[
https://issues.apache.org/jira/browse/RANGER-4486?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Madhan Neethiraj updated RANGER-4486:
-------------------------------------
Fix Version/s: 3.0.0
2.5.0
> ZoneV2 partial update allows duplicate principals and tagServices
> -----------------------------------------------------------------
>
> Key: RANGER-4486
> URL: https://issues.apache.org/jira/browse/RANGER-4486
> Project: Ranger
> Issue Type: Bug
> Components: admin
> Reporter: Subhrat Chaudhary
> Assignee: Subhrat Chaudhary
> Priority: Major
> Fix For: 3.0.0, 2.5.0
>
>
> In RANGER-4398 , we added support for incremental updates with the PUT API -
> /service/public/v2/api/zones-v2/\{zoneId}/partial. This allows addition of
> duplicate principals (admin and auditor UGR) and tagServices.
> Steps to reproduce. Create a security-zone and update with above PUT API:
> {code:java}
> {
> "id": 5,
> "isEnabled": true,
> "createdBy": "Admin",
> "updatedBy": "Admin",
> "createTime": 1697718906795,
> "updateTime": 1697718906796,
> "name": "zone10",
> "services": {
> "hive1": {
> "resources": [
> {
> "id": 1,
> "resource": {
> "database": [
> "db10"
> ]
> }
> }
> ]
> }
> },
> "tagServicesToAdd": [
> "tag1"
> ],
> "adminsToAdd": [
> {
> "type": "USER",
> "name": "mark"
> }
> ]
> }{code}
> If we call the same API with same request again, it creates duplicate
> adminUser and tagService as below:
> {code:java}
> {
> "id": 5,
> "isEnabled": true,
> "createdBy": "Admin",
> "updatedBy": "Admin",
> "createTime": 1697718906795,
> "updateTime": 1697719001243,
> "name": "zone10",
> "services": {
> "hive1": {
> "resources": [
> {
> "id": 1,
> "resource": {
> "database": [
> "db10"
> ]
> }
> }
> ]
> }
> },
> "tagServices": [
> "tag1",
> "tag1"
> ],
> "admins": [
> {
> "type": "USER",
> "name": "mark"
> },
> {
> "type": "USER",
> "name": "mark"
> }
> ],
> "auditors": [
> {
> "type": "USER",
> "name": "mark"
> }
> ]
> }{code}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
