[
https://issues.apache.org/jira/browse/RANGER-5178?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17942333#comment-17942333
]
Abhishek Kumar commented on RANGER-5178:
----------------------------------------
It looks like the areas targeted to check for existing objects in the PR
[https://github.com/apache/ranger/pull/554] might be unreachable due to other
checks already in place.
For ex:
1. When deleting a role just after updating a policy (with delayed timer) with
the newly added same role causes exception to be seen in the GUI and so
deletion does not go through.
2. Updating a policy with added roles/users/groups and simultaneously deleting
the same policy in a concurrent session causes the below exception:
{code:java}
javax.persistence.OptimisticLockException: Exception [EclipseLink-5011]
(Eclipse Persistence Services - 2.7.12.v20230209-e5c4074ef3):
org.eclipse.persistence.exceptions.OptimisticLockException
Exception Description: One or more objects cannot be updated because it has
changed or been deleted since it was last read {code}
which causes the deletion triggered to not take effect.
> Update callers of executeOnTransactionCommit to check for existence of objects
> ------------------------------------------------------------------------------
>
> Key: RANGER-5178
> URL: https://issues.apache.org/jira/browse/RANGER-5178
> Project: Ranger
> Issue Type: Bug
> Components: Ranger
> Reporter: Abhishek Kumar
> Assignee: Abhishek Kumar
> Priority: Major
> Time Spent: 40m
> Remaining Estimate: 0h
>
> executeOnTransactionCommit in RangerTransactionSynchronizationAdapter.java is
> called multiple places for doing post transaction commit tasks in a
> subsequent transaction following the parent transaction.
>
> Verify and update all such references to check for existence of objects being
> referenced in the run method before executing commands on the database.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
