Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
-
None
Description
If all the policies for a security zone are deleted, then still the previous policies are taking effect.
If there are no policies in the repo, then the following error is seen in the logs
while syncing the policies, and the previously existing policies are still taking effect and operations are allowed through those policies
2024-04-02T16:09:42.913Z ERROR PolicyRefresher(serviceName=cm_trino)-233 org.apache.ranger.plugin.service.RangerBasePlugin setPolicies: policy engine initialization failed! Leaving current policy engine as-is. Exception : java.lang.NullPointerException: Cannot invoke "java.util.List.iterator()" because "this.policies" is null at org.apache.ranger.plugin.policyengine.RangerPolicyRepository.init(RangerPolicyRepository.java:887) at org.apache.ranger.plugin.policyengine.RangerPolicyRepository.<init>(RangerPolicyRepository.java:229) at org.apache.ranger.plugin.policyengine.PolicyEngine.<init>(PolicyEngine.java:264) at org.apache.ranger.plugin.policyengine.RangerPolicyEngineImpl.<init>(RangerPolicyEngineImpl.java:104) at org.apache.ranger.plugin.service.RangerBasePlugin.setPolicies(RangerBasePlugin.java:363) at org.apache.ranger.plugin.util.PolicyRefresher.loadPolicy(PolicyRefresher.java:264) at org.apache.ranger.plugin.util.PolicyRefresher.run(PolicyRefresher.java:210)