Uploaded image for project: 'Ranger'
  1. Ranger
  2. RANGER-2484

Improve import API to merge the policies if resources are exactly same

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 2.0.0
    • 2.0.0
    • Ranger
    • None

    Description

      Observing failure while importing permissions into ranger using ranger import API( /service/plugins/policies/importPoliciesFromFile?updateIfExists=true).

      Precondition:

      • Create a ranger policy for resource "db1/table1/column1" with policy name policy-1 in service hivedev.

      Reproduction Steps:

      • Import┬ápermissions for resource "db1/table1/column1" which has policy name policy-2 into hivedev service using import API mentioned above.

      This results in below failure

       Validation failure: error code[3010], reason[Another policy already exists for matching resource: policy-name=[policy-1], service=[hivedev]], field[resources], subfield[null], type[semantically incorrect] 
      

      This issue will be seen only when there is a policy that already exists for the resource with different policy name from the one that is being imported. If the policy names match, the policy is updated properly.

      Attachments

        Issue Links

          Activity

            People

              pradeep Pradeep Agrawal
              pradeep Pradeep Agrawal
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: