You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by me...@apache.org on 2022/05/13 10:54:39 UTC
[ranger] branch master updated: RANGER-3724: Create Ranger Admin API to refresh policy cache -- follow-up patch
This is an automated email from the ASF dual-hosted git repository.
mehul pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new 2f776dece RANGER-3724: Create Ranger Admin API to refresh policy cache -- follow-up patch
2f776dece is described below
commit 2f776deceaccd94ec4402679acbf528af42b1c76
Author: Kishor Gollapalliwar <ki...@gmail.com>
AuthorDate: Thu May 12 14:20:40 2022 +0530
RANGER-3724: Create Ranger Admin API to refresh policy cache -- follow-up patch
Signed-off-by: Mehul Parikh <me...@apache.org>
---
.../java/org/apache/ranger/rest/ServiceREST.java | 53 ++++++++++++++++++----
1 file changed, 43 insertions(+), 10 deletions(-)
diff --git a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
index 1aa861424..58013415c 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
@@ -1957,12 +1957,21 @@ public class ServiceREST {
return ret;
}
+ /**
+ * Resets/ removes service policy cache for given service.
+ * @param serviceName non-empty serviceName
+ * @return {@code true} if successfully reseted/ removed for given service, {@code false} otherwise.
+ */
@GET
@Path("/policies/cache/reset")
@Produces({ "application/json", "application/xml" })
- public boolean resetPolicyCache(@QueryParam("name") String name) {
+ public boolean resetPolicyCache(@QueryParam("serviceName") String serviceName) {
if (LOG.isDebugEnabled()) {
- LOG.debug("==> ServiceREST.resetPolicyCache(" + name + ")");
+ LOG.debug("==> ServiceREST.resetPolicyCache(" + serviceName + ")");
+ }
+
+ if (StringUtils.isEmpty(serviceName)) {
+ throw restErrorUtil.createRESTException("Required parameter [serviceName] is missing.", MessageEnums.INVALID_INPUT_DATA);
}
// check for ADMIN access
@@ -1970,13 +1979,11 @@ public class ServiceREST {
boolean isServiceAdmin = false;
String loggedInUser = bizUtil.getCurrentUserLoginId();
- if (StringUtils.isNotEmpty(name)) {
- try {
- RangerService rangerService = svcStore.getServiceByName(name);
- isServiceAdmin = bizUtil.isUserServiceAdmin(rangerService, loggedInUser);
- } catch (Exception e) {
- LOG.warn("Failed to find if user [" + loggedInUser + "] has service admin privileges on service [" + name + "]", e);
- }
+ try {
+ RangerService rangerService = svcStore.getServiceByName(serviceName);
+ isServiceAdmin = bizUtil.isUserServiceAdmin(rangerService, loggedInUser);
+ } catch (Exception e) {
+ LOG.warn("Failed to find if user [" + loggedInUser + "] has service admin privileges on service [" + serviceName + "]", e);
}
if (!isServiceAdmin) {
@@ -1984,7 +1991,7 @@ public class ServiceREST {
}
}
- boolean ret = svcStore.resetPolicyCache(name);
+ boolean ret = svcStore.resetPolicyCache(serviceName);
if (LOG.isDebugEnabled()) {
LOG.debug("<== ServiceREST.resetPolicyCache(): ret=" + ret);
@@ -1993,6 +2000,32 @@ public class ServiceREST {
return ret;
}
+ /**
+ * Resets/ removes service policy cache for all.
+ * @return {@code true} if successfully reseted/ removed, {@code false} otherwise.
+ */
+ @GET
+ @Path("/policies/cache/reset-all")
+ @Produces({ "application/json", "application/xml" })
+ public boolean resetPolicyCacheAll() {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceREST.resetPolicyCacheAll()");
+ }
+
+ // check for ADMIN access
+ if (!bizUtil.isAdmin()) {
+ throw restErrorUtil.createRESTException("User cannot reset policy cache", MessageEnums.OPER_NO_PERMISSION);
+ }
+
+ boolean ret = svcStore.resetPolicyCache(null);
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceREST.resetPolicyCacheAll(): ret=" + ret);
+ }
+
+ return ret;
+ }
+
@GET
@Path("/policies/downloadExcel")
@Produces("application/ms-excel")