You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by pr...@apache.org on 2023/06/19 13:53:31 UTC
[ranger] branch master updated: RANGER-4242: Ranger Upgrade is failing
This is an automated email from the ASF dual-hosted git repository.
pradeep pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new 2ab2fd44d RANGER-4242: Ranger Upgrade is failing
2ab2fd44d is described below
commit 2ab2fd44d1fcb004eb832abcda1bf46d40a2872a
Author: Pradeep Agrawal <pr...@apache.org>
AuthorDate: Tue May 23 11:05:30 2023 +0530
RANGER-4242: Ranger Upgrade is failing
---
...PatchForSolrSvcDefAndPoliciesUpdate_J10055.java | 6 +++
...tchPreSql_057_ForUpdateToUniqueGUID_J10052.java | 30 +++++++++++++-
...ForUpdateToUniqueResoureceSignature_J10053.java | 47 +++++++++++++++++++---
3 files changed, 76 insertions(+), 7 deletions(-)
diff --git a/security-admin/src/main/java/org/apache/ranger/patch/PatchForSolrSvcDefAndPoliciesUpdate_J10055.java b/security-admin/src/main/java/org/apache/ranger/patch/PatchForSolrSvcDefAndPoliciesUpdate_J10055.java
index f5f9f8956..e6c6954a4 100644
--- a/security-admin/src/main/java/org/apache/ranger/patch/PatchForSolrSvcDefAndPoliciesUpdate_J10055.java
+++ b/security-admin/src/main/java/org/apache/ranger/patch/PatchForSolrSvcDefAndPoliciesUpdate_J10055.java
@@ -370,6 +370,9 @@ public class PatchForSolrSvcDefAndPoliciesUpdate_J10055 extends BaseLoader {
newPolicyForNewResource.setConditions(exPolicy.getConditions());
newPolicyForNewResource.setIsDenyAllElse(exPolicy.getIsDenyAllElse());
newPolicyForNewResource.setZoneName(exPolicy.getZoneName());
+ newPolicyForNewResource.setIsEnabled(exPolicy.getIsEnabled());
+ newPolicyForNewResource.setIsAuditEnabled(exPolicy.getIsAuditEnabled());
+ newPolicyForNewResource.setPolicyType(exPolicy.getPolicyType());
try {
if (isAllResources) {
@@ -406,6 +409,9 @@ public class PatchForSolrSvcDefAndPoliciesUpdate_J10055 extends BaseLoader {
newPolicy.setResources(resForNewPol);
newPolicy.setResourceSignature(null);
newPolicy.setGuid(null);
+ if (logger.isDebugEnabled()) {
+ logger.debug("newPolicy:"+newPolicy);
+ }
this.svcDBStore.createPolicy(newPolicy);
}
diff --git a/security-admin/src/main/java/org/apache/ranger/patch/PatchPreSql_057_ForUpdateToUniqueGUID_J10052.java b/security-admin/src/main/java/org/apache/ranger/patch/PatchPreSql_057_ForUpdateToUniqueGUID_J10052.java
index e6ae57fc8..2c5939009 100644
--- a/security-admin/src/main/java/org/apache/ranger/patch/PatchPreSql_057_ForUpdateToUniqueGUID_J10052.java
+++ b/security-admin/src/main/java/org/apache/ranger/patch/PatchPreSql_057_ForUpdateToUniqueGUID_J10052.java
@@ -133,7 +133,7 @@ public class PatchPreSql_057_ForUpdateToUniqueGUID_J10052 extends BaseLoader {
isFirstElement = false;
continue;
}
- RangerPolicy policy = svcStore.getPolicy(xxPolicy.getId());
+ RangerPolicy policy = getPolicy(xxPolicy);
if (policy != null) {
guid = guidUtil.genGUID();
xxPolicy.setGuid(guid);
@@ -157,4 +157,32 @@ public class PatchPreSql_057_ForUpdateToUniqueGUID_J10052 extends BaseLoader {
logger.info("No zone or service found");
}
}
+
+ private RangerPolicy getPolicy(final XXPolicy xPolicy) {
+ final RangerPolicy ret;
+
+ if (xPolicy != null) {
+ String policyText = xPolicy.getPolicyText();
+ if (logger.isDebugEnabled()) {
+ logger.debug("Ranger Policy text:[" + policyText + "]");
+ }
+ ret = JsonUtils.jsonToObject(policyText, RangerPolicy.class);
+
+ if (ret != null) {
+ ret.setId(xPolicy.getId());
+ ret.setGuid(xPolicy.getGuid());
+ ret.setCreateTime(xPolicy.getCreateTime());
+ ret.setUpdateTime(xPolicy.getUpdateTime());
+ ret.setVersion(xPolicy.getVersion());
+ ret.setPolicyType(xPolicy.getPolicyType() == null ? RangerPolicy.POLICY_TYPE_ACCESS : xPolicy.getPolicyType());
+ XXSecurityZone xSecurityZone = daoMgr.getXXSecurityZoneDao().findByZoneId(xPolicy.getZoneId());
+ if (xSecurityZone != null) {
+ ret.setZoneName(xSecurityZone.getName());
+ }
+ }
+ } else {
+ ret = null;
+ }
+ return ret;
+ }
}
\ No newline at end of file
diff --git a/security-admin/src/main/java/org/apache/ranger/patch/PatchPreSql_058_ForUpdateToUniqueResoureceSignature_J10053.java b/security-admin/src/main/java/org/apache/ranger/patch/PatchPreSql_058_ForUpdateToUniqueResoureceSignature_J10053.java
index fb7e5fd40..d93c123f9 100644
--- a/security-admin/src/main/java/org/apache/ranger/patch/PatchPreSql_058_ForUpdateToUniqueResoureceSignature_J10053.java
+++ b/security-admin/src/main/java/org/apache/ranger/patch/PatchPreSql_058_ForUpdateToUniqueResoureceSignature_J10053.java
@@ -29,6 +29,7 @@ import org.apache.ranger.db.RangerDaoManager;
import org.apache.ranger.db.XXPolicyLabelMapDao;
import org.apache.ranger.entity.XXPolicy;
import org.apache.ranger.entity.XXPolicyLabelMap;
+import org.apache.ranger.entity.XXSecurityZone;
import org.apache.ranger.plugin.model.RangerPolicy;
import org.apache.ranger.plugin.model.RangerPolicyResourceSignature;
import org.apache.ranger.util.CLIUtil;
@@ -111,11 +112,12 @@ public class PatchPreSql_058_ForUpdateToUniqueResoureceSignature_J10053 extends
logger.info("==> updateDisabledPolicyResourceSignature() ");
List<XXPolicy> xxPolicyList = daoMgr.getXXPolicy().findByPolicyStatus(isPolicyEnabled);
- if (CollectionUtils.isNotEmpty(xxPolicyList)) {
- logger.info("==> Total number of disabled policies :" + xxPolicyList.size());
+ logger.info("Total number of disabled policies :[" + xxPolicyList.size() + "]");
+
+ if (CollectionUtils.isNotEmpty(xxPolicyList)) {
for (XXPolicy xxPolicy : xxPolicyList) {
- RangerPolicy policy = svcStore.getPolicy(xxPolicy.getId());
+ RangerPolicy policy = getPolicy(xxPolicy);
if (policy != null) {
policy.setResourceSignature(null);
xxPolicy.setResourceSignature(null);
@@ -124,13 +126,17 @@ public class PatchPreSql_058_ForUpdateToUniqueResoureceSignature_J10053 extends
policy.setResourceSignature(signature);
xxPolicy.setPolicyText(JsonUtils.objectToJson(policy));
xxPolicy.setResourceSignature(signature);
-
+ if (logger.isDebugEnabled()) {
+ logger.debug("Ranger text after update:[" + xxPolicy.getPolicyText() + "]");
+ }
daoMgr.getXXPolicy().update(xxPolicy);
+ } else {
+ logger.info("RangerPolicy object cannot be created from xxPolicy: ["+ xxPolicy + "]");
}
}
- } else {
- logger.info("no disabled Policy found");
}
+
+ logger.info("<== updateDisabledPolicyResourceSignature() ");
}
private void removeDuplicateResourceSignaturesPolicies() throws Exception {
@@ -158,6 +164,7 @@ public class PatchPreSql_058_ForUpdateToUniqueResoureceSignature_J10053 extends
} else {
logger.info("no duplicate Policy found");
}
+ logger.info("<== removeDuplicateResourceSignaturesPolicies() ");
}
private Boolean cleanupRefTables(Long policyId) {
@@ -178,4 +185,32 @@ public class PatchPreSql_058_ForUpdateToUniqueResoureceSignature_J10053 extends
}
return true;
}
+
+ private RangerPolicy getPolicy(final XXPolicy xPolicy) {
+ final RangerPolicy ret;
+
+ if (xPolicy != null) {
+ String policyText = xPolicy.getPolicyText();
+ if (logger.isDebugEnabled()) {
+ logger.debug("Ranger Policy text:[" + policyText + "]");
+ }
+ ret = JsonUtils.jsonToObject(policyText, RangerPolicy.class);
+
+ if (ret != null) {
+ ret.setId(xPolicy.getId());
+ ret.setGuid(xPolicy.getGuid());
+ ret.setCreateTime(xPolicy.getCreateTime());
+ ret.setUpdateTime(xPolicy.getUpdateTime());
+ ret.setVersion(xPolicy.getVersion());
+ ret.setPolicyType(xPolicy.getPolicyType() == null ? RangerPolicy.POLICY_TYPE_ACCESS : xPolicy.getPolicyType());
+ XXSecurityZone xSecurityZone = daoMgr.getXXSecurityZoneDao().findByZoneId(xPolicy.getZoneId());
+ if (xSecurityZone != null) {
+ ret.setZoneName(xSecurityZone.getName());
+ }
+ }
+ } else {
+ ret = null;
+ }
+ return ret;
+ }
}