You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ma...@apache.org on 2023/06/18 23:40:21 UTC
[ranger] branch RANGER-3923 updated: RANGER-4268: increment policy-version of linked services on change to GDS policy
This is an automated email from the ASF dual-hosted git repository.
madhan pushed a commit to branch RANGER-3923
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/RANGER-3923 by this push:
new 1c50756e0 RANGER-4268: increment policy-version of linked services on change to GDS policy
1c50756e0 is described below
commit 1c50756e00aa106bdd5f7bb71e1c82d797742b51
Author: Madhan Neethiraj <ma...@apache.org>
AuthorDate: Sun Jun 18 02:00:30 2023 -0700
RANGER-4268: increment policy-version of linked services on change to GDS policy
---
.../java/org/apache/ranger/biz/ServiceDBStore.java | 20 ++++++++--------
.../java/org/apache/ranger/db/XXServiceDao.java | 27 ++++++++++++++++++++++
.../main/resources/META-INF/jpa_named_queries.xml | 8 +++++++
3 files changed, 45 insertions(+), 10 deletions(-)
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
index ecef3dc1e..231472143 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
@@ -3641,25 +3641,25 @@ public class ServiceDBStore extends AbstractServiceStore {
final RangerDaoManager daoManager = daoMgr;
final Long serviceId = serviceDbObj.getId();
- // if this is a tag service, update all services that refer to this tag service
- // so that next policy-download from plugins will get updated tag policies
+ // if this is a tag/gds service, update all services that refer to this service
+ // so that next policy-download from plugins will get updated tag/gds policies
boolean isTagService = serviceDbObj.getType() == EmbeddedServiceDefsUtil.instance().getTagServiceDefId();
- if(isTagService) {
- List<XXService> referringServices = serviceDao.findByTagServiceId(serviceId);
+ boolean isGdsService = serviceDbObj.getType() == EmbeddedServiceDefsUtil.instance().getGdsServiceDefId();
- if(CollectionUtils.isNotEmpty(referringServices)) {
- for(XXService referringService : referringServices) {
- final Long referringServiceId = referringService.getId();
- final VERSION_TYPE tagServiceversionType = VERSION_TYPE.POLICY_VERSION;
+ if (isTagService || isGdsService) {
+ List<Long> referringServiceIds = isTagService ? serviceDao.findIdsByTagServiceId(serviceId) : serviceDao.findIdsByGdsServiceId(serviceId);
- Runnable tagServiceVersionUpdater = new ServiceVersionUpdater(daoManager, referringServiceId, tagServiceversionType, policy != null ? policy.getZoneName() : null, policyDeltaType, policy);
- transactionSynchronizationAdapter.executeOnTransactionCommit(tagServiceVersionUpdater);
+ for (Long referringServiceId : referringServiceIds) {
+ Runnable policyVersionUpdater = new ServiceVersionUpdater(daoManager, referringServiceId, VERSION_TYPE.POLICY_VERSION, policy != null ? policy.getZoneName() : null, policyDeltaType, policy);
+ transactionSynchronizationAdapter.executeOnTransactionCommit(policyVersionUpdater);
+ if (updateServiceInfoRoleVersion) {
Runnable roleVersionUpdater = new ServiceVersionUpdater(daoManager, referringServiceId, VERSION_TYPE.ROLE_VERSION, policy != null ? policy.getZoneName() : null, policyDeltaType, policy);
transactionSynchronizationAdapter.executeOnTransactionCommit(roleVersionUpdater);
}
}
}
+
final VERSION_TYPE versionType = VERSION_TYPE.POLICY_VERSION;
Runnable serviceVersionUpdater = new ServiceVersionUpdater(daoManager, serviceId, versionType, policy != null ? policy.getZoneName() : null, policyDeltaType, policy);
diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXServiceDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXServiceDao.java
index ba92c7340..efe7d4bcc 100644
--- a/security-admin/src/main/java/org/apache/ranger/db/XXServiceDao.java
+++ b/security-admin/src/main/java/org/apache/ranger/db/XXServiceDao.java
@@ -18,6 +18,7 @@
package org.apache.ranger.db;
import java.util.ArrayList;
+import java.util.Collections;
import java.util.List;
import javax.persistence.NoResultException;
@@ -112,6 +113,32 @@ public class XXServiceDao extends BaseDao<XXService> {
}
}
+ public List<Long> findIdsByTagServiceId(Long tagServiceId) {
+ List<Long> ret = null;
+
+ try {
+ ret = getEntityManager().createNamedQuery("XXService.findIdsByTagServiceId", Long.class)
+ .setParameter("tagServiceId", tagServiceId).getResultList();
+ } catch (NoResultException e) {
+ // ignre
+ }
+
+ return ret != null ? ret : Collections.emptyList();
+ }
+
+ public List<Long> findIdsByGdsServiceId(Long gdsServiceId) {
+ List<Long> ret = null;
+
+ try {
+ ret = getEntityManager().createNamedQuery("XXService.findIdsByGdsServiceId", Long.class)
+ .setParameter("gdsServiceId", gdsServiceId).getResultList();
+ } catch (NoResultException e) {
+ // ignre
+ }
+
+ return ret != null ? ret : Collections.emptyList();
+ }
+
public XXService findAssociatedTagService(String serviceName) {
try {
return getEntityManager().createNamedQuery("XXService.findAssociatedTagService", tClass)
diff --git a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
index 31c6b6a72..59a20a25e 100755
--- a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
+++ b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
@@ -664,6 +664,14 @@
<query>select obj from XXService obj where obj.tagService = :tagServiceId</query>
</named-query>
+ <named-query name="XXService.findIdsByTagServiceId">
+ <query>select obj.id from XXService obj where obj.tagService = :tagServiceId</query>
+ </named-query>
+
+ <named-query name="XXService.findIdsByGdsServiceId">
+ <query>select obj.id from XXService obj where obj.gdsService = :gdsServiceId</query>
+ </named-query>
+
<named-query name="XXService.findAssociatedTagService">
<query>select obj from XXService obj
where obj.name = :serviceName