You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ranger.apache.org by Pradeep Agrawal <pr...@gmail.com> on 2023/04/14 15:14:11 UTC

Review Request 74397: RANGER-4188: updatePolicy results in 400 status code

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74397/
-----------------------------------------------------------

Review request for ranger, Abhishek  Kumar, Dineshkumar Yadav, Kishor Gollapalliwar, Abhay Kulkarni, Madhan Neethiraj, Nikhil P, Pradeep Agrawal, Ramesh Mani, Sailaja Polavarapu, and Velmurugan Periasamy.


Bugs: RANGER-4188
    https://issues.apache.org/jira/browse/RANGER-4188


Repository: ranger


Description
-------

**Problem Statement: ** Ranger createPolicy request failed with response code 400 and following stacktrace.

2023-04-12 16:05:31,526 INFO  org.apache.zookeeper.ClientCnxn: [Thread-2-SendThread(pfelker-dest-1.pfelker-dest.root.hwx.site:2181)]: Socket connection established, initiating se2023-04-12 16:30:53,674 INFO  org.apache.ranger.common.RESTErrorUtil: [https-jsse-nio-6182-exec-3]: Request failed. loginId=ranger, logMessage=policyID mismatch
javax.ws.rs.WebApplicationException: null
        at org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:338) [classes/:?]
        at org.apache.ranger.rest.ServiceREST.updatePolicy(ServiceREST.java:1782) [classes/:?]
        at org.apache.ranger.rest.ServiceREST.applyPolicy(ServiceREST.java:1749) [classes/:?]
        at org.apache.ranger.rest.ServiceREST.createPolicy(ServiceREST.java:1658) [classes/:?]
        
**Proposed solution: ** After debugging the issue found the call from applyPolicy is sending policy id as null which is caused by RANGER-3883. Rather sending a null value the proposed patch shall pass the policy id.


Diffs
-----

  security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 5542250aa 


Diff: https://reviews.apache.org/r/74397/diff/1/


Testing
-------

Tested the policy create request using a curl request on this patch change instance and got 200 response code.


Thanks,

Pradeep Agrawal

Re: Review Request 74397: RANGER-4188: updatePolicy results in 400 status code

Posted by Ramachandran Krishnan <ra...@gmail.com>.


> On April 17, 2023, 7:13 a.m., Abhishek  Kumar wrote:
> > security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
> > Line 1764 (original), 1764 (patched)
> > <https://reviews.apache.org/r/74397/diff/1/?file=2275853#file2275853line1764>
> >
> >     There are other occurences of updatePolicy(policy, null); in the same file, they don't require the policy id to be passed ?

As part of updatePolicy method ,we are checking policy.getId().equals(id)
In this case it seems it throws the 400 Error 

public RangerPolicy updatePolicy(RangerPolicy policy, @PathParam("id") Long id) {
		if(LOG.isDebugEnabled()) {
			LOG.debug("==> ServiceREST.updatePolicy(" + policy + ")");
		}

		// if policy.id and param 'id' are specified, policy.id should be same as the param 'id'
		// if policy.id is null, then set param 'id' into policy Object
		if (policy.getId() == null) {
			policy.setId(id);
		} else if(!policy.getId().equals(id)) {
			throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST , "policyID mismatch", true);
		}
        
 
 One way As Pradeep said,Rather then sending null we will pass the policy Id 
 or  we need to change the validation logic a bit 
 id != null && !policy.getId().equals(id)
 
 
 // if policy.id and param 'id' are specified, policy.id should be same as the param 'id'
		// if policy.id is null, then set param 'id' into policy Object
		if (policy.getId() == null) {
			policy.setId(id);
		} else if(id != null && !policy.getId().equals(id)) {
			throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST , "policyID mismatch", true);
		}


- Ramachandran


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74397/#review225385
-----------------------------------------------------------


On April 14, 2023, 3:14 p.m., Pradeep Agrawal wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/74397/
> -----------------------------------------------------------
> 
> (Updated April 14, 2023, 3:14 p.m.)
> 
> 
> Review request for ranger, Abhishek  Kumar, Dineshkumar Yadav, Kishor Gollapalliwar, Abhay Kulkarni, Madhan Neethiraj, Nikhil P, Pradeep Agrawal, Ramesh Mani, Sailaja Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-4188
>     https://issues.apache.org/jira/browse/RANGER-4188
> 
> 
> Repository: ranger
> 
> 
> Description
> -------
> 
> **Problem Statement: ** Ranger createPolicy request failed with response code 400 and following stacktrace.
> 
> 2023-04-12 16:05:31,526 INFO  org.apache.zookeeper.ClientCnxn: [Thread-2-SendThread(pfelker-dest-1.pfelker-dest.root.hwx.site:2181)]: Socket connection established, initiating se2023-04-12 16:30:53,674 INFO  org.apache.ranger.common.RESTErrorUtil: [https-jsse-nio-6182-exec-3]: Request failed. loginId=ranger, logMessage=policyID mismatch
> javax.ws.rs.WebApplicationException: null
>         at org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:338) [classes/:?]
>         at org.apache.ranger.rest.ServiceREST.updatePolicy(ServiceREST.java:1782) [classes/:?]
>         at org.apache.ranger.rest.ServiceREST.applyPolicy(ServiceREST.java:1749) [classes/:?]
>         at org.apache.ranger.rest.ServiceREST.createPolicy(ServiceREST.java:1658) [classes/:?]
>         
> **Proposed solution: ** After debugging the issue found the call from applyPolicy is sending policy id as null which is caused by RANGER-3883. Rather sending a null value the proposed patch shall pass the policy id.
> 
> 
> Diffs
> -----
> 
>   security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 5542250aa 
> 
> 
> Diff: https://reviews.apache.org/r/74397/diff/1/
> 
> 
> Testing
> -------
> 
> Tested the policy create request using a curl request on this patch change instance and got 200 response code.
> 
> 
> Thanks,
> 
> Pradeep Agrawal
> 
>

Re: Review Request 74397: RANGER-4188: updatePolicy results in 400 status code

Posted by Abhishek Kumar <ab...@gmail.com>.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74397/#review225385
-----------------------------------------------------------




security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
Line 1764 (original), 1764 (patched)
<https://reviews.apache.org/r/74397/#comment314023>

    There are other occurences of updatePolicy(policy, null); in the same file, they don't require the policy id to be passed ?


- Abhishek  Kumar


On April 14, 2023, 3:14 p.m., Pradeep Agrawal wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/74397/
> -----------------------------------------------------------
> 
> (Updated April 14, 2023, 3:14 p.m.)
> 
> 
> Review request for ranger, Abhishek  Kumar, Dineshkumar Yadav, Kishor Gollapalliwar, Abhay Kulkarni, Madhan Neethiraj, Nikhil P, Pradeep Agrawal, Ramesh Mani, Sailaja Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-4188
>     https://issues.apache.org/jira/browse/RANGER-4188
> 
> 
> Repository: ranger
> 
> 
> Description
> -------
> 
> **Problem Statement: ** Ranger createPolicy request failed with response code 400 and following stacktrace.
> 
> 2023-04-12 16:05:31,526 INFO  org.apache.zookeeper.ClientCnxn: [Thread-2-SendThread(pfelker-dest-1.pfelker-dest.root.hwx.site:2181)]: Socket connection established, initiating se2023-04-12 16:30:53,674 INFO  org.apache.ranger.common.RESTErrorUtil: [https-jsse-nio-6182-exec-3]: Request failed. loginId=ranger, logMessage=policyID mismatch
> javax.ws.rs.WebApplicationException: null
>         at org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:338) [classes/:?]
>         at org.apache.ranger.rest.ServiceREST.updatePolicy(ServiceREST.java:1782) [classes/:?]
>         at org.apache.ranger.rest.ServiceREST.applyPolicy(ServiceREST.java:1749) [classes/:?]
>         at org.apache.ranger.rest.ServiceREST.createPolicy(ServiceREST.java:1658) [classes/:?]
>         
> **Proposed solution: ** After debugging the issue found the call from applyPolicy is sending policy id as null which is caused by RANGER-3883. Rather sending a null value the proposed patch shall pass the policy id.
> 
> 
> Diffs
> -----
> 
>   security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 5542250aa 
> 
> 
> Diff: https://reviews.apache.org/r/74397/diff/1/
> 
> 
> Testing
> -------
> 
> Tested the policy create request using a curl request on this patch change instance and got 200 response code.
> 
> 
> Thanks,
> 
> Pradeep Agrawal
> 
>

Re: Review Request 74397: RANGER-4188: updatePolicy results in 400 status code

Posted by Ramachandran Krishnan <ra...@gmail.com>.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74397/#review225441
-----------------------------------------------------------


Ship it!




Ship It!

- Ramachandran Krishnan


On April 14, 2023, 3:14 p.m., Pradeep Agrawal wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/74397/
> -----------------------------------------------------------
> 
> (Updated April 14, 2023, 3:14 p.m.)
> 
> 
> Review request for ranger, Abhishek  Kumar, Dineshkumar Yadav, Kishor Gollapalliwar, Abhay Kulkarni, Madhan Neethiraj, Nikhil P, Pradeep Agrawal, Ramesh Mani, Sailaja Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-4188
>     https://issues.apache.org/jira/browse/RANGER-4188
> 
> 
> Repository: ranger
> 
> 
> Description
> -------
> 
> **Problem Statement: ** Ranger createPolicy request failed with response code 400 and following stacktrace.
> 
> 2023-04-12 16:05:31,526 INFO  org.apache.zookeeper.ClientCnxn: [Thread-2-SendThread(pfelker-dest-1.pfelker-dest.root.hwx.site:2181)]: Socket connection established, initiating se2023-04-12 16:30:53,674 INFO  org.apache.ranger.common.RESTErrorUtil: [https-jsse-nio-6182-exec-3]: Request failed. loginId=ranger, logMessage=policyID mismatch
> javax.ws.rs.WebApplicationException: null
>         at org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:338) [classes/:?]
>         at org.apache.ranger.rest.ServiceREST.updatePolicy(ServiceREST.java:1782) [classes/:?]
>         at org.apache.ranger.rest.ServiceREST.applyPolicy(ServiceREST.java:1749) [classes/:?]
>         at org.apache.ranger.rest.ServiceREST.createPolicy(ServiceREST.java:1658) [classes/:?]
>         
> **Proposed solution: ** After debugging the issue found the call from applyPolicy is sending policy id as null which is caused by RANGER-3883. Rather sending a null value the proposed patch shall pass the policy id.
> 
> 
> Diffs
> -----
> 
>   security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 83086106b 
> 
> 
> Diff: https://reviews.apache.org/r/74397/diff/2/
> 
> 
> Testing
> -------
> 
> Tested the policy create request using a curl request on this patch change instance and got 200 response code.
> 
> 
> Thanks,
> 
> Pradeep Agrawal
> 
>