Details
-
Bug
-
Status: Open
-
Major
-
Resolution: Unresolved
-
2.1.0
-
None
-
None
Description
we are creating ranger policies with "serviceType": "3", but it is failing due to following error:
curl -i -k -u admin:admin123 -H "Accept: application/json" -H "Content-Type: multipart/form-data" -X POST -F 'file=@test.json' "https://<ranger_host>:6182/service/plugins/policies/importPoliciesFromFile?isOverride=true&serviceType=hive"
HTTP/1.1 100 Continue HTTP/1.1 400 Bad Request Set-Cookie: RANGERADMINSESSIONID=777A04534D04521931753508FB7681B5; Path=/; Secure; HttpOnly X-Frame-Options: DENY X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=31536000 ; includeSubDomains Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline';font-src 'self' Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 X-Content-Type-Options: nosniff Content-Type: application/json Transfer-Encoding: chunked Date: Mon, 24 Aug 2020 06:24:34 GMT Connection: close Server: Apache Ranger {"statusCode":1,"msgDesc":"(0) Validation failure: error code[4009], reason[ Invalid service type [3] provided for service [cm_hive]], field[service type], subfield[null], type[semantically incorrect] "}
Policy content:
{ "service": "cm_hive", "name": "policy for db create", "policyType": 0, "policyPriority": 0, "description": "", "resourceSignature": "053c490e396ce264ff786bfe7e305c391cdee05b8a9e42e4fc969643119bdbb3", "isAuditEnabled": true, "resources": { "database": { "values": [ "org" ], "isExcludes": false, "isRecursive": false } }, "policyItems": [ { "accesses": [ { "type": "select", "isAllowed": true }, { "type": "update", "isAllowed": true }, { "type": "create", "isAllowed": true }, { "type": "drop", "isAllowed": true }, { "type": "alter", "isAllowed": true }, { "type": "index", "isAllowed": true }, { "type": "lock", "isAllowed": true }, { "type": "all", "isAllowed": true }, { "type": "read", "isAllowed": true }, { "type": "write", "isAllowed": true }, { "type": "repladmin", "isAllowed": true }, { "type": "serviceadmin", "isAllowed": true }, { "type": "tempudfadmin", "isAllowed": true }, { "type": "refresh", "isAllowed": true } ], "users": [ "hrt_21" ], "groups": [], "roles": [], "conditions": [], "delegateAdmin": false } ], "denyPolicyItems": [], "allowExceptions": [], "denyExceptions": [], "dataMaskPolicyItems": [], "rowFilterPolicyItems": [], "serviceType": "3", "options": {}, "validitySchedules": [], "policyLabels": [], "zoneName": "", "isDenyAllElse": false, "id": 416, "guid": "d551b570-d81b-4df2-9b5e-0c405164e3ae", "isEnabled": true, "createdBy": "Admin", "updatedBy": "Admin", "version": 1 }
though after specifying serviceType as "hive" policy creation goes through.
Attachments
Issue Links
- is caused by
-
RANGER-2947 [Ranger][Policy Import] Usage of serviceType config while importing ranger policy for any service
- Resolved