This is an automated email from the ASF dual-hosted git repository.
abhay pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new b7a2902 RANGER-2772: Adding the functionality of merging the policy -
Part 3
b7a2902 is described below
commit b7a2902939f0d5ae64ead9fde539e76a766238a2
Author: Abhay Kulkarni
AuthorDate: Thu Apr 23 19:38:33 2020 -0700
RANGER-2772: Adding the functionality of merging the policy - Part 3
---
.../java/org/apache/ranger/rest/ServiceREST.java | 53 ++---
.../org/apache/ranger/rest/ServiceRESTUtil.java| 68 +-
2 files changed, 88 insertions(+), 33 deletions(-)
diff --git
a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
index 82e67e6..1bdee86 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
@@ -83,6 +83,7 @@ import org.apache.ranger.common.ServiceUtil;
import org.apache.ranger.common.UserSessionBase;
import org.apache.ranger.common.db.RangerTransactionSynchronizationAdapter;
import org.apache.ranger.db.RangerDaoManager;
+import org.apache.ranger.entity.XXPolicy;
import org.apache.ranger.entity.XXPolicyExportAudit;
import org.apache.ranger.entity.XXSecurityZone;
import org.apache.ranger.entity.XXSecurityZoneRefService;
@@ -97,6 +98,7 @@ import
org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem;
import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess;
import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource;
import org.apache.ranger.plugin.model.RangerPolicyDelta;
+import org.apache.ranger.plugin.model.RangerPolicyResourceSignature;
import org.apache.ranger.plugin.model.RangerSecurityZone;
import org.apache.ranger.plugin.model.RangerService;
import org.apache.ranger.plugin.model.RangerServiceDef;
@@ -1661,7 +1663,13 @@ public class ServiceREST {
}
boolean
updateIfExists=("true".equalsIgnoreCase(StringUtils.trimToEmpty(request.getParameter(PARAM_UPDATE_IF_EXISTS
? true : false ;
boolean mergeIfExists =
"true".equalsIgnoreCase(StringUtils.trimToEmpty(request.getParameter(PARAM_MERGE_IF_EXISTS)))
? true : false;
- if(updateIfExists || mergeIfExists) {
+
+ if (mergeIfExists && updateIfExists) {
+ LOG.warn("Cannot use both
updateIfExists and mergeIfExists for a createPolicy. mergeIfExists will
override updateIfExists for policy :[" + policy.getName() + "]");
+ }
+ if (mergeIfExists) {
+ ret = applyPolicy(policy, request);
+ } else if(updateIfExists) {
RangerPolicy existingPolicy = null;
String serviceName =
request.getParameter(PARAM_SERVICE_NAME);
if (serviceName == null) {
@@ -1699,20 +1707,11 @@ public class ServiceREST {
}
try {
if (existingPolicy != null) {
- if (updateIfExists) {
-
policy.setId(existingPolicy.getId());
- ret =
updatePolicy(policy);
- } else
if(mergeIfExists){
-
ServiceRESTUtil.mergeExactMatchPolicyForResource(existingPolicy, policy);
- ret =
updatePolicy(existingPolicy);
- }
+
policy.setId(existingPolicy.getId());
+ ret =
updatePolicy(policy);
}
} catch (Exception excp){
- if(updateIfExists) {
-
LOG.error("updatePolicy(" + policy + ") failed", excp);
- }else if(mergeIfExists) {
- LOG.error("updatePolicy
for merge (" + existingPolicy + ") failed", excp);
- }
+ LOG.error("updatePolicy(" +