This is an automated email from the ASF dual-hosted git repository. madhan pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/ranger.git
commit a07b6d4dcf2aa7ecae534da5163efa585763d1a1 Author: prashant <[email protected]> AuthorDate: Thu Jan 18 12:11:06 2024 +0530 RANGER-4662: fix to update GDS version after deletion of user, group Signed-off-by: Madhan Neethiraj <[email protected]> --- .../main/java/org/apache/ranger/biz/XUserMgr.java | 58 ++++++++++++++++++++-- .../java/org/apache/ranger/biz/TestXUserMgr.java | 1 + 2 files changed, 56 insertions(+), 3 deletions(-) diff --git a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java index 287400259..d202b2184 100755 --- a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java @@ -44,9 +44,11 @@ import org.apache.ranger.plugin.model.GroupInfo; import org.apache.ranger.plugin.model.RangerPolicy; import org.apache.ranger.plugin.model.RangerPolicy.RangerDataMaskPolicyItem; import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem; +import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource; import org.apache.ranger.plugin.model.RangerPolicy.RangerRowFilterPolicyItem; import org.apache.ranger.plugin.model.RangerPrincipal; import org.apache.ranger.plugin.model.UserInfo; +import org.apache.ranger.plugin.store.EmbeddedServiceDefsUtil; import org.apache.ranger.plugin.util.RangerUserStore; import org.apache.ranger.service.*; import org.apache.ranger.ugsyncutil.model.GroupUserInfo; @@ -2153,12 +2155,37 @@ public class XUserMgr extends XUserMgrBase { rangerPolicy.setRowFilterPolicyItems(rowFilterItems); try { - svcStore.updatePolicy(rangerPolicy); + if (StringUtils.equals(rangerPolicy.getServiceType(), EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_GDS_NAME)) { + Map<String, RangerPolicyResource> resources = rangerPolicy.getResources(); + + if (MapUtils.isEmpty(resources)) { + continue; + } + + if (resources.containsKey(GdsDBStore.RESOURCE_NAME_DATASET_ID)) { + RangerPolicyResource policyRes = resources.get(GdsDBStore.RESOURCE_NAME_DATASET_ID); + List<String> resValues = policyRes != null ? policyRes.getValues() : null; + + if (CollectionUtils.isNotEmpty(resValues)) { + gdsStore.updateDatasetPolicy(Long.valueOf(resValues.get(0)), rangerPolicy); + } + } else if (resources.containsKey(GdsDBStore.RESOURCE_NAME_PROJECT_ID)) { + RangerPolicyResource policyRes = resources.get(GdsDBStore.RESOURCE_NAME_PROJECT_ID); + List<String> resValues = policyRes != null ? policyRes.getValues() : null; + + if (CollectionUtils.isNotEmpty(resValues)) { + gdsStore.updateProjectPolicy(Long.valueOf(resValues.get(0)), rangerPolicy); + } + } + } else { + svcStore.updatePolicy(rangerPolicy); + } } catch (Throwable excp) { logger.error("updatePolicy(" + rangerPolicy + ") failed", excp); restErrorUtil.createRESTException(excp.getMessage()); } } + if(CollectionUtils.isNotEmpty(xXGroupPermissions)){ for (XXGroupPermission xXGroupPermission : xXGroupPermissions) { if(xXGroupPermission!=null){ @@ -2393,12 +2420,37 @@ public class XUserMgr extends XUserMgrBase { rangerPolicy.setRowFilterPolicyItems(rowFilterItems); try{ - svcStore.updatePolicy(rangerPolicy); - }catch(Throwable excp) { + if (StringUtils.equals(rangerPolicy.getServiceType(), EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_GDS_NAME)) { + Map<String, RangerPolicyResource> resources = rangerPolicy.getResources(); + + if (MapUtils.isEmpty(resources)) { + continue; + } + + if (resources.containsKey(GdsDBStore.RESOURCE_NAME_DATASET_ID)) { + RangerPolicyResource policyRes = resources.get(GdsDBStore.RESOURCE_NAME_DATASET_ID); + List<String> resValues = policyRes != null ? policyRes.getValues() : null; + + if (CollectionUtils.isNotEmpty(resValues)) { + gdsStore.updateDatasetPolicy(Long.valueOf(resValues.get(0)), rangerPolicy); + } + } else if (resources.containsKey(GdsDBStore.RESOURCE_NAME_PROJECT_ID)) { + RangerPolicyResource policyRes = resources.get(GdsDBStore.RESOURCE_NAME_PROJECT_ID); + List<String> resValues = policyRes != null ? policyRes.getValues() : null; + + if (CollectionUtils.isNotEmpty(resValues)) { + gdsStore.updateProjectPolicy(Long.valueOf(resValues.get(0)), rangerPolicy); + } + } + } else { + svcStore.updatePolicy(rangerPolicy); + } + } catch(Throwable excp) { logger.error("updatePolicy(" + rangerPolicy + ") failed", excp); throw restErrorUtil.createRESTException(excp.getMessage()); } } + //delete user from audit filter configs svcStore.updateServiceAuditConfig(vXUser.getName(), REMOVE_REF_TYPE.USER); //delete gdsObject mapping of user diff --git a/security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java b/security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java index ce48c8279..1c90cb18e 100644 --- a/security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java +++ b/security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java @@ -584,6 +584,7 @@ public class TestXUserMgr { policy.setPolicyItems(policyItems); policy.setResources(policyResource); policy.setPolicyLabels(policyLabels); + policy.setServiceType("hdfs"); return policy; }
