[
https://issues.apache.org/jira/browse/RANGER-5526?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18068534#comment-18068534
]
Rakesh Gupta commented on RANGER-5526:
--------------------------------------
Merged into master branch:
https://github.com/apache/ranger/commit/123fadb428aaff90f1cc86ce7815781d3599e301
Merged into ranger-2.9 branch:
https://github.com/apache/ranger/commit/42b74766e33e99f89f619379ce149513b0a824dd
> Security Zone creation fails with tag service due to NonUniqueResultException
> -----------------------------------------------------------------------------
>
> Key: RANGER-5526
> URL: https://issues.apache.org/jira/browse/RANGER-5526
> Project: Ranger
> Issue Type: Bug
> Components: Ranger
> Reporter: Rakesh Gupta
> Assignee: Rakesh Gupta
> Priority: Major
> Time Spent: 50m
> Remaining Estimate: 0h
>
> While creating a Security Zone with a tag service, the operation fails during
> postCreate execution. The stack trace shows a NonUniqueResultException from
> XXAccessTypeDefDao.findByNameAndServiceId(), triggered during default policy
> creation.
> This issue is caused by duplicate entries in the access type definition
> tables for the associated service.
> For example, the following query returns 2 records:
> select * from x_access_type_def where name = 'ozone:assume_role';
>
> {code:java}
> ERROR [RangerSecurityZoneServiceService.java:102] postCreate processing
> failed for security-zone:[{name=zone_1,
> services={dev_hive={resources=[{resource={resource-def-name=database,
> values=[t]} {resource-def-name=column, values=[*]} {resource-def-name=table,
> values=[*]} } {baseInfo={id=1, createdBy=admin, createTime=Thu Mar 19
> 11:26:49 UTC 2026, updatedBy=admin, updateTime=Thu Mar 19 11:26:49 UTC 2026}}
> ]}}, tagServices=[dev_tag], adminUsers=[admin], adminUserGroups=[testgroup],
> adminRoles=[], auditUsers=[admin], auditUserGroups=[testgroup],
> auditRoles=[], description=}]javax.persistence.NonUniqueResultException: More
> than one result was returned from Query.getSingleResult() at
> org.eclipse.persistence.internal.jpa.QueryImpl.throwNonUniqueResultException(QueryImpl.java:991)
> at
> org.eclipse.persistence.internal.jpa.QueryImpl.getSingleResult(QueryImpl.java:538)
> at
> org.eclipse.persistence.internal.jpa.EJBQueryImpl.getSingleResult(EJBQueryImpl.java:404)
> at
> org.apache.ranger.db.XXAccessTypeDefDao.findByNameAndServiceId(XXAccessTypeDefDao.java:59)
> at
> org.apache.ranger.biz.PolicyRefUpdater.createNewPolMappingForRefTable(PolicyRefUpdater.java:279)
> at
> org.apache.ranger.biz.ServiceDBStore.createPolicy(ServiceDBStore.java:2293)
> at
> org.apache.ranger.biz.ServiceDBStore.createDefaultPolicy(ServiceDBStore.java:1416)
> at
> org.apache.ranger.biz.ServiceDBStore.createZoneDefaultPolicies(ServiceDBStore.java:2438)
> at
> org.apache.ranger.service.RangerSecurityZoneServiceService.postCreate(RangerSecurityZoneServiceService.java:99)
> at
> org.apache.ranger.service.RangerSecurityZoneServiceService.postCreate(RangerSecurityZoneServiceService.java:53)
> at
> org.apache.ranger.service.RangerBaseModelService.create(RangerBaseModelService.java:138)
> at
> org.apache.ranger.biz.SecurityZoneDBStore.createSecurityZone(SecurityZoneDBStore.java:99)
> at
> org.apache.ranger.rest.SecurityZoneREST.createSecurityZone(SecurityZoneREST.java:147)
> at
> org.apache.ranger.rest.SecurityZoneREST$$FastClassBySpringCGLIB$$797df817.invoke(<generated>)
> at
> org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
> {code}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
