Subhrat Chaudhary created RANGER-4486:
-----------------------------------------
Summary: ZoneV2 partial update allows duplicate users and
tagServices
Key: RANGER-4486
URL: https://issues.apache.org/jira/browse/RANGER-4486
Project: Ranger
Issue Type: Bug
Components: admin
Reporter: Subhrat Chaudhary
Assignee: Subhrat Chaudhary
In RANGER-4398 , we added support for incremental updates with the PUT API -
/service/public/v2/api/zones-v2/\{zoneId}/partial. This allows addition of
duplicate adminUsers, auditorUser and tagServices.
Steps to reproduce. Create a security-zone and update with above PUT API:
{code:java}
{
"id": 5,
"isEnabled": true,
"createdBy": "Admin",
"updatedBy": "Admin",
"createTime": 1697718906795,
"updateTime": 1697718906796,
"name": "zone10",
"services": {
"hive1": {
"resources": [
{
"id": 1,
"resource": {
"database": [
"db10"
]
}
}
]
}
},
"tagServicesToAdd": [
"tag1"
],
"adminsToAdd": [
{
"type": "USER",
"name": "mark"
}
]
}{code}
If we call the same API with same request again, it creates duplicate adminUser
and tagService as below:
{code:java}
{
"id": 5,
"isEnabled": true,
"createdBy": "Admin",
"updatedBy": "Admin",
"createTime": 1697718906795,
"updateTime": 1697719001243,
"name": "zone10",
"services": {
"hive1": {
"resources": [
{
"id": 1,
"resource": {
"database": [
"db10"
]
}
}
]
}
},
"tagServices": [
"tag1",
"tag1"
],
"admins": [
{
"type": "USER",
"name": "mark"
},
{
"type": "USER",
"name": "mark"
}
],
"auditors": [
{
"type": "USER",
"name": "mark"
}
]
}{code}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
