Sub-task

  • [RANGER-1808] - Write unit test for RANGER-1672
  • [RANGER-1809] - Write install guide for RANGER-1672
  • [RANGER-2030] - Admin UI updates to support policy effective dates
  • [RANGER-2126] - Improve ranger coverage of unit tests for REST layer.

Bug

  • [RANGER-1496] - Excel/csv exported file should have complete details of the policy
  • [RANGER-1852] - some groups missed to be sync if they are syncd from openldap If deltasync is enabled
  • [RANGER-1948] - Support for Read-only Ranger Admin users
  • [RANGER-1989] - Ranger Admin may fail to start after enabling SSLHadoop GroupMapping
  • [RANGER-1994] - Tomcat Security Vulnerability Alert. The version of the tomcat for ranger should upgrade to 7.0.85.
  • [RANGER-1996] - Change Atlas version from 0.8.2 to 1.0.0-SNAPSHOT
  • [RANGER-1997] - Update tagsync to handle Atlas notifications of type V1 and V2
  • [RANGER-2009] - Improve delegate-admin processing for Ranger policies
  • [RANGER-2013] - Restrict updation of user source
  • [RANGER-2015] - In view policy we are able to see 'Deny Policy' & 'Except Conditions' even if 'enableDenyAndExceptionsInPolicies : false'
  • [RANGER-2016] - Fix null passed in as a HttpServletRequest - into the deletePoliciesProvidedInServiceMap method.
  • [RANGER-2017] - Ranger KMS encryption good practices
  • [RANGER-2020] - Mandatory values are not filled then also able to create atlas policy
  • [RANGER-2021] - Ranger "Login Sessions" Audits impossible to browse due to 'rangerusersync'
  • [RANGER-2023] - Hive test connection / lookup failed in kerberos cluster.
  • [RANGER-2024] - tagsync updates to handle name-services in federated hdfs
  • [RANGER-2025] - tagsync updates to handle hbase namespace entity notification
  • [RANGER-2026] - Update Hbase plugin to handle default namespace
  • [RANGER-2027] - Evaluate grantor's group membership in the plugin for grant/revoke request
  • [RANGER-2028] - Fix release build scripts to conform to latest Apache release guidelines
  • [RANGER-2031] - Good coding practice in Ranger recommended by static code analysis
  • [RANGER-2033] - Add hbase policy and click the 'Test Connection' button. Connection Failed.
  • [RANGER-2035] - Errors accessing servicedefs with empty implClass with Oracle backend
  • [RANGER-2036] - Allow Auditor and KMS Auditor role user to Export of Excel and CSV
  • [RANGER-2037] - Avoid creation of spurious audit record in HDFS 2.8.0 onwards
  • [RANGER-2039] - Allow access to Audit tab for all users of role Keyadmin and KMS Auditor
  • [RANGER-2040] - Improvement in Analytics Metric of Ranger Admin and Ranger Kms for Users/groups metric collection for Auditor Role.
  • [RANGER-2041] - Handle validations for passwords of admin accounts during ranger install.
  • [RANGER-2042] - Fix error variable and remove invalid import package in upgrade_admin.py file of the security admin.
  • [RANGER-2044] - Fix execute sql failure in db_setup.py file of the admin.
  • [RANGER-2051] - Unable to delete services on Ranger Admin UI
  • [RANGER-2053] - Import Ranger Policy(ies) failing with NullPointerException
  • [RANGER-2054] - Fix new findBugs in RangerAdminClientImpl.java for kylin plugin test
  • [RANGER-2055] - STARTTLS support for ranger admin authentication
  • [RANGER-2057] - ranger-ugsync-default file not found and Log message
  • [RANGER-2060] - Knox proxy with knox-sso is not working for ranger
  • [RANGER-2061] - Add policy engine support to get summary user and group ACLs for a resource
  • [RANGER-2062] - Update jQuery version
  • [RANGER-2063] - Audit log shows multiple table names when only one table is accessed
  • [RANGER-2065] - Entity is readable even if there is no entity-read-classification permission.
  • [RANGER-2066] - Hbase column family access is authorized by a tagged column in the column family
  • [RANGER-2068] - Fix ranger.plugin.hbase.policy.rest.ssl.config.file parameter error.
  • [RANGER-2069] - group id below than 500 is not getting syncd
  • [RANGER-2070] - Ranger Storm service creation fails
  • [RANGER-2071] - Correct log file permissions for Tagsync and usersync
  • [RANGER-2073] - Good coding practices for usersync, tagsync, ldap tool configuration.
  • [RANGER-2074] - Update netty version in ranger kms package
  • [RANGER-2075] - Handle restart of Ranger Admin service from ranger-admin-services.sh
  • [RANGER-2076] - Handle proxy users for Kerberos based authentication.
  • [RANGER-2079] - RANGER Admin UI login through knox proxy fails with 404
  • [RANGER-2080] - Add json-smart explicitly to security-admin/pom.xml
  • [RANGER-2082] - Ranger fails to start when using (core) LDAPGroupMapping - missing class
  • [RANGER-2083] - Restrict KMS audit events to KMS related users only
  • [RANGER-2084] - Support for service-specific audit configuration in Ranger plugin
  • [RANGER-2085] - Add resource lookup for entity-id in Atlas service
  • [RANGER-2086] - Resource data mask policy overrides when both tag and resource datamask policies match
  • [RANGER-2087] - Use qualifiedName first to figure out HDFS path, clusterName and Ranger service-name from Atlas Hdfs entity
  • [RANGER-2089] - Update scala library version for tagsync to be the same as in Atlas
  • [RANGER-2090] - Empty start and end time Strings should be interpreted same as NULL in Ranger
  • [RANGER-2091] - Good coding practice for ranger response codes.
  • [RANGER-2092] - Getting count in "Modified user" and "Modified group" when we add new user
  • [RANGER-2094] - Handle Export Policy feature for different browsers
  • [RANGER-2096] - Remove dead code from AbstractBaseResourceService and RangerBizUtil
  • [RANGER-2098] - improvement in ranger policy timezones and keeping validation at both ranger server and UI end consistent.
  • [RANGER-2100] - REST API to get count of total services, policies, users, groups and various mapping
  • [RANGER-2101] - Testcases Improvement to follow best practices
  • [RANGER-2102] - Popup, Date picker and Dropdown list of select field remains open on-click of a back button from browser
  • [RANGER-2103] - User is not able to see revoke audits for HBASE.
  • [RANGER-2104] - Ranger tagsync should ignore ENTITY_UPDATE events if the updated entity does not have associated traits
  • [RANGER-2106] - Keyadmin is not able to see 'Audit tab' and 'User tab' by default.
  • [RANGER-2107] - Use Spring to inject DAOs
  • [RANGER-2108] - Ensure that resource names in service definition contain only lowercase, hyphens or underscore characters
  • [RANGER-2110] - 'copy hive query to clipboard' button in audits tab is not working
  • [RANGER-2113] - Improve error handling when of change password process gets killed.
  • [RANGER-2116] - Ranger UI: Fix policy condition field usability issue when multi-line attribute is set to true in policy screen
  • [RANGER-2117] - RangerKafkaAuthorizer to support new resources and operations which are in Apache Kafka 1.0.0
  • [RANGER-2118] - Update libpam4j version in ranger package
  • [RANGER-2119] - Ranger UI: resource field issue when we set lookupSupported attribute to false in ranger-service-def.
  • [RANGER-2121] - Ranger build using Docker is broken
  • [RANGER-2122] - Improvement in ranger yarn and hdfs plugin for additional default policy creation feature during service creation
  • [RANGER-2123] - Different error msg on backend/frontend login validation
  • [RANGER-2124] - Incorrect value in usersync audit logs for total number of groups synced
  • [RANGER-2131] - Ranger UserSync port (ie 5151) supports TLSv1.0
  • [RANGER-2133] - Good coding practices for REST classes and unit tests
  • [RANGER-2134] - Ranger Storm Plugin fails to download policies with Storm autocreds in classpath
  • [RANGER-2137] - Service Creation Failure, if user is not present in ranger database
  • [RANGER-2138] - Add unit tests for org.apache.ranger.service package
  • [RANGER-2141] - Add PatchForKafkaServiceDefUpdate_J10015.java in consolidated DB schema
  • [RANGER-2145] - Update service-def for Atlas to remove access-type entity-read-classification
  • [RANGER-2146] - Tag attribute type needs to be initialized to a non-empty string

New Feature

  • [RANGER-1672] - Ranger supports plugin to enable, monitor and manage apache kylin
  • [RANGER-1985] - Auditing for Ranger Usersync operations
  • [RANGER-2000] - Policy effective dates to support time-bound and temporary authorization
  • [RANGER-2002] - Ranger support for time based classifications and business terms from Apache Atlas

Improvement

  • [RANGER-1889] - List Users belonging to Group in Group tab
  • [RANGER-1999] - Policy evaluation to support multiple values for accessed resource
  • [RANGER-2001] - Similar to RANGER-1469, we should check whether the user or group has existed before the installer create a new user or group when user install usersync
  • [RANGER-2004] - Update Ranger Atlas Authorizer for the authorization model changes in Atlas
  • [RANGER-2005] - Remove invalid packages and import commands package to installer to fixed RANGER-1469 defect.
  • [RANGER-2010] - Ranger Tagsync should use cookie based authentication for subsequent requests to Ranger admin
  • [RANGER-2012] - Update Apache parent pom version
  • [RANGER-2018] - Upgrade to Spring 4
  • [RANGER-2019] - Handle upgrade scenario to rename the old ATLAS service def and use the new service def
  • [RANGER-2022] - Atlas plugin install.properties is missing component location
  • [RANGER-2029] - Ranger Kafka default policy creation improvement.
  • [RANGER-2032] - Use consolidated and optimized DB schema script for fresh install of Ranger
  • [RANGER-2043] - Ranger KMS KeyProvider and HSM KeyProvider should have more debug logs
  • [RANGER-2056] - Good coding practices for KMS and unixauth
  • [RANGER-2058] - Add SSL enabled Postgres support in Ranger Admin
  • [RANGER-2059] - Write unit tests for export/import functionality
  • [RANGER-2064] - Ranger Usersync should use cookie based authentication for subsequent requests to Ranger admin
  • [RANGER-2072] - Update HBase to 1.3.2
  • [RANGER-2095] - Add unit tests for new read only admin-auditor/kms-auditor roles functionality
  • [RANGER-2115] - Atlas service def creation failing during Ranger installation
  • [RANGER-2132] - Add unit tests for org.apache.ranger.common package
  • [RANGER-2143] - Update Ranger authorizer for Atlas for new method added in authorization interface (ATLAS-2765)

Test

Task

  • [RANGER-2067] - Supply the function of viewing policy history version.
  • [RANGER-2099] - TagSync update for Atlas notification changes in ATLAS-2656
  • [RANGER-2136] - Upgrade to the released version of Atlas 1.0.0
  • [RANGER-2147] - Release Ranger 1.1.0

  • No labels