[RANGER-2484] Improve import API to merge the policies if resources are exactly same - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 2.0.0
Fix Version/s: 2.0.0
Component/s: Ranger
Labels:
None

Description

Observing failure while importing permissions into ranger using ranger import API( /service/plugins/policies/importPoliciesFromFile?updateIfExists=true).

Precondition:

Create a ranger policy for resource "db1/table1/column1" with policy name policy-1 in service hivedev.

Reproduction Steps:

Import permissions for resource "db1/table1/column1" which has policy name policy-2 into hivedev service using import API mentioned above.

This results in below failure

 Validation failure: error code[3010], reason[Another policy already exists for matching resource: policy-name=[policy-1], service=[hivedev]], field[resources], subfield[null], type[semantically incorrect]

This issue will be seen only when there is a policy that already exists for the resource with different policy name from the one that is being imported. If the policy names match, the policy is updated properly.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

0001-RANGER-2484-Improve-import-API-to-merge-the-policies.patch
26/Jun/19 07:09
9 kB
Pradeep Agrawal

Issue Links

links to

Apache Review Request

Activity

People

Assignee:: Pradeep Agrawal

Reporter:: Pradeep Agrawal

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 26/Jun/19 06:07

Updated:: 01/Jul/19 14:07

Resolved:: 01/Jul/19 14:07