----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/72588/#review220997 -----------------------------------------------------------
The side effect is deleting such policies is potential skipping of audit logs for the resources covered by the policy i.e. if there is no audit-enabled policy that matches the accessed resource, Ranger plugins would not generate audit logs. I suggest to not delete policies having no items automatically. - Madhan Neethiraj On June 11, 2020, 5:51 p.m., Haoxiang Ma wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/72588/ > ----------------------------------------------------------- > > (Updated June 11, 2020, 5:51 p.m.) > > > Review request for ranger. > > > Bugs: RANGER-2856 > https://issues.apache.org/jira/browse/RANGER-2856 > > > Repository: ranger > > > Description > ------- > > A policy should be deleted if it has no policyItems > > > Diffs > ----- > > security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java > 9be61f2eb > > > Diff: https://reviews.apache.org/r/72588/diff/1/ > > > Testing > ------- > > 1.Compilation OK > 2.Already used in production environment > > > Thanks, > > Haoxiang Ma > >