[ https://issues.apache.org/jira/browse/RANGER-2855?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17148567#comment-17148567 ]
Pradeep Agrawal commented on RANGER-2855: ----------------------------------------- Patch committed : [https://github.com/apache/ranger/commit/a14b6d6aa57d6bc0026713e73750df716c65aa8f] > import policy for ranger is not working properly if updateifexist parameter > is passed > ------------------------------------------------------------------------------------- > > Key: RANGER-2855 > URL: https://issues.apache.org/jira/browse/RANGER-2855 > Project: Ranger > Issue Type: Bug > Components: Ranger > Reporter: Dineshkumar Yadav > Assignee: Dineshkumar Yadav > Priority: Major > Fix For: 2.1.0 > > > *Problem Statement:* > Currently, Import Policy API provide option to updateIfExist all policies of > given service but it update the non matching policy. > *Current Imlementation* > 'updateIfExists' flag : API shall update existing policies with new policy > json based on either of the following conditions. > a) existing and new policy guid is matching > b) existing and new policy name, service and zone are matching > c) existing and new policy name and service are matching. > If there is a policy which matches the resource, the policy should be updated > with the data provided. > If there is no policy which matches the resource, a new policy should be > created with the data provided. > *Proposed Solution :* > Patch shall compare resource signature of existing policy with new policy > provide if it matches then update otherwise create new policy. > *Behaviour of the Import API shall be:* > 1) 'Override' flag : API shall delete all the policies of given target > service and shall create the new policies from the received json. > 2) 'deleteIfExists' flag : API shall delete those existing policies which are > exactly matching after comparing with new policy based on their resources. > After deleting the existing policy, API shall create the new policy from the > given json file. > 3) 'updateIfExists' flag with polResource input : API shall delete all the > existing policies from target service of which resources are exactly matching > with given policies resources. > 4) 'updateIfExists' flag without resource input : API shall update existing > policies with new policy json based on following conditions. > a) existing and new policy should match by resource signature > 5) 'mergeIfExists' flag : API shall merge the existing policy's policy-items > with the new policy of which resources will match exactly with available > policies. > 6) 'deleteIfExists' flag and 'updateIfExists' : delete the policies of which > resources are exactly matching. update the policies which are matching else > will create the policy. > If none of the cases are matching then API shall try to create the policy. > Policy creation validation will be done before creating the policy. > -- This message was sent by Atlassian Jira (v8.3.4#803005)