This is an automated email from the ASF dual-hosted git repository.
mehul pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
commit 59a5665e7b744606abb626e1dc8f5676a5f9713f
Author: Kishor Gollapalliwar <kishor.gollapalli...@gmail.com>
AuthorDate: Thu May 5 14:07:23 2022 +0530
RANGER-3740: Ranger- Add an API to refresh tag cache
Signed-off-by: Mehul Parikh <me...@apache.org>
---
.../java/org/apache/ranger/biz/TagDBStore.java | 13 +++++++
.../ranger/common/RangerServiceTagsCache.java | 44 ++++++++++++++++++++++
.../main/java/org/apache/ranger/rest/TagREST.java | 37 ++++++++++++++++++
3 files changed, 94 insertions(+)
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/TagDBStore.java
b/security-admin/src/main/java/org/apache/ranger/biz/TagDBStore.java
index e99b38b4a..d8154b7de 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/TagDBStore.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/TagDBStore.java
@@ -477,6 +477,19 @@ public class TagDBStore extends AbstractTagStore {
return ret;
}
+ public boolean resetTagCache(final String serviceName) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("==> TagDBStore.resetTagCache({})", serviceName);
+ }
+
+ boolean ret =
RangerServiceTagsCache.getInstance().resetCache(serviceName);
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<== TagDBStore.resetTagCache(): ret={}", ret);
+ }
+
+ return ret;
+ }
@Override
public RangerServiceResource
createServiceResource(RangerServiceResource resource) throws Exception {
diff --git
a/security-admin/src/main/java/org/apache/ranger/common/RangerServiceTagsCache.java
b/security-admin/src/main/java/org/apache/ranger/common/RangerServiceTagsCache.java
index 93c283fbc..576546f29 100644
---
a/security-admin/src/main/java/org/apache/ranger/common/RangerServiceTagsCache.java
+++
b/security-admin/src/main/java/org/apache/ranger/common/RangerServiceTagsCache.java
@@ -153,6 +153,50 @@ public class RangerServiceTagsCache {
return ret;
}
+ /**
+ * Reset service tag cache using serviceName if provided.
+ * If serviceName is empty, reset everything.
+ * @param serviceName
+ * @return true if was able to reset service tag cache, false otherwise
+ */
+ public boolean resetCache(final String serviceName) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("==> RangerServiceTagsCache.resetCache({})",
serviceName);
+ }
+
+ boolean ret = false;
+ synchronized (this) {
+ if (!serviceTagsMap.isEmpty()) {
+ if (StringUtils.isBlank(serviceName)) {
+ serviceTagsMap.clear();
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("RangerServiceTagsCache.resetCache():
Removed policy caching for all services.");
+ }
+ ret = true;
+ } else {
+ ServiceTagsWrapper removedServicePoliciesWrapper =
serviceTagsMap.remove(serviceName.trim()); // returns null if key not found
+ ret = removedServicePoliciesWrapper != null;
+
+ if (ret) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("RangerServiceTagsCache.resetCache():
Removed policy caching for [{}] service.", serviceName);
+ }
+ } else {
+ LOG.warn("RangerServiceTagsCache.resetCache(): Caching
for [{}] service not found, hence reset is skipped.", serviceName);
+ }
+ }
+ } else {
+ LOG.warn("RangerServiceTagsCache.resetCache(): Policy cache is
already empty.");
+ }
+ }
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<== RangerServiceTagsCache.resetCache(): ret={}", ret);
+ }
+
+ return ret;
+ }
+
private class ServiceTagsWrapper {
final Long serviceId;
ServiceTags serviceTags;
diff --git a/security-admin/src/main/java/org/apache/ranger/rest/TagREST.java
b/security-admin/src/main/java/org/apache/ranger/rest/TagREST.java
index 8b0baf904..79dbdc76d 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/TagREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/TagREST.java
@@ -25,6 +25,7 @@ import org.apache.ranger.biz.AssetMgr;
import org.apache.ranger.biz.RangerBizUtil;
import org.apache.ranger.biz.ServiceDBStore;
import org.apache.ranger.biz.TagDBStore;
+import org.apache.ranger.common.MessageEnums;
import org.apache.ranger.common.RESTErrorUtil;
import org.apache.ranger.db.RangerDaoManager;
import org.apache.ranger.entity.XXService;
@@ -601,6 +602,42 @@ public class TagREST {
return ret;
}
+ @GET
+ @Path(TagRESTConstants.TAGS_RESOURCE + "cache/reset")
+ @Produces({ "application/json", "application/xml" })
+ public boolean resetTagCache(@QueryParam("serviceName") String
serviceName) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("==> TagREST.resetTagCache({})", serviceName);
+ }
+
+ // check for ADMIN access
+ if (!bizUtil.isAdmin()) {
+ boolean isServiceAdmin = false;
+ String loggedInUser = bizUtil.getCurrentUserLoginId();
+
+ if (StringUtils.isNotEmpty(serviceName)) {
+ try {
+ RangerService rangerService =
svcStore.getServiceByName(serviceName);
+ isServiceAdmin = bizUtil.isUserServiceAdmin(rangerService,
loggedInUser);
+ } catch (Exception e) {
+ LOG.warn("Failed to find if user [" + loggedInUser + "]
has service admin privileges on service [" + serviceName + "]", e);
+ }
+ }
+
+ if (!isServiceAdmin) {
+ throw restErrorUtil.createRESTException("User cannot reset tag
cache", MessageEnums.OPER_NO_PERMISSION);
+ }
+ }
+
+ boolean ret = tagStore.resetTagCache(serviceName);
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<== TagREST.resetTagCache(): ret={}", ret);
+ }
+
+ return ret;
+ }
+
@POST
@Path(TagRESTConstants.RESOURCES_RESOURCE)
@Produces({ "application/json", "application/xml" })
