Uploaded image for project: 'Ranger'
  1. Ranger
  2. RANGER-324 Phase-II - REST, Store: validation of policy/service/service-def
  3. RANGER-359

Policy validation: resource uniqueness: store resource signature of a policy in database for faster check

    XMLWordPrintableJSON

Details

    • Sub-task
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 0.5.0
    • None
    • None

    Description

      Currently we iterate over all policies for a service, a generate its resource signature and use that to enforce uniquness. This can be computationally and space intensive if, say, there are several policies for a service or create/update of policies happens frequently. The resource signature of a policy could be kept in the database and kept up to date as resources change. Then a database level search could allow for doing this check cheaply and robustly.

      Another way to reduce the space complexity could be to allow policy search command to return an Iterator instead of the collection of policies itself. This has some other challenges but is listed here for completeness.

      Attachments

        Issue Links

          blocks

          Sub-task - The sub-task of the issue RANGER-356 Policy validation: resource uniqueness: to guard against someone editing the resource value directly, we should auto-heal the hash signatures of resources that are used for uniqueness check

          • Major - Major loss of function.
          • Open

          Activity

            People

              alok Alok Lal
              alok Alok Lal
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: