Vyom Mani Tiwari created RANGER-5224:
----------------------------------------
Summary: dedupTags removes the valid tags while deduplicating tags
Key: RANGER-5224
URL: https://issues.apache.org/jira/browse/RANGER-5224
Project: Ranger
Issue Type: Bug
Components: Ranger
Affects Versions: 2.6.0
Reporter: Vyom Mani Tiwari
Assignee: Vyom Mani Tiwari
{color:#000000}{color:#000000}{color:#000000}When tag de duplication is enabled
in Apache Ranger, deleting and recreating one resource causes the tag-based
policy to fail for another resource that retains the same tag in Apache Atlas.
After recreating the first resource, a user with access via the tag-based
policy is unexpectedly denied access to the second resource, despite the tag
still being associated with it.{color}{color}{color}
{color:#000000}{color:#000000}{color:#000000}In the
{color}{color}{color:#000000}{color:#000000}dedupTags(){color}{color}{color:#000000}{color:#000000}
method, if a tag’s ID is higher than the retained ID, the tag is removed from
the
{color}{color}{color:#000000}{color:#000000}tags{color}{color}{color:#000000}{color:#000000}
map instead of updating its ID. This can invalidate the tag’s mapping for the
second resource after the first resource’s deletion, breaking the
policy.{color}{color}{color}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
