| RANGER-2847 | Add support/Fix Test connection with Ozone service |
| RANGER-3136 | NullPointException found when import policies form web side and "isOverride" is selected |
| RANGER-3137 | Lookup user should has 'Select' permission for all resource in hive-agent |
| RANGER-3421 | Key getting logged in RangerMasterKey.java |
| RANGER-3452 | Other attributes and sync source are not shown when user is converted from internal to external |
| RANGER-3453 | Avoid logging sensitive information in UserMgr.java |
| RANGER-3457 | [Session Timeout-Ranger]With multiple tabs if one tab encounters session idle timeout other active tab still continues with old/invalid session cookie. |
| RANGER-3463 | Use apt logger to log messages |
| RANGER-3503 | Make "hadoop.security.authorization" config as an optional config in cm_ozone service definition |
| RANGER-3718 | Script exceptions are not considered in ranger-docker |
| RANGER-3722 | Fix Test-case failure |
| RANGER-3748 | Fix healthcheck in postgres docker compose file |
| RANGER-3749 | Fix healthcheck in mysql docker compose file |
| RANGER-3752 | Restrict duplicate access types entries in policy creation |
| RANGER-3754 | Chained plugins access evaluation result is not considered in some cases |
| RANGER-3795 | Fix java patch J10033 and J10046 failure |
| RANGER-3797 | Not able to create security zone for solr service after upgrade |
| RANGER-3858 | On dev-support, service creation and ranger-kafka-plugin setup are failed |
| RANGER-3864 | Spurious creation of service-resource objects in Ranger |
| RANGER-3916 | Ranger UI fails to open when the Ranger admin domain name includes "service" keyword in it. |
| RANGER-3932 | Modifying the security zone name should also change the resourcesignature of their policy. |
| RANGER-3947 | Thread leak because of retry loop in SolrCollectionBootstrapper |
| RANGER-3967 | Service creation failing for Trino |
| RANGER-4023 | UserStoreEnricher is not enabled if only mask conditon has attribute based expression |
| RANGER-4034 | Start and End date fix in validity schedule of Policy Form in Ranger React |
| RANGER-4042 | Cleanup unused usersync poc package |
| RANGER-4052 | Zone filter not getting cleared in landing page after deleting the zone from zone listing page in Ranger React |
| RANGER-4073 | Groups are not visible in mask and row level policy listing tables. |
| RANGER-4074 | assignPermissionToUser in XUserMgr creates entries with NULL moduleId in x_user_module_perm |
| RANGER-4078 | [Ranger UI] [React JS] Error displayed on page when navigating to audits tab and clicking on clear search button |
| RANGER-4081 | [Ranger UI] [React JS] If the url to edit a policy, service or permissions for a module, and the url to view user/group/roles contains an invalid id, then page should display an error |
| RANGER-4084 | Login id which is available on left most corner coming as Camel case |
| RANGER-4085 | Search filter hint is not available where you search for policy |
| RANGER-4087 | Loader is still loading for resource field for policy creation even after Resource lookup API gives 200/204 |
| RANGER-4088 | While editing policy All permissions & and other resource fields are getting disappered |
| RANGER-4089 | Getting browser specific pop-up message if try to delete policy after edit |
| RANGER-4090 | Resouce lookup exception message is not available in react UI |
| RANGER-4091 | Policy condition & Permission window should close by any click events |
| RANGER-4092 | [Ranger UI] [React JS] Showing multiple msg prompts for multiple users/groups visibility toggle with same msg. |
| RANGER-4094 | [Ranger UI] [React JS] User_name/ group_name/ roles field of their tables clipping names more that 14-15 characters long. |
| RANGER-4095 | [Ranger UI] [React JS] On users/groups/roles page in settings - The page number can be decreased to zero and negative and can be increased beyond max pages available to show. |
| RANGER-4096 | [Ranger UI] [React JS] "show all users" button is not available in the show users prompt of groups table even if the users list is longer than 100. |
| RANGER-4097 | [Ranger UI] [React JS] Deletion of all services inside a zone in resource based policy page leads to disappearance of all the other services before refreshing the page. |
| RANGER-4099 | [Ranger UI] [React JS] Focus remains on last hovered element in the dropdown of security zone search bar of resource based policy page. |
| RANGER-4103 | [Ranger-react] Fix for improving logout mechanism in Ranger react code base. |
| RANGER-4115 | Tags containing attributes not processed correctly by tagsync |
| RANGER-4119 | [UI] Syntax check button missing in policy level condition |
| RANGER-4129 | ArrayIndexOutOfBounds exception may be thrown while processing events |
| RANGER-4131 | clientIP is not logged for create/grant/revoke role operations via hive beeline |
| RANGER-4132 | [Ranger UI] If view policy button is clicked for a policy which is deleted, then the page gets stuck in loading state |
| RANGER-4135 | Regression caused by Ranger-3920 |
| RANGER-4136 | Incorrect processing of tag-deltas by RangerTagEnricher |
| RANGER-4146 | [Ranger UI] [React JS] Tag-based policy UI to not show permissions in deny/exception for services that don't support deny/exception |
| RANGER-4157 | implicit expression condition not added to service-defs having existing conditions |
| RANGER-4167 | Kafka Test Suite Issues (RANGER-4144 on 3.0.0 branch) |
| RANGER-4173 | Ozone_key tag based policies are not working |
| RANGER-4176 | Failed to collect dependencies at org.apache.hbase:hbase-server:jar:2.4.6 -> org.glassfish.web:javax.servlet.jsp:jar:2.3.2 -> org.glassfish:javax.el:jar:3.0.1-b06-SNAPSHOT |
| RANGER-4177 | policy create/update should fail when it references non-existing user/group/role |
| RANGER-4178 | NoClassDefFoundError: org/apache/hadoop/hive/ql/exec/vector/ColumnVector |
| RANGER-4180 | Log Dir for gc-worker.log is not using same VAR as logs dir for other ranger logs |
| RANGER-4183 | Upon creating a zone, in zone details under Service section table, Service Type column value loads after some millisecond |
| RANGER-4187 | Not able to search using multiple user filter in access audit tab |
| RANGER-4192 | A higher priority Data-masking policy is not considered when computing Datamask type |
| RANGER-4193 | ServiceTagsProcessor fails to handle update of an existing Service-Resource |
| RANGER-4194 | For Hive service def resources not supporting exclude and recursive are showing this option in service view detail |
| RANGER-4197 | Encryption Tab's key manager table show blank data. |
| RANGER-4198 | [BUILD] [JDK11] - failed - ranger-master-snapshot-publish : Unix Native Authenticator #773' does not have a result yet. |
| RANGER-4199 | RangerPluginClassLoader.java has log error |
| RANGER-4214 | Build broken on JDK11 - |
| RANGER-4219 | Grant permission in Impala engine not working with {user} in ranger policy |
| RANGER-4225 | Possible Jackson serialization issue due to not comply with Java bean standards |
| RANGER-4233 | DOC SITE : Recent revamp of doc site has some issues when accessed via mobile or ipad |
| RANGER-4241 | Fix sql patch 65 syntax issue for oracle db |
| RANGER-4242 | Ranger Upgrade is failing while executing the PatchPreSql_057_ForUpdateToUniqueGUID_J10052 |
| RANGER-4244 | security zone REST API status code |
| RANGER-4250 | Ranger throws BAD Request Error when we are not passing exec user to the getRoles (/public/v2/api/roles/name/{name}) |
| RANGER-4258 | Ranger: Instead of limiting the listing to only 25, Ranger should provide a comprehensive list of maximum service definitions, services, and zones. |
| RANGER-4260 | In trino service while creating policy add permission is rendering incorrectly. |
| RANGER-4261 | Support for DEBUG logs in admin, usersync and tagsync |
| RANGER-4263 | LookupResource give blank response in new react UI |
| RANGER-4273 | Fix to maintain the zone search while editing the filtered policy on Report page |
| RANGER-4276 | Millions of logs getting generated with text "No context-enrichers!!!" |
| RANGER-4288 | User with ROLE_ADMIN_AUDITOR not able to view zone policy on Ranger Admin UI |
| RANGER-4291 | If a ROW_FILTER type policy resources match, then an audit log record with Result=Denied is created |
| RANGER-4292 | [Ranger UI] [React JS] Long zone names are not showing perfectly in the zone search dropdown of service manager |
| RANGER-4293 | [Ranger UI] [React JS] Long User/group/role name overflowing from delete confirmation dialog box |
| RANGER-4294 | Delete message alert box should have message specific to delete activity |
| RANGER-4295 | [Ranger UI] [React JS] Option might require to clear all filter at once for resource policy side bars |
| RANGER-4296 | [Ranger UI] [React JS] Dropdown option in the access audits must display "User" instead of "Users" |
| RANGER-4297 | [Ranger UI] [React JS] Scroll to Newly added row functionality in listing tables is not working. |
| RANGER-4299 | Zone resource validator handling of resources at different levels |
| RANGER-4301 | Ranger Access Audit doesn't show callerContext in the audit as hover over button for HDFS audits |
| RANGER-4305 | Two api requests for single export request triggered from Reports page |
| RANGER-4316 | Path resource matcher handling of resource ending with separator |
| RANGER-4317 | [Ranger UI] Error message displayed when resource lookup fails is not formatted properly |
| RANGER-4320 | createPrincipalsIfAbsent parameter is not recognized by importPoliciesFromFile REST API |
| RANGER-4322 | enable-atlas-plugin.sh fails due to missing commons-lang3 jar |
| RANGER-4328 | matching scope SELF_OR_PREFIX doesn't handle few wildcard cases |
| RANGER-4329 | Tagsync fails to start due to missing jars |
| RANGER-4331 | Fixes for search filter on Audits tabs |
| RANGER-4332 | AuditBatchQueue.log() should block instead of throwing 'Queue full' exception |
| RANGER-4339 | [Ranger React UI] Spelling of delegate admin has to be corrected in policy form |
| RANGER-4341 | Logout api call through idle timeout gets aborted |
| RANGER-4342 | RangerJSONAuditWriter creates new log file for writing ranger audits as JSON every time there is an Error/Exception |
| RANGER-4343 | Atlas default policy is showing 2 "admin" users in policy items |
| RANGER-4349 | AtlasTagSource is hardcoded to commit offset to ATLAS_ENTITIES |
| RANGER-4356 | Ranger CSV Report extract may fail with Null pointer exception |
| RANGER-4358 | Keep the usersync details popup names same as the backbone js names |
| RANGER-4360 | Error page 'Go back' button not redirecting to the right page |
| RANGER-4367 | [Ranger React UI] User with access on Key manager tab not able to view the "Encryption" tab on the React UI |
| RANGER-4368 | Audit filter in Tag base service display wrong value for resources |
| RANGER-4369 | [Ranger React UI] Options for permissions pop up for knox policies are not the same in Backbone UI and React JS |
| RANGER-4370 | [Ranger UI] [React JS]"Select All permissions for all components." checkbox missing in tag based policy permission popup |
| RANGER-4373 | Deleting a role which is already present in policy is giving incorrect message. |
| RANGER-4374 | Getting page not found when wrong password is send in 'Old Password' |
| RANGER-4376 | Need to show Tag Policies for user when it has permission in "Tag Based Policies" module |
| RANGER-4377 | Fix to use "public/v2/api/zone-headers" api to get list of zones in Access Logs and Report pages |
| RANGER-4381 | [Ranger React UI] Difference in user lookup API request in permissions module page between React UI and BackBone UI |
| RANGER-4383 | In Audit, Plugin Status tab if the record of respective service is in second page then Service Type filter for that service would show no result |
| RANGER-4390 | ORC audit fails with null pointer exception when filequeue buffer size and orc buffer size are not equal |
| RANGER-4392 | Tag based policy with boolean expression is not working |
| RANGER-4399 | Need to fix zone drop-down option in policy listing for user not having 'Security Zone' module permission |
| RANGER-4400 | RangerKafkaAuditHandler broken and multiple authorizations audited |
| RANGER-4402 | Active role version is not updated while plugin download |
| RANGER-4407 | Add server side validation for service audit filter |
| RANGER-4419 | In Tag-based policy from Ranger Admin UI, Allow Conditions permissions item is not showing services permissions which have enableDenyAndExceptionsInPolicies flag false. |
| RANGER-4422 | Searching for users/groups with Sync source filter on the users/groups page leads to error on Oracle DB |
| RANGER-4437 | incorrect error log from ResourceMatcher.isMatch() |
| RANGER-4438 | Read JAVA_OPTS in ranger db setup python script |
| RANGER-4439 | Duplicate resource IDs are create while updating security zone |
| RANGER-4467 | User Agent info not logged under "Login sessions" when login fails |
| RANGER-4472 | getResourceACL() API updates |
| RANGER-4475 | Security-Zone summary API ranger Admin should have access for all zones |
| RANGER-4477 | RangerOzoneAuthorizer doesn't set the resource owner |
| RANGER-4478 | Incorrect trie updates when processing deltas |
| RANGER-4486 | ZoneV2 partial update allows duplicate principals and tagServices |
| RANGER-4493 | Keep the UI behaviour for tag based and resource based services filtering for zone without any service |
| RANGER-4502 | Getting Error to load backbone.js latest UI. |
| RANGER-4513 | Policy listing page experiences an unexpected reset to Access tab when attempting to filter the service and zone dropdown options |
| RANGER-4542 | Need to add support of search by zoneNamePartial and sort by zoneName,createTime query params in zone-summary api |
| RANGER-4544 | Implement best coding practices for policy resources |
| RANGER-4556 | policy creation without resource is being allowed through rest api |
| RANGER-4584 | Default EXPIRES_ON policy is not loading while editing |
| RANGER-4600 | Add improvement for /xaudit/access_audit API based on user role |
| RANGER-4601 | /xaudit/access_audit/count API does not return the proper value |
| RANGER-4605 | /assets/resources/count does not return proper count if policies are greater than 200 |
| RANGER-4606 | /assets/assets/count API does not return the proper count if the number of services is greater than 200 |
| RANGER-4610 | API calls for zones and services on initial landing in ZoneListing page is being called twice |
| RANGER-4611 | Security zone form not populate resources value properly while creating and editing zone. |
| RANGER-4612 | Fix to use correct service for resource lookup API in security zone |
| RANGER-4615 | Keep the LDAP usersync details popup names same as the backbone js names |
| RANGER-4625 | Need to add required dependencies for plugin-yarn |
| RANGER-4628 | Need to add Validations for Security-Zone partial update API |
| RANGER-4632 | Security Zone policies version increases by +2 when we update its policy |
| RANGER-4636 | /public/api/repository/count does not return the proper value if the number of repositories is greater than 200 |
| RANGER-4645 | Unit test failures in TestSecurityZoneDBStore |
| RANGER-4653 | [Ranger React UI] Add inline assertions for displayName length in service creation / update form |
| RANGER-4655 | Execute and read permissions granted to a user in different HDFS policies does not take effect. |
| RANGER-4660 | While creating service, ranger logs show error if service name does not have underscore ('_') in it. |
| RANGER-4663 | Though tag service is selected while creating new service , it will get override with the new tag service created |
| RANGER-4666 | getResourceACL() API does not account for tags assigned to ANCESTOR resource |
| RANGER-4668 | Need to have new local storage item for column show hide functionality in plugin status table |
| RANGER-4673 | Pagination on the Ranger Admin - Plugin Status page |
| RANGER-4675 | Checkbox  selection issue when clicking on permission label  in tag-based permissions policy |
| RANGER-4680 | Inconsistent resource lookup behaviour with newly created service |
| RANGER-4681 | Audit logs for Mask & Row policy does not show policy condition under policy item |
| RANGER-4688 | Display query information for show roles/databases/schemas/grant role commands on Ranger Admin UI |
| RANGER-4689 | Fix Ranger Javapatch failure even if service-defs do not exist in ranger DB |
| RANGER-4690 | Access Audits - Resource policy version used for mask policy leading to Error page |
| RANGER-4695 | API to find zones for a resource doesn't handle deleted service |
| RANGER-4698 | [Ranger React UI] Audit UI improvements with respect to values overflowing into other columns |
| RANGER-4699 | Update the execution of setServiceDef call in App.jsx |
| RANGER-4700 | Audit logs for Masking policy is missing data mask type entry |
| RANGER-4711 | Show grant on table command is not audited by ranger |
| RANGER-4717 | Skip showing 'Page not found' for wrong value is provided to a api parameter in Login Session Tab |
| RANGER-4718 | Skip showing 'Page not found' page for INVALID_INPUT_DATA validation in User Profile |
| RANGER-4719 | Policy condition expressions are split by the Ranger UI on commas |
| RANGER-4720 | Ranger Admin server gives empty response when user with user-role tries to update lastname or email address |
| RANGER-4722 | HDFS authorization logic for directory hierarchy rooted at "/" is incorrect |
| RANGER-4723 | USE <database> fails even when the user has permission on some tables in the database |
| RANGER-4724 | ImportServiceTags api fails when the response json from tags/download/{serviceName} is used |
| RANGER-4727 | When tagDef delete fails, error message is not returned |
| RANGER-4737 | The inactivityTimeout is getting reset when user updates its profile from UserProfile page |
| RANGER-4747 | [docker]: Exception handling in create-ranger-services.py |
| RANGER-4762 | REST endpoints do not prevent duplicate values for a resource resulting in multiple policies for a resource |
| RANGER-4767 | Deleted policies are still taking effect if all policies for a security zone are deleted |
| RANGER-4774 | Ranger react UI some modules shown hardcoded time zone string "Indian Standard Time" |
| RANGER-4782 | Implement best coding practices for validating service configs |
| RANGER-4784 | Tag-Based - default policy is not created for tag added to security zone |
| RANGER-4786 | Ranger override policy is not working |
| RANGER-4804 | Encountering a '404 Not Found' page when assigning two or more groups to a user during editing |
| RANGER-4806 | With java 17 the audit spool exception is seen if solr is not reachable. |
| RANGER-4818 | [usersync] Users undergoing role reset to ROLE_USER from ROLE_SYS_ADMIN |
| RANGER-4822 | Policy creation/updation fails when validity period is added |
| RANGER-4823 | Incorrect processing of downloaded policies in plugin when policy-deltas are enabled |
| RANGER-4830 | Ranger KMS startup failure in database initialization |
| RANGER-4834 | Remove "Switch to latest UI" option from Ranger Admin Backbone classic UI |
| RANGER-4836 | Ranger Usersync failing due to java.lang.NoClassDefFoundError |
| RANGER-4837 | Intermittent test failures in org.apache.ranger.audit.TestAuditQueue |
| RANGER-4851 | Upon editing an User we are seeing some discrepancy in its Audit Admin logs |
| RANGER-4852 | De-duplicated tags do not work correctly when tag-deltas are enabled. |
| RANGER-4853 | Some code changes are missing during commit merge to ranger-2.5 branch |
| RANGER-4854 | Policy Import from UI is failing. |
| RANGER-4862 | HBase plugin initialization failure in HBase 2.6.0 |
| RANGER-4864 | Upon performing Policy Import some of Audit Admin logs are improper |
| RANGER-4867 | Role deletion shows "Data Not Found (400)." page when it is associated with some another role |
| RANGER-4868 | ranger-mem-sizing fails with NoClassDefFoundError: com/google/gson/GsonBuilder |
| RANGER-4874 | Ranger UI inaccessible after login |
