You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ab...@apache.org on 2021/03/25 01:18:24 UTC
[ranger] branch master updated: RANGER-3224: Not able to delete
security-zone
This is an automated email from the ASF dual-hosted git repository.
abhay pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new eae411f RANGER-3224: Not able to delete security-zone
eae411f is described below
commit eae411f005346fc374e78da01acacdc027011575
Author: Abhay Kulkarni <ab...@apache.org>
AuthorDate: Wed Mar 24 18:18:05 2021 -0700
RANGER-3224: Not able to delete security-zone
---
.../service/RangerSecurityZoneServiceService.java | 17 ++++++++++++++---
1 file changed, 14 insertions(+), 3 deletions(-)
diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerSecurityZoneServiceService.java b/security-admin/src/main/java/org/apache/ranger/service/RangerSecurityZoneServiceService.java
index f2a505c..b62e0a5 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/RangerSecurityZoneServiceService.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/RangerSecurityZoneServiceService.java
@@ -63,6 +63,7 @@ public class RangerSecurityZoneServiceService extends RangerSecurityZoneServiceB
private static final Gson gsonBuilder = new GsonBuilder().setDateFormat("yyyyMMdd-HH:mm:ss.SSS-Z").create();
private Map<Long, Set<String>> serviceNamesInZones = new HashMap<>();
+ private Map<Long, Set<String>> tagServiceNamesInZones = new HashMap<>();
static HashMap<String, VTrxLogAttr> trxLogAttrs = new HashMap<String, VTrxLogAttr>();
@@ -91,6 +92,7 @@ public class RangerSecurityZoneServiceService extends RangerSecurityZoneServiceB
RangerSecurityZone existingZone = new RangerSecurityZone();
existingZone = mapEntityToViewBean(existingZone, entityObj);
serviceNamesInZones.put(entityObj.getId(), existingZone.getServices().keySet());
+ tagServiceNamesInZones.put(entityObj.getId(), new HashSet<>(existingZone.getTagServices()));
}
@Override
@@ -149,16 +151,24 @@ public class RangerSecurityZoneServiceService extends RangerSecurityZoneServiceB
public RangerSecurityZone postUpdate(XXSecurityZone xObj) {
// Update ServiceVersionInfo for all affected services
RangerSecurityZone ret = super.postUpdate(xObj);
+
Set<String> oldServiceNames = new HashSet(serviceNamesInZones.remove(xObj.getId()));
Set<String> updatedServiceNames = ret.getServices().keySet();
+ Set<String> oldTagServiceNames = new HashSet(tagServiceNamesInZones.remove(xObj.getId()));
+ Set<String> updatedTagServiceNames = ret.getServices().keySet();
+
Collection<String> newServiceNames = CollectionUtils.subtract(updatedServiceNames, oldServiceNames);
Collection<String> deletedServiceNames = CollectionUtils.subtract(oldServiceNames, updatedServiceNames);
+ Collection<String> deletedTagServiceNames = CollectionUtils.subtract(oldTagServiceNames, updatedTagServiceNames);
+
try {
serviceDBStore.createZoneDefaultPolicies(newServiceNames, ret);
serviceDBStore.deleteZonePolicies(deletedServiceNames, ret.getId());
+ serviceDBStore.deleteZonePolicies(deletedTagServiceNames, ret.getId());
+
oldServiceNames.addAll(updatedServiceNames);
updateServiceInfos(oldServiceNames);
} catch (Exception exception) {
@@ -174,13 +184,14 @@ public class RangerSecurityZoneServiceService extends RangerSecurityZoneServiceB
XXSecurityZone ret = super.preDelete(id);
RangerSecurityZone viewObject = new RangerSecurityZone();
viewObject = mapEntityToViewBean(viewObject, ret);
- Set<String> serviceNames = viewObject.getServices().keySet();
+ Set<String> allServiceNames = new HashSet<>(viewObject.getTagServices());
+ allServiceNames.addAll(viewObject.getServices().keySet());
// Delete default zone policies
try {
- serviceDBStore.deleteZonePolicies(serviceNames, id);
- updateServiceInfos(serviceNames);
+ serviceDBStore.deleteZonePolicies(allServiceNames, id);
+ updateServiceInfos(allServiceNames);
} catch (Exception exception) {
logger.error("preDelete processing failed for security-zone:[" + viewObject + "]", exception);
ret = null;