This is an automated email from the ASF dual-hosted git repository. madhan pushed a commit to branch ranger-2.4 in repository https://gitbox.apache.org/repos/asf/ranger.git
commit 123a3438727a1c7106d9850a7eb207cf1949f843 Author: Subhrat Chaudhary <[email protected]> AuthorDate: Tue May 16 11:48:00 2023 -0700 RANGER-4240: optimized removal of x_auth_sess entries while deleting an user Signed-off-by: Madhan Neethiraj <[email protected]> (cherry picked from commit 8a143519967e699eae73798d93b60733a53254e8) --- .../src/main/java/org/apache/ranger/biz/XUserMgr.java | 13 ++++++------- .../main/java/org/apache/ranger/db/XXAuthSessionDao.java | 13 +++++++++++++ .../src/main/resources/META-INF/jpa_named_queries.xml | 8 ++++++++ .../src/test/java/org/apache/ranger/biz/TestXUserMgr.java | 4 ---- 4 files changed, 27 insertions(+), 11 deletions(-) diff --git a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java index 190a57d32..a5921d372 100755 --- a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java @@ -2270,7 +2270,7 @@ public class XUserMgr extends XUserMgrBase { XXAuthSessionDao xXAuthSessionDao=daoManager.getXXAuthSession(); XXUserPermissionDao xXUserPermissionDao=daoManager.getXXUserPermission(); XXPortalUserRoleDao xXPortalUserRoleDao=daoManager.getXXPortalUserRole(); - List<XXAuthSession> xXAuthSessions=xXAuthSessionDao.getAuthSessionByUserId(xXPortalUserId); + List<Long> xXAuthSessionIds = xXAuthSessionDao.getAuthSessionIdsByUserId(xXPortalUserId); List<XXUserPermission> xXUserPermissions=xXUserPermissionDao.findByUserPermissionId(xXPortalUserId); List<XXPortalUserRole> xXPortalUserRoles=xXPortalUserRoleDao.findByUserId(xXPortalUserId); @@ -2303,12 +2303,11 @@ public class XUserMgr extends XUserMgrBase { //delete XXPortalUser references if(vXPortalUser!=null){ xPortalUserService.updateXXPortalUserReferences(xXPortalUserId); - if(xXAuthSessions!=null && xXAuthSessions.size()>0){ - logger.warn("Deleting " + xXAuthSessions.size() + " login session records for user '" + vXPortalUser.getLoginId() + "'"); - } - for (XXAuthSession xXAuthSession : xXAuthSessions) { - xXAuthSessionDao.remove(xXAuthSession.getId()); + if(CollectionUtils.isNotEmpty(xXAuthSessionIds)){ + logger.warn("Deleting " + xXAuthSessionIds.size() + " login session records for user '" + vXPortalUser.getLoginId() + "'"); + xXAuthSessionDao.deleteAuthSessionsByIds(xXAuthSessionIds); } + for (XXUserPermission xXUserPermission : xXUserPermissions) { if(xXUserPermission!=null){ XXModuleDef xXModuleDef=daoManager.getXXModuleDef().findByModuleId(xXUserPermission.getModuleId()); @@ -2389,7 +2388,7 @@ public class XUserMgr extends XUserMgrBase { if(hasReferences==false && vXAuditMapList!=null && vXAuditMapList.getListSize()>0){ hasReferences=true; } - if(hasReferences==false && xXAuthSessions!=null && xXAuthSessions.size()>0){ + if(hasReferences==false && CollectionUtils.isNotEmpty(xXAuthSessionIds)){ hasReferences=true; } if(hasReferences==false && xXUserPermissions!=null && xXUserPermissions.size()>0){ diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXAuthSessionDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXAuthSessionDao.java index 934d25865..c3bd13c63 100644 --- a/security-admin/src/main/java/org/apache/ranger/db/XXAuthSessionDao.java +++ b/security-admin/src/main/java/org/apache/ranger/db/XXAuthSessionDao.java @@ -75,6 +75,19 @@ public class XXAuthSessionDao extends BaseDao<XXAuthSession> { .setParameter("authWindowStartTime", authWindowStartTime) .getSingleResult(); } + public List<Long> getAuthSessionIdsByUserId(Long userId) { + if(userId == null) { + return null; + } + + return getEntityManager() + .createNamedQuery("XXAuthSession.findIdsByUserId", Long.class) + .setParameter("userId", userId) + .getResultList(); + } + public void deleteAuthSessionsByIds(List<Long> ids){ + batchDeleteByIds("XXAuthSession.deleteByIds", ids, "ids"); + } } diff --git a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml index 2aa594dff..673d4956d 100755 --- a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml +++ b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml @@ -36,6 +36,14 @@ :authWindowStartTime) </query> </named-query> + <named-query name="XXAuthSession.findIdsByUserId"> + <query>SELECT obj.id FROM XXAuthSession obj WHERE obj.userId = :userId + </query> + </named-query> + <named-query name="XXAuthSession.deleteByIds"> + <query>DELETE FROM XXAuthSession obj WHERE obj.id in :ids + </query> + </named-query> <!-- XXPortalUser --> <named-query name="XXPortalUser.findByEmailAddress"> diff --git a/security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java b/security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java index 027c3b103..45ad8a578 100644 --- a/security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java +++ b/security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java @@ -1216,7 +1216,6 @@ public class TestXUserMgr { xXUserPermissions.add(xxUserPermission()); List<XXPortalUserRole> xXPortalUserRoles=new ArrayList<XXPortalUserRole>(); xXPortalUserRoles.add(XXPortalUserRole); - Mockito.when(xXAuthSessionDao.getAuthSessionByUserId(vXPortalUser.getId())).thenReturn(xXAuthSessions); Mockito.when(xXUserPermissionDao.findByUserPermissionId(vXPortalUser.getId())).thenReturn(xXUserPermissions); Mockito.when(xXPortalUserRoleDao.findByUserId(vXPortalUser.getId())).thenReturn(xXPortalUserRoles); XXPolicyDao xXPolicyDao = Mockito.mock(XXPolicyDao.class); @@ -3057,7 +3056,6 @@ public class TestXUserMgr { xXAuthSession.setLoginId(vXPortalUser.getLoginId()); List<XXUserPermission> xXUserPermissions=new ArrayList<XXUserPermission>(); List<XXPortalUserRole> xXPortalUserRoles=new ArrayList<XXPortalUserRole>(); - Mockito.when(xXAuthSessionDao.getAuthSessionByUserId(vXPortalUser.getId())).thenReturn(xXAuthSessions); Mockito.when(xXUserPermissionDao.findByUserPermissionId(vXPortalUser.getId())).thenReturn(xXUserPermissions); Mockito.when(xXPortalUserRoleDao.findByUserId(vXPortalUser.getId())).thenReturn(xXPortalUserRoles); XXPolicyDao xXPolicyDao = Mockito.mock(XXPolicyDao.class); @@ -3095,9 +3093,7 @@ public class TestXUserMgr { xUserMgr.deleteXUser(vXUser.getId(), force); Mockito.when(xAuditMapService.searchXAuditMaps((SearchCriteria) Mockito.any())).thenReturn(new VXAuditMapList()); xXAuthSessions.add(xXAuthSession); - Mockito.when(xXAuthSessionDao.getAuthSessionByUserId(vXPortalUser.getId())).thenReturn(xXAuthSessions); xUserMgr.deleteXUser(vXUser.getId(), force); - Mockito.when(xXAuthSessionDao.getAuthSessionByUserId(vXPortalUser.getId())).thenReturn(new ArrayList<XXAuthSession>()); XXUserPermission xUserPermissionObj=xxUserPermission(); xXUserPermissions.add(xUserPermissionObj); Mockito.when(xXUserPermissionDao.findByUserPermissionId(vXPortalUser.getId())).thenReturn(xXUserPermissions);
