0000 Mailing-List: contact dev-help@ranger.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@ranger.apache.org Delivered-To: mailing list dev@ranger.apache.org Received: (qmail 86431 invoked by uid 99); 6 Mar 2018 06:34:35 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd3-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 06 Mar 2018 06:34:35 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id 7E74E180461; Tue, 6 Mar 2018 06:34:35 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 2.14 X-Spam-Level: ** X-Spam-Status: No, score=2.14 tagged_above=-999 required=6.31 tests=[DKIM_ADSP_CUSTOM_MED=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=2, KAM_LAZY_DOMAIN_SECURITY=1, NML_ADSP_CUSTOM_MED=1.2, RCVD_IN_DNSWL_MED=-2.3, T_RP_MATCHES_RCVD=-0.01] autolearn=disabled Received: from mx1-lw-eu.apache.org ([10.40.0.8]) by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024) with ESMTP id D1llgocWvHSY; Tue, 6 Mar 2018 06:34:33 +0000 (UTC) Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139]) by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with ESMTP id DE90A5F1A1; Tue, 6 Mar 2018 06:34:32 +0000 (UTC) Received: from reviews.apache.org (unknown [10.41.0.12]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id 3BA1AE0056; Tue, 6 Mar 2018 06:34:32 +0000 (UTC) Received: from reviews-vm2.apache.org (localhost [IPv6:::1]) by reviews.apache.org (ASF Mail Server at reviews-vm2.apache.org) with ESMTP id 2542CC40195; Tue, 6 Mar 2018 06:34:32 +0000 (UTC) Content-Type: multipart/alternative; boundary="===============2102099686362264636==" MIME-Version: 1.0 Subject: Re: Review Request 65901: RANGER-1948: Support for Read-only Ranger Admin users (Ranger UI changes) From: Nitin Galave To: Velmurugan Periasamy , Fatima Khan , Mehul Parikh , Gautam Borad Cc: Nitin Galave , ranger Date: Tue, 06 Mar 2018 06:34:32 -0000 Message-ID: <20180306063432.45970.26806@reviews-vm2.apache.org> X-ReviewBoard-URL: https://reviews.apache.org/ Auto-Submitted: auto-generated Sender: Nitin Galave X-ReviewGroup: ranger X-Auto-Response-Suppress: DR, RN, OOF, AutoReply X-ReviewRequest-URL: https://reviews.apache.org/r/65901/ X-Sender: Nitin Galave References: <20180306055419.9467.79154@reviews-vm2.apache.org> In-Reply-To: <20180306055419.9467.79154@reviews-vm2.apache.org> X-ReviewBoard-Diff-For: security-admin/src/main/webapp/templates/service/RangerServiceViewDetail_tmpl.html X-ReviewBoard-Diff-For: security-admin/src/main/webapp/scripts/views/service/RangerServiceViewDetail.js Reply-To: Nitin Galave X-ReviewRequest-Repository: ranger --===============2102099686362264636== MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/65901/ ----------------------------------------------------------- (Updated March 6, 2018, 6:34 a.m.) Review request for ranger, Fatima Khan, Gautam Borad, Mehul Parikh, and Velmurugan Periasamy. Bugs: RANGER-1948 https://issues.apache.org/jira/browse/RANGER-1948 Repository: ranger Description ------- This JIRA is to cater to need of Auditor roles in Ranger Admin. We can introduce Auditor Roles for both the Administrator Roles in Ranger Admin. Auditor (Readonly privileges from current Admin role user ) KMS Auditor (Readonly privileges from current Keydmin role user ) Diffs ----- security-admin/src/main/webapp/scripts/controllers/Controller.js 2be915f security-admin/src/main/webapp/scripts/mgrs/SessionMgr.js e7a3856 security-admin/src/main/webapp/scripts/modules/globalize/message/en.js ef75e36 security-admin/src/main/webapp/scripts/utils/XAEnums.js 0e0958d security-admin/src/main/webapp/scripts/utils/XAUtils.js 4fe7263 security-admin/src/main/webapp/scripts/views/common/TopNav.js aba71ef security-admin/src/main/webapp/scripts/views/kms/KMSTableLayout.js 2749cea security-admin/src/main/webapp/scripts/views/permissions/ModulePermissionForm.js d9c522c security-admin/src/main/webapp/scripts/views/permissions/ModulePermsTableLayout.js b46d526 security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js 618207d security-admin/src/main/webapp/scripts/views/policymanager/ServiceLayout.js 7aab1e2 security-admin/src/main/webapp/scripts/views/reports/OperationDiffDetail.js c8fc050 security-admin/src/main/webapp/scripts/views/reports/UserAccessLayout.js e0470cf security-admin/src/main/webapp/scripts/views/service/RangerServiceViewDetail.js PRE-CREATION security-admin/src/main/webapp/scripts/views/user/UserProfileForm.js d545a05 security-admin/src/main/webapp/scripts/views/users/GroupCreate.js b73f755 security-admin/src/main/webapp/scripts/views/users/UserCreate.js b8c5894 security-admin/src/main/webapp/scripts/views/users/UserForm.js bd3730b security-admin/src/main/webapp/scripts/views/users/UserTableLayout.js 9febd99 security-admin/src/main/webapp/styles/xa.css 919e825 security-admin/src/main/webapp/templates/common/TopNav_tmpl.html d2ff968 security-admin/src/main/webapp/templates/helpers/XAHelpers.js f8479e4 security-admin/src/main/webapp/templates/kms/KmsTableLayout_tmpl.html 8107148 security-admin/src/main/webapp/templates/permissions/ModulePermsTableLayout_tmpl.html 52b36a1 security-admin/src/main/webapp/templates/policies/RangerPolicyTableLayout_tmpl.html c49dc32 security-admin/src/main/webapp/templates/reports/UserAccessLayout_tmpl.html e185742 security-admin/src/main/webapp/templates/service/RangerServiceViewDetail_tmpl.html PRE-CREATION security-admin/src/main/webapp/templates/users/UserTableLayout_tmpl.html b7d4967 Diff: https://reviews.apache.org/r/65901/diff/1/ Testing (updated) ------- Tested scenario's: 1.Admin user is able to create User role user. 2.Admin user is able to create Auditor role user. 3.Admin user is not able to create kms auditor role user. 4.Keyadmin user is able to create kms auditor. 5.Auditor is able to only view policies, users, services and audits. 6.Kms auditor is able to only view policies, users, services, audits and keys. 7.Auditor is able to see permission tab but kms auditor should not see permission tab. Thanks, Nitin Galave --===============2102099686362264636==--