This is an automated email from the ASF dual-hosted git repository. abhay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push: new 9e11e9ec9 RANGER-3861: Allow service creator user to create users/groups/roles in default policies 9e11e9ec9 is described below commit 9e11e9ec9d042fdbed9d14f278304517f31ec728 Author: Abhay Kulkarni <ab...@apache.org> AuthorDate: Tue Aug 23 13:34:21 2022 -0700 RANGER-3861: Allow service creator user to create users/groups/roles in default policies --- .../apache/ranger/plugin/store/ServiceStore.java | 2 + .../org/apache/ranger/biz/PolicyRefUpdater.java | 6 +-- .../java/org/apache/ranger/biz/RoleRefUpdater.java | 2 +- .../java/org/apache/ranger/biz/ServiceDBStore.java | 60 +++++++++++----------- .../main/java/org/apache/ranger/biz/XUserMgr.java | 22 +++++++- .../PatchForKafkaServiceDefUpdate_J10025.java | 32 +++++++++++- .../PatchForKafkaServiceDefUpdate_J10033.java | 34 ++++++++++-- ...atchForMigratingOldRegimePolicyJson_J10046.java | 16 +++++- .../patch/PatchForUpdatingPolicyJson_J10019.java | 16 +++++- .../org/apache/ranger/biz/TestServiceDBStore.java | 2 +- 10 files changed, 150 insertions(+), 42 deletions(-) diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/store/ServiceStore.java b/agents-common/src/main/java/org/apache/ranger/plugin/store/ServiceStore.java index 6283e02f2..aecde05fb 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/store/ServiceStore.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/store/ServiceStore.java @@ -71,6 +71,8 @@ public interface ServiceStore { RangerPolicy createPolicy(RangerPolicy policy) throws Exception; + RangerPolicy createDefaultPolicy(RangerPolicy policy) throws Exception; + RangerPolicy updatePolicy(RangerPolicy policy) throws Exception; void deletePolicy(RangerPolicy policy, RangerService service) throws Exception; diff --git a/security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java b/security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java index 6c99df4e9..6cc3509d8 100644 --- a/security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java @@ -97,7 +97,7 @@ public class PolicyRefUpdater { @Autowired RESTErrorUtil restErrorUtil; - public void createNewPolMappingForRefTable(RangerPolicy policy, XXPolicy xPolicy, XXServiceDef xServiceDef) throws Exception { + public void createNewPolMappingForRefTable(RangerPolicy policy, XXPolicy xPolicy, XXServiceDef xServiceDef, boolean isDefaultPolicy) throws Exception { if(policy == null) { return; } @@ -168,7 +168,7 @@ public class PolicyRefUpdater { } daoMgr.getXXPolicyRefResource().batchCreate(xPolResources); - final boolean isAdmin = rangerBizUtil.checkAdminAccess(); + final boolean isAdmin = rangerBizUtil.checkAdminAccess() || isDefaultPolicy; List<XXPolicyRefRole> xPolRoles = new ArrayList<>(); for (String role : roleNames) { @@ -397,7 +397,7 @@ public class PolicyRefUpdater { ret = xUser.getId(); } } else { - LOG.error("serviceConfigUser:[" + name + "] creation failed"); + LOG.warn("serviceConfigUser:[" + name + "] creation failed. This may be a transient/spurious condition that may correct itself when transaction is committed"); } } break; diff --git a/security-admin/src/main/java/org/apache/ranger/biz/RoleRefUpdater.java b/security-admin/src/main/java/org/apache/ranger/biz/RoleRefUpdater.java index 66adac2b5..56f7ec4c8 100644 --- a/security-admin/src/main/java/org/apache/ranger/biz/RoleRefUpdater.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/RoleRefUpdater.java @@ -296,7 +296,7 @@ public class RoleRefUpdater { ret = xUser.getId(); } } else { - LOG.error("serviceConfigUser:[" + name + "] creation failed"); + LOG.warn("serviceConfigUser:[" + name + "] creation failed. This may be a transient/spurious condition that may correct itself when transaction is committed"); } } break; diff --git a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java index 41fb3bb96..913633600 100644 --- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java @@ -266,19 +266,19 @@ public class ServiceDBStore extends AbstractServiceStore { @Autowired RESTErrorUtil restErrorUtil; - + @Autowired RangerServiceService svcService; - + @Autowired StringUtil stringUtil; - + @Autowired RangerAuditFields<?> rangerAuditFields; - + @Autowired RangerPolicyService policyService; - + @Autowired RangerPolicyLabelsService<XXPolicyLabel, ?> policyLabelsService; @@ -1510,7 +1510,6 @@ public class ServiceDBStore extends AbstractServiceStore { service = svcService.create(service); } XXService xCreatedService = daoMgr.getXXService().getById(service.getId()); - VXUser vXUser = null; XXServiceConfigMapDao xConfMapDao = daoMgr.getXXServiceConfigMap(); for (Entry<String, String> configMap : validConfigs.entrySet()) { @@ -1521,14 +1520,14 @@ public class ServiceDBStore extends AbstractServiceStore { String userName = stringUtil.getValidUserName(configValue); XXUser xxUser = daoMgr.getXXUser().findByUserName(userName); if (xxUser != null) { - vXUser = xUserService.populateViewBean(xxUser); + VXUser vXUser = xUserService.populateViewBean(xxUser); } else { UserSessionBase usb = ContextUtil.getCurrentUserSession(); if (usb != null && !usb.isUserAdmin() && !usb.isSpnegoEnabled()) { throw restErrorUtil.createRESTException("User does not exist with given username: [" + userName + "] please use existing user", MessageEnums.OPER_NO_PERMISSION); } - vXUser = xUserMgr.createServiceConfigUser(userName); + xUserMgr.createServiceConfigUser(userName); } } @@ -1557,9 +1556,7 @@ public class ServiceDBStore extends AbstractServiceStore { xConfMap = xConfMapDao.create(xConfMap); } updateTabPermissions(service.getType(), validConfigs); - if (LOG.isDebugEnabled()) { - LOG.debug("vXUser:[" + vXUser + "]"); - } + RangerService createdService = svcService.getPopulatedViewObject(xCreatedService); if (createdService == null) { @@ -1684,7 +1681,7 @@ public class ServiceDBStore extends AbstractServiceStore { service = svcService.update(service); if (hasTagServiceValueChanged || hasIsEnabledChanged || hasServiceConfigForPluginChanged) { - updatePolicyVersion(service, RangerPolicyDelta.CHANGE_TYPE_SERVICE_CHANGE, null, false); + updatePolicyVersion(service, RangerPolicyDelta.CHANGE_TYPE_SERVICE_CHANGE, null,false); } } @@ -1699,7 +1696,6 @@ public class ServiceDBStore extends AbstractServiceStore { daoMgr.getXXServiceConfigMap().remove(dbConfigMap); } - VXUser vXUser = null; XXServiceConfigMapDao xConfMapDao = daoMgr.getXXServiceConfigMap(); for (Entry<String, String> configMap : validConfigs.entrySet()) { String configKey = configMap.getKey(); @@ -1709,14 +1705,14 @@ public class ServiceDBStore extends AbstractServiceStore { String userName = stringUtil.getValidUserName(configValue); XXUser xxUser = daoMgr.getXXUser().findByUserName(userName); if (xxUser != null) { - vXUser = xUserService.populateViewBean(xxUser); + VXUser vXUser = xUserService.populateViewBean(xxUser); } else { UserSessionBase usb = ContextUtil.getCurrentUserSession(); if (usb != null && !usb.isUserAdmin()) { throw restErrorUtil.createRESTException("User does not exist with given username: [" + userName + "] please use existing user", MessageEnums.OPER_NO_PERMISSION); } - vXUser = xUserMgr.createServiceConfigUser(userName); + xUserMgr.createServiceConfigUser(userName); } } @@ -1758,9 +1754,7 @@ public class ServiceDBStore extends AbstractServiceStore { xConfMapDao.create(xConfMap); } updateTabPermissions(service.getType(), validConfigs); - if (LOG.isDebugEnabled()) { - LOG.debug("vXUser:[" + vXUser + "]"); - } + RangerService updService = svcService.getPopulatedViewObject(xUpdService); dataHistService.createObjectDataHistory(updService, RangerDataHistService.ACTION_UPDATE); bizUtil.createTrxLog(trxLogList); @@ -1994,6 +1988,15 @@ public class ServiceDBStore extends AbstractServiceStore { @Override public RangerPolicy createPolicy(RangerPolicy policy) throws Exception { + return createPolicy(policy, false); + } + + @Override + public RangerPolicy createDefaultPolicy(RangerPolicy policy) throws Exception { + return createPolicy(policy, true); + } + + public RangerPolicy createPolicy(RangerPolicy policy, boolean isDefaultPolicy) throws Exception { RangerService service = getServiceByName(policy.getService()); @@ -2042,7 +2045,7 @@ public class ServiceDBStore extends AbstractServiceStore { } XXPolicy xCreatedPolicy = daoMgr.getXXPolicy().getById(policy.getId()); - policyRefUpdater.createNewPolMappingForRefTable(policy, xCreatedPolicy, xServiceDef); + policyRefUpdater.createNewPolMappingForRefTable(policy, xCreatedPolicy, xServiceDef, isDefaultPolicy); createOrMapLabels(xCreatedPolicy, uniquePolicyLabels); RangerPolicy createdPolicy = policyService.getPopulatedViewObject(xCreatedPolicy); @@ -2215,7 +2218,7 @@ public class ServiceDBStore extends AbstractServiceStore { policyRefUpdater.cleanupRefTables(policy); deleteExistingPolicyLabel(policy); - policyRefUpdater.createNewPolMappingForRefTable(policy, newUpdPolicy, xServiceDef); + policyRefUpdater.createNewPolMappingForRefTable(policy, newUpdPolicy, xServiceDef, false); createOrMapLabels(newUpdPolicy, uniquePolicyLabels); RangerPolicy updPolicy = policyService.getPopulatedViewObject(newUpdPolicy); @@ -3277,7 +3280,7 @@ public class ServiceDBStore extends AbstractServiceStore { if (CollectionUtils.isNotEmpty(defaultPolicies)) { for (RangerPolicy defaultPolicy : defaultPolicies) { - createPolicy(defaultPolicy); + createDefaultPolicy(defaultPolicy); } } @@ -3302,7 +3305,7 @@ public class ServiceDBStore extends AbstractServiceStore { defaultPolicy.setZoneName(zoneName); - createPolicy(defaultPolicy); + createDefaultPolicy(defaultPolicy); } } } @@ -3350,17 +3353,14 @@ public class ServiceDBStore extends AbstractServiceStore { if(serviceCheckUsers != null){ for (String userName : serviceCheckUsers) { if(!StringUtils.isEmpty(userName)){ - VXUser vXUser = null; XXUser xxUser = daoMgr.getXXUser().findByUserName(userName); if (xxUser != null) { - vXUser = xUserService.populateViewBean(xxUser); + VXUser vXUser = xUserService.populateViewBean(xxUser); } else { - vXUser = xUserMgr.createServiceConfigUser(userName); - LOG.info("Creating Ambari Service Check User : "+vXUser.getName()); - } - if(vXUser != null){ - users.add(vXUser.getName()); + xUserMgr.createServiceConfigUser(userName); + LOG.info("Creating Ambari Service Check User : "+ userName); } + users.add(userName); } } } @@ -3454,7 +3454,7 @@ public class ServiceDBStore extends AbstractServiceStore { throw restErrorUtil.createRESTException("User does not exist with given username: [" + policyUser + "] please use existing user", MessageEnums.OPER_NO_PERMISSION); } - xUserMgr.createServiceConfigUser(userName); + xUserMgr.createServiceConfigUser(userName); } } } diff --git a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java index 9af354d09..04968ecc5 100755 --- a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java @@ -2492,7 +2492,6 @@ public class XUserMgr extends XUserMgrBase { } } - @Transactional(readOnly = false, propagation = Propagation.REQUIRES_NEW) public VXUser createServiceConfigUser(String userName){ if (userName == null || "null".equalsIgnoreCase(userName) || userName.trim().isEmpty()) { logger.error("User Name: "+userName); @@ -2512,6 +2511,27 @@ public class XUserMgr extends XUserMgrBase { return vXUser; } + public VXUser createServiceConfigUserSynchronously(String userName){ + if (userName == null || "null".equalsIgnoreCase(userName) || userName.trim().isEmpty()) { + logger.error("User Name: "+userName); + throw restErrorUtil.createRESTException("Please provide a valid username.",MessageEnums.INVALID_INPUT_DATA); + } + + VXUser vXUser = null; + + XXUser xxUser = daoManager.getXXUser().findByUserName(userName); + if (xxUser == null) { + ExternalUserCreator externalUserCreator = new ExternalUserCreator(userName); + externalUserCreator.run(); + xxUser = daoManager.getXXUser().findByUserName(userName); + } + + if (xxUser != null) { + vXUser = xUserService.populateViewBean(xxUser); + } + return vXUser; + } + protected void validatePassword(VXUser vXUser) { if (vXUser.getPassword() != null && !vXUser.getPassword().isEmpty()) { boolean checkPassword = false; diff --git a/security-admin/src/main/java/org/apache/ranger/patch/PatchForKafkaServiceDefUpdate_J10025.java b/security-admin/src/main/java/org/apache/ranger/patch/PatchForKafkaServiceDefUpdate_J10025.java index 8367d3f6b..62847d725 100644 --- a/security-admin/src/main/java/org/apache/ranger/patch/PatchForKafkaServiceDefUpdate_J10025.java +++ b/security-admin/src/main/java/org/apache/ranger/patch/PatchForKafkaServiceDefUpdate_J10025.java @@ -21,6 +21,7 @@ import org.apache.commons.lang.StringUtils; import org.apache.ranger.authorization.utils.JsonUtils; import org.apache.ranger.biz.RangerBizUtil; import org.apache.ranger.biz.ServiceDBStore; +import org.apache.ranger.biz.XUserMgr; import org.apache.ranger.common.GUIDUtil; import org.apache.ranger.common.JSONUtil; import org.apache.ranger.common.RangerValidatorFactory; @@ -51,7 +52,13 @@ import org.apache.ranger.util.CLIUtil; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.stereotype.Component; +import org.springframework.transaction.PlatformTransactionManager; +import org.springframework.transaction.TransactionDefinition; +import org.springframework.transaction.TransactionStatus; +import org.springframework.transaction.support.TransactionCallback; +import org.springframework.transaction.support.TransactionTemplate; import java.util.ArrayList; import java.util.Arrays; @@ -108,6 +115,13 @@ public class PatchForKafkaServiceDefUpdate_J10025 extends BaseLoader { @Autowired ServiceDBStore svcStore; + @Autowired + XUserMgr xUserMgr; + + @Autowired + @Qualifier(value = "transactionManager") + PlatformTransactionManager txManager; + public static void main(String[] args) { logger.info("main()"); try { @@ -335,7 +349,23 @@ public class PatchForKafkaServiceDefUpdate_J10025 extends BaseLoader { continue; } XXUser xxUser = daoMgr.getXXUser().findByUserName(user); - if (xxUser == null) { + if (null == xxUser) { + TransactionTemplate txTemplate = new TransactionTemplate(txManager); + txTemplate.setPropagationBehavior(TransactionDefinition.PROPAGATION_REQUIRES_NEW); + try { + txTemplate.execute(new TransactionCallback<Object>() { + @Override + public Object doInTransaction(TransactionStatus status) { + xUserMgr.createServiceConfigUserSynchronously(user); + return null; + } + }); + } catch (Exception exception) { + logger.error("Cannot create ServiceConfigUser(" + user + ")", exception); + } + } + xxUser = daoMgr.getXXUser().findByUserName(user); + if (null == xxUser) { throw new RuntimeException(user + ": user does not exist. policy='" + xxPolicy.getName() + "' service='" + xxPolicy.getService() + "' user='" + user + "'"); } diff --git a/security-admin/src/main/java/org/apache/ranger/patch/PatchForKafkaServiceDefUpdate_J10033.java b/security-admin/src/main/java/org/apache/ranger/patch/PatchForKafkaServiceDefUpdate_J10033.java index 9f0717a40..e78c666db 100644 --- a/security-admin/src/main/java/org/apache/ranger/patch/PatchForKafkaServiceDefUpdate_J10033.java +++ b/security-admin/src/main/java/org/apache/ranger/patch/PatchForKafkaServiceDefUpdate_J10033.java @@ -42,7 +42,13 @@ import org.apache.ranger.util.CLIUtil; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.stereotype.Component; +import org.springframework.transaction.PlatformTransactionManager; +import org.springframework.transaction.TransactionDefinition; +import org.springframework.transaction.TransactionStatus; +import org.springframework.transaction.support.TransactionCallback; +import org.springframework.transaction.support.TransactionTemplate; import java.util.ArrayList; import java.util.Arrays; @@ -100,6 +106,10 @@ public class PatchForKafkaServiceDefUpdate_J10033 extends BaseLoader { @Autowired XUserMgr xUserMgr; + @Autowired + @Qualifier(value = "transactionManager") + PlatformTransactionManager txManager; + public static void main(String[] args) { logger.info("main()"); try { @@ -352,17 +362,35 @@ public class PatchForKafkaServiceDefUpdate_J10033 extends BaseLoader { continue; } XXUser xxUser = daoMgr.getXXUser().findByUserName(user); + Long userId = null; if (xxUser == null) { - logger.info(user +" user is not found, adding user: "+user); - xUserMgr.createServiceConfigUser(user); + if (null == xxUser) { + logger.info(user +" user is not found, adding user: "+user); + TransactionTemplate txTemplate = new TransactionTemplate(txManager); + txTemplate.setPropagationBehavior(TransactionDefinition.PROPAGATION_REQUIRES_NEW); + try { + txTemplate.execute(new TransactionCallback<Object>() { + @Override + public Object doInTransaction(TransactionStatus status) { + xUserMgr.createServiceConfigUserSynchronously(user); + return null; + } + }); + } catch(Exception exception) { + logger.error("Cannot create ServiceConfigUser(" + user + ")", exception); + } + } + xxUser = daoMgr.getXXUser().findByUserName(user); if (xxUser == null) { throw new RuntimeException(user + ": user does not exist. policy='" + xxPolicy.getName() + "' service='" + xxPolicy.getService() + "' user='" + user + "'"); } } + userId = xxUser.getId(); + XXPolicyItemUserPerm xUserPerm = new XXPolicyItemUserPerm(); - xUserPerm.setUserId(xxUser.getId()); + xUserPerm.setUserId(userId); xUserPerm.setPolicyItemId(createdXXPolicyItem.getId()); xUserPerm.setOrder(i); xUserPerm.setAddedByUserId(currentUserId); diff --git a/security-admin/src/main/java/org/apache/ranger/patch/PatchForMigratingOldRegimePolicyJson_J10046.java b/security-admin/src/main/java/org/apache/ranger/patch/PatchForMigratingOldRegimePolicyJson_J10046.java index c40280629..dbffc5663 100644 --- a/security-admin/src/main/java/org/apache/ranger/patch/PatchForMigratingOldRegimePolicyJson_J10046.java +++ b/security-admin/src/main/java/org/apache/ranger/patch/PatchForMigratingOldRegimePolicyJson_J10046.java @@ -68,6 +68,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.stereotype.Component; import org.springframework.transaction.PlatformTransactionManager; +import org.springframework.transaction.TransactionDefinition; import org.springframework.transaction.TransactionStatus; import org.springframework.transaction.support.TransactionCallback; import org.springframework.transaction.support.TransactionTemplate; @@ -338,7 +339,19 @@ public class PatchForMigratingOldRegimePolicyJson_J10046 extends BaseLoader { if (userObject == null) { logger.info(user +" user is not found, adding user: "+user); - xUserMgr.createServiceConfigUser(user); + TransactionTemplate txTemplate = new TransactionTemplate(txManager); + txTemplate.setPropagationBehavior(TransactionDefinition.PROPAGATION_REQUIRES_NEW); + try { + txTemplate.execute(new TransactionCallback<Object>() { + @Override + public Object doInTransaction(TransactionStatus status) { + xUserMgr.createServiceConfigUserSynchronously(user); + return null; + } + }); + } catch(Exception exception) { + logger.error("Cannot create ServiceConfigUser(" + user + ")", exception); + } userObject = userDao.findByUserName(user); if (userObject == null) { throw new Exception(user + ": unknown user in policy [id=" + policyId + "]"); @@ -346,6 +359,7 @@ public class PatchForMigratingOldRegimePolicyJson_J10046 extends BaseLoader { } userId = userObject.getId(); + logger.info("userId:"+userId); userIdMap.put(user, userId); } diff --git a/security-admin/src/main/java/org/apache/ranger/patch/PatchForUpdatingPolicyJson_J10019.java b/security-admin/src/main/java/org/apache/ranger/patch/PatchForUpdatingPolicyJson_J10019.java index ae6158ab0..6eb3315e7 100644 --- a/security-admin/src/main/java/org/apache/ranger/patch/PatchForUpdatingPolicyJson_J10019.java +++ b/security-admin/src/main/java/org/apache/ranger/patch/PatchForUpdatingPolicyJson_J10019.java @@ -92,6 +92,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.stereotype.Component; import org.springframework.transaction.PlatformTransactionManager; +import org.springframework.transaction.TransactionDefinition; import org.springframework.transaction.TransactionStatus; import org.springframework.transaction.support.TransactionCallback; import org.springframework.transaction.support.TransactionTemplate; @@ -356,7 +357,19 @@ public class PatchForUpdatingPolicyJson_J10019 extends BaseLoader { if (userObject == null) { logger.info(user +" user is not found, adding user: "+user); - xUserMgr.createServiceConfigUser(user); + TransactionTemplate txTemplate = new TransactionTemplate(txManager); + txTemplate.setPropagationBehavior(TransactionDefinition.PROPAGATION_REQUIRES_NEW); + try { + txTemplate.execute(new TransactionCallback<Object>() { + @Override + public Object doInTransaction(TransactionStatus status) { + xUserMgr.createServiceConfigUserSynchronously(user); + return null; + } + }); + } catch(Exception exception) { + logger.error("Cannot create ServiceConfigUser(" + user + ")", exception); + } userObject = userDao.findByUserName(user); if (userObject == null) { throw new Exception(user + ": unknown user in policy [id=" + policyId + "]"); @@ -364,6 +377,7 @@ public class PatchForUpdatingPolicyJson_J10019 extends BaseLoader { } userId = userObject.getId(); + logger.info("userId:"+userId); userIdMap.put(user, userId); } diff --git a/security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java b/security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java index dfb5814f3..a80f12efb 100644 --- a/security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java +++ b/security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java @@ -1706,7 +1706,7 @@ public class TestServiceDBStore { Mockito.when(daoManager.getXXPolicy()).thenReturn(xPolicyDao); Mockito.when(xPolicyDao.getById(Id)).thenReturn(xPolicy); - Mockito.doNothing().when(policyRefUpdater).createNewPolMappingForRefTable(rangerPolicy, xPolicy, xServiceDef); + Mockito.doNothing().when(policyRefUpdater).createNewPolMappingForRefTable(rangerPolicy, xPolicy, xServiceDef, false); Mockito.when(policyService.getPopulatedViewObject(xPolicy)).thenReturn(rangerPolicy); Mockito.when(daoManager.getXXService()).thenReturn(xServiceDao);