[ranger] branch master updated: RANGER-2403 : proper error should be thrown when service part of zone being deleted

mehul Thu, 25 Apr 2019 03:31:08 -0700

This is an automated email from the ASF dual-hosted git repository.

mehul pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git



The following commit(s) were added to refs/heads/master by this push:
     new ded45a8  RANGER-2403 : proper error should be thrown when service part 
of zone being deleted
ded45a8 is described below

commit ded45a82738774097ac5ee4ec7424334dd4f30f0
Author: Nikhil P <[email protected]>
AuthorDate: Thu Apr 18 15:53:00 2019 +0530

    RANGER-2403 : proper error should be thrown when service part of zone being 
deleted
    
    Signed-off-by: Mehul Parikh <[email protected]>
---
 .../java/org/apache/ranger/biz/ServiceDBStore.java     | 18 +++++++++++++++++-
 .../java/org/apache/ranger/biz/TestServiceDBStore.java |  7 ++++++-
 2 files changed, 23 insertions(+), 2 deletions(-)

diff --git 
a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 
b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
index 17be098..7ad0570 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
@@ -159,6 +159,7 @@ import org.apache.ranger.view.VXMetricServiceCount;
 import org.apache.ranger.view.VXMetricServiceNameCount;
 import org.apache.ranger.view.VXMetricUserGroupCount;
 import org.apache.ranger.view.VXPolicyLabelList;
+import org.apache.ranger.view.VXResponse;
 import org.apache.ranger.view.VXString;
 import org.apache.ranger.view.VXUser;
 import org.apache.ranger.view.VXUserList;
@@ -1689,7 +1690,7 @@ public class ServiceDBStore extends AbstractServiceStore {
                if(service == null) {
                        throw new Exception("no service exists with ID=" + id);
                }
-
+               restrictIfZoneService(service);
                List<XXPolicy> policies = 
daoMgr.getXXPolicy().findByServiceId(service.getId());
                //RangerPolicy rangerPolicy =null;
                for(XXPolicy policy : policies) {
@@ -1721,6 +1722,21 @@ public class ServiceDBStore extends AbstractServiceStore 
{
                bizUtil.createTrxLog(trxLogList);
        }
 
+       private void restrictIfZoneService(RangerService service)
+       {
+               String serviceName = service.getName();
+               List<String> zonesNameList = 
daoMgr.getXXSecurityZoneDao().findZonesByServiceName(serviceName);
+               if (CollectionUtils.isNotEmpty(zonesNameList)) {
+                       LOG.info("Can not delete service : " + serviceName
+                                       + ", as it is already associated with " 
+ zonesNameList.size() + " zones : " + zonesNameList);
+                       VXResponse vXResponse = new VXResponse();
+                       
vXResponse.setStatusCode(HttpServletResponse.SC_BAD_REQUEST);
+                       vXResponse.setMsgDesc("Can not delete service : " + 
serviceName
+                                       + ", as it is already associated with " 
+ zonesNameList.size() + " zones : " + zonesNameList);
+                       throw restErrorUtil.generateRESTException(vXResponse);
+               }
+       }
+
        @Override
        public List<RangerPolicy> getPoliciesByResourceSignature(String 
serviceName, String policySignature, Boolean isPolicyEnabled) throws Exception {
 
diff --git 
a/security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java 
b/security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java
index 4d46d0e..ac9af5e 100644
--- a/security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java
+++ b/security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java
@@ -1222,7 +1222,7 @@ public class TestServiceDBStore {
                XXServiceConfigMapDao xServiceConfigMapDao = Mockito
                                .mock(XXServiceConfigMapDao.class);
                XXPolicyLabelMapDao xPolicyLabelMapDao = 
Mockito.mock(XXPolicyLabelMapDao.class);
-
+               XXSecurityZoneDao xSecurityZoneDao = 
Mockito.mock(XXSecurityZoneDao.class);
 
         RangerService rangerService = rangerService();
                RangerPolicy rangerPolicy = rangerPolicy();
@@ -1240,6 +1240,8 @@ public class TestServiceDBStore {
                policy.setService(rangerService.getId());
                policiesList.add(policy);
 
+               List<String> zonesNameList =new ArrayList<String>();
+
                List<XXTrxLog> trxLogList = new ArrayList<XXTrxLog>();
                XXTrxLog xTrxLogObj = new XXTrxLog();
                xTrxLogObj.setAction("delete");
@@ -1354,6 +1356,9 @@ public class TestServiceDBStore {
                serviceConfigDefObj.setId(Id);
                xServiceConfigDefList.add(serviceConfigDefObj);
 
+               
Mockito.when(daoManager.getXXSecurityZoneDao()).thenReturn(xSecurityZoneDao);
+               
Mockito.when(xSecurityZoneDao.findZonesByServiceName(rangerService.getName())).thenReturn(zonesNameList);
+
                Mockito.when(daoManager.getXXPolicy()).thenReturn(xPolicyDao);
                Mockito.when(xPolicyDao.findByServiceId(rangerService.getId()))
                                .thenReturn(policiesList);

[ranger] branch master updated: RANGER-2403 : proper error should be thrown when service part of zone being deleted

Reply via email to