You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ab...@apache.org on 2021/03/25 01:18:24 UTC
[ranger] branch master updated: RANGER-3224: Not able to delete security-zone

This is an automated email from the ASF dual-hosted git repository.

abhay pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git


The following commit(s) were added to refs/heads/master by this push:
     new eae411f  RANGER-3224: Not able to delete security-zone
eae411f is described below

commit eae411f005346fc374e78da01acacdc027011575
Author: Abhay Kulkarni <ab...@apache.org>
AuthorDate: Wed Mar 24 18:18:05 2021 -0700

    RANGER-3224: Not able to delete security-zone
---
 .../service/RangerSecurityZoneServiceService.java       | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerSecurityZoneServiceService.java b/security-admin/src/main/java/org/apache/ranger/service/RangerSecurityZoneServiceService.java
index f2a505c..b62e0a5 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/RangerSecurityZoneServiceService.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/RangerSecurityZoneServiceService.java
@@ -63,6 +63,7 @@ public class RangerSecurityZoneServiceService extends RangerSecurityZoneServiceB
     private static final Gson gsonBuilder = new GsonBuilder().setDateFormat("yyyyMMdd-HH:mm:ss.SSS-Z").create();
 
     private Map<Long, Set<String>> serviceNamesInZones = new HashMap<>();
+    private Map<Long, Set<String>> tagServiceNamesInZones = new HashMap<>();
 
     static HashMap<String, VTrxLogAttr> trxLogAttrs = new HashMap<String, VTrxLogAttr>();
 
@@ -91,6 +92,7 @@ public class RangerSecurityZoneServiceService extends RangerSecurityZoneServiceB
         RangerSecurityZone existingZone = new RangerSecurityZone();
         existingZone = mapEntityToViewBean(existingZone, entityObj);
         serviceNamesInZones.put(entityObj.getId(), existingZone.getServices().keySet());
+        tagServiceNamesInZones.put(entityObj.getId(), new HashSet<>(existingZone.getTagServices()));
     }
 
     @Override
@@ -149,16 +151,24 @@ public class RangerSecurityZoneServiceService extends RangerSecurityZoneServiceB
     public RangerSecurityZone postUpdate(XXSecurityZone xObj) {
         // Update ServiceVersionInfo for all affected services
         RangerSecurityZone ret = super.postUpdate(xObj);
+
         Set<String> oldServiceNames = new HashSet(serviceNamesInZones.remove(xObj.getId()));
         Set<String> updatedServiceNames = ret.getServices().keySet();
 
+        Set<String> oldTagServiceNames = new HashSet(tagServiceNamesInZones.remove(xObj.getId()));
+        Set<String> updatedTagServiceNames = ret.getServices().keySet();
+
         Collection<String> newServiceNames = CollectionUtils.subtract(updatedServiceNames, oldServiceNames);
         Collection<String> deletedServiceNames = CollectionUtils.subtract(oldServiceNames, updatedServiceNames);
 
+        Collection<String> deletedTagServiceNames = CollectionUtils.subtract(oldTagServiceNames, updatedTagServiceNames);
+
         try {
             serviceDBStore.createZoneDefaultPolicies(newServiceNames, ret);
             serviceDBStore.deleteZonePolicies(deletedServiceNames, ret.getId());
 
+            serviceDBStore.deleteZonePolicies(deletedTagServiceNames, ret.getId());
+
             oldServiceNames.addAll(updatedServiceNames);
             updateServiceInfos(oldServiceNames);
         } catch (Exception exception) {
@@ -174,13 +184,14 @@ public class RangerSecurityZoneServiceService extends RangerSecurityZoneServiceB
         XXSecurityZone ret = super.preDelete(id);
         RangerSecurityZone viewObject = new RangerSecurityZone();
         viewObject = mapEntityToViewBean(viewObject, ret);
-        Set<String> serviceNames = viewObject.getServices().keySet();
+        Set<String> allServiceNames = new HashSet<>(viewObject.getTagServices());
+        allServiceNames.addAll(viewObject.getServices().keySet());
 
         // Delete default zone policies
 
         try {
-            serviceDBStore.deleteZonePolicies(serviceNames, id);
-            updateServiceInfos(serviceNames);
+            serviceDBStore.deleteZonePolicies(allServiceNames, id);
+            updateServiceInfos(allServiceNames);
         } catch (Exception exception) {
             logger.error("preDelete processing failed for security-zone:[" + viewObject + "]", exception);
             ret = null;