You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by me...@apache.org on 2019/10/30 07:32:16 UTC
[ranger] 01/02: RANGER-2594: Improve policy validation performance during delete

This is an automated email from the ASF dual-hosted git repository.

mehul pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git

commit c76f8eecf181f813774d8e7a6546f1666287eefe
Author: Andrew <an...@outlook.com>
AuthorDate: Thu Oct 17 00:24:28 2019 -0700

    RANGER-2594: Improve policy validation performance during delete
    
    Signed-off-by: Mehul Parikh <me...@apache.org>
---
 .../ranger/plugin/model/validation/RangerPolicyValidator.java    | 2 +-
 .../apache/ranger/plugin/model/validation/RangerValidator.java   | 9 +++++++++
 .../main/java/org/apache/ranger/plugin/store/ServiceStore.java   | 2 ++
 .../src/main/java/org/apache/ranger/biz/ServiceDBStore.java      | 5 +++++
 .../src/main/java/org/apache/ranger/db/XXPolicyDao.java          | 7 +++++++
 security-admin/src/main/resources/META-INF/jpa_named_queries.xml | 4 ++++
 6 files changed, 28 insertions(+), 1 deletion(-)

diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java
index a854107..fb0afba 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java
@@ -94,7 +94,7 @@ public class RangerPolicyValidator extends RangerValidator {
 					.becauseOf(error.getMessage("id"))
 					.build());
 			valid = false;
-		} else if (getPolicy(id) == null) {
+		} else if (policyExists(id)) {
 			if (LOG.isDebugEnabled()) {
 				LOG.debug("No policy found for id[" + id + "]! ok!");
 			}
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerValidator.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerValidator.java
index 74653b2..c4ec63b 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerValidator.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerValidator.java
@@ -263,6 +263,15 @@ public abstract class RangerValidator {
 		return result;
 	}
 
+	boolean policyExists(Long id) {
+		try {
+			return _store.policyExists(id);
+		} catch (Exception e) {
+			LOG.debug("Encountred exception while retrieving policy from service store!", e);
+			return false;
+		}
+	}
+
 	RangerPolicy getPolicy(Long id) {
 		
 		if(LOG.isDebugEnabled()) {
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/store/ServiceStore.java b/agents-common/src/main/java/org/apache/ranger/plugin/store/ServiceStore.java
index ba7407f..4af457e 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/store/ServiceStore.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/store/ServiceStore.java
@@ -73,6 +73,8 @@ public interface ServiceStore {
 
 	void deletePolicy(RangerPolicy policy) throws Exception;
 
+	boolean policyExists(Long id) throws Exception;
+
 	RangerPolicy getPolicy(Long id) throws Exception;
 
 	List<RangerPolicy> getPolicies(SearchFilter filter) throws Exception;
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
index ec44aa1..866eed9 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
@@ -2192,6 +2192,11 @@ public class ServiceDBStore extends AbstractServiceStore {
 	}
 
 	@Override
+	public boolean policyExists(Long id) throws Exception {
+		return daoMgr.getXXPolicy().getCountById(id) > 0;
+	}
+
+	@Override
 	public RangerPolicy getPolicy(Long id) throws Exception {
 		return policyService.read(id);
 	}
diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java
index b242171..4c501e4 100644
--- a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java
+++ b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java
@@ -40,6 +40,13 @@ public class XXPolicyDao extends BaseDao<XXPolicy> {
 		super(daoManager);
 	}
 
+	public long getCountById(Long policyId) {
+		return getEntityManager()
+					.createNamedQuery("XXPolicy.countById", Long.class)
+					.setParameter("policyId", policyId)
+					.getSingleResult();
+	}
+
 	public XXPolicy findByNameAndServiceId(String polName, Long serviceId) {
 		return findByNameAndServiceIdAndZoneId(polName, serviceId, RangerSecurityZone.RANGER_UNZONED_SECURITY_ZONE_ID);
 	}
diff --git a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
index 6cc4799..bc8062c 100755
--- a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
+++ b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
@@ -266,6 +266,10 @@
 
 	<!-- XXPolicy -->
 
+	<named-query name="XXPolicy.countById">
+		<query>select count(obj.id) from XXPolicy obj where obj.id = :policyId</query>
+	</named-query>
+
 	<named-query name="XXPolicy.findByPolicyName">
 		<query>select obj from XXPolicy obj where obj.name = :polName order by obj.id</query>
 	</named-query>