You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by me...@apache.org on 2019/10/30 07:32:16 UTC
[ranger] 01/02: RANGER-2594: Improve policy validation performance
during delete
This is an automated email from the ASF dual-hosted git repository.
mehul pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
commit c76f8eecf181f813774d8e7a6546f1666287eefe
Author: Andrew <an...@outlook.com>
AuthorDate: Thu Oct 17 00:24:28 2019 -0700
RANGER-2594: Improve policy validation performance during delete
Signed-off-by: Mehul Parikh <me...@apache.org>
---
.../ranger/plugin/model/validation/RangerPolicyValidator.java | 2 +-
.../apache/ranger/plugin/model/validation/RangerValidator.java | 9 +++++++++
.../main/java/org/apache/ranger/plugin/store/ServiceStore.java | 2 ++
.../src/main/java/org/apache/ranger/biz/ServiceDBStore.java | 5 +++++
.../src/main/java/org/apache/ranger/db/XXPolicyDao.java | 7 +++++++
security-admin/src/main/resources/META-INF/jpa_named_queries.xml | 4 ++++
6 files changed, 28 insertions(+), 1 deletion(-)
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java
index a854107..fb0afba 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java
@@ -94,7 +94,7 @@ public class RangerPolicyValidator extends RangerValidator {
.becauseOf(error.getMessage("id"))
.build());
valid = false;
- } else if (getPolicy(id) == null) {
+ } else if (policyExists(id)) {
if (LOG.isDebugEnabled()) {
LOG.debug("No policy found for id[" + id + "]! ok!");
}
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerValidator.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerValidator.java
index 74653b2..c4ec63b 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerValidator.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerValidator.java
@@ -263,6 +263,15 @@ public abstract class RangerValidator {
return result;
}
+ boolean policyExists(Long id) {
+ try {
+ return _store.policyExists(id);
+ } catch (Exception e) {
+ LOG.debug("Encountred exception while retrieving policy from service store!", e);
+ return false;
+ }
+ }
+
RangerPolicy getPolicy(Long id) {
if(LOG.isDebugEnabled()) {
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/store/ServiceStore.java b/agents-common/src/main/java/org/apache/ranger/plugin/store/ServiceStore.java
index ba7407f..4af457e 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/store/ServiceStore.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/store/ServiceStore.java
@@ -73,6 +73,8 @@ public interface ServiceStore {
void deletePolicy(RangerPolicy policy) throws Exception;
+ boolean policyExists(Long id) throws Exception;
+
RangerPolicy getPolicy(Long id) throws Exception;
List<RangerPolicy> getPolicies(SearchFilter filter) throws Exception;
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
index ec44aa1..866eed9 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
@@ -2192,6 +2192,11 @@ public class ServiceDBStore extends AbstractServiceStore {
}
@Override
+ public boolean policyExists(Long id) throws Exception {
+ return daoMgr.getXXPolicy().getCountById(id) > 0;
+ }
+
+ @Override
public RangerPolicy getPolicy(Long id) throws Exception {
return policyService.read(id);
}
diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java
index b242171..4c501e4 100644
--- a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java
+++ b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java
@@ -40,6 +40,13 @@ public class XXPolicyDao extends BaseDao<XXPolicy> {
super(daoManager);
}
+ public long getCountById(Long policyId) {
+ return getEntityManager()
+ .createNamedQuery("XXPolicy.countById", Long.class)
+ .setParameter("policyId", policyId)
+ .getSingleResult();
+ }
+
public XXPolicy findByNameAndServiceId(String polName, Long serviceId) {
return findByNameAndServiceIdAndZoneId(polName, serviceId, RangerSecurityZone.RANGER_UNZONED_SECURITY_ZONE_ID);
}
diff --git a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
index 6cc4799..bc8062c 100755
--- a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
+++ b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
@@ -266,6 +266,10 @@
<!-- XXPolicy -->
+ <named-query name="XXPolicy.countById">
+ <query>select count(obj.id) from XXPolicy obj where obj.id = :policyId</query>
+ </named-query>
+
<named-query name="XXPolicy.findByPolicyName">
<query>select obj from XXPolicy obj where obj.name = :polName order by obj.id</query>
</named-query>